last executing test programs:

2.044293049s ago: executing program 1 (id=2):
r0 = open(&(0x7f0000000240)='./file0\x00', 0x615, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2, 0x11, r0, 0x0)
open(0x0, 0x615, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x10000})

1.780252342s ago: executing program 2 (id=58):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg(r0, &(0x7f0000000840), 0x10, 0x0)

1.780013552s ago: executing program 0 (id=60):
open(&(0x7f0000000380)='./file0\x00', 0x80000000000206, 0x4ebfac6bbaf79e5)
setgid(0xffffffffffffffff)
setgroups(0x0, 0x0)
setuid(0xffffffffffffffff)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

1.779912232s ago: executing program 3 (id=61):
listen(0xffffffffffffffff, 0x0)
mknod(&(0x7f0000000000)='./bus\x00', 0x3a0914c44f7b802d, 0x504)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x10005, 0x0)
accept$inet6(r0, &(0x7f0000000080), &(0x7f0000000100)=0xc)
ioctl$TIOCSETD(r0, 0x8004741b, &(0x7f0000000180)=0x7)
open(&(0x7f0000000040)='./bus\x00', 0x10005, 0x0)

1.779865502s ago: executing program 2 (id=62):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
nanosleep(&(0x7f0000000080)={0xd30c, 0xc}, 0xfffffffffffffffe)

1.754930443s ago: executing program 3 (id=64):
open(&(0x7f0000000140)='./file0\x00', 0x10686, 0x8)
chmod(&(0x7f0000000180)='./file0\x00', 0x2fe)
setuid(0xee01)
truncate(&(0x7f0000000080)='./file0\x00', 0x100000)

1.754640133s ago: executing program 2 (id=65):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg(r0, &(0x7f0000000840), 0x10, 0x0)

1.699481396s ago: executing program 0 (id=66):
fcntl$lock(0xffffffffffffffff, 0x9, &(0x7f0000000080)={0x1, 0x1, 0x0, 0x1ffffffff})
sendto$unix(0xffffffffffffffff, &(0x7f0000000000)="b1000504600000000000000007000000331c13fecea10500fef9e906c72fd3357ae320b37b673039d2d236073705ae04be38164991f7accf5f882b297be1aa5b236deb51e2f0ac3ebbc257699a5f139b672f4d335d223e7d029d6ba8af630037282102000000720f70c1f5a472c881ea6e69e0bb76d907c400000200361b1257aea8c5000020020000000000008abfba09", 0x91, 0x0, 0x0, 0x3a)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
r0 = socket(0x11, 0x3, 0x0)
sendto$unix(r0, &(0x7f0000000000)="b1000504000004000000000001000000331c13fecea10500fef96ec0c72fd3357ae30200004e3003000000acf20b7804be38164991f7c8cf5f882b297be1aa0500000051e2f0ad3ebbc257699a1f139b672f4d335c223e7d0c032bfa896443a42102000000720fd18bfbb670c1f5a872c881ea6e2ec5890400000000008000361b4cc702fac500002021fbfa0c0f00008abfba221554f4e0f668246c0900000008e371a3f8343712051eea040000000000", 0xb1, 0x0, 0x0, 0x0)

1.699288946s ago: executing program 2 (id=68):
r0 = socket(0x800000018, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000080)=@abs={0x1f95d27d48731892, 0x7}, 0x1c)
listen(r0, 0x1)
r1 = socket(0x18, 0x4001, 0x0)
fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x0, 0x2, 0x0, 0x100000000000000, 0xffffffffffffffff})
connect$unix(r1, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c)
accept(r0, 0x0, 0x0)

1.699166786s ago: executing program 3 (id=69):
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="89000000ffff000001"], 0x9}, 0x404)
setsockopt(0xffffffffffffffff, 0x1000000029, 0x28, &(0x7f0000000000)='Z', 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000380)={0x0, 0x32c, 0x0, 0x0, &(0x7f0000000000), 0x90}, 0x0)

1.699090716s ago: executing program 3 (id=70):
r0 = socket(0x18, 0x2, 0x0)
setsockopt(r0, 0x1000000000029, 0xa, &(0x7f0000000040)="03000000", 0x4)
setsockopt(r0, 0x1000000000029, 0xc, 0x0, 0x0)

1.698985186s ago: executing program 4 (id=71):
r0 = open$dir(&(0x7f00000000c0)='./file2\x00', 0x200, 0x10)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1, 0x2010, r0, 0x0)

1.648349609s ago: executing program 0 (id=72):
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x3, 0x5012, 0xffffffffffffffff, 0x0)
open$dir(&(0x7f00000000c0)='./file0\x00', 0xf02, 0x186)
setuid(0xffffffffffffffff)
lstat(&(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff)

1.648174519s ago: executing program 2 (id=73):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
syz_clone(0x140011, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0x0, 0x0, 0x8, 0x0)

1.648029469s ago: executing program 4 (id=74):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
close(r0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x7f16, 0x4)
sendmmsg$inet6(r1, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f0000000140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0)=""/4110, 0x100e}, 0x7ffffffe}], 0x1, 0x40002000, 0x0)

1.647985599s ago: executing program 3 (id=75):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$SO_COOKIE(r1, 0x1, 0x39, &(0x7f0000000140), &(0x7f0000000180)=0x8)

1.647861479s ago: executing program 0 (id=76):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x1e, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000580)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/59, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

1.647428399s ago: executing program 4 (id=77):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000300)='./bus\x00')
rename(&(0x7f0000006200)='./file1\x00', &(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1.634265559s ago: executing program 4 (id=78):
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x10000008ebc, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x6}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000001200)={0x0, 0x58}, 0x1, 0x0, 0x0, 0x8840}, 0x0)

1.61425815s ago: executing program 0 (id=79):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x80a1b5a8bea40c1f}, 0x0)
socket$packet(0x11, 0x2, 0x300)
unshare(0x26020480)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

1.552050254s ago: executing program 0 (id=80):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
setreuid(0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000240)={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xf}}, {0x1}, 0x0, {0x2, 0x4e22, @empty}, 'lo\x00'})
setsockopt$sock_linger(r3, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r3, &(0x7f0000002140)={0xa, 0x4e28, 0x80000000, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

197.7402ms ago: executing program 4 (id=81):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000070000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021340011800a0001006c696d6974000000240002800c00024000000000000000030c00014000000000000001010800044000000001480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340"], 0x100}}, 0x2004c051)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)

111.733215ms ago: executing program 2 (id=82):
socket$unix(0x1, 0x1, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, 0x0, 0x0)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request}}}}, 0x0)

290.52µs ago: executing program 1 (id=83):
accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x4f}}, {{@in6=@mcast2, 0x404d3, 0x2b}, 0x0, @in=@empty}}, 0xe4)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}, 0x1, 0x0, 0x0, 0x4004040}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x4e21, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8}, {0x0, 0xb}}}, 0xb8}}, 0x0)

166.39µs ago: executing program 3 (id=84):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x11, 0x0, &(0x7f0000000240)=0xb)

0s ago: executing program 4 (id=85):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newsa={0x144, 0x10, 0x1, 0xbffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@mcast2, 0x1, 0x794, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3c}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@remote, {0x0, 0x9, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8, 0x7}, {0xffffffffffffffff, 0x0, 0x1f, 0x1ff}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0xfd, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @mark={0xc, 0x15, {0x35075e, 0x4}}]}, 0x144}, 0x1, 0x0, 0x0, 0x4008841}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="3801000018000100feffffff0001000000000000000000000000ffffe0000002fc0100000000000000000000000000010001071c4e230005020000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c000000ac1414250000000000009f32b044000000000000000000009201000000000000a39b00000000ff0f00000000000000001c250800000000000500000000000000fcffffffffffffff0000000000000000ffffffffffffffff00000000000000001f00000000000000fefffffffffffffffafffffffcffffff00000000800000000035000002"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.14' (ED25519) to the list of known hosts.
[   26.345960][   T30] audit: type=1400 audit(1774156890.889:64): avc:  denied  { mounton } for  pid=273 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   26.346958][  T273] cgroup: Unknown subsys name 'net'
[   26.368768][   T30] audit: type=1400 audit(1774156890.889:65): avc:  denied  { mount } for  pid=273 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   26.396370][   T30] audit: type=1400 audit(1774156890.929:66): avc:  denied  { unmount } for  pid=273 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   26.396516][  T273] cgroup: Unknown subsys name 'devices'
[   26.541159][  T273] cgroup: Unknown subsys name 'hugetlb'
[   26.546891][  T273] cgroup: Unknown subsys name 'rlimit'
[   26.712834][   T30] audit: type=1400 audit(1774156891.259:67): avc:  denied  { setattr } for  pid=273 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   26.736312][   T30] audit: type=1400 audit(1774156891.259:68): avc:  denied  { mounton } for  pid=273 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   26.741932][  T275] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   26.761447][   T30] audit: type=1400 audit(1774156891.259:69): avc:  denied  { mount } for  pid=273 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   26.792932][   T30] audit: type=1400 audit(1774156891.319:70): avc:  denied  { relabelto } for  pid=275 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   26.794374][  T273] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   26.818645][   T30] audit: type=1400 audit(1774156891.319:71): avc:  denied  { write } for  pid=275 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   26.853071][   T30] audit: type=1400 audit(1774156891.349:72): avc:  denied  { read } for  pid=273 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   26.878632][   T30] audit: type=1400 audit(1774156891.349:73): avc:  denied  { open } for  pid=273 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   27.332452][  T281] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.339603][  T281] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.346879][  T281] device bridge_slave_0 entered promiscuous mode
[   27.353923][  T281] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.360994][  T281] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.368396][  T281] device bridge_slave_1 entered promiscuous mode
[   27.472382][  T282] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.479576][  T282] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.487191][  T282] device bridge_slave_0 entered promiscuous mode
[   27.494300][  T282] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.502004][  T282] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.509294][  T282] device bridge_slave_1 entered promiscuous mode
[   27.537743][  T283] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.544846][  T283] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.552374][  T283] device bridge_slave_0 entered promiscuous mode
[   27.560949][  T283] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.568003][  T283] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.575474][  T283] device bridge_slave_1 entered promiscuous mode
[   27.587118][  T281] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.594194][  T281] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.601599][  T281] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.608759][  T281] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.686268][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.693392][  T285] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.700909][  T285] device bridge_slave_0 entered promiscuous mode
[   27.709256][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.716495][  T285] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.723849][  T285] device bridge_slave_1 entered promiscuous mode
[   27.759004][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.766117][  T284] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.773766][  T284] device bridge_slave_0 entered promiscuous mode
[   27.780800][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.787927][  T284] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.795378][  T284] device bridge_slave_1 entered promiscuous mode
[   27.839204][  T282] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.846297][  T282] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.853608][  T282] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.860650][  T282] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.903272][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   27.911984][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.919700][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.926900][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.935067][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   27.942790][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   27.961250][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   27.969623][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.976640][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.014319][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   28.033565][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   28.041343][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   28.049313][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   28.057737][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.064837][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.076497][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   28.094926][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   28.103263][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.110304][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.120585][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   28.139533][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   28.147173][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   28.165832][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   28.174014][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   28.181946][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   28.190149][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   28.198609][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   28.206913][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.213965][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.233857][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   28.242059][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   28.250243][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.257264][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.264836][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   28.273127][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   28.285350][  T282] device veth0_vlan entered promiscuous mode
[   28.291846][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   28.300045][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   28.307395][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   28.314970][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   28.323419][  T281] device veth0_vlan entered promiscuous mode
[   28.338073][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   28.346274][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.353334][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.361694][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   28.370129][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.377158][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.385595][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   28.407061][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   28.416541][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   28.424683][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   28.432933][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   28.441332][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   28.450249][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   28.458437][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   28.466689][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   28.480753][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   28.488233][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   28.495720][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   28.504345][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   28.513014][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   28.521423][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   28.529644][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.536685][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.545192][  T282] device veth1_macvtap entered promiscuous mode
[   28.552013][  T281] device veth1_macvtap entered promiscuous mode
[   28.563373][  T283] device veth0_vlan entered promiscuous mode
[   28.569776][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   28.577403][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   28.585172][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   28.593129][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   28.601708][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   28.610027][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.617045][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.624495][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   28.632329][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   28.640487][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   28.647942][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   28.669739][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   28.678191][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   28.686827][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   28.695371][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   28.703826][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   28.712423][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   28.720858][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   28.729165][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   28.737342][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   28.745813][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   28.756561][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   28.765418][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   28.773934][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   28.782229][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   28.792855][  T284] device veth0_vlan entered promiscuous mode
[   28.799160][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   28.807158][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   28.823439][  T282] request_module fs-gadgetfs succeeded, but still no fs?
[   28.829453][  T284] device veth1_macvtap entered promiscuous mode
[   28.837201][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   28.845146][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   28.852701][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   28.861049][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   28.869109][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   28.886320][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   28.894767][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   28.911405][  T283] device veth1_macvtap entered promiscuous mode
[   28.922161][  T285] device veth0_vlan entered promiscuous mode
[   28.929400][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   28.937768][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   28.952681][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   28.962915][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   28.974609][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   28.982717][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   28.994235][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   29.011826][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   29.019912][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   29.033841][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   29.041752][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   29.062491][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   29.077115][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   29.095214][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   29.116310][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   29.145316][  T285] device veth1_macvtap entered promiscuous mode
[   29.176342][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   29.191940][  T344] raw_sendmsg: syz.2.3 forgot to set AF_INET. Fix it!
[   29.195994][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   29.217570][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   29.276965][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   29.301685][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   29.318986][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   29.335521][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   29.658899][  T431] process 'syz.0.60' launched './file0' with NULL argv: empty string added
[   31.350310][   T30] kauditd_printk_skb: 42 callbacks suppressed
[   31.350326][   T30] audit: type=1400 audit(4129213569.790:116): avc:  denied  { setopt } for  pid=482 comm="syz.2.82" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   31.406335][   T30] audit: type=1400 audit(4129213569.840:117): avc:  denied  { create } for  pid=487 comm="syz.1.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   31.430053][  T486] netlink: 64 bytes leftover after parsing attributes in process `syz.4.85'.
[   31.441405][  T488] ==================================================================
[   31.449502][  T488] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x606/0x6c0
[   31.458721][  T488] Read of size 1 at addr ffff888112ede3f8 by task syz.1.83/488
[   31.466288][  T488] 
[   31.468602][  T488] CPU: 0 PID: 488 Comm: syz.1.83 Not tainted syzkaller #0
[   31.475692][  T488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   31.485740][  T488] Call Trace:
[   31.489052][  T488]  <TASK>
[   31.490324][   T30] audit: type=1400 audit(4129213569.840:118): avc:  denied  { setopt } for  pid=487 comm="syz.1.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   31.491998][  T488]  __dump_stack+0x21/0x30
[   31.492029][  T488]  dump_stack_lvl+0x110/0x170
[   31.511678][   T30] audit: type=1400 audit(4129213569.840:119): avc:  denied  { write } for  pid=487 comm="syz.1.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   31.515528][  T488]  ? show_regs_print_info+0x20/0x20
[   31.520442][   T30] audit: type=1400 audit(4129213569.840:120): avc:  denied  { create } for  pid=485 comm="syz.4.85" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   31.539123][  T488]  ? load_image+0x3e0/0x3e0
[   31.539145][  T488]  ? unwind_get_return_address+0x4d/0x90
[   31.539167][  T488]  print_address_description+0x7f/0x2c0
[   31.544486][   T30] audit: type=1400 audit(4129213569.840:121): avc:  denied  { write } for  pid=485 comm="syz.4.85" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   31.564121][  T488]  ? xfrm_policy_inexact_list_reinsert+0x606/0x6c0
[   31.564145][  T488]  kasan_report+0xf1/0x140
[   31.564164][  T488]  ? xfrm_policy_inexact_list_reinsert+0x606/0x6c0
[   31.564182][  T488]  __asan_report_load1_noabort+0x14/0x20
[   31.564202][  T488]  xfrm_policy_inexact_list_reinsert+0x606/0x6c0
[   31.564222][  T488]  xfrm_policy_inexact_insert_node+0x938/0xb50
[   31.568812][   T30] audit: type=1400 audit(4129213569.840:122): avc:  denied  { nlmsg_write } for  pid=485 comm="syz.4.85" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   31.574330][  T488]  ? xfrm_netlink_rcv+0x72/0x90
[   31.574352][  T488]  ? netlink_unicast+0x876/0xa40
[   31.574370][  T488]  ? netlink_sendmsg+0x879/0xb80
[   31.574386][  T488]  ? ____sys_sendmsg+0x5b7/0x8f0
[   31.574406][  T488]  ? ___sys_sendmsg+0x236/0x2e0
[   31.680223][  T488]  ? x64_sys_call+0x4b/0x9a0
[   31.684805][  T488]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   31.690861][  T488]  xfrm_policy_inexact_alloc_chain+0x53d/0xb30
[   31.697004][  T488]  xfrm_policy_inexact_insert+0x70/0x1130
[   31.702707][  T488]  ? __kasan_check_write+0x14/0x20
[   31.707864][  T488]  ? _raw_spin_lock_bh+0x94/0xf0
[   31.712804][  T488]  ? policy_hash_bysel+0x13f/0x6f0
[   31.717917][  T488]  xfrm_policy_insert+0x126/0x9a0
[   31.722927][  T488]  ? xfrm_policy_construct+0x54f/0x1f00
[   31.728586][  T488]  xfrm_add_policy+0x4ed/0x850
[   31.733338][  T488]  ? xfrm_dump_sa_done+0xc0/0xc0
[   31.738270][  T488]  xfrm_user_rcv_msg+0x4dc/0x7b0
[   31.743216][  T488]  ? xfrm_netlink_rcv+0x90/0x90
[   31.748072][  T488]  ? avc_has_perm_noaudit+0x490/0x490
[   31.753456][  T488]  ? x64_sys_call+0x4b/0x9a0
[   31.758134][  T488]  ? selinux_nlmsg_lookup+0x237/0x4c0
[   31.763626][  T488]  netlink_rcv_skb+0x1f5/0x440
[   31.768387][  T488]  ? xfrm_netlink_rcv+0x90/0x90
[   31.773323][  T488]  ? netlink_ack+0xb50/0xb50
[   31.777917][  T488]  ? wait_for_completion_killable_timeout+0x10/0x10
[   31.784510][  T488]  ? __netlink_lookup+0x387/0x3b0
[   31.789539][  T488]  xfrm_netlink_rcv+0x72/0x90
[   31.794216][  T488]  netlink_unicast+0x876/0xa40
[   31.798976][  T488]  netlink_sendmsg+0x879/0xb80
[   31.803735][  T488]  ? netlink_getsockopt+0x530/0x530
[   31.809020][  T488]  ? do_futex+0xde8/0x2800
[   31.813446][  T488]  ? security_socket_sendmsg+0x82/0xa0
[   31.818905][  T488]  ? netlink_getsockopt+0x530/0x530
[   31.824190][  T488]  ____sys_sendmsg+0x5b7/0x8f0
[   31.829042][  T488]  ? __sys_sendmsg_sock+0x40/0x40
[   31.834066][  T488]  ? import_iovec+0x7c/0xb0
[   31.838569][  T488]  ___sys_sendmsg+0x236/0x2e0
[   31.843244][  T488]  ? __sys_sendmsg+0x280/0x280
[   31.848008][  T488]  ? __fdget+0x1a1/0x230
[   31.852248][  T488]  __x64_sys_sendmsg+0x206/0x2f0
[   31.857181][  T488]  ? ___sys_sendmsg+0x2e0/0x2e0
[   31.862031][  T488]  ? __kasan_check_write+0x14/0x20
[   31.867225][  T488]  ? switch_fpu_return+0x15d/0x2c0
[   31.872330][  T488]  x64_sys_call+0x4b/0x9a0
[   31.876739][  T488]  do_syscall_64+0x4c/0xa0
[   31.881150][  T488]  ? clear_bhb_loop+0x50/0xa0
[   31.885836][  T488]  ? clear_bhb_loop+0x50/0xa0
[   31.890592][  T488]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   31.896529][  T488] RIP: 0033:0x7f4340f59799
[   31.901036][  T488] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   31.920640][  T488] RSP: 002b:00007f433f9b4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   31.929052][  T488] RAX: ffffffffffffffda RBX: 00007f43411d2fa0 RCX: 00007f4340f59799
[   31.937029][  T488] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006
[   31.945010][  T488] RBP: 00007f4340fefc99 R08: 0000000000000000 R09: 0000000000000000
[   31.952974][  T488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   31.961200][  T488] R13: 00007f43411d3038 R14: 00007f43411d2fa0 R15: 00007fff9549a898
[   31.969346][  T488]  </TASK>
[   31.972390][  T488] 
[   31.974708][  T488] Allocated by task 488:
[   31.978955][  T488]  __kasan_kmalloc+0xda/0x110
[   31.983634][  T488]  __kmalloc+0x13d/0x2c0
[   31.987873][  T488]  sk_prot_alloc+0xed/0x320
[   31.992373][  T488]  sk_alloc+0x38/0x430
[   31.996440][  T488]  pfkey_create+0x12a/0x660
[   32.000942][  T488]  __sock_create+0x38d/0x7a0
[   32.005615][  T488]  __sys_socket+0xec/0x190
[   32.010026][  T488]  __x64_sys_socket+0x7a/0x90
[   32.014705][  T488]  x64_sys_call+0x8c5/0x9a0
[   32.019202][  T488]  do_syscall_64+0x4c/0xa0
[   32.023614][  T488]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   32.029505][  T488] 
[   32.031825][  T488] The buggy address belongs to the object at ffff888112ede000
[   32.031825][  T488]  which belongs to the cache kmalloc-1k of size 1024
[   32.045875][  T488] The buggy address is located 1016 bytes inside of
[   32.045875][  T488]  1024-byte region [ffff888112ede000, ffff888112ede400)
[   32.059324][  T488] The buggy address belongs to the page:
[   32.064956][  T488] page:ffffea00044bb600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x112ed8
[   32.075284][  T488] head:ffffea00044bb600 order:3 compound_mapcount:0 compound_pincount:0
[   32.083616][  T488] flags: 0x4000000000010200(slab|head|zone=1)
[   32.089685][  T488] raw: 4000000000010200 ffffea0004502c00 0000000200000002 ffff888100043080
[   32.098272][  T488] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   32.106933][  T488] page dumped because: kasan: bad access detected
[   32.113435][  T488] page_owner tracks the page as allocated
[   32.119143][  T488] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 115, ts 4264188606, free_ts 0
[   32.137202][  T488]  post_alloc_hook+0x192/0x1b0
[   32.141982][  T488]  prep_new_page+0x1c/0x110
[   32.146484][  T488]  get_page_from_freelist+0x2d3a/0x2dc0
[   32.152024][  T488]  __alloc_pages+0x1a2/0x460
[   32.156628][  T488]  new_slab+0xa1/0x4d0
[   32.160703][  T488]  ___slab_alloc+0x381/0x810
[   32.165288][  T488]  __slab_alloc+0x49/0x90
[   32.169626][  T488]  __kmalloc_track_caller+0x169/0x2c0
[   32.175600][  T488]  __alloc_skb+0x21a/0x740
[   32.180020][  T488]  alloc_uevent_skb+0x85/0x240
[   32.184871][  T488]  kobject_uevent_net_broadcast+0x335/0x5a0
[   32.190949][  T488]  kobject_uevent_env+0x52e/0x700
[   32.195974][  T488]  kobject_synth_uevent+0x57e/0xbc0
[   32.201516][  T488]  uevent_store+0x25/0x60
[   32.205846][  T488]  dev_attr_store+0x5e/0x80
[   32.210461][  T488]  sysfs_kf_write+0x129/0x150
[   32.215159][  T488] page_owner free stack trace missing
[   32.220521][  T488] 
[   32.222839][  T488] Memory state around the buggy address:
[   32.228458][  T488]  ffff888112ede280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.236512][  T488]  ffff888112ede300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.244565][  T488] >ffff888112ede380: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[   32.252619][  T488]                                                                 ^
[   32.260583][  T488]  ffff888112ede400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.268633][  T488]  ffff888112ede480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.276686][  T488] ==================================================================
[   32.284736][  T488] Disabling lock debugging due to kernel taint
[   32.300939][   T30] audit: type=1400 audit(4129213570.730:123): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   32.323418][   T30] audit: type=1400 audit(4129213570.730:124): avc:  denied  { search } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   32.347760][   T30] audit: type=1400 audit(4129213570.740:125): avc:  denied  { write } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1