last executing test programs:
245.616659ms ago: executing program 1 (id=2):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r1, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0xa, &(0x7f0000000200)=0x80, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
245.112809ms ago: executing program 3 (id=4):
rt_sigaction(0xd, 0x0, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x202000, 0x0)
238.31731ms ago: executing program 0 (id=1):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES8, @ANYRES8=r1, @ANYRES32=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r2)
sendmsg$nl_generic(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x4042841)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r8, 0x8208ae63, 0x0)
185.111132ms ago: executing program 1 (id=5):
rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r2, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmmsg$inet(r5, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
184.420182ms ago: executing program 3 (id=6):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r3, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040)
r6 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0xffe0)
178.844493ms ago: executing program 2 (id=3):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r3, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmmsg$inet(r5, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040)
r6 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0xffe0)
147.420724ms ago: executing program 3 (id=7):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f00000075c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40804)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r5, &(0x7f0000004040)=[{{&(0x7f0000000080)={0x2, 0x4e24, @empty}, 0x10, 0x0}}], 0x1, 0x4000000)
130.381725ms ago: executing program 1 (id=8):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
write(r3, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
129.511055ms ago: executing program 2 (id=9):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x805, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x80, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
102.757496ms ago: executing program 1 (id=10):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf293d0f9f90fc01ef3ac63df", 0x44000004, 0x0, {[0x5]}}, 0x0, 0x8, &(0x7f0000000140))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00), 0x0, 0x0)
write(r2, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000400)='./bus\x00', &(0x7f0000000540)='system.posix_acl_access\x00', &(0x7f0000000580)={{}, {0x1, 0x7}, [], {}, [], {0x10, 0x5}, {0x20, 0x4}}, 0x24, 0x3)
95.859496ms ago: executing program 2 (id=11):
rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f000046d000/0x4000)=nil, 0x4000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
83.824147ms ago: executing program 0 (id=12):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0)
ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x805, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x80, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)
70.001517ms ago: executing program 3 (id=13):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0)
ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x805, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r2, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x80, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f00000001c0)="1b", 0x1}], 0x1)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
65.547208ms ago: executing program 1 (id=14):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
chdir(&(0x7f00000001c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
28.730179ms ago: executing program 2 (id=15):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r1, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0xa, &(0x7f0000000200)=0x80, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
28.204279ms ago: executing program 2 (id=16):
rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r2, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmmsg$inet(r5, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
6.30803ms ago: executing program 2 (id=17):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r3, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmmsg$inet(r5, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040)
r6 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0xffe0)
0s ago: executing program 1 (id=18):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r3, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmmsg$inet(r6, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040)
r7 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r7, &(0x7f0000000480), 0x2e9, 0xffe0)
kernel console output (not intermixed with test programs):
Warning: Permanently added '10.128.1.194' (ED25519) to the list of known hosts.
[ 25.069192][ T36] audit: type=1400 audit(1763560059.300:64): avc: denied { mounton } for pid=282 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[ 25.070582][ T282] cgroup: Unknown subsys name 'net'
[ 25.091857][ T36] audit: type=1400 audit(1763560059.300:65): avc: denied { mount } for pid=282 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 25.119149][ T36] audit: type=1400 audit(1763560059.340:66): avc: denied { unmount } for pid=282 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 25.119331][ T282] cgroup: Unknown subsys name 'devices'
[ 25.306601][ T282] cgroup: Unknown subsys name 'hugetlb'
[ 25.312213][ T282] cgroup: Unknown subsys name 'rlimit'
[ 25.487899][ T36] audit: type=1400 audit(1763560059.720:67): avc: denied { setattr } for pid=282 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 25.511163][ T36] audit: type=1400 audit(1763560059.720:68): avc: denied { mounton } for pid=282 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 25.535998][ T36] audit: type=1400 audit(1763560059.720:69): avc: denied { mount } for pid=282 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 25.548469][ T284] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[ 25.568093][ T36] audit: type=1400 audit(1763560059.800:70): avc: denied { relabelto } for pid=284 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 25.593594][ T36] audit: type=1400 audit(1763560059.800:71): avc: denied { write } for pid=284 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 25.666650][ T36] audit: type=1400 audit(1763560059.900:72): avc: denied { read } for pid=282 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 25.692182][ T36] audit: type=1400 audit(1763560059.900:73): avc: denied { open } for pid=282 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 25.692502][ T282] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 29.361779][ T290] bridge0: port 1(bridge_slave_0) entered blocking state
[ 29.368944][ T290] bridge0: port 1(bridge_slave_0) entered disabled state
[ 29.376075][ T290] bridge_slave_0: entered allmulticast mode
[ 29.382359][ T290] bridge_slave_0: entered promiscuous mode
[ 29.395208][ T290] bridge0: port 2(bridge_slave_1) entered blocking state
[ 29.402245][ T290] bridge0: port 2(bridge_slave_1) entered disabled state
[ 29.409439][ T290] bridge_slave_1: entered allmulticast mode
[ 29.415694][ T290] bridge_slave_1: entered promiscuous mode
[ 29.467650][ T291] bridge0: port 1(bridge_slave_0) entered blocking state
[ 29.474796][ T291] bridge0: port 1(bridge_slave_0) entered disabled state
[ 29.481848][ T291] bridge_slave_0: entered allmulticast mode
[ 29.488142][ T291] bridge_slave_0: entered promiscuous mode
[ 29.502644][ T289] bridge0: port 1(bridge_slave_0) entered blocking state
[ 29.509709][ T289] bridge0: port 1(bridge_slave_0) entered disabled state
[ 29.516779][ T289] bridge_slave_0: entered allmulticast mode
[ 29.522976][ T289] bridge_slave_0: entered promiscuous mode
[ 29.529136][ T291] bridge0: port 2(bridge_slave_1) entered blocking state
[ 29.536189][ T291] bridge0: port 2(bridge_slave_1) entered disabled state
[ 29.543235][ T291] bridge_slave_1: entered allmulticast mode
[ 29.549549][ T291] bridge_slave_1: entered promiscuous mode
[ 29.561455][ T289] bridge0: port 2(bridge_slave_1) entered blocking state
[ 29.568684][ T289] bridge0: port 2(bridge_slave_1) entered disabled state
[ 29.575783][ T289] bridge_slave_1: entered allmulticast mode
[ 29.581984][ T289] bridge_slave_1: entered promiscuous mode
[ 29.634835][ T292] bridge0: port 1(bridge_slave_0) entered blocking state
[ 29.641903][ T292] bridge0: port 1(bridge_slave_0) entered disabled state
[ 29.649116][ T292] bridge_slave_0: entered allmulticast mode
[ 29.655404][ T292] bridge_slave_0: entered promiscuous mode
[ 29.670533][ T292] bridge0: port 2(bridge_slave_1) entered blocking state
[ 29.677590][ T292] bridge0: port 2(bridge_slave_1) entered disabled state
[ 29.684674][ T292] bridge_slave_1: entered allmulticast mode
[ 29.690877][ T292] bridge_slave_1: entered promiscuous mode
[ 29.770030][ T290] bridge0: port 2(bridge_slave_1) entered blocking state
[ 29.777123][ T290] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 29.842267][ T291] bridge0: port 2(bridge_slave_1) entered blocking state
[ 29.849502][ T291] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 29.856786][ T291] bridge0: port 1(bridge_slave_0) entered blocking state
[ 29.863812][ T291] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 29.874045][ T292] bridge0: port 2(bridge_slave_1) entered blocking state
[ 29.881109][ T292] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 29.888412][ T292] bridge0: port 1(bridge_slave_0) entered blocking state
[ 29.895459][ T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 29.904492][ T289] bridge0: port 2(bridge_slave_1) entered blocking state
[ 29.911559][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 29.918882][ T289] bridge0: port 1(bridge_slave_0) entered blocking state
[ 29.925931][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 29.960623][ T46] bridge0: port 2(bridge_slave_1) entered disabled state
[ 29.967898][ T46] bridge0: port 1(bridge_slave_0) entered disabled state
[ 29.975754][ T46] bridge0: port 2(bridge_slave_1) entered disabled state
[ 29.983023][ T46] bridge0: port 1(bridge_slave_0) entered disabled state
[ 29.990734][ T46] bridge0: port 2(bridge_slave_1) entered disabled state
[ 29.998534][ T46] bridge0: port 1(bridge_slave_0) entered disabled state
[ 30.005858][ T46] bridge0: port 2(bridge_slave_1) entered disabled state
[ 30.018691][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 30.025752][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 30.045838][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 30.052886][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 30.060864][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 30.067913][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 30.075535][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 30.082558][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 30.118529][ T46] bridge0: port 1(bridge_slave_0) entered blocking state
[ 30.125670][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 30.137844][ T296] bridge0: port 2(bridge_slave_1) entered blocking state
[ 30.144932][ T296] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 30.163002][ T296] bridge0: port 1(bridge_slave_0) entered blocking state
[ 30.170082][ T296] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 30.177813][ T296] bridge0: port 2(bridge_slave_1) entered blocking state
[ 30.184901][ T296] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 30.194832][ T292] veth0_vlan: entered promiscuous mode
[ 30.212108][ T291] veth0_vlan: entered promiscuous mode
[ 30.221526][ T292] veth1_macvtap: entered promiscuous mode
[ 30.240050][ T291] veth1_macvtap: entered promiscuous mode
[ 30.266426][ T36] kauditd_printk_skb: 8 callbacks suppressed
[ 30.266441][ T36] audit: type=1400 audit(1763560064.500:82): avc: denied { mounton } for pid=292 comm="syz-executor" path="/root/syzkaller.MXMOf6/syz-tmp" dev="sda1" ino=2038 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 30.272077][ T289] veth0_vlan: entered promiscuous mode
[ 30.279812][ T36] audit: type=1400 audit(1763560064.510:83): avc: denied { mount } for pid=292 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 30.328565][ T36] audit: type=1400 audit(1763560064.510:84): avc: denied { mounton } for pid=292 comm="syz-executor" path="/root/syzkaller.MXMOf6/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 30.329781][ T290] veth0_vlan: entered promiscuous mode
[ 30.361102][ T292] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 30.362187][ T36] audit: type=1400 audit(1763560064.510:85): avc: denied { mount } for pid=292 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 30.398110][ T36] audit: type=1400 audit(1763560064.510:86): avc: denied { mounton } for pid=292 comm="syz-executor" path="/root/syzkaller.MXMOf6/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[ 30.424865][ T36] audit: type=1400 audit(1763560064.510:87): avc: denied { mounton } for pid=292 comm="syz-executor" path="/root/syzkaller.MXMOf6/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=789 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[ 30.435489][ T289] veth1_macvtap: entered promiscuous mode
[ 30.458033][ T36] audit: type=1400 audit(1763560064.510:88): avc: denied { unmount } for pid=292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 30.466121][ T290] veth1_macvtap: entered promiscuous mode
[ 30.483195][ T36] audit: type=1400 audit(1763560064.560:89): avc: denied { mounton } for pid=292 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=434 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 30.506074][ T36] audit: type=1400 audit(1763560064.560:90): avc: denied { mount } for pid=292 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 30.529925][ T36] audit: type=1400 audit(1763560064.560:91): avc: denied { mounton } for pid=292 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[ 30.598993][ T335] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[ 30.686355][ T347] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 30.807963][ T292] ------------[ cut here ]------------
[ 30.813671][ T292] WARNING: CPU: 1 PID: 292 at fs/inode.c:340 drop_nlink+0xce/0x110
[ 30.821649][ T292] Modules linked in:
[ 30.825765][ T292] CPU: 1 UID: 0 PID: 292 Comm: syz-executor Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e
[ 30.837453][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 30.847557][ T292] RIP: 0010:drop_nlink+0xce/0x110
[ 30.852632][ T292] Code: 04 00 00 be 08 00 00 00 e8 cf 54 ee ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 32 e4 97 ff <0f> 0b eb 81 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 59 ff ff ff 4c
[ 30.872304][ T292] RSP: 0018:ffffc9000b67fc60 EFLAGS: 00010293
[ 30.878608][ T292] RAX: ffffffff81ee1a7e RBX: ffff888130b01308 RCX: ffff888102bb1300
[ 30.886716][ T292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 30.894727][ T292] RBP: ffffc9000b67fc88 R08: 0000000000000003 R09: 0000000000000004
[ 30.902718][ T292] R10: dffffc0000000000 R11: fffff520016cff7c R12: dffffc0000000000
[ 30.910728][ T292] R13: 1ffff1102616026a R14: ffff888130b01350 R15: 0000000000000000
[ 30.918741][ T292] FS: 000055557d886500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 30.927719][ T292] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 30.934325][ T292] CR2: 00007f08169fde70 CR3: 0000000122278000 CR4: 00000000003526b0
[ 30.942350][ T292] Call Trace:
[ 30.945662][ T292]
[ 30.948614][ T292] shmem_rmdir+0x5f/0x90
[ 30.952892][ T292] vfs_rmdir+0x3dd/0x560
[ 30.957191][ T292] incfs_kill_sb+0x109/0x230
[ 30.961815][ T292] deactivate_locked_super+0xd5/0x2a0
[ 30.967234][ T292] deactivate_super+0xb8/0xe0
[ 30.971942][ T292] cleanup_mnt+0x3f1/0x480
[ 30.976414][ T292] __cleanup_mnt+0x1d/0x40
[ 30.980852][ T292] task_work_run+0x1e0/0x250
[ 30.985677][ T292] ? __cfi_task_work_run+0x10/0x10
[ 30.990823][ T292] ? __x64_sys_umount+0x126/0x170
[ 30.995908][ T292] ? __cfi___x64_sys_umount+0x10/0x10
[ 31.001312][ T292] ? __kasan_check_read+0x15/0x20
[ 31.006395][ T292] resume_user_mode_work+0x36/0x50
[ 31.011532][ T292] syscall_exit_to_user_mode+0x64/0xb0
[ 31.017074][ T292] do_syscall_64+0x64/0xf0
[ 31.021520][ T292] ? clear_bhb_loop+0x50/0xa0
[ 31.026239][ T292] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 31.032155][ T292] RIP: 0033:0x7f0f94990a77
[ 31.036620][ T292] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 31.056281][ T292] RSP: 002b:00007ffebf97ad18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 31.064749][ T292] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0f94990a77
[ 31.072757][ T292] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffebf97add0
[ 31.080778][ T292] RBP: 00007ffebf97add0 R08: 0000000000000000 R09: 0000000000000000
[ 31.088798][ T292] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffebf97be60
[ 31.096830][ T292] R13: 00007f0f94a13d7d R14: 0000000000007825 R15: 00007ffebf97bea0
[ 31.104848][ T292]
[ 31.107899][ T292] ---[ end trace 0000000000000000 ]---
[ 31.113723][ T292] ==================================================================
[ 31.121815][ T292] BUG: KASAN: null-ptr-deref in ihold+0x24/0x70
[ 31.128084][ T292] Write of size 4 at addr 0000000000000168 by task syz-executor/292
[ 31.136089][ T292]
[ 31.138429][ T292] CPU: 1 UID: 0 PID: 292 Comm: syz-executor Tainted: G W syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e
[ 31.138463][ T292] Tainted: [W]=WARN
[ 31.138471][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 31.138484][ T292] Call Trace:
[ 31.138491][ T292]
[ 31.138500][ T292] __dump_stack+0x21/0x30
[ 31.138533][ T292] dump_stack_lvl+0x10c/0x190
[ 31.138562][ T292] ? __cfi_dump_stack_lvl+0x10/0x10
[ 31.138593][ T292] print_report+0x3d/0x70
[ 31.138617][ T292] kasan_report+0x163/0x1a0
[ 31.138643][ T292] ? ihold+0x24/0x70
[ 31.138666][ T292] ? _raw_spin_unlock+0x45/0x60
[ 31.138695][ T292] ? ihold+0x24/0x70
[ 31.138718][ T292] kasan_check_range+0x299/0x2a0
[ 31.138745][ T292] __kasan_check_write+0x18/0x20
[ 31.138778][ T292] ihold+0x24/0x70
[ 31.138800][ T292] vfs_rmdir+0x26a/0x560
[ 31.138829][ T292] incfs_kill_sb+0x109/0x230
[ 31.138862][ T292] deactivate_locked_super+0xd5/0x2a0
[ 31.138892][ T292] deactivate_super+0xb8/0xe0
[ 31.138919][ T292] cleanup_mnt+0x3f1/0x480
[ 31.138944][ T292] __cleanup_mnt+0x1d/0x40
[ 31.138967][ T292] task_work_run+0x1e0/0x250
[ 31.139001][ T292] ? __cfi_task_work_run+0x10/0x10
[ 31.139027][ T292] ? __x64_sys_umount+0x126/0x170
[ 31.139057][ T292] ? __cfi___x64_sys_umount+0x10/0x10
[ 31.139088][ T292] ? __kasan_check_read+0x15/0x20
[ 31.139121][ T292] resume_user_mode_work+0x36/0x50
[ 31.139147][ T292] syscall_exit_to_user_mode+0x64/0xb0
[ 31.139172][ T292] do_syscall_64+0x64/0xf0
[ 31.139199][ T292] ? clear_bhb_loop+0x50/0xa0
[ 31.139224][ T292] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 31.139247][ T292] RIP: 0033:0x7f0f94990a77
[ 31.139265][ T292] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 31.139283][ T292] RSP: 002b:00007ffebf97ad18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 31.139306][ T292] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0f94990a77
[ 31.139321][ T292] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffebf97add0
[ 31.139335][ T292] RBP: 00007ffebf97add0 R08: 0000000000000000 R09: 0000000000000000
[ 31.139349][ T292] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffebf97be60
[ 31.139364][ T292] R13: 00007f0f94a13d7d R14: 0000000000007825 R15: 00007ffebf97bea0
[ 31.139382][ T292]
[ 31.139389][ T292] ==================================================================
[ 31.387584][ T292] Disabling lock debugging due to kernel taint
[ 31.393807][ T292] BUG: kernel NULL pointer dereference, address: 0000000000000168
[ 31.401645][ T292] #PF: supervisor write access in kernel mode
[ 31.407813][ T292] #PF: error_code(0x0002) - not-present page
[ 31.413808][ T292] PGD 800000010ebea067 P4D 800000010ebea067 PUD 0
[ 31.420358][ T292] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI
[ 31.426532][ T292] CPU: 1 UID: 0 PID: 292 Comm: syz-executor Tainted: G B W syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e
[ 31.439752][ T292] Tainted: [B]=BAD_PAGE, [W]=WARN
[ 31.444785][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 31.455026][ T292] RIP: 0010:ihold+0x2a/0x70
[ 31.459557][ T292] Code: f3 0f 1e fa 55 48 89 e5 41 56 53 48 89 fb e8 1d db 97 ff 48 8d bb 68 01 00 00 be 04 00 00 00 e8 8c 4b ee ff 41 be 01 00 00 00 44 0f c1 b3 68 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 2d
[ 31.479191][ T292] RSP: 0018:ffffc9000b67fca0 EFLAGS: 00010246
[ 31.485274][ T292] RAX: ffff888102bb1300 RBX: 0000000000000000 RCX: ffff888102bb1300
[ 31.493263][ T292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 31.501251][ T292] RBP: ffffc9000b67fcb0 R08: ffffffff88972947 R09: 1ffffffff112e528
[ 31.509242][ T292] R10: dffffc0000000000 R11: fffffbfff112e529 R12: ffff888130b01314
[ 31.517231][ T292] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
[ 31.525304][ T292] FS: 000055557d886500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 31.534342][ T292] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 31.540971][ T292] CR2: 0000000000000168 CR3: 0000000122278000 CR4: 00000000003526b0
[ 31.548983][ T292] Call Trace:
[ 31.552286][ T292]
[ 31.555236][ T292] vfs_rmdir+0x26a/0x560
[ 31.559511][ T292] incfs_kill_sb+0x109/0x230
[ 31.564137][ T292] deactivate_locked_super+0xd5/0x2a0
[ 31.569577][ T292] deactivate_super+0xb8/0xe0
[ 31.574285][ T292] cleanup_mnt+0x3f1/0x480
[ 31.578727][ T292] __cleanup_mnt+0x1d/0x40
[ 31.583168][ T292] task_work_run+0x1e0/0x250
[ 31.587786][ T292] ? __cfi_task_work_run+0x10/0x10
[ 31.592931][ T292] ? __x64_sys_umount+0x126/0x170
[ 31.597996][ T292] ? __cfi___x64_sys_umount+0x10/0x10
[ 31.603400][ T292] ? __kasan_check_read+0x15/0x20
[ 31.608461][ T292] resume_user_mode_work+0x36/0x50
[ 31.613599][ T292] syscall_exit_to_user_mode+0x64/0xb0
[ 31.619084][ T292] do_syscall_64+0x64/0xf0
[ 31.623529][ T292] ? clear_bhb_loop+0x50/0xa0
[ 31.628232][ T292] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 31.634145][ T292] RIP: 0033:0x7f0f94990a77
[ 31.638577][ T292] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 31.658203][ T292] RSP: 002b:00007ffebf97ad18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 31.666640][ T292] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0f94990a77
[ 31.674748][ T292] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffebf97add0
[ 31.682823][ T292] RBP: 00007ffebf97add0 R08: 0000000000000000 R09: 0000000000000000
[ 31.690814][ T292] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffebf97be60
[ 31.698803][ T292] R13: 00007f0f94a13d7d R14: 0000000000007825 R15: 00007ffebf97bea0
[ 31.706801][ T292]
[ 31.709839][ T292] Modules linked in:
[ 31.713752][ T292] CR2: 0000000000000168
[ 31.717916][ T292] ---[ end trace 0000000000000000 ]---
[ 31.723393][ T292] RIP: 0010:ihold+0x2a/0x70
[ 31.727926][ T292] Code: f3 0f 1e fa 55 48 89 e5 41 56 53 48 89 fb e8 1d db 97 ff 48 8d bb 68 01 00 00 be 04 00 00 00 e8 8c 4b ee ff 41 be 01 00 00 00 44 0f c1 b3 68 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 2d
[ 31.747558][ T292] RSP: 0018:ffffc9000b67fca0 EFLAGS: 00010246
[ 31.753652][ T292] RAX: ffff888102bb1300 RBX: 0000000000000000 RCX: ffff888102bb1300
[ 31.761647][ T292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 31.769638][ T292] RBP: ffffc9000b67fcb0 R08: ffffffff88972947 R09: 1ffffffff112e528
[ 31.777635][ T292] R10: dffffc0000000000 R11: fffffbfff112e529 R12: ffff888130b01314
[ 31.785628][ T292] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
[ 31.793617][ T292] FS: 000055557d886500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 31.802566][ T292] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 31.809170][ T292] CR2: 0000000000000168 CR3: 0000000122278000 CR4: 00000000003526b0
[ 31.817168][ T292] Kernel panic - not syncing: Fatal exception
[ 31.823477][ T292] Kernel Offset: disabled
[ 31.827815][ T292] Rebooting in 86400 seconds..