last executing test programs: 19.460975225s ago: executing program 1 (id=98): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1}) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000003000/0x1000)=nil, 0x7f7884acbfff, 0x8) socket$inet6_tcp(0xa, 0x1, 0x0) fanotify_mark(0xffffffffffffffff, 0x165, 0x22, 0xffffffffffffffff, 0x0) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000380)={0xc}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x0) io_submit(0x0, 0x0, 0x0) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) 19.068535897s ago: executing program 1 (id=99): r0 = io_uring_setup(0x177f, &(0x7f00000002c0)={0x0, 0xa6f1, 0x0, 0x2, 0x3b0}) pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff}, 0x80) r2 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$NS_GET_OWNER_UID(r3, 0xb704, &(0x7f0000000280)=0x0) keyctl$get_persistent(0x16, r4, r2) sendmsg$NFT_BATCH(r3, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x24004080) pipe2$watch_queue(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r5, 0xbc) close_range(r0, 0xffffffffffffffff, 0x0) write$FUSE_INIT(r5, &(0x7f0000000140)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x29, 0x4, 0x800000, 0xffff, 0xc, 0xc8e, 0xfff}}, 0x50) r6 = eventfd(0x2) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4401000016000100ef000000fcdbdf25ac1414bb00"/64, @ANYRES16=r0, @ANYRES32=r6, @ANYRESOCT=r1], 0x144}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 18.911408871s ago: executing program 1 (id=100): statx(0xffffffffffffff9c, 0x0, 0x3000, 0x200, &(0x7f0000000540)) 18.860289512s ago: executing program 1 (id=101): ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='scalable\x00', 0x9) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TTL={0x5}]}}}]}, 0x3c}}, 0x0) write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d) 18.740604506s ago: executing program 1 (id=102): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000073011c000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 3.125868733s ago: executing program 1 (id=114): bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x100, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x30) epoll_create1(0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1b, &(0x7f0000000280), &(0x7f00000002c0)=0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000040)='projid_map\x00') preadv(r3, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/176, 0xb0}], 0x1, 0x4, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)=ANY=[], 0x20) bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x24, r5, 0x307, 0x0, 0x0, {{}, {@val={0x8}, @void, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8}]}, 0x24}}, 0x0) 651.279722ms ago: executing program 0 (id=116): write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f, 0x9}}, 0x20) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000000000000000004000000", @ANYRES32=0x0, @ANYBLOB="00000000c220b24f200012800b000100697036746e6c000010000280040013000500090029000000080004"], 0x48}}, 0x0) 540.166325ms ago: executing program 0 (id=117): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0xdd52d6c}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) add_key$keyring(&(0x7f0000000340), 0x0, 0x0, 0x0, 0x0) 450.559177ms ago: executing program 0 (id=118): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000006c0)={@map, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 353.619ms ago: executing program 0 (id=119): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @empty}, {0x0, @remote}, 0x4a, {}, 'lo\x00'}) ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f00000002c0)={{0x2, 0x0, @broadcast}, {0x0, @dev}, 0x8, {0x2, 0x0, @empty}, 'lo\x00'}) r3 = socket$netlink(0x10, 0x3, 0x0) writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) 190.207774ms ago: executing program 0 (id=120): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0, 0x4}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000880)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000500)={0x1, r1}) 0s ago: executing program 0 (id=121): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$setregs(0xf, r0, 0xa, &(0x7f0000000040)="df548a08b950e66ba32206ee836d6454ac92b40753ade1438878e6") kernel console output (not intermixed with test programs): [ 45.779832][ T31] audit: type=1400 audit(45.690:68): avc: denied { read write } for pid=3082 comm="sftp-server" name="null" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 45.781389][ T31] audit: type=1400 audit(45.690:69): avc: denied { open } for pid=3082 comm="sftp-server" path="/dev/null" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 Warning: Permanently added '[localhost]:59439' (ED25519) to the list of known hosts. [ 55.863128][ T31] audit: type=1400 audit(55.770:70): avc: denied { name_bind } for pid=3083 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 58.001967][ T31] audit: type=1400 audit(57.910:71): avc: denied { execute } for pid=3085 comm="sh" name="syz-executor" dev="vda" ino=680 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 58.013169][ T31] audit: type=1400 audit(57.920:72): avc: denied { execute_no_trans } for pid=3085 comm="sh" path="/syz-executor" dev="vda" ino=680 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 60.854091][ T31] audit: type=1400 audit(60.770:73): avc: denied { mounton } for pid=3085 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=681 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 60.856551][ T31] audit: type=1400 audit(60.770:74): avc: denied { mount } for pid=3085 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 60.866835][ T3085] cgroup: Unknown subsys name 'net' [ 60.871374][ T31] audit: type=1400 audit(60.780:75): avc: denied { unmount } for pid=3085 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 61.049091][ T3085] cgroup: Unknown subsys name 'cpuset' [ 61.058543][ T3085] cgroup: Unknown subsys name 'hugetlb' [ 61.060793][ T3085] cgroup: Unknown subsys name 'rlimit' [ 61.279364][ T31] audit: type=1400 audit(61.190:76): avc: denied { setattr } for pid=3085 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 61.281209][ T31] audit: type=1400 audit(61.190:77): avc: denied { mounton } for pid=3085 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 61.283176][ T31] audit: type=1400 audit(61.200:78): avc: denied { mount } for pid=3085 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 61.494644][ T3087] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 61.496441][ T31] audit: type=1400 audit(61.410:79): avc: denied { relabelto } for pid=3087 comm="mkswap" name="swap-file" dev="vda" ino=684 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 61.499560][ T31] audit: type=1400 audit(61.410:80): avc: denied { write } for pid=3087 comm="mkswap" path="/swap-file" dev="vda" ino=684 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 61.533232][ T31] audit: type=1400 audit(61.440:81): avc: denied { read } for pid=3085 comm="syz-executor" name="swap-file" dev="vda" ino=684 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 61.534608][ T31] audit: type=1400 audit(61.450:82): avc: denied { open } for pid=3085 comm="syz-executor" path="/swap-file" dev="vda" ino=684 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 68.161384][ T3085] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 70.297942][ T31] audit: type=1400 audit(70.210:83): avc: denied { execmem } for pid=3088 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 70.372909][ T31] audit: type=1400 audit(70.270:84): avc: denied { read } for pid=3090 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 70.373842][ T31] audit: type=1400 audit(70.280:85): avc: denied { open } for pid=3090 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 70.374432][ T31] audit: type=1400 audit(70.280:86): avc: denied { mounton } for pid=3090 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 70.395573][ T31] audit: type=1400 audit(70.310:87): avc: denied { module_request } for pid=3090 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 70.498133][ T31] audit: type=1400 audit(70.410:88): avc: denied { sys_module } for pid=3091 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 71.245628][ T31] audit: type=1400 audit(71.160:89): avc: denied { ioctl } for pid=3090 comm="syz-executor" path="/dev/net/tun" dev="devtmpfs" ino=677 ioctlcmd=0x54ca scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 72.429650][ T3090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.440888][ T3090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.547396][ T3091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.551513][ T3091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.455389][ T3091] hsr_slave_0: entered promiscuous mode [ 73.459962][ T3091] hsr_slave_1: entered promiscuous mode [ 73.505790][ T3090] hsr_slave_0: entered promiscuous mode [ 73.509606][ T3090] hsr_slave_1: entered promiscuous mode [ 73.511126][ T3090] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 73.511534][ T3090] Cannot create hsr debugfs directory [ 73.972183][ T31] audit: type=1400 audit(73.880:90): avc: denied { create } for pid=3090 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 73.978304][ T31] audit: type=1400 audit(73.880:91): avc: denied { write } for pid=3090 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 73.978808][ T31] audit: type=1400 audit(73.890:92): avc: denied { read } for pid=3090 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 73.981628][ T3090] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 74.001626][ T3090] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 74.021787][ T3090] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 74.037279][ T3090] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 74.058728][ T3091] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 74.071037][ T3091] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 74.081998][ T3091] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 74.090491][ T3091] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 74.817873][ T3090] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.916782][ T3091] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.897641][ T3090] veth0_vlan: entered promiscuous mode [ 77.914329][ T3090] veth1_vlan: entered promiscuous mode [ 77.973936][ T3090] veth0_macvtap: entered promiscuous mode [ 77.981814][ T3090] veth1_macvtap: entered promiscuous mode [ 78.045525][ T3090] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.046462][ T3090] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.046824][ T3090] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.047173][ T3090] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.174805][ T31] audit: type=1400 audit(78.080:93): avc: denied { mount } for pid=3090 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 78.182084][ T31] audit: type=1400 audit(78.090:94): avc: denied { mounton } for pid=3090 comm="syz-executor" path="/syzkaller.4nvS9r/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 78.190962][ T31] audit: type=1400 audit(78.100:95): avc: denied { mount } for pid=3090 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 78.198443][ T31] audit: type=1400 audit(78.110:96): avc: denied { mounton } for pid=3090 comm="syz-executor" path="/syzkaller.4nvS9r/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 78.213504][ T31] audit: type=1400 audit(78.120:97): avc: denied { mounton } for pid=3090 comm="syz-executor" path="/syzkaller.4nvS9r/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 78.216511][ T31] audit: type=1400 audit(78.130:98): avc: denied { unmount } for pid=3090 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 78.222085][ T31] audit: type=1400 audit(78.130:99): avc: denied { mounton } for pid=3090 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=765 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 78.229068][ T31] audit: type=1400 audit(78.140:100): avc: denied { mount } for pid=3090 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 78.231573][ T31] audit: type=1400 audit(78.140:101): avc: denied { mounton } for pid=3090 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 78.242959][ T31] audit: type=1400 audit(78.150:102): avc: denied { mount } for pid=3090 comm="syz-executor" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 78.290881][ T3090] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 78.369378][ T3091] veth0_vlan: entered promiscuous mode [ 78.399636][ T3091] veth1_vlan: entered promiscuous mode [ 78.489586][ T3091] veth0_macvtap: entered promiscuous mode [ 78.507571][ T3091] veth1_macvtap: entered promiscuous mode [ 78.577987][ T3091] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.578500][ T3091] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.578791][ T3091] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.579081][ T3091] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.069711][ T31] kauditd_printk_skb: 11 callbacks suppressed [ 91.069768][ T31] audit: type=1400 audit(90.980:114): avc: denied { unmount } for pid=3090 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 91.149741][ T31] audit: type=1400 audit(91.060:115): avc: denied { ioctl } for pid=3779 comm="syz.1.3" path="socket:[2140]" dev="sockfs" ino=2140 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 91.644736][ T3796] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9'. [ 94.279346][ T31] audit: type=1400 audit(94.190:116): avc: denied { map_create } for pid=3789 comm="syz.1.7" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 94.940620][ T31] audit: type=1400 audit(94.850:117): avc: denied { create } for pid=3789 comm="syz.1.7" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 96.142965][ T31] audit: type=1400 audit(96.050:118): avc: denied { create } for pid=3799 comm="syz.0.11" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 96.148396][ T31] audit: type=1400 audit(96.060:119): avc: denied { create } for pid=3799 comm="syz.0.11" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 96.169096][ T31] audit: type=1400 audit(96.080:120): avc: denied { setopt } for pid=3799 comm="syz.0.11" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 96.170417][ T31] audit: type=1400 audit(96.080:121): avc: denied { connect } for pid=3799 comm="syz.0.11" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 103.402891][ T31] audit: type=1400 audit(103.300:122): avc: denied { map_read map_write } for pid=3809 comm="syz.0.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 103.811350][ T31] audit: type=1400 audit(103.720:123): avc: denied { create } for pid=3812 comm="syz.0.14" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 103.857219][ T31] audit: type=1400 audit(103.770:124): avc: denied { create } for pid=3812 comm="syz.0.14" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 103.893493][ T31] audit: type=1400 audit(103.780:125): avc: denied { map } for pid=3812 comm="syz.0.14" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=3171 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 103.896028][ T31] audit: type=1400 audit(103.800:126): avc: denied { read write } for pid=3812 comm="syz.0.14" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=3171 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 103.994650][ T31] audit: type=1400 audit(103.910:127): avc: denied { create } for pid=3814 comm="syz.1.15" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 104.023893][ T31] audit: type=1400 audit(103.920:128): avc: denied { create } for pid=3814 comm="syz.1.15" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 104.123065][ T31] audit: type=1400 audit(104.030:129): avc: denied { setopt } for pid=3814 comm="syz.1.15" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 104.281828][ T3818] syz.0.16 uses obsolete (PF_INET,SOCK_PACKET) [ 104.299690][ T31] audit: type=1400 audit(104.210:130): avc: denied { ioctl } for pid=3817 comm="syz.0.16" path="socket:[3190]" dev="sockfs" ino=3190 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 104.736254][ T31] audit: type=1400 audit(104.650:131): avc: denied { write } for pid=3823 comm="syz.0.17" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 108.672532][ C1] hrtimer: interrupt took 8853888 ns [ 118.264867][ T31] kauditd_printk_skb: 5 callbacks suppressed [ 118.264959][ T31] audit: type=1400 audit(118.180:137): avc: denied { setopt } for pid=3842 comm="syz.0.24" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 118.293356][ T2882] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 118.496772][ T2882] usb 2-1: Using ep0 maxpacket: 32 [ 118.538290][ T2882] usb 2-1: config 0 has an invalid interface number: 67 but max is 0 [ 118.543161][ T2882] usb 2-1: config 0 has no interface number 0 [ 118.559101][ T2882] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 118.559711][ T2882] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.560060][ T2882] usb 2-1: Product: syz [ 118.560291][ T2882] usb 2-1: Manufacturer: syz [ 118.560659][ T2882] usb 2-1: SerialNumber: syz [ 118.576046][ T2882] usb 2-1: config 0 descriptor?? [ 118.615946][ T2882] smsc95xx v2.0.0 [ 119.042723][ T2882] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 119.047741][ T2882] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 119.953533][ T31] audit: type=1400 audit(119.860:138): avc: denied { bind } for pid=3852 comm="syz.0.26" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 119.955519][ T31] audit: type=1400 audit(119.860:139): avc: denied { name_bind } for pid=3852 comm="syz.0.26" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 119.957196][ T31] audit: type=1400 audit(119.860:140): avc: denied { node_bind } for pid=3852 comm="syz.0.26" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 119.958796][ T31] audit: type=1400 audit(119.870:141): avc: denied { listen } for pid=3852 comm="syz.0.26" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 120.562765][ T31] audit: type=1400 audit(120.470:142): avc: denied { accept } for pid=3852 comm="syz.0.26" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 120.997525][ T31] audit: type=1400 audit(120.910:143): avc: denied { name_connect } for pid=3852 comm="syz.0.26" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 121.263827][ T2882] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000006c: -71 [ 121.264980][ T2882] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71 [ 121.277991][ T2882] usb 2-1: USB disconnect, device number 2 [ 126.335998][ T31] audit: type=1400 audit(126.250:144): avc: denied { write } for pid=3882 comm="syz.0.32" name="protocols" dev="proc" ino=4026532666 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 126.357658][ T31] audit: type=1400 audit(126.270:145): avc: denied { write } for pid=3882 comm="syz.0.32" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 126.358555][ T31] audit: type=1400 audit(126.270:146): avc: denied { nlmsg_write } for pid=3882 comm="syz.0.32" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 137.103379][ T8] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 137.253083][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 137.261628][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.261990][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 137.262669][ T8] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 137.262979][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.269459][ T8] usb 2-1: config 0 descriptor?? [ 137.286098][ T8] hub 2-1:0.0: USB hub found [ 137.517479][ T8] hub 2-1:0.0: 1 port detected [ 138.368537][ T26] hub 2-1:0.0: activate --> -90 [ 138.575715][ T9] hub 2-1:0.0: hub_ext_port_status failed (err = -71) [ 138.576652][ T9] usb 2-1: USB disconnect, device number 3 [ 138.819715][ T3906] Zero length message leads to an empty skb [ 139.408551][ T31] audit: type=1400 audit(139.320:147): avc: denied { create } for pid=3910 comm="syz.1.37" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 139.413091][ T31] audit: type=1400 audit(139.320:148): avc: denied { setopt } for pid=3910 comm="syz.1.37" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 139.681440][ T31] audit: type=1400 audit(139.590:149): avc: denied { create } for pid=3916 comm="syz.1.40" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 140.753933][ T31] audit: type=1400 audit(140.660:150): avc: denied { write } for pid=3916 comm="syz.1.40" path="socket:[2264]" dev="sockfs" ino=2264 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 141.135469][ T31] audit: type=1400 audit(141.050:151): avc: denied { getopt } for pid=3918 comm="syz.0.41" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 141.161315][ T31] audit: type=1400 audit(141.070:152): avc: denied { setopt } for pid=3918 comm="syz.0.41" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 146.769318][ T31] audit: type=1400 audit(146.680:153): avc: denied { append } for pid=3926 comm="syz.1.43" name="midiC2D0" dev="devtmpfs" ino=733 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 148.551438][ T31] audit: type=1400 audit(148.460:154): avc: denied { name_bind } for pid=3928 comm="syz.0.42" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 148.552060][ T31] audit: type=1400 audit(148.460:155): avc: denied { node_bind } for pid=3928 comm="syz.0.42" saddr=224.0.0.2 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 148.965670][ T3935] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 149.013402][ T31] audit: type=1400 audit(148.920:156): avc: denied { create } for pid=3930 comm="syz.1.44" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 149.014309][ T31] audit: type=1400 audit(148.920:157): avc: denied { bind } for pid=3930 comm="syz.1.44" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 159.877793][ T31] audit: type=1400 audit(159.790:158): avc: denied { block_suspend } for pid=3950 comm="syz.0.48" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 160.203194][ T2882] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 160.378266][ T2882] usb 1-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 160.378926][ T2882] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 160.379471][ T2882] usb 1-1: Product: syz [ 160.379680][ T2882] usb 1-1: Manufacturer: syz [ 160.379873][ T2882] usb 1-1: SerialNumber: syz [ 160.394227][ T2882] usb 1-1: config 0 descriptor?? [ 160.600782][ T3081] usb 1-1: USB disconnect, device number 2 [ 162.120046][ T31] audit: type=1400 audit(162.030:159): avc: denied { write } for pid=3980 comm="syz.1.55" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 162.373586][ T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 162.523132][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 162.530806][ T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 162.531528][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 162.533448][ T9] usb 2-1: New USB device found, idVendor=046d, idProduct=c298, bcdDevice= 0.00 [ 162.533908][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.536091][ T9] usb 2-1: config 0 descriptor?? [ 162.545606][ T9] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 163.159685][ T31] audit: type=1400 audit(163.070:160): avc: denied { read } for pid=3978 comm="syz.0.54" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 163.166230][ T31] audit: type=1400 audit(163.080:161): avc: denied { open } for pid=3978 comm="syz.0.54" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 176.539521][ T1457] usb 2-1: USB disconnect, device number 4 [ 176.788806][ T31] audit: type=1326 audit(176.700:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4013 comm="syz.1.61" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 176.791102][ T31] audit: type=1326 audit(176.700:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4013 comm="syz.1.61" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 176.798446][ T31] audit: type=1326 audit(176.710:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4013 comm="syz.1.61" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 176.799996][ T31] audit: type=1326 audit(176.710:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4013 comm="syz.1.61" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 176.800576][ T31] audit: type=1326 audit(176.710:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4013 comm="syz.1.61" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 176.806852][ T31] audit: type=1326 audit(176.720:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4013 comm="syz.1.61" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 176.809985][ T31] audit: type=1326 audit(176.720:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4013 comm="syz.1.61" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 176.810665][ T31] audit: type=1326 audit(176.720:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4013 comm="syz.1.61" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 176.817305][ T31] audit: type=1326 audit(176.730:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4013 comm="syz.1.61" exe="/syz-executor" sig=0 arch=40000028 syscall=386 compat=0 ip=0x133450 code=0x7ffc0000 [ 176.818073][ T31] audit: type=1326 audit(176.730:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4013 comm="syz.1.61" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 191.238201][ T31] kauditd_printk_skb: 6 callbacks suppressed [ 191.238628][ T31] audit: type=1400 audit(191.150:178): avc: denied { write } for pid=4038 comm="syz.1.66" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 191.777215][ T4043] dvmrp5: entered allmulticast mode [ 192.093387][ T2882] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 192.286487][ T2882] usb 2-1: Using ep0 maxpacket: 16 [ 192.327661][ T2882] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 192.328237][ T2882] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 192.328653][ T2882] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 192.366202][ T2882] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 192.371871][ T2882] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 192.382904][ T2882] usb 2-1: Product: syz [ 192.383743][ T2882] usb 2-1: Manufacturer: syz [ 192.384081][ T2882] usb 2-1: SerialNumber: syz [ 192.628608][ T4043] pimreg: entered allmulticast mode [ 192.640774][ T2882] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor [ 192.641730][ T2882] usb 2-1: 2:1 : format type 0 is detected, processed as PCM [ 192.698143][ T2882] usb 2-1: USB disconnect, device number 5 [ 193.665711][ T31] audit: type=1326 audit(193.580:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4083 comm="syz.1.70" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 193.666689][ T31] audit: type=1326 audit(193.580:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4083 comm="syz.1.70" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 193.671967][ T31] audit: type=1326 audit(193.580:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4083 comm="syz.1.70" exe="/syz-executor" sig=0 arch=40000028 syscall=99 compat=0 ip=0x133450 code=0x7ffc0000 [ 193.683576][ T31] audit: type=1326 audit(193.580:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4083 comm="syz.1.70" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 193.684873][ T31] audit: type=1326 audit(193.600:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4083 comm="syz.1.70" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x133450 code=0x7ffc0000 [ 199.803216][ T2882] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 199.952994][ T2882] usb 1-1: Using ep0 maxpacket: 16 [ 199.978211][ T2882] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 199.978564][ T2882] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 199.978792][ T2882] usb 1-1: Product: syz [ 199.978952][ T2882] usb 1-1: Manufacturer: syz [ 199.979086][ T2882] usb 1-1: SerialNumber: syz [ 199.994894][ T2882] r8152-cfgselector 1-1: Unknown version 0x0000 [ 199.995418][ T2882] r8152-cfgselector 1-1: config 0 descriptor?? [ 200.237424][ T2882] r8152-cfgselector 1-1: Unknown version 0x0000 [ 200.238653][ T2882] r8152-cfgselector 1-1: bad CDC descriptors [ 200.247265][ T2882] r8152-cfgselector 1-1: USB disconnect, device number 3 [ 200.500971][ T31] audit: type=1400 audit(200.410:184): avc: denied { create } for pid=4108 comm="syz.0.75" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 200.535433][ T4109] netlink: 28 bytes leftover after parsing attributes in process `syz.0.75'. [ 201.200672][ T31] audit: type=1400 audit(201.110:185): avc: denied { connect } for pid=4111 comm="syz.0.76" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 201.223633][ T31] audit: type=1400 audit(201.140:186): avc: denied { write } for pid=4111 comm="syz.0.76" laddr=fe80::7c72:c3ff:fe53:3ebe lport=60 faddr=ff01::1 fport=8192 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 201.438838][ T31] audit: type=1400 audit(201.340:187): avc: denied { getopt } for pid=4113 comm="syz.0.77" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 213.875573][ T4128] syzkaller0: entered promiscuous mode [ 213.876192][ T4128] syzkaller0: entered allmulticast mode [ 213.881574][ T4128] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 16735 [ 214.525948][ T4138] netlink: 28 bytes leftover after parsing attributes in process `syz.1.86'. [ 214.526319][ T4138] netlink: 28 bytes leftover after parsing attributes in process `syz.1.86'. [ 214.534761][ T4138] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 214.542109][ T4138] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 214.695816][ T4146] block nbd1: NBD_DISCONNECT [ 216.084859][ T31] audit: type=1400 audit(216.000:188): avc: denied { bind } for pid=4155 comm="syz.0.92" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 216.089155][ T31] audit: type=1400 audit(216.000:189): avc: denied { write } for pid=4155 comm="syz.0.92" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 216.440189][ T31] audit: type=1400 audit(216.350:190): avc: denied { name_bind } for pid=4161 comm="syz.0.95" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 222.378055][ T31] audit: type=1400 audit(222.290:191): avc: denied { ioctl } for pid=4177 comm="syz.1.99" path="socket:[2535]" dev="sockfs" ino=2535 ioctlcmd=0xb704 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 222.406870][ T4178] netlink: 76 bytes leftover after parsing attributes in process `syz.1.99'. [ 228.164841][ C1] vkms_vblank_simulate: vblank timer overrun [ 229.403298][ T31] audit: type=1400 audit(229.310:192): avc: denied { setopt } for pid=4212 comm="syz.0.112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 229.404587][ T31] audit: type=1400 audit(229.310:193): avc: denied { accept } for pid=4212 comm="syz.0.112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 229.967874][ T2882] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 230.187006][ T2882] usb 1-1: Using ep0 maxpacket: 16 [ 230.228108][ T2882] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 230.232997][ T2882] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 230.259625][ T2882] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 230.260195][ T2882] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.264569][ T2882] usb 1-1: Product: syz [ 230.267709][ T2882] usb 1-1: Manufacturer: syz [ 230.268172][ T2882] usb 1-1: SerialNumber: syz [ 230.274946][ T2882] usb 1-1: config 0 descriptor?? [ 240.516766][ T8] usb 1-1: USB disconnect, device number 4 [ 240.958229][ T4246] capability: warning: `syz.0.118' uses deprecated v2 capabilities in a way that may be insecure [ 241.065677][ T4248] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 241.094103][ T4248] netlink: 'syz.0.119': attribute type 4 has an invalid length. [ 241.434999][ T4254] usercopy: Kernel memory overwrite attempt detected to SLUB object 'task_struct' (offset 80, size 116)! [ 241.436203][ T4254] ------------[ cut here ]------------ [ 241.436513][ T4254] kernel BUG at mm/usercopy.c:102! [ 241.436805][ T4254] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM [ 241.437390][ T4254] Modules linked in: [ 241.438466][ T4254] CPU: 0 UID: 0 PID: 4254 Comm: syz.0.121 Not tainted 6.12.0-syzkaller #0 [ 241.440179][ T4254] Hardware name: ARM-Versatile Express [ 241.440656][ T4254] PC is at usercopy_abort+0x98/0x9c [ 241.442251][ T4254] LR is at __wake_up_klogd.part.0+0x7c/0xac [ 241.442708][ T4254] pc : [<819be580>] lr : [<802be434>] psr: 60000013 [ 241.443241][ T4254] sp : dfdb5e38 ip : dfdb5d78 fp : dfdb5e5c [ 241.443568][ T4254] r10: 0000001a r9 : 843dbc00 r8 : 843dec50 [ 241.443888][ T4254] r7 : dde91a60 r6 : 00000000 r5 : 00000074 r4 : 00000050 [ 241.444230][ T4254] r3 : 843dbc00 r2 : 00000000 r1 : 00000000 r0 : 00000066 [ 241.444681][ T4254] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user [ 241.445133][ T4254] Control: 30c5387d Table: 84c62180 DAC: fffffffd [ 241.445569][ T4254] Register r0 information: non-paged memory [ 241.446256][ T4254] Register r1 information: NULL pointer [ 241.446572][ T4254] Register r2 information: NULL pointer [ 241.447000][ T4254] Register r3 information: slab task_struct start 843dbc00 pointer offset 0 size 3072 [ 241.448209][ T4254] Register r4 information: non-paged memory [ 241.448551][ T4254] Register r5 information: non-paged memory [ 241.448864][ T4254] Register r6 information: NULL pointer [ 241.449236][ T4254] Register r7 information: non-slab/vmalloc memory [ 241.449666][ T4254] Register r8 information: slab task_struct start 843dec00 pointer offset 80 size 3072 [ 241.450682][ T4254] Register r9 information: slab task_struct start 843dbc00 pointer offset 0 size 3072 [ 241.451404][ T4254] Register r10 information: non-paged memory [ 241.451797][ T4254] Register r11 information: 2-page vmalloc region starting at 0xdfdb4000 allocated at kernel_clone+0xac/0x3e4 [ 241.452785][ T4254] Register r12 information: 2-page vmalloc region starting at 0xdfdb4000 allocated at kernel_clone+0xac/0x3e4 [ 241.453410][ T4254] Process syz.0.121 (pid: 4254, stack limit = 0xdfdb4000) [ 241.453892][ T4254] Stack: (0xdfdb5e38 to 0xdfdb6000) [ 241.454286][ T4254] 5e20: 8205f678 82030fcc [ 241.454678][ T4254] 5e40: 820464dc 00000050 00000074 843dbc00 dfdb5e8c dfdb5e60 804d5d54 819be4f4 [ 241.455048][ T4254] 5e60: 00000074 dfdb5e70 80214800 843dec50 00000074 00000000 843decc4 dde91a60 [ 241.455419][ T4254] 5e80: dfdb5ec4 dfdb5e90 80514b34 804d5c88 00000074 0000000a dfdb5eb4 843dec50 [ 241.455803][ T4254] 5ea0: 00000074 0000000a 00000000 20000040 843dbc00 0000001a dfdb5ef4 dfdb5ec8 [ 241.456160][ T4254] 5ec0: 80209db4 805148b8 843dec00 ddde4180 dfdb5ef4 dfdb5ee0 819e37e4 20000040 [ 241.456534][ T4254] 5ee0: 0000000c 0000000a dfdb5f6c dfdb5ef8 8020a468 80209d30 00000000 20000040 [ 241.456897][ T4254] 5f00: dfdb5f1c dfdb5f10 819e36b0 8027c778 dfdb5f6c dfdb5f20 802813ec 819e368c [ 241.457314][ T4254] 5f20: dfdb5f54 00000000 8027e354 60000013 81990410 819a7694 dfdb5f54 16d98d89 [ 241.457701][ T4254] 5f40: 0000000f 843dec00 0000000f 16d98d89 843dec00 0000000f 0000000a 00000000 [ 241.458071][ T4254] 5f60: dfdb5fa4 dfdb5f70 80252fdc 8020a140 80202cc0 16d98d89 dfdb5fac 00000000 [ 241.458448][ T4254] 5f80: 00000000 002862f4 0000001a 8020029c 843dbc00 0000001a 00000000 dfdb5fa8 [ 241.458823][ T4254] 5fa0: 80200060 80252db0 00000000 00000000 0000000f 000000b7 0000000a 20000040 [ 241.459196][ T4254] 5fc0: 00000000 00000000 002862f4 0000001a 00000000 00006364 003d0f00 76b150bc [ 241.459586][ T4254] 5fe0: 76b14ec0 76b14eb0 00018af0 00133450 60000010 0000000f 00000000 00000000 [ 241.460049][ T4254] Call trace: [ 241.460526][ T4254] [<819be4e8>] (usercopy_abort) from [<804d5d54>] (__check_heap_object+0xd8/0xf4) [ 241.461294][ T4254] [<804d5c7c>] (__check_heap_object) from [<80514b34>] (__check_object_size+0x288/0x304) [ 241.462096][ T4254] r8:dde91a60 r7:843decc4 r6:00000000 r5:00000074 r4:843dec50 [ 241.462607][ T4254] [<805148ac>] (__check_object_size) from [<80209db4>] (fpa_set+0x90/0x118) [ 241.463173][ T4254] r10:0000001a r9:843dbc00 r8:20000040 r7:00000000 r6:0000000a r5:00000074 [ 241.463771][ T4254] r4:843dec50 [ 241.463941][ T4254] [<80209d24>] (fpa_set) from [<8020a468>] (arch_ptrace+0x334/0x424) [ 241.464310][ T4254] r6:0000000a r5:0000000c r4:20000040 [ 241.464540][ T4254] [<8020a134>] (arch_ptrace) from [<80252fdc>] (sys_ptrace+0x238/0x4dc) [ 241.464990][ T4254] r7:00000000 r6:0000000a r5:0000000f r4:843dec00 [ 241.465394][ T4254] [<80252da4>] (sys_ptrace) from [<80200060>] (ret_fast_syscall+0x0/0x1c) [ 241.465793][ T4254] Exception stack(0xdfdb5fa8 to 0xdfdb5ff0) [ 241.466073][ T4254] 5fa0: 00000000 00000000 0000000f 000000b7 0000000a 20000040 [ 241.466442][ T4254] 5fc0: 00000000 00000000 002862f4 0000001a 00000000 00006364 003d0f00 76b150bc [ 241.466802][ T4254] 5fe0: 76b14ec0 76b14eb0 00018af0 00133450 [ 241.467069][ T4254] r10:0000001a r9:843dbc00 r8:8020029c r7:0000001a r6:002862f4 r5:00000000 [ 241.467422][ T4254] r4:00000000 [ 241.467992][ T4254] Code: e30f067c e3480205 e58dc000 ebfff265 (e7f001f2) [ 241.468750][ T4254] ---[ end trace 0000000000000000 ]--- [ 241.469619][ T4254] Kernel panic - not syncing: Fatal exception [ 241.473591][ T4254] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:49:30 Registers: info registers vcpu 0 CPU#0 R00=00000000 R01=00000000 R02=00000000 R03=82874d18 R04=843dbc00 R05=820413b8 R06=827f5c26 R07=82875154 R08=00000000 R09=00000000 R10=0000109e R11=dfdb5d04 R12=dfdb5cb8 R13=dfdb5cb8 R14=8198ba20 R15=8198ba20 PSR=60000093 -ZC- A S svc32 s00=00000000 s01=00000000 d00=0000000000000000 s02=00000000 s03=00000000 d01=0000000000000000 s04=00000000 s05=00000000 d02=0000000000000000 s06=00000000 s07=00000000 d03=0000000000000000 s08=00000000 s09=00000000 d04=0000000000000000 s10=00000000 s11=00000000 d05=0000000000000000 s12=00000000 s13=00000000 d06=0000000000000000 s14=00000000 s15=00000000 d07=0000000000000000 s16=00000000 s17=00000000 d08=0000000000000000 s18=00000000 s19=00000000 d09=0000000000000000 s20=00000000 s21=00000000 d10=0000000000000000 s22=00000000 s23=00000000 d11=0000000000000000 s24=00000000 s25=00000000 d12=0000000000000000 s26=00000000 s27=00000000 d13=0000000000000000 s28=00000000 s29=00000000 d14=0000000000000000 s30=00000000 s31=00000000 d15=0000000000000000 s32=00000000 s33=00000000 d16=0000000000000000 s34=00000000 s35=00000000 d17=0000000000000000 s36=00000000 s37=00000000 d18=0000000000000000 s38=00000000 s39=00000000 d19=0000000000000000 s40=00000000 s41=00000000 d20=0000000000000000 s42=00000000 s43=00000000 d21=0000000000000000 s44=00000000 s45=00000000 d22=0000000000000000 s46=00000000 s47=00000000 d23=0000000000000000 s48=00000000 s49=00000000 d24=0000000000000000 s50=00000000 s51=00000000 d25=0000000000000000 s52=00000000 s53=00000000 d26=0000000000000000 s54=00000000 s55=00000000 d27=0000000000000000 s56=00000000 s57=00000000 d28=0000000000000000 s58=00000000 s59=00000000 d29=0000000000000000 s60=00000000 s61=00000000 d30=0000000000000000 s62=00000000 s63=00000000 d31=0000000000000000 FPSCR: 00000000 info registers vcpu 1 CPU#1 R00=00000000 R01=00000000 R02=00000000 R03=836a1800 R04=00000000 R05=df9c9ee0 R06=00003916 R07=00000002 R08=00000000 R09=836a1800 R10=00010106 R11=df9c9f5c R12=df9c9e00 R13=df9c9e80 R14=81498470 R15=81989c14 PSR=80000013 N--- A S svc32 s00=00000000 s01=00000000 d00=0000000000000000 s02=00000000 s03=00000000 d01=0000000000000000 s04=00000000 s05=00000000 d02=0000000000000000 s06=00000000 s07=00000000 d03=0000000000000000 s08=00000000 s09=00000000 d04=0000000000000000 s10=00000000 s11=00000000 d05=0000000000000000 s12=00000000 s13=00000000 d06=0000000000000000 s14=00000000 s15=00000000 d07=0000000000000000 s16=00000000 s17=00000000 d08=0000000000000000 s18=00000000 s19=00000000 d09=0000000000000000 s20=00000000 s21=00000000 d10=0000000000000000 s22=00000000 s23=00000000 d11=0000000000000000 s24=00000000 s25=00000000 d12=0000000000000000 s26=00000000 s27=00000000 d13=0000000000000000 s28=00000000 s29=00000000 d14=0000000000000000 s30=00000000 s31=00000000 d15=0000000000000000 s32=00000000 s33=00000000 d16=0000000000000000 s34=00000000 s35=00000000 d17=0000000000000000 s36=00000000 s37=00000000 d18=0000000000000000 s38=00000000 s39=00000000 d19=0000000000000000 s40=00000000 s41=00000000 d20=0000000000000000 s42=00000000 s43=00000000 d21=0000000000000000 s44=00000000 s45=00000000 d22=0000000000000000 s46=00000000 s47=00000000 d23=0000000000000000 s48=00000000 s49=00000000 d24=0000000000000000 s50=00000000 s51=00000000 d25=0000000000000000 s52=00000000 s53=00000000 d26=0000000000000000 s54=00000000 s55=00000000 d27=0000000000000000 s56=00000000 s57=00000000 d28=0000000000000000 s58=00000000 s59=00000000 d29=0000000000000000 s60=00000000 s61=00000000 d30=0000000000000000 s62=00000000 s63=00000000 d31=0000000000000000 FPSCR: 00000000