syz-executor5 (8387) used greatest stack depth: 13656 bytes left x86/PAT: syz-executor2:8414 map pfn RAM range req write-combining for [mem 0x19dee0000-0x19dee3fff], got write-back ====================================================== x86/PAT: syz-executor2:8419 map pfn RAM range req write-combining for [mem 0x19dee0000-0x19dee3fff], got write-back WARNING: possible circular locking dependency detected 4.16.0-rc4+ #350 Not tainted ------------------------------------------------------ syz-executor1/8413 is trying to acquire lock: (&sb->s_type->i_mutex_key#11){++++}, at: [<00000000282fad37>] inode_lock include/linux/fs.h:713 [inline] (&sb->s_type->i_mutex_key#11){++++}, at: [<00000000282fad37>] shmem_file_llseek+0xef/0x240 mm/shmem.c:2579 but task is already holding lock: (ashmem_mutex){+.+.}, at: [<00000000ec71d4a8>] ashmem_llseek+0x56/0x1f0 drivers/staging/android/ashmem.c:326 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (ashmem_mutex){+.+.}: __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0x16f/0x1a80 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 ashmem_mmap+0x53/0x410 drivers/staging/android/ashmem.c:362 call_mmap include/linux/fs.h:1786 [inline] mmap_region+0xa99/0x15a0 mm/mmap.c:1705 do_mmap+0x6c0/0xe00 mm/mmap.c:1483 do_mmap_pgoff include/linux/mm.h:2223 [inline] vm_mmap_pgoff+0x1de/0x280 mm/util.c:355 SYSC_mmap_pgoff mm/mmap.c:1533 [inline] SyS_mmap_pgoff+0x462/0x5f0 mm/mmap.c:1491 SYSC_mmap arch/x86/kernel/sys_x86_64.c:100 [inline] SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:91 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 -> #1 (&mm->mmap_sem){++++}: __might_fault+0x13a/0x1d0 mm/memory.c:4571 _copy_to_user+0x2c/0xc0 lib/usercopy.c:25 copy_to_user include/linux/uaccess.h:155 [inline] filldir+0x1a7/0x320 fs/readdir.c:196 dir_emit_dot include/linux/fs.h:3370 [inline] dir_emit_dots include/linux/fs.h:3381 [inline] dcache_readdir+0x12d/0x5e0 fs/libfs.c:192 iterate_dir+0x1ca/0x530 fs/readdir.c:51 SYSC_getdents fs/readdir.c:231 [inline] SyS_getdents+0x225/0x450 fs/readdir.c:212 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 -> #0 (&sb->s_type->i_mutex_key#11){++++}: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3920 down_write+0x87/0x120 kernel/locking/rwsem.c:70 inode_lock include/linux/fs.h:713 [inline] shmem_file_llseek+0xef/0x240 mm/shmem.c:2579 vfs_llseek+0xa2/0xd0 fs/read_write.c:300 ashmem_llseek+0xe7/0x1f0 drivers/staging/android/ashmem.c:338 vfs_llseek fs/read_write.c:300 [inline] SYSC_lseek fs/read_write.c:313 [inline] SyS_lseek+0xeb/0x170 fs/read_write.c:304 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 other info that might help us debug this: Chain exists of: &sb->s_type->i_mutex_key#11 --> &mm->mmap_sem --> ashmem_mutex Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(ashmem_mutex); lock(&mm->mmap_sem); lock(ashmem_mutex); lock(&sb->s_type->i_mutex_key#11); *** DEADLOCK *** 1 lock held by syz-executor1/8413: #0: (ashmem_mutex){+.+.}, at: [<00000000ec71d4a8>] ashmem_llseek+0x56/0x1f0 drivers/staging/android/ashmem.c:326 stack backtrace: CPU: 1 PID: 8413 Comm: syz-executor1 Not tainted 4.16.0-rc4+ #350 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 print_circular_bug.isra.38+0x2cd/0x2dc kernel/locking/lockdep.c:1223 check_prev_add kernel/locking/lockdep.c:1863 [inline] check_prevs_add kernel/locking/lockdep.c:1976 [inline] validate_chain kernel/locking/lockdep.c:2417 [inline] __lock_acquire+0x30a8/0x3e00 kernel/locking/lockdep.c:3431 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3920 down_write+0x87/0x120 kernel/locking/rwsem.c:70 inode_lock include/linux/fs.h:713 [inline] shmem_file_llseek+0xef/0x240 mm/shmem.c:2579 vfs_llseek+0xa2/0xd0 fs/read_write.c:300 ashmem_llseek+0xe7/0x1f0 drivers/staging/android/ashmem.c:338 vfs_llseek fs/read_write.c:300 [inline] SYSC_lseek fs/read_write.c:313 [inline] SyS_lseek+0xeb/0x170 fs/read_write.c:304 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x453e69 RSP: 002b:00007f062a622c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000008 RAX: ffffffffffffffda RBX: 00007f062a6236d4 RCX: 0000000000453e69 RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000013 RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000000003da R14: 00000000006f5d10 R15: 0000000000000000 mmap: syz-executor3 (8463): VmData 18587648 exceed data ulimit 6. Update limits or use boot option ignore_rlimit_data. audit: type=1400 audit(1520837800.945:52): avc: denied { setfcap } for pid=8491 comm="syz-executor5" capability=31 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl audit: type=1401 audit(1520837801.438:53): op=fscreate invalid_context=400300200000000066000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pig=8666 comm=syz-executor4 audit: type=1400 audit(1520837801.616:54): avc: denied { ioctl } for pid=8682 comm="syz-executor4" path="socket:[22987]" dev="sockfs" ino=22987 ioctlcmd=0x8904 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 dccp_close: ABORT with 400 bytes unread audit: type=1400 audit(1520837801.880:55): avc: denied { dyntransition } for pid=8742 comm="syz-executor3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0,c1 tclass=process permissive=1 binder_alloc: 8742: binder_alloc_buf, no vma audit: type=1400 audit(1520837801.882:56): avc: denied { set_context_mgr } for pid=8742 comm="syz-executor3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0,c1 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1 binder: 8742:8754 transaction failed 29189/-3, size 0-0 line 2963 audit: type=1400 audit(1520837801.882:57): avc: denied { impersonate } for pid=8742 comm="syz-executor3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0,c1 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1 binder: BINDER_SET_CONTEXT_MGR already set binder: 8742:8763 ioctl 40046207 0 returned -16 binder: undelivered TRANSACTION_ERROR: 29189 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 1 CPU: 0 PID: 8948 Comm: syz-executor6 Not tainted 4.16.0-rc4+ #350 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc mm/slab.c:3365 [inline] __do_kmalloc mm/slab.c:3703 [inline] __kmalloc+0x63/0x760 mm/slab.c:3714 kmalloc include/linux/slab.h:517 [inline] sock_kmalloc+0x112/0x190 net/core/sock.c:1986 ipv6_sock_ac_join+0x21f/0x7a0 net/ipv6/anycast.c:72 do_ipv6_setsockopt.isra.8+0x30f1/0x39d0 net/ipv6/ipv6_sockglue.c:662 ipv6_setsockopt+0xd7/0x130 net/ipv6/ipv6_sockglue.c:922 udpv6_setsockopt+0x45/0x80 net/ipv6/udp.c:1422 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2975 SYSC_setsockopt net/socket.c:1849 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1828 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x453e69 RSP: 002b:00007fc1585c5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007fc1585c66d4 RCX: 0000000000453e69 RDX: 000000000000001b RSI: 0000000000000029 RDI: 0000000000000014 RBP: 000000000072bea0 R08: 0000000000000014 R09: 0000000000000000 R10: 00000000200001c0 R11: 0000000000000246 R12: 0000000000000015 R13: 0000000000000521 R14: 00000000006f7bb8 R15: 0000000000000000 audit: type=1400 audit(1520837802.999:58): avc: denied { create } for pid=8953 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 QAT: Invalid ioctl audit: type=1400 audit(1520837803.115:59): avc: denied { map } for pid=8986 comm="syz-executor5" path="/dev/sg0" dev="devtmpfs" ino=1120 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:scsi_generic_device_t:s0 tclass=chr_file permissive=1 QAT: Invalid ioctl bond0: gre0 is up - this may be due to an out of date ifenslave SELinux: unrecognized netlink message: protocol=0 nlmsg_type=63512 sclass=netlink_route_socket pig=9035 comm=syz-executor1 kernel msg: ebtables bug: please report to author: entries_size too small SELinux: unrecognized netlink message: protocol=0 nlmsg_type=63512 sclass=netlink_route_socket pig=9048 comm=syz-executor1 kernel msg: ebtables bug: please report to author: Wrong len argument kernel msg: ebtables bug: please report to author: Wrong len argument audit: type=1326 audit(1520837803.921:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9262 comm="syz-executor4" exe="/root/syz-executor4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x453e69 code=0x0 audit: type=1326 audit(1520837803.921:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9262 comm="syz-executor4" exe="/root/syz-executor4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x453e69 code=0x0 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 9328 Comm: syz-executor0 Not tainted 4.16.0-rc4+ #350 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc mm/slab.c:3365 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3539 getname_flags+0xcb/0x580 fs/namei.c:138 getname+0x19/0x20 fs/namei.c:209 do_sys_open+0x2e7/0x6d0 fs/open.c:1053 SYSC_open fs/open.c:1077 [inline] SyS_open+0x2d/0x40 fs/open.c:1072 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x40e161 RSP: 002b:00007fcfa9969bb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 00007fcfa996a6d4 RCX: 000000000040e161 RDX: 00007fcfa9969be1 RSI: 0000000000000002 RDI: 00007fcfa9969bd0 RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000011 R10: 0000000000000006 R11: 0000000000000293 R12: 0000000000000013 R13: 0000000000000650 R14: 00000000006f9820 R15: 0000000000000000 audit: type=1400 audit(1520837804.826:62): avc: denied { map } for pid=9353 comm="syz-executor3" path="socket:[25781]" dev="sockfs" ino=25781 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=socket permissive=1 netlink: 16 bytes leftover after parsing attributes in process `syz-executor3'. audit: type=1400 audit(1520837805.744:63): avc: denied { net_admin } for pid=7171 comm="syz-executor7" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 QAT: Invalid ioctl cannot load conntrack support for proto=7 cannot load conntrack support for proto=7 binder: 9887:9892 ioctl 4040ae70 20000000 returned -22 binder: 9897:9900 Release 1 refcount change on invalid ref 0 ret -22 binder: 9897:9900 got reply transaction with no transaction stack binder: 9897:9900 transaction failed 29201/-71, size 40-0 line 2763 binder: 9887:9902 ioctl 4040ae70 20000000 returned -22 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9907 comm=syz-executor3 binder: 9897:9900 Release 1 refcount change on invalid ref 0 ret -22 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9914 comm=syz-executor3 binder: 9897:9900 got reply transaction with no transaction stack binder: 9897:9900 transaction failed 29201/-71, size 40-0 line 2763 binder: undelivered TRANSACTION_ERROR: 29201 binder: undelivered TRANSACTION_ERROR: 29201 netlink: 'syz-executor4': attribute type 1 has an invalid length. netlink: 'syz-executor4': attribute type 1 has an invalid length. context_struct_compute_av: 17 callbacks suppressed SELinux: Invalid class 92 audit: type=1400 audit(1520837806.731:81): avc: denied { ipc_lock } for pid=10043 comm="syz-executor2" capability=14 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 10107 Comm: syz-executor5 Not tainted 4.16.0-rc4+ #350 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc_node mm/slab.c:3286 [inline] kmem_cache_alloc_node_trace+0x5a/0x760 mm/slab.c:3648 __do_kmalloc_node mm/slab.c:3668 [inline] __kmalloc_node+0x33/0x70 mm/slab.c:3676 kmalloc_node include/linux/slab.h:554 [inline] kvmalloc_node+0x64/0xd0 mm/util.c:419 kvmalloc include/linux/mm.h:541 [inline] kvzalloc include/linux/mm.h:549 [inline] alloc_netdev_mqs+0x16d/0xfb0 net/core/dev.c:8303 tun_set_iff drivers/net/tun.c:2540 [inline] __tun_chr_ioctl+0x14c2/0x40d0 drivers/net/tun.c:2820 tun_chr_ioctl+0x2a/0x40 drivers/net/tun.c:3077 vfs_ioctl fs/ioctl.c:46 [inline] do_vfs_ioctl+0x1b1/0x1520 fs/ioctl.c:686 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x453e69 RSP: 002b:00007fe8adcd0c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007fe8adcd16d4 RCX: 0000000000453e69 RDX: 0000000020000100 RSI: 00000000400454ca RDI: 0000000000000014 RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 R13: 0000000000000323 R14: 00000000006f4be8 R15: 0000000000000000 audit: type=1400 audit(1520837807.308:82): avc: denied { name_bind } for pid=10134 comm="syz-executor3" src=20003 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 audit: type=1400 audit(1520837807.309:83): avc: denied { node_bind } for pid=10134 comm="syz-executor3" src=20003 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:node_t:s0 tclass=dccp_socket permissive=1 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 audit: type=1400 audit(1520837807.318:84): avc: denied { name_connect } for pid=10134 comm="syz-executor3" dest=20003 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 CPU: 1 PID: 10148 Comm: syz-executor5 Not tainted 4.16.0-rc4+ #350 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 dccp_close: ABORT with 38 bytes unread should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc mm/slab.c:3365 [inline] kmem_cache_alloc_trace+0x4b/0x740 mm/slab.c:3605 kmalloc include/linux/slab.h:512 [inline] __hw_addr_create_ex+0xaa/0x3c0 net/core/dev_addr_lists.c:34 __hw_addr_add_ex+0xfc/0x270 net/core/dev_addr_lists.c:80 __hw_addr_add net/core/dev_addr_lists.c:88 [inline] dev_addr_init+0x167/0x260 net/core/dev_addr_lists.c:371 alloc_netdev_mqs+0x21b/0xfb0 net/core/dev.c:8314 tun_set_iff drivers/net/tun.c:2540 [inline] __tun_chr_ioctl+0x14c2/0x40d0 drivers/net/tun.c:2820 tun_chr_ioctl+0x2a/0x40 drivers/net/tun.c:3077 vfs_ioctl fs/ioctl.c:46 [inline] do_vfs_ioctl+0x1b1/0x1520 fs/ioctl.c:686 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x453e69 RSP: 002b:00007fe8adcd0c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007fe8adcd16d4 RCX: 0000000000453e69 RDX: 0000000020000100 RSI: 00000000400454ca RDI: 0000000000000014 RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 R13: 0000000000000323 R14: 00000000006f4be8 R15: 0000000000000001 audit: type=1400 audit(1520837808.186:85): avc: denied { create } for pid=10342 comm="syz-executor5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_iscsi_socket permissive=1 audit: type=1400 audit(1520837808.213:86): avc: denied { ioctl } for pid=10342 comm="syz-executor5" path="socket:[27249]" dev="sockfs" ino=27249 ioctlcmd=0x891b scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_iscsi_socket permissive=1 QAT: Invalid ioctl QAT: Invalid ioctl audit: type=1400 audit(1520837809.617:87): avc: denied { create } for pid=10871 comm="syz-executor2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 netlink: 208 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 208 bytes leftover after parsing attributes in process `syz-executor5'. audit: type=1400 audit(1520837809.861:88): avc: denied { map } for pid=10980 comm="syz-executor1" path="socket:[29741]" dev="sockfs" ino=29741 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=rawip_socket permissive=1