[   28.603260][   T30] audit: type=1400 audit(28.560:68): avc:  denied  { read write } for  pid=2984 comm="sftp-server" name="null" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   28.609672][   T30] audit: type=1400 audit(28.560:69): avc:  denied  { open } for  pid=2984 comm="sftp-server" path="/dev/null" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
Warning: Permanently added '[localhost]:2641' (ED25519) to the list of known hosts.
[   48.288420][   T30] audit: type=1400 audit(48.250:70): avc:  denied  { name_bind } for  pid=2996 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   49.863136][   T30] audit: type=1400 audit(49.830:71): avc:  denied  { execute } for  pid=2998 comm="sh" name="syz-fuzzer" dev="vda" ino=680 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   49.864017][   T30] audit: type=1400 audit(49.830:72): avc:  denied  { execute_no_trans } for  pid=2998 comm="sh" path="/syz-fuzzer" dev="vda" ino=680 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
1970/01/01 00:00:52 fuzzer started
1970/01/01 00:00:54 dialing manager at localhost:30000
[   54.306925][   T30] audit: type=1400 audit(54.270:73): avc:  denied  { node_bind } for  pid=2998 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   54.339980][   T30] audit: type=1400 audit(54.300:74): avc:  denied  { name_bind } for  pid=2998 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   54.474982][   T30] audit: type=1400 audit(54.440:75): avc:  denied  { mounton } for  pid=3006 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=682 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   54.477129][   T30] audit: type=1400 audit(54.440:76): avc:  denied  { mount } for  pid=3006 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   54.486328][ T3006] cgroup: Unknown subsys name 'net'
[   54.493749][   T30] audit: type=1400 audit(54.460:77): avc:  denied  { unmount } for  pid=3006 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   54.647856][ T3006] cgroup: Unknown subsys name 'hugetlb'
[   54.649093][ T3006] cgroup: Unknown subsys name 'rlimit'
[   54.838693][   T30] audit: type=1400 audit(54.800:78): avc:  denied  { mounton } for  pid=3006 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   54.841456][   T30] audit: type=1400 audit(54.800:79): avc:  denied  { mount } for  pid=3006 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   54.843946][   T30] audit: type=1400 audit(54.810:80): avc:  denied  { setattr } for  pid=3006 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   54.919517][ T3007] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   54.920403][   T30] audit: type=1400 audit(54.880:81): avc:  denied  { relabelto } for  pid=3007 comm="mkswap" name="swap-file" dev="vda" ino=685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   54.921903][   T30] audit: type=1400 audit(54.880:82): avc:  denied  { write } for  pid=3007 comm="mkswap" path="/swap-file" dev="vda" ino=685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   59.121784][ T3006] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
1970/01/01 00:00:59 code coverage: CONFIG_KCOV is not enabled
1970/01/01 00:00:59 comparison tracing: CONFIG_KCOV is not enabled
1970/01/01 00:00:59 extra coverage: CONFIG_KCOV is not enabled
1970/01/01 00:00:59 delay kcov mmap: CONFIG_KCOV is not enabled
1970/01/01 00:00:59 setuid sandbox: enabled
1970/01/01 00:00:59 namespace sandbox: enabled
1970/01/01 00:00:59 Android sandbox: enabled
1970/01/01 00:00:59 fault injection: enabled
1970/01/01 00:00:59 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
1970/01/01 00:00:59 net packet injection: enabled
1970/01/01 00:00:59 net device setup: enabled
1970/01/01 00:00:59 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
1970/01/01 00:00:59 devlink PCI setup: PCI device 0000:00:10.0 is not available
1970/01/01 00:00:59 NIC VF setup: PCI device 0000:00:11.0 is not available
1970/01/01 00:00:59 USB emulation: enabled
1970/01/01 00:00:59 hci packet injection: /dev/vhci does not exist
1970/01/01 00:00:59 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist
1970/01/01 00:00:59 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist
1970/01/01 00:00:59 swap file: enabled
1970/01/01 00:00:59 starting 2 executor processes
[   60.046570][   T30] kauditd_printk_skb: 2 callbacks suppressed
[   60.046682][   T30] audit: type=1400 audit(60.010:85): avc:  denied  { execmem } for  pid=3008 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   60.083057][   T30] audit: type=1400 audit(60.040:86): avc:  denied  { mounton } for  pid=3010 comm="syz-executor.0" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[   60.083895][   T30] audit: type=1400 audit(60.040:87): avc:  denied  { mount } for  pid=3010 comm="syz-executor.0" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   60.084539][   T30] audit: type=1400 audit(60.040:88): avc:  denied  { read } for  pid=3010 comm="syz-executor.0" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   60.085156][   T30] audit: type=1400 audit(60.040:89): avc:  denied  { open } for  pid=3010 comm="syz-executor.0" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   60.085822][   T30] audit: type=1400 audit(60.040:90): avc:  denied  { mounton } for  pid=3010 comm="syz-executor.0" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   60.120683][   T30] audit: type=1400 audit(60.080:91): avc:  denied  { module_request } for  pid=3010 comm="syz-executor.0" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   60.155587][   T30] audit: type=1400 audit(60.120:92): avc:  denied  { sys_module } for  pid=3010 comm="syz-executor.0" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   60.450129][   T30] audit: type=1400 audit(60.410:93): avc:  denied  { ioctl } for  pid=3010 comm="syz-executor.0" path="/dev/net/tun" dev="devtmpfs" ino=691 ioctlcmd=0x54ca scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   61.045340][ T3010] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.049059][ T3010] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.491390][ T3010] hsr_slave_0: entered promiscuous mode
[   61.497035][ T3010] hsr_slave_1: entered promiscuous mode
[   61.519018][ T3012] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.541474][ T3012] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.711691][   T30] audit: type=1400 audit(61.670:94): avc:  denied  { create } for  pid=3010 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   61.718526][ T3010] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   61.725278][ T3010] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   61.728585][ T3010] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   61.731772][ T3010] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   62.010475][ T3012] hsr_slave_0: entered promiscuous mode
[   62.013557][ T3012] hsr_slave_1: entered promiscuous mode
[   62.017230][ T3012] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   62.017554][ T3012] Cannot create hsr debugfs directory
[   62.169335][ T3012] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   62.174689][ T3012] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   62.181029][ T3012] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   62.185181][ T3012] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   62.235564][ T3010] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.487764][ T3012] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.326696][ T3010] veth0_vlan: entered promiscuous mode
[   63.335686][ T3010] veth1_vlan: entered promiscuous mode
[   63.360043][ T3010] veth0_macvtap: entered promiscuous mode
[   63.368175][ T3010] veth1_macvtap: entered promiscuous mode
[   63.394527][ T3010] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.394986][ T3010] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.395205][ T3010] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.395390][ T3010] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='cpuacct.stat\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={<r1=>0xffffffffffffffff})
sendmsg$nl_xfrm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[], 0x33fe0}}, 0x0)
timer_create(0x0, &(0x7f0000000180)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r2=>0x0)
sendmsg$TIPC_NL_NODE_GET(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
timer_settime(r2, 0x0, &(0x7f0000000300)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))

[   63.578737][ T3012] veth0_vlan: entered promiscuous mode
[   63.585315][ T3012] veth1_vlan: entered promiscuous mode
[   63.604041][ T3012] veth0_macvtap: entered promiscuous mode
[   63.607405][ T3012] veth1_macvtap: entered promiscuous mode
[   63.623721][ T3012] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.624046][ T3012] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.624307][ T3012] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.625212][ T3012] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
executing program 1:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000080)={0x48, 0x2, r1, 0x0, <r2=>0x0})
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000340)={0x2d, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000240)={0x48, 0x2, r4})
ioctl$IOMMU_DESTROY$stdev(r0, 0x3b80, &(0x7f00000002c0)={0x8, r2})

executing program 1:
r0 = epoll_create1(0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000300)={0x40002006})
epoll_pwait(r0, &(0x7f0000006140)=[{}], 0x1, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000800)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0x0, @remote, @mcast2, {[], @ndisc_ra}}}}}, 0x0)

executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0x25)
close_range(r1, 0xffffffffffffffff, 0x0)

executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x5, 0x0, 0x0, {}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc}]}], {0x14, 0x10}}, 0x54}}, 0x0)

executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xd)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000340)="031f31b1f09d76af21e3b0224966a232dc1f5bfd8a29f730b10a53e756087a1df416fd804b636964220910b05962d95d7fb7873e8a0b7b62d7384dbd12b536f0e55e588092441663f9665e4b39f8eb3430840ac3c6ad014d6268fca6b3fc43da09b1d0a95d18e26a8e0ddd857f4911abb72ced02e4f1fe5ebb35042436374c7119229c019819a8491bdd74a299ca4fa71ee05f4c49c99de404b76d08fb1938674fa45fd06104cfcc08e9c017a2769a77e1a9e4da0e451353ca53b990500b18e4f4bb5cf1309fe4707c3f7200"/217, 0xd9}, {&(0x7f0000000640)="ffb3ef96fd55310531a92b9d4b2ebcb168c3e90db153fe8bc3c9e2cfd50d22329495b92a7e12a948fff8e40f44798512135fd8fec900cca0c10e9e61d61cff5507f9298209ab8dd95ba0cb024a07dc20d07ac8940c729de29318e23818b2169da4374e8ec904573105b3dafbed9c3958b6570ec6117f2a8b7823b94056c0bcfd679f57db483bb7631bfd74f5f73cdebd19d4bd31a81d7c73c4428a65dc3820987e1ea1c45773112d4e2b1cc8064f220c7b2d673f84d4b1a5a9aedc2063b740198f57d0848358b2cf118bfcdc7c40303dee672f1ca6384e006460df438bde154a0c", 0xe1}, {}, {0x0}], 0x4)
ioctl$TCFLSH(r0, 0x540b, 0x2)

executing program 1:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a60000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000080)='setgroups\x00')

executing program 1:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x111}}, 0x20)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003080)=[{{0x0, 0x0, &(0x7f0000002b40)=[{&(0x7f00000003c0)="c72f895429afb1772eaf0e6a2a4285d74eb92cd4db512c1cfddc8a7f950f282ef8dbcd5b853602ffd930754db2e74b13c9e3c48323e9147fd5a3a98f80e8b2a98e0c671ae9a706fa614c2f6679c5b2a3fb270eb338d0f428acea9fa7097c270cc6705e961c7ef814b84059602fc407a94ae48c4534001f8ec1b47097216f1cc124058e44c598b784df1c5619367e3d76ac05fde00b109c81f973b67a5f99771a102de4a5841503df7081a583342b232e41f72505da11417dcd3275b423324f133bdb6150948084c74ad3c5af4290746f9f13fe04e51628ffd322742e7bde814ddb8f17402a21751e9ca95b6b748af9b00a9d1df194a910e048bc11901efeb2cebb82cf8914d51a11115308874ee614ee3289788e7f64e466cae56b15517e857d60b96fdebdb18c8d78e503a49c3250f1d242ef5a7af19a4d14650abec28c8b63d99526856953a6a00fc72bf53f2b12352e351713a444b90bc4966c8c6f943aeaca8e849b64d38193da905581a9550d16a447ab272e93fe59c307f3781a256030bd4a78df1e8fa4717475e9726e85b24b7a9a04454ae501a98c0ab89c7eedc062f087ed09c4e01b51542beec79300230372a0832f5a5229cf0e46b52a7b90415134d19ea4f8e3625fb2cc41cd2ef21a3245d353425abb1fb3ff272f3415cd09a9474d90ffce38aeb5dbbb1a5433edf7841f9fd92e422a31d21d87a79d640a854b5f1006b061073fd0f61764198b5f04a05eaa8d47a92ec0f112d17b8b94791f70f7bb4585150f1b1fee4aa83b3f356ad9efc2c10cbb8ad2cfb9ca8f3e8b611c3ee9ec7de94e1dd733cec88bbbd6752d130f09e455daafc875ae91996292b3e1da64b78a40c256bce7bad20197cff56c89a4f6635fec90f07e706510ea90d28406f171a3315e3192d78a3854a55f66382a1382ce9bc8330e79151d04695a212f4057e1b4edec50e063f5bc7031623091bb89fe3b25dab809c73cf4d2f743bb0de974d0369fae5367e21068a6e5ef833a8b36c117d2a5177123132364633d4bb33f37d41818db1140fed0554065b35243b6ae442e9c0f6ab9a82991357aedab0807b103445d44460aa254c20bdcc98839c6428415e1c1a3840c036ccb884bda733f7bbffa21c72df60bc5d881bd1c08e8bf84f5c02b9c3d0fef4162782419c18245680602eb2e31a86e79153604c9851127dc07de11935efe1fefdf58aaba8943e996de93f92bf5c1d9c9b719e848a6a11363dc4609a5a6bc87cc26e853155472cd4213d52011781e68647409ad1de1c35648e1cb1d23f87ea73d94f61732eac912bf3a0838ef6ed41e41401343946c565d756ff45932a65ba4f96248e0c69d1b5b4a0d999ff95b4ce45891757c4c51d1b13120f86433adac2be903e0c10a4fb3f7d6afa035624a89e599fc95d3e8ef962ed93c1a62feddbbcc0988f2bf5373b5343d9b4ef27d2abc0dd31759c97b10ae7aa734339fb06d1519e909ed876c0ada6e98e1290dc4230237d94539f97a660cb913ce0254dde7e1f632f40d968b25b1300d14f58e634af3eaaa5cb6ac111145a1e5423545155f03c6f620b39b0e4ed07137e3b83f19d22ff53753f9e409be2aa29323253c28ece7d4ab4542ad62681799cfa9625c19c0c5aad275622889802e628f032090abe448d833f3b3950f3a1fac42c6cb1a3bfa2b4c6fc850cd8d60fed91ba48fe3e8b8e482b0dba3a5f77647bb1400b0b7b0ef8e1676fbf917d53226bf52ae6d8630e9dabc49697c064ed157c323d4515796c58536633ea940274379c77aa54b696871c39f039e66eff4172fed108e2907b2de40b18979ba55efe42f3e3378c028ab86f2f802a50f9c8488fa224bded3e2f2184f258190eedc0aa796112fafb4ce253647165a3da876442ea5448e2be7dd661de5b24c735ac0e9cfdb5f743cb104f91cf31d7ce0d6a4581918f6a52aa0798b2002588902fc7c23481413f54dc479e39ddf326102dc44be7dfea5618e44ed6a1ff7acac2d025eb64a289b8e8fd4fe9928b0070d4b997ce90bc6976991ee4ec15452c1ed69f77c1a2161fcb421d75f793a1a1a2cc8720a57d14994b7ae9ebbd8a991ae39c9c3ec4c9989ab975b09555e6c765b3d5f4f0f6c48ff68d227cf7fff4f523e3152169ae81227a0a4eff2754f146dc2cb5a56db2bf155390182de3ad83c9005e017e2fb5c4b74a55d05e75cad0e823a13d15980f20b407a4ccd18b984f86b4a8a77225ced56392b43444306909e4339296251f92cbe9e6dc0d0e41718af1ce113ef109066db5d7f81a88ee5bb22eaef3a3f32ad349e0319fbc32f2e2fb52ac635d5a952b50694c02bd9c950e7a139ec6277896987feb6acf41e5b899de5d5b9779bfc57abcb36117464e322d44b152aa0b9c48d84677b36b0841e37498d135a63c4f8aa8d2fadabd99ed604aec51a49e2a10406caea9299df6c60f032a82f516e25ac7cc98173ddb7ddebc7a7bf7e3df37c77255464325954fab72216241748d09f87d88f9aab8f6bf2b87b6347278531e4e826d408bf6a6670092d707b61dc8b1b28e33b2aca71dd9165c6f2bcbe40e083bdd971a30789a50dbc984b3b25f9360de92fb318ca9328ba5349a35eb4b4b3077e712d45195c00949bd9cc15d5a778d2a3793da68618130b394d88dc4f207f79de05a795c96d0daab041c3fbd37368f594229164dd3792bbecdab521ae2c6c44722edaaf29df9effbcbb6837c7bb7c505394101e0fe65ca9ed81c0e5fc2ff61f1241865010c43d5b414a3fbafe619dfb7aad5c5fc7ef72628918543caa8f3a3a6850c3a52553d579186224b01ea44cdf1d274fdefe88e7a4e6448e11da91544b6a6af9c827d56cfccb55e69e6c2a6af6da2d707dffc1e928f8514bc62b2594691b70e4553114205a407acfb60915ee296003473604738b3dcf82688a968ea4fd267fb485be82207c4c3d70846bf80aa4700973fa4e9fe5af631a04c1966258851c5578b3809cbbf8395398f59ce507caa1668355e5be4cf20aeaed39d7a001ceadce6a93df889bf146118919e22f3761743b511c3a2672f5075d504636e744c276862dd2de2904ab7470d2216b38a48fa05f8414da6c23e2054c5aac70f01ecd4a8052af8bd0b640c00631dcc70f1f07b0781ce3d0916dcc41fd6c29a938a0d0a8af4c6079c2b3a191b8ce7f03df65e48c1d575765512d9fcaff035e9c801bd549a526058bf2a7432d842963ca522d50a3153630d99b394f1fa0a1fbc80ce42e845e95ebb3b045086042df5e218ee98c13a89f91000ab2f75fee40ea00ecb6f22f2aeedacfe3e0ec2e012b97db05b4517af000286276600c43f3fdeec25e7482c9c56da554a3999cd2793f1c0a6701e05dabef2342ec8f74739c9abf7acecaf0f0756e42bf4b2e55207a664f1662bc2ab2e9f93504bd1900b739ce4859c2b3f43be6de58a6df332e8d529975406cf42df1299ef86507e458f417ce87d51f402200cda49e71db01bfbbd2613053e9c3c1478826d9c89edcf08d48e380fc4689fd0d580ee550de3c1d0d04f9409d122e34f33a1329970b7d9f7c46da7cab6f24d71366cc81370450e95a3336ca1919d16f6a5ac335ece89c94c4ed6a2693c1723f91296646f517f77b9a5e5a9f5d66075edce1be5cdb2612ce20b47e89ee5bc951dcd74dc5e5d684cb59839f5e8e4cccd41a7e09ec62b787c630bc1306292f501ebc74b827fdcf732b61299269192d554eaf3a426d663dcb92ee1d406a429fd01c50410120376347d0ee4253a4d469f72af337ac73b54b88fed88805fcddbb60e3a9676eb8b72539663e28be3940646623feaee02df78c8f9649921430d798f111836add1f9420001dab8c0d6b6ddde9e18983228a5cbdce0ca9a90c39d055b77190b11b0661639023021761c5af34a8fe385e75480bc3d3437b5d4b2f28e1d4a4bb200cf2539cb6f20f4f6746b550fec537977ba7ee5be65635b5dfa7ba37e71cefbd0a4f06a3285c9bf6ca3136b2c922b8ad0c36d763e43878078804d8fe37b00d2841371f8ec7a387ee3382695340556f342fb31712764eca5ce13cdfaa22167a418495df0afab54b5a20de585680f334f2a492c3371f92cb03255b76fd5cd9ad4426f61eac452bd4cd7b61f92b2be4c4f0d3022bea5aa6be2f2d53918b5c2755e1127b569537b7000320e001910ddad4aa8fd02e17317d5a3b168098b5e730e86c5335d09129611088af1f97d8784fbc728e1f0b249473ba464c883a37cdd957f8c5e2d58b12ee8610f8239b8d7f695a89e61fc37b64475cd15fbb876328e3e417b71c283ff2619514d28b9c1d0fc6cd591971fa37f4ab0aded63d65f573ff93dc36ec82f01aa22897e532907ef92ea41696d3eee294b6a47e76c777bfb0d67bc6935d141381f13d7147251706322aea2152d9439c2d44ea626bdff18e2b53bc3bb567b867fb", 0xc41}], 0x1}}], 0x1, 0x0)
write$RDMA_USER_CM_CMD_QUERY_ROUTE(r0, &(0x7f0000000100)={0x5, 0x10, 0xfa00, {&(0x7f0000001480), r1}}, 0x18)

executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='auxv\x00')
pipe(0x0)
socket(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x100}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000140)={'vxcan1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x60, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_LOCAL={0x14, 0x6, @empty}, @IFLA_GRE_IFLAGS={0x6}, @IFLA_GRE_LINK={0x8, 0x1, r1}]}}}]}, 0x60}}, 0x0)

executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$IPCTNL_MSG_EXP_GET(r1, &(0x7f0000003300)={0x0, 0x0, &(0x7f00000032c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000010201"], 0x14}}, 0x0)
recvmsg$inet_nvme(r1, &(0x7f0000005900)={&(0x7f0000003440)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, 0x0}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000040)={0x1d, r4, 0x3}, 0x18)
sendmsg$NFT_MSG_GETSET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[], 0x1c}}, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)

executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000006c0)={'lo\x00', <r1=>0x0})
r2 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r2, &(0x7f00000001c0)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f0000000480)=""/187, 0x10d}], 0x1, 0x0, 0x0)

[   64.694596][ T3716] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='cpuacct.stat\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={<r1=>0xffffffffffffffff})
sendmsg$nl_xfrm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[], 0x33fe0}}, 0x0)
timer_create(0x0, &(0x7f0000000180)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r2=>0x0)
sendmsg$TIPC_NL_NODE_GET(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
timer_settime(r2, 0x0, &(0x7f0000000300)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))

executing program 1:
socketpair$unix(0x1, 0x1, 0x0, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x105042, 0x0)
setrlimit(0x1, &(0x7f0000000100)={0x8000000000000001, 0xfffffffffffffff9})
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
rt_sigreturn()
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x12, &(0x7f0000000040)=0x6, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
write$P9_RXATTRWALK(r1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000780)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d862b9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000002000002090666159e3ef5f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac1b3fca19fc0a9e346a78c12e5c3c6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027ec3d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af16aa9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e314f57d9507dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f06ac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdce943f895dd45045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bda8847e37f3c3d49018ecb97ce1a4a6cbd7c3ec5029d938b18a206f7f9bf678dfef1758d6a1ec0000000000000000000000000000003454686fbafb46bef43449725b85cfd3547fa97111e037819af7a0c21b15f4c3e3e4b64e130528d055cfc5fe1fe26307ea8e352cd098d8eac5d0ba0514556a9ca4534518f51bd41f43f21afe183a6233650514ca340a899a28d7784b747af027e7c986b1e66d0ea260b9a4bc4e6da64d984dc79646c6c61c4cd5458a0b8e14f9abc0ddb9cc164a22f6", 0x54e676f5, 0xc000, 0x0, 0xffffffffffffff59)
write$cgroup_pressure(0xffffffffffffffff, 0x0, 0x0)
rt_sigreturn()
open(0x0, 0x0, 0x0)
unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00')

executing program 1:
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000002680)='dctcp\x00', 0x6)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)

[   65.877941][   T30] kauditd_printk_skb: 23 callbacks suppressed
[   65.878725][   T30] audit: type=1400 audit(65.840:118): avc:  denied  { create } for  pid=3722 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   65.903652][   T30] audit: type=1400 audit(65.860:119): avc:  denied  { setopt } for  pid=3722 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   65.922596][   T30] audit: type=1400 audit(65.880:120): avc:  denied  { connect } for  pid=3722 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
executing program 1:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000480)={0x2020}, 0x2020)

[   66.147660][   T30] audit: type=1400 audit(66.110:121): avc:  denied  { read } for  pid=3724 comm="syz-executor.1" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   66.159868][   T30] audit: type=1400 audit(66.120:122): avc:  denied  { open } for  pid=3724 comm="syz-executor.1" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   66.189023][   T30] audit: type=1400 audit(66.150:123): avc:  denied  { ioctl } for  pid=3724 comm="syz-executor.1" path="/dev/binderfs/binder0" dev="binder" ino=7 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   66.203106][   T30] audit: type=1400 audit(66.170:124): avc:  denied  { set_context_mgr } for  pid=3724 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x52, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x0, @void, @void, @void, @void, @void, @void, @val={0x25, 0x3}, @val={0x2a, 0x1}, @val={0x3c, 0x4}, @val={0x2d, 0x1a}, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SMPS_MODE={0x5}]}, 0x90}}, 0x0)

[   66.596249][   T30] audit: type=1400 audit(66.550:125): avc:  denied  { ioctl } for  pid=3726 comm="syz-executor.1" path="socket:[845]" dev="sockfs" ino=845 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
acct(&(0x7f00000001c0)='./file0\x00')

executing program 1:
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ftruncate(0xffffffffffffffff, 0x81fd)
ptrace$getregset(0x4205, r0, 0x2, &(0x7f00000004c0)={&(0x7f0000002080)=""/4096, 0x1000})

executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x44, 0x2, 0x6, 0x1, 0x6000000, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)

[   67.495256][ T3735] usercopy: Kernel memory overwrite attempt detected to SLUB object 'task_struct' (offset 80, size 116)!
[   67.499060][ T3735] ------------[ cut here ]------------
[   67.499436][ T3735] kernel BUG at mm/usercopy.c:102!
[   67.500297][ T3735] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM
[   67.501311][ T3735] Modules linked in:
[   67.502692][ T3735] CPU: 0 PID: 3735 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0
[   67.503420][ T3735] Hardware name: ARM-Versatile Express
[   67.504651][ T3735] PC is at usercopy_abort+0x98/0x9c
[   67.505200][ T3735] LR is at __wake_up_klogd.part.0+0x7c/0xac
[   67.506315][ T3735] pc : [<818a8384>]    lr : [<802ba768>]    psr: 60000013
[   67.506687][ T3735] sp : e0021d98  ip : e0021ce0  fp : e0021dbc
[   67.507042][ T3735] r10: 81a00568  r9 : 00001000  r8 : 8375ec50
[   67.508170][ T3735] r7 : dde75860  r6 : 00000000  r5 : 00000074  r4 : 00000050
[   67.508585][ T3735] r3 : 8375b000  r2 : 00000000  r1 : 00000000  r0 : 00000066
[   67.509846][ T3735] Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
[   67.511662][ T3735] Control: 30c5387d  Table: 84ff5a00  DAC: fffffffd
[   67.512654][ T3735] Register r0 information: non-paged memory
[   67.513285][ T3735] Register r1 information: NULL pointer
[   67.514464][ T3735] Register r2 information: NULL pointer
[   67.514725][ T3735] Register r3 information: slab task_struct start 8375b000 pointer offset 0 size 3072
[   67.516668][ T3735] Register r4 information: non-paged memory
[   67.517835][ T3735] Register r5 information: non-paged memory
[   67.518238][ T3735] Register r6 information: NULL pointer
[   67.518565][ T3735] Register r7 information: non-slab/vmalloc memory
[   67.519818][ T3735] Register r8 information: slab task_struct start 8375ec00 pointer offset 80 size 3072
[   67.521126][ T3735] Register r9 information: non-paged memory
[   67.521382][ T3735] Register r10 information: non-slab/vmalloc memory
[   67.521812][ T3735] Register r11 information: 2-page vmalloc region starting at 0xe0020000 allocated at kernel_clone+0xac/0x3cc
[   67.522795][ T3735] Register r12 information: 2-page vmalloc region starting at 0xe0020000 allocated at kernel_clone+0xac/0x3cc
[   67.523588][ T3735] Process syz-executor.1 (pid: 3735, stack limit = 0xe0020000)
[   67.524077][ T3735] Stack: (0xe0021d98 to 0xe0022000)
[   67.524319][ T3735] 1d80:                                                       81fec750 81fbf360
[   67.524584][ T3735] 1da0: 81fd398c 00000050 00000074 00001000 e0021dec e0021dc0 804b82a4 818a82f8
[   67.525034][ T3735] 1dc0: 00000074 e0021dd0 80216314 8375ec50 00000074 00000000 8375ecc4 dde75860
[   67.526265][ T3735] 1de0: e0021e24 e0021df0 804ef448 804b81d8 00000074 200004c4 e0021e14 8375ec50
[   67.526647][ T3735] 1e00: 00000074 200004c4 00000074 81a005a0 00001000 81a00568 e0021e4c e0021e28
[   67.527934][ T3735] 1e20: 8020a0e4 804ef268 00000000 e0021ef4 e0021ea4 e0021e50 8020a054 8375ec00
[   67.528290][ T3735] 1e40: e0021ef4 e0021e50 80253b88 8020a060 00000000 20002080 20002080 81a0057c
[   67.529508][ T3735] 1e60: 818cc6b8 00000000 e0021eb4 e0021e78 8020d1c0 8020c164 e0021ecc 00000000
[   67.529894][ T3735] 1e80: 8027e644 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[   67.530452][ T3735] 1ea0: 00000000 8375b000 e0021edc e0021eb8 8027cafc 802ac884 835e7300 00000000
[   67.531750][ T3735] 1ec0: e0021f3c 20b661f5 8375ec00 200004c0 00004202 00000002 00000000 200004c0
[   67.532147][ T3735] 1ee0: 8375b000 0000001a e0021f6c e0021ef8 8020a4e0 802538ac 8375ec00 8375f47c
[   67.532573][ T3735] 1f00: e0021f1c e0021f10 818ccb64 8027b084 e0021f6c e0021f20 80280e88 818ccb40
[   67.533301][ T3735] 1f20: 80253794 00000000 8375b000 60000013 e0021f5c e0021f40 818c46cc 20b661f5
[   67.533716][ T3735] 1f40: 00004205 00004205 8375ec00 20b661f5 00004205 8375ec00 00000002 00000000
[   67.535040][ T3735] 1f60: e0021fa4 e0021f70 80253570 8020a43c 80203054 20b661f5 e0021fac 00000000
[   67.535443][ T3735] 1f80: 00000000 0014c2cc 0000001a 80200288 8375b000 0000001a 00000000 e0021fa8
[   67.536775][ T3735] 1fa0: 80200060 80253340 00000000 00000000 00004205 0000001f 00000002 200004c0
[   67.537281][ T3735] 1fc0: 00000000 00000000 0014c2cc 0000001a 7ea0732e 7ea0732f 003d0f00 76b4a0fc
[   67.538682][ T3735] 1fe0: 76b49f08 76b49ef8 00016ab0 00050bf0 60000010 00004205 00000000 00000000
[   67.540498][ T3735] Call trace: 
[   67.542363][ T3735] [<818a82ec>] (usercopy_abort) from [<804b82a4>] (__check_heap_object+0xd8/0xf4)
[   67.542898][ T3735] [<804b81cc>] (__check_heap_object) from [<804ef448>] (__check_object_size+0x1ec/0x30c)
[   67.543207][ T3735]  r8:dde75860 r7:8375ecc4 r6:00000000 r5:00000074 r4:8375ec50
[   67.544276][ T3735] [<804ef25c>] (__check_object_size) from [<8020a0e4>] (fpa_set+0x90/0xfc)
[   67.544930][ T3735]  r10:81a00568 r9:00001000 r8:81a005a0 r7:00000074 r6:200004c4 r5:00000074
[   67.546305][ T3735]  r4:8375ec50
[   67.546445][ T3735] [<8020a054>] (fpa_set) from [<80253b88>] (ptrace_request+0x2e8/0x9a4)
[   67.546920][ T3735]  r5:8375ec00 r4:8020a054
[   67.547962][ T3735] [<802538a0>] (ptrace_request) from [<8020a4e0>] (arch_ptrace+0xb0/0x3e4)
[   67.548417][ T3735]  r10:0000001a r9:8375b000 r8:200004c0 r7:00000000 r6:00000002 r5:00004202
[   67.549782][ T3735]  r4:200004c0
[   67.550041][ T3735] [<8020a430>] (arch_ptrace) from [<80253570>] (sys_ptrace+0x23c/0x4e4)
[   67.551152][ T3735]  r7:00000000 r6:00000002 r5:8375ec00 r4:00004205
[   67.551584][ T3735] [<80253334>] (sys_ptrace) from [<80200060>] (ret_fast_syscall+0x0/0x1c)
[   67.552065][ T3735] Exception stack(0xe0021fa8 to 0xe0021ff0)
[   67.552488][ T3735] 1fa0:                   00000000 00000000 00004205 0000001f 00000002 200004c0
[   67.552810][ T3735] 1fc0: 00000000 00000000 0014c2cc 0000001a 7ea0732e 7ea0732f 003d0f00 76b4a0fc
[   67.553064][ T3735] 1fe0: 76b49f08 76b49ef8 00016ab0 00050bf0
[   67.553345][ T3735]  r10:0000001a r9:8375b000 r8:80200288 r7:0000001a r6:0014c2cc r5:00000000
[   67.553627][ T3735]  r4:00000000
[   67.554011][ T3735] Code: e30c0754 e34801fe e58dc000 ebfff359 (e7f001f2) 
[   67.555624][ T3735] ---[ end trace 0000000000000000 ]---
[   67.557127][ T3735] Kernel panic - not syncing: Fatal exception
[   67.560216][ T3735] Rebooting in 86400 seconds..

VM DIAGNOSIS:
03:12:41  Registers:
info registers vcpu 0

CPU#0
R00=81fcedd0 R01=00000000 R02=00000000 R03=00000000
R04=e0021d48 R05=00000000 R06=fffffffd R07=60000093
R08=8285a41c R09=8261ca08 R10=8375b000 R11=e0021c6c
R12=e0021c70 R13=e0021c60 R14=81875eb0 R15=81875dd0
PSR=60000093 -ZC- A S svc32
s00=00000000 s01=00000000 d00=0000000000000000
s02=00000000 s03=00000000 d01=0000000000000000
s04=00000000 s05=00000000 d02=0000000000000000
s06=00000000 s07=00000000 d03=0000000000000000
s08=00000000 s09=00000000 d04=0000000000000000
s10=00000000 s11=00000000 d05=0000000000000000
s12=00000000 s13=00000000 d06=0000000000000000
s14=00000000 s15=00000000 d07=0000000000000000
s16=00000000 s17=00000000 d08=0000000000000000
s18=00000000 s19=00000000 d09=0000000000000000
s20=00000000 s21=00000000 d10=0000000000000000
s22=00000000 s23=00000000 d11=0000000000000000
s24=00000000 s25=00000000 d12=0000000000000000
s26=00000000 s27=00000000 d13=0000000000000000
s28=00000000 s29=00000000 d14=0000000000000000
s30=00000000 s31=00000000 d15=0000000000000000
s32=00000000 s33=00000000 d16=0000000000000000
s34=00000000 s35=00000000 d17=0000000000000000
s36=00000000 s37=00000000 d18=0000000000000000
s38=00000000 s39=00000000 d19=0000000000000000
s40=00000000 s41=00000000 d20=0000000000000000
s42=00000000 s43=00000000 d21=0000000000000000
s44=00000000 s45=00000000 d22=0000000000000000
s46=00000000 s47=00000000 d23=0000000000000000
s48=00000000 s49=00000000 d24=0000000000000000
s50=00000000 s51=00000000 d25=0000000000000000
s52=00000000 s53=00000000 d26=0000000000000000
s54=00000000 s55=00000000 d27=0000000000000000
s56=00000000 s57=00000000 d28=0000000000000000
s58=00000000 s59=00000000 d29=0000000000000000
s60=00000000 s61=00000000 d30=0000000000000000
s62=00000000 s63=00000000 d31=0000000000000000
FPSCR: 00000000
info registers vcpu 1

CPU#1
R00=df99ded0 R01=02b7f4e8 R02=00000008 R03=7f000000
R04=8401b000 R05=df99dee0 R06=df99dfb0 R07=02b7f4e0
R08=80200288 R09=8401b000 R10=00000109 R11=df99df44
R12=83b7f4e7 R13=df99df48 R14=80426e50 R15=80200088
PSR=60000193 -ZC- A S svc32
s00=05ec76f0 s01=00000001 d00=0000000105ec76f0
s02=dea713f1 s03=00000000 d01=00000000dea713f1
s04=2cb2018c s05=7697a524 d02=7697a5242cb2018c
s06=00000000 s07=00000000 d03=0000000000000000
s08=467fe440 s09=2c354393 d04=2c354393467fe440
s10=00000000 s11=00000000 d05=0000000000000000
s12=ffffffff s13=00000000 d06=00000000ffffffff
s14=00000000 s15=00000000 d07=0000000000000000
s16=00000000 s17=00000000 d08=0000000000000000
s18=00000000 s19=00000000 d09=0000000000000000
s20=5173f0dc s21=d59dc38c d10=d59dc38c5173f0dc
s22=7229627e s23=00000000 d11=000000007229627e
s24=00000000 s25=00000000 d12=0000000000000000
s26=00000000 s27=00000000 d13=0000000000000000
s28=00000000 s29=00000000 d14=0000000000000000
s30=00000000 s31=00000000 d15=0000000000000000
s32=00000000 s33=00000000 d16=0000000000000000
s34=00000000 s35=00000000 d17=0000000000000000
s36=00000000 s37=00000000 d18=0000000000000000
s38=00000000 s39=00000000 d19=0000000000000000
s40=00000000 s41=00000000 d20=0000000000000000
s42=00000000 s43=00000000 d21=0000000000000000
s44=00000000 s45=00000000 d22=0000000000000000
s46=00000000 s47=00000000 d23=0000000000000000
s48=00000000 s49=00000000 d24=0000000000000000
s50=00000000 s51=00000000 d25=0000000000000000
s52=00000000 s53=00000000 d26=0000000000000000
s54=00000000 s55=00000000 d27=0000000000000000
s56=00000000 s57=00000000 d28=0000000000000000
s58=00000000 s59=00000000 d29=0000000000000000
s60=00000000 s61=00000000 d30=0000000000000000
s62=00000000 s63=00000000 d31=0000000000000000
FPSCR: 20000011