Warning: Permanently added '[localhost]:13028' (ED25519) to the list of known hosts. [ 220.399089][ T28] audit: type=1400 audit(220.030:58): avc: denied { name_bind } for pid=3095 comm="sshd" src=30002 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 221.161172][ T28] audit: type=1400 audit(220.800:59): avc: denied { execute } for pid=3097 comm="sh" name="syz-fuzzer" dev="vda" ino=1735 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 221.162623][ T28] audit: type=1400 audit(220.800:60): avc: denied { execute_no_trans } for pid=3097 comm="sh" path="/syz-fuzzer" dev="vda" ino=1735 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 1970/01/01 00:03:43 fuzzer started 1970/01/01 00:03:47 dialing manager at localhost:30002 1970/01/01 00:03:47 checking machine... 1970/01/01 00:03:47 checking revisions... [ 228.158041][ C1] ================================================================== [ 228.158958][ C1] BUG: KASAN: slab-use-after-free in reweight_entity+0x720/0x888 [ 228.159298][ C1] Read of size 8 at addr ffff00000af180b0 by task syz-fuzzer/3103 [ 228.159580][ C1] [ 228.160068][ C1] CPU: 1 PID: 3103 Comm: syz-fuzzer Not tainted 6.6.0-rc6-syzkaller-00045-g7cf4bea77ab6 #0 [ 228.160902][ C1] Hardware name: linux,dummy-virt (DT) [ 228.162853][ C1] Call trace: [ 228.163640][ C1] dump_backtrace+0x9c/0x11c [ 228.164185][ C1] show_stack+0x18/0x24 [ 228.164719][ C1] dump_stack_lvl+0x74/0xd4 [ 228.165157][ C1] print_report+0xd8/0x598 [ 228.165706][ C1] kasan_report+0xc8/0x108 [ 228.166072][ C1] __asan_report_load8_noabort+0x20/0x2c [ 228.166528][ C1] reweight_entity+0x720/0x888 [ 228.166876][ C1] update_cfs_group+0x144/0x214 [ 228.167313][ C1] task_tick_fair+0xd8/0x8e0 [ 228.167638][ C1] scheduler_tick+0x218/0x4f8 [ 228.167938][ C1] update_process_times+0x180/0x1f8 [ 228.168284][ C1] tick_sched_handle+0x68/0x12c [ 228.168633][ C1] tick_sched_timer+0x74/0x120 [ 228.169154][ C1] __hrtimer_run_queues+0x580/0xb14 [ 228.169530][ C1] hrtimer_interrupt+0x2a4/0x768 [ 228.169992][ C1] arch_timer_handler_phys+0x40/0x6c [ 228.170469][ C1] handle_percpu_devid_irq+0x19c/0x30c [ 228.170748][ C1] generic_handle_domain_irq+0x78/0xa4 [ 228.171095][ C1] gic_handle_irq+0x54/0x188 [ 228.171376][ C1] call_on_irq_stack+0x24/0x4c [ 228.171736][ C1] do_interrupt_handler+0x12c/0x150 [ 228.172065][ C1] el0_interrupt+0x68/0x1cc [ 228.172435][ C1] __el0_irq_handler_common+0x18/0x24 [ 228.172783][ C1] el0t_64_irq_handler+0x10/0x1c [ 228.173187][ C1] el0t_64_irq+0x190/0x194 [ 228.173768][ C1] [ 228.174022][ C1] Allocated by task 3103: [ 228.174536][ C1] kasan_save_stack+0x3c/0x64 [ 228.174940][ C1] kasan_set_track+0x2c/0x40 [ 228.175318][ C1] kasan_save_alloc_info+0x24/0x34 [ 228.175684][ C1] __kasan_slab_alloc+0x8c/0x90 [ 228.175949][ C1] kmem_cache_alloc_node+0x168/0x2d4 [ 228.176246][ C1] copy_process+0x360/0x5520 [ 228.176552][ C1] kernel_clone+0x140/0x7e8 [ 228.176811][ C1] __do_sys_clone+0xb8/0xfc [ 228.177065][ C1] __arm64_sys_clone+0xa4/0xfc [ 228.178750][ C1] invoke_syscall+0x6c/0x258 [ 228.179188][ C1] el0_svc_common.constprop.0+0xac/0x230 [ 228.179484][ C1] do_el0_svc+0x40/0x58 [ 228.179732][ C1] el0_svc+0x58/0x140 [ 228.180081][ C1] el0t_64_sync_handler+0x100/0x12c [ 228.180366][ C1] el0t_64_sync+0x190/0x194 [ 228.180829][ C1] [ 228.181073][ C1] Freed by task 3103: [ 228.181387][ C1] kasan_save_stack+0x3c/0x64 [ 228.181708][ C1] kasan_set_track+0x2c/0x40 [ 228.181983][ C1] kasan_save_free_info+0x38/0x5c [ 228.182302][ C1] ____kasan_slab_free+0x120/0x1b8 [ 228.182584][ C1] __kasan_slab_free+0x18/0x24 [ 228.182893][ C1] kmem_cache_free+0x14c/0x4e8 [ 228.183174][ C1] free_task+0xd4/0x11c [ 228.183428][ C1] __put_task_struct+0x1e4/0x27c [ 228.183697][ C1] delayed_put_task_struct+0x138/0x314 [ 228.184054][ C1] rcu_core+0x950/0x1c3c [ 228.184378][ C1] rcu_core_si+0x10/0x1c [ 228.184620][ C1] __do_softirq+0x2e4/0xe1c [ 228.185099][ C1] [ 228.185459][ C1] Last potentially related work creation: [ 228.185827][ C1] kasan_save_stack+0x3c/0x64 [ 228.186123][ C1] __kasan_record_aux_stack+0xb4/0xe4 [ 228.186549][ C1] kasan_record_aux_stack_noalloc+0x14/0x20 [ 228.186918][ C1] __call_rcu_common.constprop.0+0x9c/0x8c0 [ 228.187243][ C1] call_rcu+0x10/0x1c [ 228.187497][ C1] release_task+0xbc8/0x1520 [ 228.187783][ C1] wait_consider_task+0xf14/0x2a5c [ 228.188092][ C1] do_wait+0x490/0x994 [ 228.188374][ C1] kernel_wait4+0xec/0x258 [ 228.188643][ C1] __do_sys_wait4+0xac/0x1e8 [ 228.188918][ C1] __arm64_sys_wait4+0x88/0xc8 [ 228.189213][ C1] invoke_syscall+0x6c/0x258 [ 228.189489][ C1] el0_svc_common.constprop.0+0xac/0x230 [ 228.189837][ C1] do_el0_svc+0x40/0x58 [ 228.190091][ C1] el0_svc+0x58/0x140 [ 228.190353][ C1] el0t_64_sync_handler+0x100/0x12c [ 228.190640][ C1] el0t_64_sync+0x190/0x194 [ 228.190928][ C1] [ 228.191349][ C1] Second to last potentially related work creation: [ 228.192000][ C1] kasan_save_stack+0x3c/0x64 [ 228.192341][ C1] __kasan_record_aux_stack+0xb4/0xe4 [ 228.192740][ C1] kasan_record_aux_stack+0x14/0x20 [ 228.193175][ C1] task_work_add+0x94/0x298 [ 228.193458][ C1] task_tick_mm_cid+0xfc/0x14c [ 228.193819][ C1] scheduler_tick+0x22c/0x4f8 [ 228.194136][ C1] update_process_times+0x180/0x1f8 [ 228.194466][ C1] tick_sched_handle+0x68/0x12c [ 228.194765][ C1] tick_sched_timer+0x74/0x120 [ 228.195044][ C1] __hrtimer_run_queues+0x580/0xb14 [ 228.195342][ C1] hrtimer_interrupt+0x2a4/0x768 [ 228.195634][ C1] arch_timer_handler_phys+0x40/0x6c [ 228.195933][ C1] handle_percpu_devid_irq+0x19c/0x30c [ 228.196240][ C1] generic_handle_domain_irq+0x78/0xa4 [ 228.196540][ C1] gic_handle_irq+0x54/0x188 [ 228.196834][ C1] [ 228.197093][ C1] The buggy address belongs to the object at ffff00000af18000 [ 228.197093][ C1] which belongs to the cache task_struct of size 6848 [ 228.200265][ C1] The buggy address is located 176 bytes inside of [ 228.200265][ C1] freed 6848-byte region [ffff00000af18000, ffff00000af19ac0) [ 228.200753][ C1] [ 228.201044][ C1] The buggy address belongs to the physical page: [ 228.201978][ C1] page:00000000d085eb2f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4af18 [ 228.202957][ C1] head:00000000d085eb2f order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 228.203465][ C1] flags: 0x1ffc00000000840(slab|head|node=0|zone=0|lastcpupid=0x7ff) [ 228.204326][ C1] page_type: 0xffffffff() [ 228.205529][ C1] raw: 01ffc00000000840 ffff000009c80dc0 fffffc00002d6600 dead000000000002 [ 228.206025][ C1] raw: 0000000000000000 0000000080040004 00000001ffffffff 0000000000000000 [ 228.206529][ C1] page dumped because: kasan: bad access detected [ 228.206882][ C1] [ 228.207115][ C1] Memory state around the buggy address: [ 228.207771][ C1] ffff00000af17f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 228.208178][ C1] ffff00000af18000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 228.208542][ C1] >ffff00000af18080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 228.208920][ C1] ^ [ 228.209304][ C1] ffff00000af18100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 228.209689][ C1] ffff00000af18180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 228.210117][ C1] ================================================================== [ 228.210668][ C1] Disabling lock debugging due to kernel taint [ 229.345855][ T28] audit: type=1400 audit(228.980:61): avc: denied { getattr } for pid=3097 comm="syz-fuzzer" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 229.358796][ T28] audit: type=1400 audit(228.990:62): avc: denied { read } for pid=3097 comm="syz-fuzzer" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 229.359465][ T28] audit: type=1400 audit(228.990:63): avc: denied { open } for pid=3097 comm="syz-fuzzer" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 229.436609][ T28] audit: type=1400 audit(229.070:64): avc: denied { read } for pid=3097 comm="syz-fuzzer" name="raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 229.437945][ T28] audit: type=1400 audit(229.070:65): avc: denied { open } for pid=3097 comm="syz-fuzzer" path="/dev/raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 1970/01/01 00:03:49 testing simple program... [ 229.562962][ T28] audit: type=1400 audit(229.200:66): avc: denied { mounton } for pid=3106 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1738 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 229.567096][ T28] audit: type=1400 audit(229.200:67): avc: denied { mount } for pid=3106 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 229.593735][ T3106] cgroup: Unknown subsys name 'net' [ 229.611951][ T28] audit: type=1400 audit(229.250:68): avc: denied { unmount } for pid=3106 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 229.913968][ T3106] cgroup: Unknown subsys name 'rlimit' [ 230.241487][ T28] audit: type=1400 audit(229.880:69): avc: denied { mounton } for pid=3106 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 230.242508][ T28] audit: type=1400 audit(229.880:70): avc: denied { mount } for pid=3106 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 230.539696][ T3109] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 230.614612][ T3106] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 230.634037][ T3101] syz-fuzzer[3101]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set executing program [ 233.483462][ T3111] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 233.506524][ T3111] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link executing program [ 234.961380][ T3111] hsr_slave_0: entered promiscuous mode [ 235.013471][ T3111] hsr_slave_1: entered promiscuous mode [ 235.795269][ T28] kauditd_printk_skb: 11 callbacks suppressed [ 235.795431][ T28] audit: type=1400 audit(235.430:82): avc: denied { create } for pid=3111 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 235.807942][ T28] audit: type=1400 audit(235.440:83): avc: denied { write } for pid=3111 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 235.808791][ T28] audit: type=1400 audit(235.440:84): avc: denied { read } for pid=3111 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 235.813774][ T3111] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 235.902105][ T3111] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 235.974736][ T3111] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 236.030707][ T3111] netdevsim netdevsim0 netdevsim3: renamed from eth3 executing program [ 237.011766][ T3111] 8021q: adding VLAN 0 to HW filter on device bond0 executing program [ 240.633731][ T3111] veth0_vlan: entered promiscuous mode [ 240.686938][ T3111] veth1_vlan: entered promiscuous mode [ 240.811710][ T3111] veth0_macvtap: entered promiscuous mode [ 240.825453][ T3111] veth1_macvtap: entered promiscuous mode [ 240.929213][ T3111] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.930260][ T3111] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.930680][ T3111] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.931086][ T3111] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 241.089580][ T28] audit: type=1400 audit(240.720:85): avc: denied { mounton } for pid=3111 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=1517 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 241.105453][ T28] audit: type=1400 audit(240.740:86): avc: denied { mount } for pid=3111 comm="syz-executor.0" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 241.315107][ T28] audit: type=1400 audit(240.940:87): avc: denied { read write } for pid=3111 comm="syz-executor.0" name="loop0" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 241.316488][ T28] audit: type=1400 audit(240.950:88): avc: denied { open } for pid=3111 comm="syz-executor.0" path="/dev/loop0" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 241.333368][ T28] audit: type=1400 audit(240.970:89): avc: denied { ioctl } for pid=3111 comm="syz-executor.0" path="/dev/loop0" dev="devtmpfs" ino=640 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 1970/01/01 00:04:01 building call list... [ 242.382120][ T1075] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.589786][ T1075] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.881785][ T1075] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 243.113547][ T1075] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.691394][ T28] audit: type=1400 audit(243.330:90): avc: denied { read } for pid=2950 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 245.425969][ T1075] hsr_slave_0: left promiscuous mode [ 245.471330][ T1075] hsr_slave_1: left promiscuous mode [ 245.671128][ T1075] veth1_macvtap: left promiscuous mode [ 245.672350][ T1075] veth0_macvtap: left promiscuous mode [ 245.673746][ T1075] veth1_vlan: left promiscuous mode [ 245.690724][ T1075] veth0_vlan: left promiscuous mode executing program [ 247.093698][ T1075] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 247.201275][ T1075] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 247.700166][ T1075] bond0 (unregistering): Released all slaves executing program [ 251.858705][ T28] audit: type=1400 audit(251.490:91): avc: denied { read } for pid=3097 comm="syz-fuzzer" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 251.859825][ T28] audit: type=1400 audit(251.490:92): avc: denied { open } for pid=3097 comm="syz-fuzzer" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 executing program [ 252.042705][ T28] audit: type=1400 audit(251.680:93): avc: denied { read } for pid=3097 comm="syz-fuzzer" name="autofs" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 252.045370][ T28] audit: type=1400 audit(251.680:94): avc: denied { open } for pid=3097 comm="syz-fuzzer" path="/dev/autofs" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 252.098663][ T28] audit: type=1400 audit(251.730:95): avc: denied { read } for pid=3097 comm="syz-fuzzer" name="cachefiles" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 252.103801][ T28] audit: type=1400 audit(251.740:96): avc: denied { open } for pid=3097 comm="syz-fuzzer" path="/dev/cachefiles" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 252.173172][ T3097] damon-dbgfs: DAMON debugfs interface is deprecated, so users should move to DAMON_SYSFS. If you cannot, please report your usecase to damon@lists.linux.dev and linux-mm@kvack.org. [ 252.238701][ T28] audit: type=1400 audit(251.870:97): avc: denied { read } for pid=3097 comm="syz-fuzzer" name="renderD128" dev="devtmpfs" ino=619 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 252.239624][ T28] audit: type=1400 audit(251.870:98): avc: denied { open } for pid=3097 comm="syz-fuzzer" path="/dev/dri/renderD128" dev="devtmpfs" ino=619 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 252.348224][ T28] audit: type=1400 audit(251.980:99): avc: denied { read } for pid=3097 comm="syz-fuzzer" name="fb0" dev="devtmpfs" ino=622 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 252.349138][ T28] audit: type=1400 audit(251.980:100): avc: denied { open } for pid=3097 comm="syz-fuzzer" path="/dev/fb0" dev="devtmpfs" ino=622 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 254.448980][ T3097] can: request_module (can-proto-0) failed. [ 254.605750][ T3097] can: request_module (can-proto-0) failed. [ 254.702137][ T3097] can: request_module (can-proto-0) failed. executing program [ 257.161514][ T28] kauditd_printk_skb: 27 callbacks suppressed [ 257.161699][ T28] audit: type=1400 audit(256.790:128): avc: denied { read } for pid=2905 comm="syslogd" name="log" dev="vda" ino=1726 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 257.162867][ T28] audit: type=1400 audit(256.790:129): avc: denied { append } for pid=2905 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 257.174006][ T28] audit: type=1400 audit(256.810:130): avc: denied { open } for pid=2905 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 257.174942][ T28] audit: type=1400 audit(256.810:131): avc: denied { getattr } for pid=2905 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 257.347676][ T28] audit: type=1400 audit(256.980:132): avc: denied { create } for pid=3097 comm="syz-fuzzer" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 executing program [ 258.113562][ T3097] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list VM DIAGNOSIS: 17:06:05 Registers: info registers vcpu 0 CPU#0 PC=ffff800084c8c3d8 X00=ffff000012584bc8 X01=0000000000000000 X02=1fffe000024b0979 X03=1fffe000024b06f1 X04=1ffff000111edab8 X05=0000000000000000 X06=0000000000000001 X07=ffff00006a8cdec0 X08=00009ffff2ae6428 X09=dfff800000000000 X10=ffff60000d519bd8 X11=1fffe0000d519bd8 X12=ffff60000d519bd9 X13=1fffe000024b0838 X14=00000000f1f1f1f1 X15=1fffe000024b083b X16=0000000000000002 X17=0000000000000000 X18=ffff0000125841e0 X19=ffff000012583780 X20=ffff0000125837ac X21=ffff6000024b06f0 X22=ffff000012583780 X23=1ffff00011310f93 X24=ffff800084c9e43c X25=ffff800089887c98 X26=ffff800089887cc0 X27=ffff800089887ca0 X28=ffff800089887c80 X29=ffff800089887ae0 X30=ffff800084c8c3d8 SP=ffff800089887ae0 PSTATE=80000005 N--- EL1h FPCR=00000000 FPSR=00000010 Q00=0000000000000000:0000000000000000 Q01=0000000000000000:c1162e42fefa39ef Q02=fd483f494cea1230:88e1eaaa46a88b19 Q03=0000000040000000:0000000000000000 Q04=4010040140100401:4000000000000000 Q05=4010040140100401:4010040140100401 Q06=5555400000400000:5555400000400000 Q07=0000000000000000:0000000000000000 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000010:000000338e08a160 Q31=0000000000000000:0000000000000000 info registers vcpu 1 CPU#1 PC=ffff800080435b7c X00=ffff8000864306f0 X01=ffff00000af1d340 X02=0000000000000000 X03=1fffe0000d51df37 X04=1ffff00010c860de X05=1fffe000015e3a6a X06=ffff00000af1d36c X07=1fffe000015e3a6d X08=00000000f3f3f3f3 X09=00000000f3000000 X10=00000000f2f2f2f2 X11=00000000f2000000 X12=ffff60000d51d7f3 X13=205d314320202020 X14=0000000000000000 X15=0000000000000000 X16=0000000000000000 X17=0000000000000000 X18=ffff00000af1dda0 X19=ffff8000863d49b8 X20=ffff00000af1d340 X21=ffff00006a8ef9b8 X22=ffff7fffe451b000 X23=ffff800085f0d7a0 X24=0000000000000001 X25=0000000000000c1f X26=ffff800085ad7c60 X27=ffff00000fd02cc8 X28=00000023c9c3f01e X29=ffff8000892a77f0 X30=ffff800084c03268 SP=ffff8000892a77f0 PSTATE=800000c5 N--- EL1h FPCR=00000000 FPSR=00000011 Q00=c1f1906c260ca5f1:4d1180b8e5e0fb24 Q01=0000000000000000:c1162e42fefa39ef Q02=0989f0dccdf0873b:e21d6ff0aaef9d20 Q03=0000000000000000:0010000000000000 Q04=0000000000000000:0000000000000000 Q05=4010040140100401:4010040140100401 Q06=0000000000001000:0000000000001000 Q07=0000000000000000:0000000000000001 Q08=0000000000000000:0000000000000003 Q09=03fa684e4fa363ac:46e388e5006a251b Q10=4265a90b0ccac467:9d32cf7f86d4899f Q11=8f14a68e1cd0833b:118e063c3f6f545f Q12=60facfcd4ffd9d15:3017685079f0858f Q13=3ec091d2722f6a06:1b52e3e855c2a714 Q14=2297f8d0a5fc86d8:57c6cb17ec0c9295 Q15=aceb8301174766d6:b19841b7d26a6ed5 Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000002:2b23c0cc613ce89a Q31=0000000000000000:0000000000000000