last executing test programs: 21.771549525s ago: executing program 0 (id=104): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3}) setrlimit(0x40000000000008, &(0x7f0000000000)) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendmmsg$inet(r1, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804) 21.472981853s ago: executing program 0 (id=105): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8b5, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000200)='mm_page_free\x00', r2, 0x0, 0x2}, 0x18) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0) ftruncate(r0, 0xc17a) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r3, &(0x7f0000000240)=[{&(0x7f0000000e00)=""/102397, 0x18ffd}], 0x1, 0x0, 0x0) 19.82211909s ago: executing program 0 (id=108): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d0000008500"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r1) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000a000000380003801400020076657468305f766972745f7769666900060007004e2400000800030000000000080001"], 0x4c}}, 0x0) 19.12664896s ago: executing program 0 (id=111): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000208060001080006040002aaaaaaaaaa00f5b75eb8725f79d8aa00ac"], 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14) 17.933607543s ago: executing program 0 (id=114): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x420, 0x340, 0x11, 0x148, 0x340, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2a0, 0x2e8, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x480) 17.598352113s ago: executing program 0 (id=116): ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, 0x0, 0x24068061) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) sched_getscheduler(0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) pipe2(0x0, 0x800) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000000100000044000180060001000a00000008000500000000090c00070000000000000000000800090030002300090006006e6f6e6500000000080008000000000008000b"], 0x58}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r5, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r6, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0) sendmsg$SMC_PNETID_DEL(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r6, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000180)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x4}, @exit, @initr0, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @exit], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) 1.563627556s ago: executing program 1 (id=137): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) setrlimit(0x9, &(0x7f0000000000)) io_setup(0x2004, &(0x7f0000000680)) 1.221869675s ago: executing program 1 (id=138): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000900)='kfree\x00', r0, 0x0, 0x6}, 0x18) r1 = socket(0xa, 0x3, 0x3a) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10) setsockopt$MRT6_FLUSH(r1, 0x29, 0xd4, &(0x7f0000000080)=0x8, 0x4) 734.172489ms ago: executing program 1 (id=139): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xd, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700500000000002020207b1af8ff00000000bf8108000000000047010000f6ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000300)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 503.383995ms ago: executing program 1 (id=140): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r4, 0xffffffffffffffff, 0x2) dup3(r2, r4, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 304.012301ms ago: executing program 1 (id=141): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000340)='tlb_flush\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2800001, 0xc3072, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) 0s ago: executing program 1 (id=142): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x10}, 0x18) r1 = socket(0x2a, 0x2, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) r3 = socket$inet6(0xa, 0x2, 0x3a) sendmmsg$inet6(r3, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000100)="8000102e7577d401", 0x8}], 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="14000000000000002900000034"], 0x18}}], 0x1, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x78, 0x24, 0xf0b, 0x70bd2a, 0x2001, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x5, 0xd}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0xff, 0xec2, 0x5, 0x2, 0x400}, 0x10000, 0x1, 0x7ff, 0x6, 0xe, 0x14, 0x1f, 0x1b, 0x6, 0x2, {0x6, 0x19d, 0xa9, 0x8, 0x7743, 0xfd1}}}}]}, 0x78}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r2, {0xe}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_FLAGS={0x8, 0xb, 0x3}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000010}, 0xc000) socket$netlink(0x10, 0x3, 0x0) r4 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0xa, 0x13, r4, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r5) ptrace$setregs(0xd, r5, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb") ptrace$getregset(0x4205, r5, 0x2, &(0x7f0000000080)={&(0x7f0000000000)=""/120, 0x78}) ptrace$getregset(0x4204, r5, 0x2, &(0x7f0000000740)={0x0}) socket$nl_route(0x10, 0x3, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) kernel console output (not intermixed with test programs): [ 56.004324][ T31] audit: type=1400 audit(55.910:68): avc: denied { read write } for pid=3079 comm="sftp-server" name="null" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 56.007397][ T31] audit: type=1400 audit(55.910:69): avc: denied { open } for pid=3079 comm="sftp-server" path="/dev/null" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 Warning: Permanently added '[localhost]:57970' (ED25519) to the list of known hosts. [ 66.565467][ T31] audit: type=1400 audit(66.460:70): avc: denied { name_bind } for pid=3080 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 68.325725][ T31] audit: type=1400 audit(68.240:71): avc: denied { execute } for pid=3082 comm="sh" name="syz-executor" dev="vda" ino=680 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 68.335533][ T31] audit: type=1400 audit(68.240:72): avc: denied { execute_no_trans } for pid=3082 comm="sh" path="/syz-executor" dev="vda" ino=680 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 72.475034][ T31] audit: type=1400 audit(72.380:73): avc: denied { mounton } for pid=3082 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=681 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 72.483620][ T31] audit: type=1400 audit(72.390:74): avc: denied { mount } for pid=3082 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 72.500985][ T3082] cgroup: Unknown subsys name 'net' [ 72.509712][ T31] audit: type=1400 audit(72.420:75): avc: denied { unmount } for pid=3082 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 72.694543][ T3082] cgroup: Unknown subsys name 'cpuset' [ 72.700986][ T3082] cgroup: Unknown subsys name 'hugetlb' [ 72.701913][ T3082] cgroup: Unknown subsys name 'rlimit' [ 72.933910][ T31] audit: type=1400 audit(72.840:76): avc: denied { setattr } for pid=3082 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 72.936318][ T31] audit: type=1400 audit(72.840:77): avc: denied { mounton } for pid=3082 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 72.936773][ T31] audit: type=1400 audit(72.840:78): avc: denied { mount } for pid=3082 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 73.184387][ T3084] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 73.188186][ T31] audit: type=1400 audit(73.100:79): avc: denied { relabelto } for pid=3084 comm="mkswap" name="swap-file" dev="vda" ino=684 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 73.191385][ T31] audit: type=1400 audit(73.100:80): avc: denied { write } for pid=3084 comm="mkswap" path="/swap-file" dev="vda" ino=684 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 73.220392][ T31] audit: type=1400 audit(73.130:81): avc: denied { read } for pid=3082 comm="syz-executor" name="swap-file" dev="vda" ino=684 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 73.221155][ T31] audit: type=1400 audit(73.130:82): avc: denied { open } for pid=3082 comm="syz-executor" path="/swap-file" dev="vda" ino=684 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 80.118832][ T3082] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 82.450829][ T31] audit: type=1400 audit(82.360:83): avc: denied { execmem } for pid=3085 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 82.518605][ T31] audit: type=1400 audit(82.430:84): avc: denied { read } for pid=3087 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 82.520400][ T31] audit: type=1400 audit(82.430:85): avc: denied { open } for pid=3087 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 82.527722][ T31] audit: type=1400 audit(82.440:86): avc: denied { mounton } for pid=3087 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 82.549653][ T31] audit: type=1400 audit(82.460:87): avc: denied { module_request } for pid=3087 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 82.641624][ T31] audit: type=1400 audit(82.550:88): avc: denied { sys_module } for pid=3088 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 83.270187][ T31] audit: type=1400 audit(83.180:89): avc: denied { ioctl } for pid=3088 comm="syz-executor" path="/dev/net/tun" dev="devtmpfs" ino=677 ioctlcmd=0x54ca scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 84.573646][ T3088] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.586792][ T3088] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.678382][ T3087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.683614][ T3087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.440139][ T3087] hsr_slave_0: entered promiscuous mode [ 85.442686][ T3087] hsr_slave_1: entered promiscuous mode [ 85.541028][ T3088] hsr_slave_0: entered promiscuous mode [ 85.543908][ T3088] hsr_slave_1: entered promiscuous mode [ 85.546383][ T3088] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 85.546882][ T3088] Cannot create hsr debugfs directory [ 85.822688][ T31] audit: type=1400 audit(85.730:90): avc: denied { create } for pid=3087 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 85.823448][ T31] audit: type=1400 audit(85.730:91): avc: denied { write } for pid=3087 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 85.824054][ T31] audit: type=1400 audit(85.730:92): avc: denied { read } for pid=3087 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 85.847528][ T3087] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 85.870265][ T3087] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 85.885173][ T3087] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 85.892103][ T3087] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 85.979025][ T3088] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 85.994390][ T3088] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 86.007184][ T3088] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 86.017088][ T3088] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 86.960844][ T3087] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.067800][ T3088] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.532085][ T3087] veth0_vlan: entered promiscuous mode [ 90.545915][ T3087] veth1_vlan: entered promiscuous mode [ 90.584328][ T3087] veth0_macvtap: entered promiscuous mode [ 90.591078][ T3087] veth1_macvtap: entered promiscuous mode [ 90.624450][ T3087] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.626702][ T3087] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.627036][ T3087] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.627710][ T3087] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.752226][ T31] audit: type=1400 audit(90.650:93): avc: denied { mount } for pid=3087 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 90.753052][ T31] audit: type=1400 audit(90.650:94): avc: denied { mounton } for pid=3087 comm="syz-executor" path="/syzkaller.qJ6kDg/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 90.753786][ T31] audit: type=1400 audit(90.650:95): avc: denied { mount } for pid=3087 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 90.754416][ T31] audit: type=1400 audit(90.660:96): avc: denied { mounton } for pid=3087 comm="syz-executor" path="/syzkaller.qJ6kDg/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 90.765468][ T31] audit: type=1400 audit(90.660:97): avc: denied { mounton } for pid=3087 comm="syz-executor" path="/syzkaller.qJ6kDg/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=960 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 90.767454][ T31] audit: type=1400 audit(90.670:98): avc: denied { unmount } for pid=3087 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 90.769109][ T31] audit: type=1400 audit(90.680:99): avc: denied { mounton } for pid=3087 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=765 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 90.771914][ T31] audit: type=1400 audit(90.680:100): avc: denied { mount } for pid=3087 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 90.772695][ T31] audit: type=1400 audit(90.680:101): avc: denied { mounton } for pid=3087 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 90.773380][ T31] audit: type=1400 audit(90.680:102): avc: denied { mount } for pid=3087 comm="syz-executor" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 90.828987][ T3087] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 90.832586][ T3088] veth0_vlan: entered promiscuous mode [ 90.846652][ T3088] veth1_vlan: entered promiscuous mode [ 90.883610][ T3088] veth0_macvtap: entered promiscuous mode [ 90.891242][ T3088] veth1_macvtap: entered promiscuous mode [ 90.926870][ T3088] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.927314][ T3088] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.927618][ T3088] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.927900][ T3088] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.232292][ T31] kauditd_printk_skb: 48 callbacks suppressed [ 96.232406][ T31] audit: type=1400 audit(96.140:151): avc: denied { name_bind } for pid=3818 comm="syz.0.18" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 96.234111][ T31] audit: type=1400 audit(96.140:152): avc: denied { node_bind } for pid=3818 comm="syz.0.18" saddr=224.0.0.2 src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 97.451399][ T31] audit: type=1400 audit(97.350:153): avc: denied { setopt } for pid=3821 comm="syz.0.19" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 97.762642][ T3824] netlink: 232 bytes leftover after parsing attributes in process `syz.0.20'. [ 99.223567][ T31] audit: type=1400 audit(99.100:154): avc: denied { setopt } for pid=3844 comm="syz.1.26" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 99.247815][ T31] audit: type=1400 audit(99.160:155): avc: denied { connect } for pid=3844 comm="syz.1.26" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 101.181047][ T31] audit: type=1400 audit(101.090:156): avc: denied { mounton } for pid=3852 comm="syz.1.29" path="/12/file0" dev="tmpfs" ino=78 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 101.187006][ T3853] tmpfs: Unsupported parameter 'mpol' [ 101.506142][ T31] audit: type=1400 audit(101.400:157): avc: denied { create } for pid=3854 comm="syz.1.30" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 101.507706][ T31] audit: type=1400 audit(101.420:158): avc: denied { map } for pid=3854 comm="syz.1.30" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=3209 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 101.508721][ T31] audit: type=1400 audit(101.420:159): avc: denied { read write } for pid=3854 comm="syz.1.30" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=3209 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 101.768399][ T31] audit: type=1400 audit(101.680:160): avc: denied { execute } for pid=3854 comm="syz.1.30" path="/13/memory.events" dev="tmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 103.562711][ T31] audit: type=1400 audit(103.470:161): avc: denied { append } for pid=3867 comm="syz.0.35" name="seq" dev="devtmpfs" ino=713 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 106.135815][ T31] audit: type=1400 audit(106.040:162): avc: denied { setopt } for pid=3907 comm="syz.0.43" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 106.405788][ T3913] netlink: 'syz.0.45': attribute type 2 has an invalid length. [ 106.598868][ T3912] Illegal XDP return value 4294967274 on prog (id 20) dev N/A, expect packet loss! [ 106.879750][ T31] audit: type=1400 audit(106.790:163): avc: denied { create } for pid=3914 comm="syz.0.46" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 107.306902][ T31] audit: type=1400 audit(107.220:164): avc: denied { read write } for pid=3088 comm="syz-executor" name="loop1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 107.308400][ T31] audit: type=1400 audit(107.220:165): avc: denied { open } for pid=3088 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 107.309345][ T31] audit: type=1400 audit(107.220:166): avc: denied { ioctl } for pid=3088 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=636 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 107.330342][ T3917] Zero length message leads to an empty skb [ 107.339196][ T31] audit: type=1400 audit(107.250:167): avc: denied { read } for pid=2901 comm="syslogd" name="log" dev="vda" ino=671 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 107.340433][ T31] audit: type=1400 audit(107.250:168): avc: denied { search } for pid=2901 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 107.341261][ T31] audit: type=1400 audit(107.250:169): avc: denied { append } for pid=2901 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 107.342140][ T31] audit: type=1400 audit(107.250:170): avc: denied { open } for pid=2901 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 107.343198][ T31] audit: type=1400 audit(107.250:171): avc: denied { getattr } for pid=2901 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 107.430131][ T31] audit: type=1400 audit(107.340:172): avc: denied { read } for pid=3924 comm="syz-executor" path="/net/tun" dev="devtmpfs" ino=677 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 108.678345][ T3942] netlink: 44 bytes leftover after parsing attributes in process `syz.1.55'. [ 108.767279][ T3943] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 110.948707][ T3970] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.959338][ T31] kauditd_printk_skb: 42 callbacks suppressed [ 111.959447][ T31] audit: type=1326 audit(111.870:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3977 comm="syz.1.66" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 111.977135][ T31] audit: type=1326 audit(111.890:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3977 comm="syz.1.66" exe="/syz-executor" sig=0 arch=40000028 syscall=433 compat=0 ip=0x133450 code=0x7ffc0000 [ 112.036854][ T31] audit: type=1326 audit(111.930:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3977 comm="syz.1.66" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 112.040059][ T31] audit: type=1326 audit(111.950:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3977 comm="syz.1.66" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 112.695706][ T31] audit: type=1326 audit(112.600:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3982 comm="syz.1.67" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 112.701840][ T31] audit: type=1326 audit(112.610:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3982 comm="syz.1.67" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 112.732709][ T31] audit: type=1326 audit(112.630:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3982 comm="syz.1.67" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 112.735710][ T31] audit: type=1326 audit(112.640:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3982 comm="syz.1.67" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 112.736642][ T31] audit: type=1326 audit(112.640:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3982 comm="syz.1.67" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 112.752011][ T31] audit: type=1326 audit(112.660:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3982 comm="syz.1.67" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 117.053745][ T31] kauditd_printk_skb: 20 callbacks suppressed [ 117.053877][ T31] audit: type=1400 audit(116.960:245): avc: denied { ioctl } for pid=4028 comm="syz.1.82" path="socket:[3401]" dev="sockfs" ino=3401 ioctlcmd=0x8955 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 117.142126][ T31] audit: type=1400 audit(117.050:246): avc: denied { setopt } for pid=4032 comm="syz.0.84" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 117.526180][ T31] audit: type=1400 audit(117.440:247): avc: denied { append } for pid=4036 comm="syz.0.86" name="rfkill" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 117.776542][ T31] audit: type=1400 audit(117.690:248): avc: denied { create } for pid=4041 comm="syz.1.88" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 117.793070][ T31] audit: type=1400 audit(117.690:249): avc: denied { write } for pid=4041 comm="syz.1.88" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 117.793895][ T31] audit: type=1400 audit(117.700:250): avc: denied { nlmsg_read } for pid=4041 comm="syz.1.88" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 118.867336][ T31] audit: type=1326 audit(118.780:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4048 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 118.870638][ T31] audit: type=1326 audit(118.780:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4048 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 118.890394][ T31] audit: type=1326 audit(118.800:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4048 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 118.891693][ T31] audit: type=1326 audit(118.800:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4048 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 122.938064][ T31] kauditd_printk_skb: 23 callbacks suppressed [ 122.938189][ T31] audit: type=1326 audit(122.850:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4072 comm="syz.0.97" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 122.949241][ T31] audit: type=1326 audit(122.860:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4072 comm="syz.0.97" exe="/syz-executor" sig=0 arch=40000028 syscall=14 compat=0 ip=0x133450 code=0x7ffc0000 [ 122.953098][ T31] audit: type=1326 audit(122.860:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4072 comm="syz.0.97" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 122.968863][ T31] audit: type=1326 audit(122.880:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4072 comm="syz.0.97" exe="/syz-executor" sig=0 arch=40000028 syscall=437 compat=0 ip=0x133450 code=0x7ffc0000 [ 123.177137][ T4077] syz.1.99 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 125.517391][ T4092] capability: warning: `syz.0.104' uses deprecated v2 capabilities in a way that may be insecure [ 125.520094][ T31] audit: type=1326 audit(125.430:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4090 comm="syz.1.103" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 125.521648][ T31] audit: type=1326 audit(125.430:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4090 comm="syz.1.103" exe="/syz-executor" sig=0 arch=40000028 syscall=70 compat=0 ip=0x133450 code=0x7ffc0000 [ 125.522582][ T31] audit: type=1326 audit(125.430:284): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4090 comm="syz.1.103" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 125.569498][ T31] audit: type=1326 audit(125.460:285): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4090 comm="syz.1.103" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 125.663012][ T31] audit: type=1326 audit(125.570:286): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4090 comm="syz.1.103" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 125.664382][ T31] audit: type=1326 audit(125.570:287): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4090 comm="syz.1.103" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 128.584576][ T31] kauditd_printk_skb: 40 callbacks suppressed [ 128.586342][ T31] audit: type=1326 audit(128.490:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4116 comm="syz.1.112" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 128.594206][ T31] audit: type=1326 audit(128.500:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4116 comm="syz.1.112" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 128.610056][ T31] audit: type=1326 audit(128.520:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4116 comm="syz.1.112" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 128.611219][ T31] audit: type=1326 audit(128.520:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4116 comm="syz.1.112" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 128.612034][ T31] audit: type=1326 audit(128.520:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4116 comm="syz.1.112" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 128.621427][ T31] audit: type=1326 audit(128.530:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4116 comm="syz.1.112" exe="/syz-executor" sig=0 arch=40000028 syscall=460 compat=0 ip=0x133450 code=0x7ffc0000 [ 128.623160][ T31] audit: type=1326 audit(128.530:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4116 comm="syz.1.112" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 128.624133][ T31] audit: type=1326 audit(128.530:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4116 comm="syz.1.112" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 129.872485][ T31] audit: type=1326 audit(129.780:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4132 comm="syz.0.116" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 129.885317][ T31] audit: type=1326 audit(129.780:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4132 comm="syz.0.116" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 133.752280][ T31] kauditd_printk_skb: 36 callbacks suppressed [ 133.752408][ T31] audit: type=1400 audit(133.660:374): avc: denied { create } for pid=4147 comm="syz.1.120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 133.774339][ T31] audit: type=1400 audit(133.680:375): avc: denied { ioctl } for pid=4147 comm="syz.1.120" path="socket:[3561]" dev="sockfs" ino=3561 ioctlcmd=0x8943 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 135.120557][ T31] audit: type=1326 audit(135.030:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4132 comm="syz.0.116" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 135.136640][ T31] audit: type=1326 audit(135.050:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4132 comm="syz.0.116" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 135.724523][ T31] audit: type=1326 audit(135.630:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4132 comm="syz.0.116" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 135.726486][ T31] audit: type=1326 audit(135.630:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4132 comm="syz.0.116" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 135.736318][ T31] audit: type=1326 audit(135.650:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4132 comm="syz.0.116" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 135.747206][ T31] audit: type=1326 audit(135.660:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4132 comm="syz.0.116" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 135.759483][ T31] audit: type=1326 audit(135.670:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4132 comm="syz.0.116" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 135.760819][ T31] audit: type=1326 audit(135.670:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4132 comm="syz.0.116" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 135.987332][ T4135] smc: net device bond0 applied user defined pnetid SYZ0 [ 136.036835][ T4135] smc: net device bond0 erased user defined pnetid SYZ0 [ 140.791851][ T31] kauditd_printk_skb: 29 callbacks suppressed [ 140.791981][ T31] audit: type=1326 audit(140.700:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 140.812848][ T31] audit: type=1326 audit(140.720:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 140.814115][ T31] audit: type=1326 audit(140.720:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 140.827414][ T31] audit: type=1326 audit(140.720:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 140.828320][ T31] audit: type=1326 audit(140.720:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 140.845770][ T31] audit: type=1326 audit(140.750:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 140.855563][ T31] audit: type=1326 audit(140.760:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 140.864435][ T31] audit: type=1326 audit(140.770:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 140.879734][ T31] audit: type=1326 audit(140.780:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000028 syscall=461 compat=0 ip=0x133450 code=0x7ffc0000 [ 140.881041][ T31] audit: type=1326 audit(140.780:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 141.151649][ T4171] netlink: 'syz.1.126': attribute type 5 has an invalid length. [ 144.920072][ T4198] netlink: 4 bytes leftover after parsing attributes in process `syz.1.134'. [ 145.512770][ T4204] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 146.331268][ T31] kauditd_printk_skb: 27 callbacks suppressed [ 146.331383][ T31] audit: type=1400 audit(146.240:450): avc: denied { setopt } for pid=4210 comm="syz.1.138" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 147.280218][ T31] audit: type=1400 audit(147.190:451): avc: denied { create } for pid=4219 comm="syz.1.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 147.642092][ T31] audit: type=1400 audit(147.550:452): avc: denied { create } for pid=4219 comm="syz.1.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 147.648905][ T31] audit: type=1400 audit(147.560:453): avc: denied { write } for pid=4219 comm="syz.1.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 147.698833][ T4220] usercopy: Kernel memory overwrite attempt detected to SLUB object 'task_struct' (offset 80, size 116)! [ 147.699975][ T4220] ------------[ cut here ]------------ [ 147.700204][ T4220] kernel BUG at mm/usercopy.c:102! [ 147.700384][ T4220] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM [ 147.700675][ T4220] Modules linked in: [ 147.701814][ T4220] CPU: 0 UID: 0 PID: 4220 Comm: syz.1.142 Not tainted 6.12.0-syzkaller #0 [ 147.702203][ T4220] Hardware name: ARM-Versatile Express [ 147.702638][ T4220] PC is at usercopy_abort+0x98/0x9c [ 147.703955][ T4220] LR is at __wake_up_klogd.part.0+0x7c/0xac [ 147.704322][ T4220] pc : [<819be580>] lr : [<802be434>] psr: 60000013 [ 147.705649][ T4220] sp : dfe05d90 ip : dfe05cd0 fp : dfe05db4 [ 147.706464][ T4220] r10: 81a00568 r9 : 00000078 r8 : 846b3c50 [ 147.706636][ T4220] r7 : dde980c0 r6 : 00000000 r5 : 00000074 r4 : 00000050 [ 147.707021][ T4220] r3 : 85136c00 r2 : 00000000 r1 : 00000000 r0 : 00000066 [ 147.707362][ T4220] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user [ 147.707632][ T4220] Control: 30c5387d Table: 84bb9a80 DAC: fffffffd [ 147.707880][ T4220] Register r0 information: non-paged memory [ 147.708324][ T4220] Register r1 information: NULL pointer [ 147.708491][ T4220] Register r2 information: NULL pointer [ 147.708646][ T4220] Register r3 information: slab task_struct start 85136c00 pointer offset 0 size 3072 [ 147.709390][ T4220] Register r4 information: non-paged memory [ 147.709563][ T4220] Register r5 information: non-paged memory [ 147.709742][ T4220] Register r6 information: NULL pointer [ 147.709907][ T4220] Register r7 information: non-slab/vmalloc memory [ 147.710147][ T4220] Register r8 information: slab task_struct start 846b3c00 pointer offset 80 size 3072 [ 147.710477][ T4220] Register r9 information: non-paged memory [ 147.710646][ T4220] Register r10 information: non-slab/vmalloc memory [ 147.710854][ T4220] Register r11 information: 2-page vmalloc region starting at 0xdfe04000 allocated at kernel_clone+0xac/0x3e4 [ 147.711274][ T4220] Register r12 information: 2-page vmalloc region starting at 0xdfe04000 allocated at kernel_clone+0xac/0x3e4 [ 147.711834][ T4220] Process syz.1.142 (pid: 4220, stack limit = 0xdfe04000) [ 147.712266][ T4220] Stack: (0xdfe05d90 to 0xdfe06000) [ 147.712614][ T4220] 5d80: 8205f678 82030fcc 820464dc 00000050 [ 147.712994][ T4220] 5da0: 00000074 00000078 dfe05de4 dfe05db8 804d5d54 819be4f4 00000074 dfe05dc8 [ 147.713365][ T4220] 5dc0: 80214800 846b3c50 00000074 00000000 846b3cc4 dde980c0 dfe05e1c dfe05de8 [ 147.713691][ T4220] 5de0: 80514b34 804d5c88 00000074 20000084 dfe05e0c 846b3c50 00000074 20000084 [ 147.714009][ T4220] 5e00: 00000074 81a005a0 00000078 81a00568 dfe05e4c dfe05e20 80209db4 805148b8 [ 147.714212][ T4220] 5e20: dfe05e54 82ee8380 00000064 dfe05e2c dfe05e2c 80209d24 846b3c00 20000084 [ 147.714438][ T4220] 5e40: dfe05ef4 dfe05e50 80253634 80209d30 00000000 20000000 20000000 81a0057c [ 147.714669][ T4220] 5e60: 819e3204 00000000 dfe05eb4 dfe05e78 8020d0cc 8020c034 8020c04c 00000000 [ 147.715233][ T4220] 5e80: 8027fa10 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.715823][ T4220] 5ea0: 00000000 85136c00 dfe05edc dfe05eb8 8027e354 802af5ec 8028128c 00000000 [ 147.716138][ T4220] 5ec0: 00000000 3a1494ae 846b3c00 20000080 00004202 00000002 00000000 20000080 [ 147.716487][ T4220] 5ee0: 85136c00 0000001a dfe05f6c dfe05ef8 8020a1e4 8025332c 846b3c00 846b4484 [ 147.716789][ T4220] 5f00: dfe05f1c dfe05f10 819e36b0 8027c778 dfe05f6c dfe05f20 802813ec 819e368c [ 147.717245][ T4220] 5f20: dfe05f54 00000000 8027e354 60000013 81990410 819a7694 dfe05f54 3a1494ae [ 147.717813][ T4220] 5f40: 00004205 846b3c00 00004205 3a1494ae 846b3c00 00004205 00000002 00000000 [ 147.718287][ T4220] 5f60: dfe05fa4 dfe05f70 80252fdc 8020a140 80202cc0 3a1494ae dfe05fac 00000000 [ 147.718777][ T4220] 5f80: 00000000 002862f4 0000001a 8020029c 85136c00 0000001a 00000000 dfe05fa8 [ 147.719142][ T4220] 5fa0: 80200060 80252db0 00000000 00000000 00004205 000000b2 00000002 20000080 [ 147.719521][ T4220] 5fc0: 00000000 00000000 002862f4 0000001a 00000000 00006364 003d0f00 76b3c0bc [ 147.719935][ T4220] 5fe0: 76b3bec0 76b3beb0 00018af0 00133450 60000010 00004205 00000000 00000000 [ 147.720472][ T4220] Call trace: [ 147.720823][ T4220] [<819be4e8>] (usercopy_abort) from [<804d5d54>] (__check_heap_object+0xd8/0xf4) [ 147.721482][ T4220] [<804d5c7c>] (__check_heap_object) from [<80514b34>] (__check_object_size+0x288/0x304) [ 147.721873][ T4220] r8:dde980c0 r7:846b3cc4 r6:00000000 r5:00000074 r4:846b3c50 [ 147.722158][ T4220] [<805148ac>] (__check_object_size) from [<80209db4>] (fpa_set+0x90/0x118) [ 147.722535][ T4220] r10:81a00568 r9:00000078 r8:81a005a0 r7:00000074 r6:20000084 r5:00000074 [ 147.722871][ T4220] r4:846b3c50 [ 147.723049][ T4220] [<80209d24>] (fpa_set) from [<80253634>] (ptrace_request+0x314/0xa78) [ 147.723374][ T4220] r6:20000084 r5:846b3c00 r4:80209d24 [ 147.723595][ T4220] [<80253320>] (ptrace_request) from [<8020a1e4>] (arch_ptrace+0xb0/0x424) [ 147.724106][ T4220] r10:0000001a r9:85136c00 r8:20000080 r7:00000000 r6:00000002 r5:00004202 [ 147.724411][ T4220] r4:20000080 [ 147.724533][ T4220] [<8020a134>] (arch_ptrace) from [<80252fdc>] (sys_ptrace+0x238/0x4dc) [ 147.725018][ T4220] r7:00000000 r6:00000002 r5:00004205 r4:846b3c00 [ 147.725203][ T4220] [<80252da4>] (sys_ptrace) from [<80200060>] (ret_fast_syscall+0x0/0x1c) [ 147.725765][ T4220] Exception stack(0xdfe05fa8 to 0xdfe05ff0) [ 147.726031][ T4220] 5fa0: 00000000 00000000 00004205 000000b2 00000002 20000080 [ 147.726510][ T4220] 5fc0: 00000000 00000000 002862f4 0000001a 00000000 00006364 003d0f00 76b3c0bc [ 147.726862][ T4220] 5fe0: 76b3bec0 76b3beb0 00018af0 00133450 [ 147.727133][ T4220] r10:0000001a r9:85136c00 r8:8020029c r7:0000001a r6:002862f4 r5:00000000 [ 147.727446][ T4220] r4:00000000 [ 147.727824][ T4220] Code: e30f067c e3480205 e58dc000 ebfff265 (e7f001f2) [ 147.728353][ T4220] ---[ end trace 0000000000000000 ]--- [ 147.729275][ T4220] Kernel panic - not syncing: Fatal exception [ 147.732554][ T4220] Rebooting in 86400 seconds.. VM DIAGNOSIS: 17:35:49 Registers: info registers vcpu 0 CPU#0 R00=83e69840 R01=00000034 R02=eb9d3000 R03=eb9d3018 R04=8287742d R05=83e69840 R06=809f5e5c R07=8287746a R08=8287741c R09=0000004f R10=00000001 R11=dfe05ab4 R12=00000002 R13=dfe05aa8 R14=8275b574 R15=809f5e6c PSR=80000093 N--- A S svc32 s00=00000000 s01=00000000 d00=0000000000000000 s02=00000000 s03=00000000 d01=0000000000000000 s04=00000000 s05=00000000 d02=0000000000000000 s06=00000000 s07=00000000 d03=0000000000000000 s08=00000000 s09=00000000 d04=0000000000000000 s10=00000000 s11=00000000 d05=0000000000000000 s12=00000000 s13=00000000 d06=0000000000000000 s14=00000000 s15=00000000 d07=0000000000000000 s16=00000000 s17=00000000 d08=0000000000000000 s18=00000000 s19=00000000 d09=0000000000000000 s20=00000000 s21=00000000 d10=0000000000000000 s22=00000000 s23=00000000 d11=0000000000000000 s24=00000000 s25=00000000 d12=0000000000000000 s26=00000000 s27=00000000 d13=0000000000000000 s28=00000000 s29=00000000 d14=0000000000000000 s30=00000000 s31=00000000 d15=0000000000000000 s32=00000000 s33=00000000 d16=0000000000000000 s34=00000000 s35=00000000 d17=0000000000000000 s36=00000000 s37=00000000 d18=0000000000000000 s38=00000000 s39=00000000 d19=0000000000000000 s40=00000000 s41=00000000 d20=0000000000000000 s42=00000000 s43=00000000 d21=0000000000000000 s44=00000000 s45=00000000 d22=0000000000000000 s46=00000000 s47=00000000 d23=0000000000000000 s48=00000000 s49=00000000 d24=0000000000000000 s50=00000000 s51=00000000 d25=0000000000000000 s52=00000000 s53=00000000 d26=0000000000000000 s54=00000000 s55=00000000 d27=0000000000000000 s56=00000000 s57=00000000 d28=0000000000000000 s58=00000000 s59=00000000 d29=0000000000000000 s60=00000000 s61=00000000 d30=0000000000000000 s62=00000000 s63=00000000 d31=0000000000000000 FPSCR: 00000000 info registers vcpu 1 CPU#1 R00=00000001 R01=820413b8 R02=00000001 R03=819d7f48 R04=00000006 R05=826faf88 R06=00000000 R07=826faf80 R08=82e5e000 R09=00000028 R10=826faf88 R11=df805eac R12=df805eb0 R13=df805ea0 R14=8031ce20 R15=819d7f58 PSR=20000193 --C- A S svc32 s00=00000000 s01=00000000 d00=0000000000000000 s02=00000000 s03=00000000 d01=0000000000000000 s04=00000000 s05=00000000 d02=0000000000000000 s06=00000000 s07=00000000 d03=0000000000000000 s08=00000000 s09=00000000 d04=0000000000000000 s10=00000000 s11=00000000 d05=0000000000000000 s12=00000000 s13=00000000 d06=0000000000000000 s14=00000000 s15=00000000 d07=0000000000000000 s16=7eef1f99 s17=76f056b0 d08=76f056b07eef1f99 s18=00000000 s19=00000000 d09=0000000000000000 s20=00000000 s21=00000000 d10=0000000000000000 s22=00000000 s23=00000000 d11=0000000000000000 s24=00000000 s25=00000000 d12=0000000000000000 s26=00000000 s27=00000000 d13=0000000000000000 s28=00000000 s29=00000000 d14=0000000000000000 s30=00000000 s31=00000000 d15=0000000000000000 s32=00000000 s33=00000000 d16=0000000000000000 s34=00000000 s35=00000000 d17=0000000000000000 s36=00000000 s37=00000000 d18=0000000000000000 s38=00000000 s39=00000000 d19=0000000000000000 s40=00000000 s41=00000000 d20=0000000000000000 s42=00000000 s43=00000000 d21=0000000000000000 s44=00000000 s45=00000000 d22=0000000000000000 s46=00000000 s47=00000000 d23=0000000000000000 s48=00000000 s49=00000000 d24=0000000000000000 s50=00000000 s51=00000000 d25=0000000000000000 s52=00000000 s53=00000000 d26=0000000000000000 s54=00000000 s55=00000000 d27=0000000000000000 s56=00000000 s57=00000000 d28=0000000000000000 s58=00000000 s59=00000000 d29=0000000000000000 s60=00000000 s61=00000000 d30=0000000000000000 s62=00000000 s63=00000000 d31=0000000000000000 FPSCR: 00000000