last executing test programs:

1.81142715s ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0x8, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001ac0)={0x0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x80012, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xb}, 0x48)

1.80978927s ago: executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo\x00')
fchdir(r1)

1.507943027s ago: executing program 4:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

1.235934319s ago: executing program 3:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r5=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',privport,access=', @ANYRESDEC=r5])
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)=@known='trusted.overlay.redirect\x00', 0x0, 0x2)

1.233973689s ago: executing program 1:
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000b80), 0x2, 0x0)
write$UHID_CREATE(r0, &(0x7f00000002c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000540)=""/32, 0x20}}, 0x120)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200010, &(0x7f0000000240)={[{@block_validity}, {@nombcache}, {@dioread_lock}, {@norecovery}, {@abort}, {@data_ordered}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfb, 0x54c, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec+9Nzz0593t6Tk5CAhhaE9mPQsSrEfFtEnG47dho5Acn1s5bfXh9NtuSaDQ++yuJJN/XOj/Jfx/MM69ExG9fR5wsbCy3tryyUCqX08U8P1mvXJmsLa+culQpzafz6eXpmZkz78xMv//eu32r65vn//nh07sfnfnm+Or3v9w/cjuJs3EoP9Zejx240Z6ZiIn8ORmLs0+cONWHwgZJstsXwLaM5HE+FlkfcDhG8qgH/v++iogGMKQS8Q9DqjUOaM3t+zQPfmE8+HBtArSx/qNrr43Evubc6MBq8tjMKJvvjveh/KyMX/+8czvbon+vQwBs6cbNiDg9Orqx/0vy/m/7TvdwzpNl6P/g+bmbjX/e6jT+KayPf6LD+Odgh9jdjq3jv3C/D8V0lY3/Pug4/l1ftBofyXMvNcd8Y8nFS+U069tejogTMbY3y2+2nnNm9V6j27H28V+2ZeW3xoL5ddwf3fv4Y+ZK9dJO6tzuwc2I1zqOf5P19k86tH/2fJzvsYxj6Z3Xux3buv7PVuPniDc6tv+jFa1k8/XJyeb9MNm6Kzb6+9ax37uVv9v1z9r/wOb1H0/a12trT1/GT/v+Tbsd2+79vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr/Kz+J45v3v91uv/3R8QXPdb/1tFbXU8dhPafe6r2f/rEvY+//LFb+b21/9vN1Il8Ty/9X68XuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G5XHgAAAAAAAAAAAAAAAAAAAAbEwS6f/8/8MbLbVwc8c77yG4bXlvHfj296AgaS//8wvMQ/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/AMAAAAAAAAAAAAAAAAAAAAAAAAAAEBfnT93Ltsaqw+vz2b5uavLSwvVq6fm0tpCsbI0W5ytLl4pzler8+W0OFutbPX3ytXqlanpWLo2WU9r9cna8sqFSnXpcv3CpUppPr2Qjj2XWgEAAAAAAAAAAAAAAAAAAMCLpba8slAql9NFCYltJUYH4zIk+pzY7Z4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB75LwAA///MUDi3")
r1 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGRDESCSIZE(r1, 0x80044804, &(0x7f00000000c0))

1.233577589s ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa1000000000000070100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
epoll_create1(0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)

702.333911ms ago: executing program 1:
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x7fffd, 0x8, 0x0, 0x1}, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
unshare(0x66060680)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48)
setregid(0x0, 0xee01)

49.791032ms ago: executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340))

16.977118ms ago: executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_writepages\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_writepages\x00', r2}, 0x10)
write$cgroup_pid(r0, &(0x7f0000000980), 0x12)

0s ago: executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000009c0)="ec663189d3348bf13f872a468352b72482b5b2b364a29c6f0f2c4e741bf6457d1418455e157253231681a3889f39b3da6b60dbe404cb9a145d0d49cfd1668a32b96ff302975748993a8a534144d211c681ff3d91ffa436d40b9afe648ec8bde2f7553fb5d3f3b8423873903abd024284bfd01511c149b6101851f7aae4675df76e7d32d7b91659e4adcc14ddfff8a2b49d1393de72b9d970ee7f45a755c1d9f7b4d43e37e17d6eaff5fe352d507eb0424ab937980ae8fae8a9062b651a53b6543733e259ee3083a308a78ac50f0972629b74e6aadefedf2352d024d8f27d4bc8703493b08bbe75e34ee5796d0d275cae3d3c0eba179e145feee0c8acc98af7888a374dbe705e058fc565e40677890a39e6999ae47202a9237803e9eee30f368725ca8571a8f6a8ba396905f4f023a60acb644bab6b0b8964aa514c37f23509c685648d6adb0e230aca690c91e664bc49fa30ae42a2c71abc7517181d4157ef996628b3624f367519970366acca85d399e2c7703930e2abd4bdbac076230ad16368ccb350357d57626ea47a15f0fa16bd5efa8233fa3ea1183da730204a455a673c783c10a26411c5de816699f7af3401b9f38592a4cd9f3f0b7de18cd69f831eee87a3d2edb64ecf517d201f32f86b80fcd3287330f286465260370527e6116df0651001405563622e14af715f6c3dd10e1986e3b95ebf618ff42bdd7a74f0d0cc2cc8dab1048eb5fdbfb72cb16f9e2a196b512720cbfbb4696f291200a153c383cc441091c62649a88ef173a42eced93a374e4f0a078244e56c14b3c4cc9625b3e9e1853839ecb00d6cfc2d2398634935aedd9a545e4b13895a3b8b05c8fca9af2bba82762db85a449f5d9c6ff87b724f19dc1805eca58445e67782a30f03e7b1272685ab8306c255604360b0d6e53cc443b0b81bcf92b470b8734b7b7b2ccf2d51fc1a8b43d8dba290e875f35b0bdb66790a3bb4d8391c5fdde5f461b5922c56f8a858865c0fd8b39cb79e8e182342ef0398641ca3c76620482705878ff0d9fe2eaae18a8ad73313663e36feca9bae81834482bb19c651e273bc04333963f2a64d516761280db45fc4217b5c2ab73a8a04c5d2c2aced37bb2825d17f68c4d65dfcc54057a46f045bf435391b7304ee376977220e71e97919cd67e3f0f0f63e0dcee8d90d80ead12a5eda22db217bd362c1a4f9244c99da91d618c6b71b21ed80826d4df95aee10786e61b3141002e342490f2d842051305d2e8d41aca580a13cd48a850eada7dfee4bda67a5491acf4cfdd3919135e7b113a1973595b99d6ba152ae8cc63fd95c1d7d4a59b038c426ffdb949fe1a6004df2bbae2acce3f5720419dc597229f2d120c689b07a344e75f4c631d83b3130cc927412daa9607c8c0fa254cde27306360a9a5d18ff9d4d4ed38162a5202ba214db4486887b5831d727bd93e6e7cddfa4d3480cb3b4683b1de52bdff534016719324051f81bdf49a5c12dd7b389107b3eb5dc4858caebe8c0a9866ff632deebc16492f95d202ce0f454476ab77871d3188ec83fc74f2ec1055893b2a138cce27ac5553c5496cbf147002a9c55fdb202969a4802ca3556453a58d2aa8e19f40e577fa280625468d385af8659a0f3ab69fabf4fa1326f7a7ebad98a23958c91f28c4b03ff9f343b6ecdb82e820bcb7de6f51d0fcfbbcef902d21a7eed03ea125363b758085022ade27451ba5e0acd9a0044ec50571d234855448be132e14517ae38b798482cc07e1c009c1a4cdd5c42f3862dd6d4c3b18f9c41d0bf5b709d742877ef7ee6d9932c6d7a9fd09bede9f80645a5c4b97ae48734985131f948bf20e93f82b93d6e69479491158d83655244d91bb5e9dfdf103e2238a95a92f35750769b87dce1d0e8bac4e6ee5467f9800a12fe27a2c8f727bbda617899ca26d13ec3b68b4acd7200b3206852aafb13c94681413ee7d0987f4d067b4bc5fc5e01ebe9bdbfc0198232f92da3371d12023388f86a4bb4db9bd559570aef27a96812dd2583c72732922266b98c89c264311577621ceb2625dac0af0fd08f5c27a658645777cb36d687d6f0e6835587cbe65ed922cbd1190b1d60259024be61e7e32b1ecb5e72799103c3a3ea91191667418fedf79d839200ee75da4d68fd6facdd1243f30727c40c6a7c4ffa3d937f4c21b076d146f439d8961258526d56336f7d94e945f90053ef865dd9f939b12d8b6b72b1f20a050b69b8a3b8bc88584766bf9783116c8fc8c4883f8dca31dbfd2775675d868136e5f5e16e3508986750fa8825231fed43ae2b444f5992011f0b80b1f3b0e397ff98fe81da3bd00593329f3014315fb4828fdfec77c8f3c8a92278866f7d299f9a0818e36d1bbad629a61345e01e495dfc4412fcc8b64eac5259de21dae5f5b34c06ee81c0e46b12203b639cfef7f12871287abca6b2f70ffa2cb225585bfbf2c0cd010bdd1b2b3f560016e4db6c30a26e517b608633aa40ab1802da8e94188bad14ab007e415ec41c3dabf4d2817a43a082313529e4a80596807b785af9391117f780db637f2214bb8082373303da889ffd89fa43f4cca427b43e3c17942d314a577112cfb31e841ae40fd18220e9aaa24e382936c0b859a3a425c2018b093e42648b7517dcce9af1366dc5ea8fd575001cbe880ddbb0a768033ee3802c68c4b2fc290fcb84f1e33318543fd2ddf065503c0767c86fcde6931797f275ee4c149d616ff02a9a019c223c16cfd6e618b07c7bd8009d3201a92b91a0944ff21d71ffc53c39b7a318c6451d80b05f9d9c81fd1a78ef35e14cbebc1b4e2de28039301042c0fa09ad2e43d5f78ab4104218bab2da5034050bbf625c6803496dd3d77b574aed51badd3e9967548014b8b318dfb2e0a6ce6637cee786806ec06b359d6569c65df2e538b43862be27d4ddb2710447ed7e56cb4a02779c8767e11056cfaca1ab1aea20d4198a050e98695ae3f2a0aadb5b34b6b945379b81259ebe7abe6d3ca23cae048429b6c850813706f59231034fce07c4111961193d581e3bbbd6c9afd8b3d1e0604807dbd880d2ccc5266818a18287e8c4bda311be83c6f1c5e7f571b9f5ab1f84f8252df9d62f75865adcdd61eaaf7df4cbdd994ab17d2d5d684f95715d4636a6cb69fa2619c6b76ee060202a0a8c934aa537d2c5cf736142349b19fb9b532b05e6dff05c4c635f4134bcc0ef2e38c3fd75d8664d7dfa3139e1b2c2cbbdbe4fc0e2e80870ade368b730d4c06946b608088991f346765afaad6765e5a16267b2d249ee22ea1c6cb85d5d0f8ee48204a5dc48ae6415e3802fd8a431d249f95c72f6895978b36c424e40f83dfe1d0ca01dca14c4a308e926fe726ea0b456dcd976147e61744675f81f38bd5ef06ed76692ac8ac03744c8dc313f06aa28832a3286e626d5e29c748c21164475c739d3f6c6ad046fbb1a149867faf770c089b3513a0649d787208f06e7db6f8a44a9e32c6bd8dd9cca53bcd8ba7ec49d4068d7018b4c", 0x9ae}], 0x1}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0x40086607, 0x20001412)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.149' (ED25519) to the list of known hosts.
2024/05/30 02:45:04 fuzzer started
2024/05/30 02:45:04 dialing manager at 10.128.0.163:30008
[   26.776841][   T30] audit: type=1400 audit(1717037104.195:66): avc:  denied  { node_bind } for  pid=284 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   26.797860][   T30] audit: type=1400 audit(1717037104.195:67): avc:  denied  { name_bind } for  pid=284 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   26.880835][   T30] audit: type=1400 audit(1717037104.295:68): avc:  denied  { integrity } for  pid=294 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[   26.911863][  T294] cgroup: Unknown subsys name 'net'
[   26.931998][   T30] audit: type=1400 audit(1717037104.295:69): avc:  denied  { setattr } for  pid=297 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   26.956168][   T30] audit: type=1400 audit(1717037104.335:70): avc:  denied  { mounton } for  pid=294 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   26.956471][  T294] cgroup: Unknown subsys name 'devices'
[   26.979155][   T30] audit: type=1400 audit(1717037104.335:71): avc:  denied  { mount } for  pid=294 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   26.999786][  T300] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   27.006468][   T30] audit: type=1400 audit(1717037104.345:72): avc:  denied  { mounton } for  pid=295 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   27.040071][   T30] audit: type=1400 audit(1717037104.345:73): avc:  denied  { mount } for  pid=295 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   27.064406][   T30] audit: type=1400 audit(1717037104.345:74): avc:  denied  { unmount } for  pid=294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   27.084920][   T30] audit: type=1400 audit(1717037104.445:75): avc:  denied  { relabelto } for  pid=300 comm="mkswap" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   27.116894][  T298] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   27.196876][  T294] cgroup: Unknown subsys name 'hugetlb'
[   27.202547][  T294] cgroup: Unknown subsys name 'rlimit'
2024/05/30 02:45:04 starting 5 executor processes
[   29.528377][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.536480][  T313] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.544478][  T313] device bridge_slave_0 entered promiscuous mode
[   29.577190][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.584131][  T313] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.592159][  T313] device bridge_slave_1 entered promiscuous mode
[   29.612510][  T311] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.619427][  T311] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.627662][  T311] device bridge_slave_0 entered promiscuous mode
[   29.672941][  T311] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.679863][  T311] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.687760][  T311] device bridge_slave_1 entered promiscuous mode
[   29.694728][  T312] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.701721][  T312] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.710237][  T312] device bridge_slave_0 entered promiscuous mode
[   29.732448][  T310] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.739585][  T310] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.747718][  T310] device bridge_slave_0 entered promiscuous mode
[   29.764204][  T312] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.771193][  T312] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.779066][  T312] device bridge_slave_1 entered promiscuous mode
[   29.807636][  T310] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.814803][  T310] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.822880][  T310] device bridge_slave_1 entered promiscuous mode
[   30.068428][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.075384][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.083619][  T314] device bridge_slave_0 entered promiscuous mode
[   30.123760][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.131040][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.139087][  T314] device bridge_slave_1 entered promiscuous mode
[   30.417193][  T311] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.424171][  T311] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.432020][  T311] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.439360][  T311] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.514666][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.521687][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.528972][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.536014][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.544979][  T301] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.552755][  T301] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.560474][  T301] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.568299][  T301] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.734440][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   30.742688][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   30.763008][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   30.771724][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   30.781556][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.788748][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.796519][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   30.804259][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   30.836558][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   30.845339][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   30.854392][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.861391][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.882666][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   30.891845][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   30.900547][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.907623][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.915658][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   30.924229][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   30.933259][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.941167][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.965678][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   30.974099][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   31.013038][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   31.021885][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   31.030721][  T301] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.038119][  T301] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.046810][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   31.055988][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   31.067144][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   31.077806][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   31.088463][  T301] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.095470][  T301] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.103023][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   31.112407][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   31.120662][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   31.128894][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   31.136579][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   31.145200][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   31.154129][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   31.186671][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   31.195386][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   31.204493][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.212208][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.220187][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   31.229395][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   31.238512][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.245420][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.252888][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   31.260575][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   31.268436][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   31.277269][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   31.285758][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.292655][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.299926][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   31.308690][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   31.317175][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.324282][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.331803][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   31.340336][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   31.367239][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   31.376606][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   31.385370][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   31.393471][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   31.401862][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   31.411420][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   31.419953][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   31.428125][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   31.466762][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   31.476608][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   31.484564][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   31.494371][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   31.512390][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   31.528817][  T311] device veth0_vlan entered promiscuous mode
[   31.547598][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   31.566191][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   31.575427][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   31.584235][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   31.592733][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   31.627885][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   31.637149][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   31.646082][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   31.654193][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   31.664618][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   31.672530][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   31.680464][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   31.689877][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   31.703950][  T312] device veth0_vlan entered promiscuous mode
[   31.716177][  T313] device veth0_vlan entered promiscuous mode
[   31.722893][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   31.733267][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   31.743674][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   31.751571][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   31.781766][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   31.790663][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   31.800326][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   31.808970][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   31.821510][  T311] device veth1_macvtap entered promiscuous mode
[   31.847940][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   31.856872][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   31.865636][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   31.874517][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   31.883377][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   31.892231][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   31.900705][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   31.911140][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   31.919313][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   31.927934][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   31.936035][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   31.949214][  T312] device veth1_macvtap entered promiscuous mode
[   31.957405][  T310] device veth0_vlan entered promiscuous mode
[   31.973727][  T314] device veth0_vlan entered promiscuous mode
[   31.987008][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   31.995926][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   32.006777][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   32.041736][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   32.043945][   T30] kauditd_printk_skb: 13 callbacks suppressed
[   32.044055][   T30] audit: type=1400 audit(1717037109.455:89): avc:  denied  { mounton } for  pid=311 comm="syz-executor.4" path="/dev/binderfs" dev="devtmpfs" ino=362 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   32.058377][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   32.104962][   T30] audit: type=1400 audit(1717037109.495:90): avc:  denied  { mount } for  pid=311 comm="syz-executor.4" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   32.105593][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   32.139376][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   32.148225][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   32.157022][   T58] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   32.202153][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   32.212153][   T30] audit: type=1400 audit(1717037109.625:91): avc:  denied  { read write } for  pid=311 comm="syz-executor.4" name="loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   32.238806][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   32.265080][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   32.280119][   T30] audit: type=1400 audit(1717037109.625:92): avc:  denied  { open } for  pid=311 comm="syz-executor.4" path="/dev/loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   32.305314][  T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   32.321606][  T314] device veth1_macvtap entered promiscuous mode
[   32.331542][  T313] device veth1_macvtap entered promiscuous mode
[   32.340090][  T310] device veth1_macvtap entered promiscuous mode
[   32.352232][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   32.360481][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   32.368866][   T30] audit: type=1400 audit(1717037109.625:93): avc:  denied  { ioctl } for  pid=311 comm="syz-executor.4" path="/dev/loop4" dev="devtmpfs" ino=116 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   32.396133][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   32.405414][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   32.414763][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   32.424177][   T30] audit: type=1400 audit(1717037109.655:94): avc:  denied  { map_create } for  pid=338 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   32.472728][   T30] audit: type=1400 audit(1717037109.695:95): avc:  denied  { prog_load } for  pid=341 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   32.493979][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   32.506318][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   32.515344][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   32.528489][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   32.538208][   T30] audit: type=1400 audit(1717037109.695:96): avc:  denied  { bpf } for  pid=341 comm="syz-executor.0" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   32.544981][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   32.568107][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   32.575970][   T30] audit: type=1400 audit(1717037109.695:97): avc:  denied  { perfmon } for  pid=341 comm="syz-executor.0" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   32.576061][   T30] audit: type=1400 audit(1717037109.955:98): avc:  denied  { map_read map_write } for  pid=345 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   32.636000][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   32.644957][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   32.654132][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   32.664829][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   32.673708][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   32.682559][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   32.834908][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.848082][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.865698][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.875566][  T354] loop1: detected capacity change from 0 to 1024
[   32.882058][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.889654][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.898019][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.908966][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.917799][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.926015][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.934886][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.943140][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.951119][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.959469][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.968883][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.977644][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.989777][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   32.997904][  T354] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[   33.013771][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.027933][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.042480][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.057799][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.073551][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.090264][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.098049][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.106157][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.114523][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.122385][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.129831][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.137730][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.145498][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.153299][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.160735][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.175246][    T6] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.200912][    T6] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  134.032018][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  134.038537][    C0] rcu: 	0-...!: (1 GPs behind) idle=6c7/1/0x4000000000000000 softirq=3228/3229 fqs=0 last_accelerate: 9784/bed9 dyntick_enabled: 1
[  134.052021][    C0] 	(t=10002 jiffies g=2393 q=196)
[  134.057127][    C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10001 jiffies! g2393 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[  134.069249][    C0] rcu: 	Possible timer handling issue on cpu=1 timer-softirq=1064
[  134.076872][    C0] rcu: rcu_preempt kthread starved for 10004 jiffies! g2393 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[  134.087983][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  134.097788][    C0] rcu: RCU grace-period kthread stack dump:
[  134.103613][    C0] task:rcu_preempt     state:I stack:28328 pid:   14 ppid:     2 flags:0x00004000
[  134.112738][    C0] Call Trace:
[  134.115928][    C0]  <TASK>
[  134.118732][    C0]  __schedule+0xccc/0x1590
[  134.123105][    C0]  ? __sched_text_start+0x8/0x8
[  134.127796][    C0]  ? __kasan_check_write+0x14/0x20
[  134.132752][    C0]  schedule+0x11f/0x1e0
[  134.136735][    C0]  schedule_timeout+0x18c/0x370
[  134.141411][    C0]  ? _raw_spin_unlock_irq+0x4e/0x70
[  134.146448][    C0]  ? console_conditional_schedule+0x30/0x30
[  134.152428][    C0]  ? update_process_times+0x200/0x200
[  134.157633][    C0]  ? prepare_to_swait_event+0x308/0x320
[  134.163012][    C0]  rcu_gp_fqs_loop+0x2af/0xf80
[  134.167709][    C0]  ? debug_smp_processor_id+0x17/0x20
[  134.172905][    C0]  ? __note_gp_changes+0x4ab/0x920
[  134.177866][    C0]  ? rcu_gp_init+0xc30/0xc30
[  134.182287][    C0]  ? _raw_spin_unlock_irq+0x4e/0x70
[  134.187312][    C0]  ? rcu_gp_init+0x9cf/0xc30
[  134.191744][    C0]  rcu_gp_kthread+0xa4/0x350
[  134.196201][    C0]  ? _raw_spin_lock+0x1b0/0x1b0
[  134.201046][    C0]  ? wake_nocb_gp+0x1e0/0x1e0
[  134.205560][    C0]  ? __kasan_check_read+0x11/0x20
[  134.210794][    C0]  ? __kthread_parkme+0xb2/0x200
[  134.215541][    C0]  kthread+0x421/0x510
[  134.219532][    C0]  ? wake_nocb_gp+0x1e0/0x1e0
[  134.224049][    C0]  ? kthread_blkcg+0xd0/0xd0
[  134.228471][    C0]  ret_from_fork+0x1f/0x30
[  134.232818][    C0]  </TASK>
[  134.235685][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  134.241956][    C0] Sending NMI from CPU 0 to CPUs 1:
[  134.247329][    C1] NMI backtrace for cpu 1
[  134.247372][    C1] CPU: 1 PID: 371 Comm: syz-executor.4 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0
[  134.247430][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  134.247461][    C1] RIP: 0010:kvm_wait+0x147/0x180
[  134.247513][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  134.247551][    C1] RSP: 0018:ffffc900056c7200 EFLAGS: 00000246
[  134.247589][    C1] RAX: 0000000000000001 RBX: 1ffff92000ad8e44 RCX: 1ffffffff0d1aa9c
[  134.247622][    C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4
[  134.247652][    C1] RBP: ffffc900056c72b0 R08: dffffc0000000000 R09: ffffed103ee26fdb
[  134.247688][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  134.247721][    C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff92000ad8e48
[  134.247754][    C1] FS:  00007f3850c546c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  134.247797][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  134.247830][    C1] CR2: 0000001b2f025000 CR3: 000000012bd18000 CR4: 00000000003506a0
[  134.247867][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  134.247895][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  134.247924][    C1] Call Trace:
[  134.247937][    C1]  <NMI>
[  134.247952][    C1]  ? show_regs+0x58/0x60
[  134.247999][    C1]  ? nmi_cpu_backtrace+0x29f/0x300
[  134.248055][    C1]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  134.248115][    C1]  ? kvm_wait+0x147/0x180
[  134.248157][    C1]  ? kvm_wait+0x147/0x180
[  134.248200][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  134.248251][    C1]  ? nmi_handle+0xa8/0x280
[  134.248301][    C1]  ? kvm_wait+0x147/0x180
[  134.248344][    C1]  ? default_do_nmi+0x69/0x160
[  134.248394][    C1]  ? exc_nmi+0xaf/0x120
[  134.248450][    C1]  ? end_repeat_nmi+0x16/0x31
[  134.248501][    C1]  ? kvm_wait+0x147/0x180
[  134.248544][    C1]  ? kvm_wait+0x147/0x180
[  134.248589][    C1]  ? kvm_wait+0x147/0x180
[  134.248632][    C1]  </NMI>
[  134.248644][    C1]  <TASK>
[  134.248660][    C1]  ? kvm_arch_para_hints+0x30/0x30
[  134.248711][    C1]  __pv_queued_spin_lock_slowpath+0x41b/0xc40
[  134.248766][    C1]  ? string+0x28b/0x2a0
[  134.248813][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  134.248874][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[  134.248929][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  134.248985][    C1]  ? sock_hash_bucket_hash+0x31c/0x7e0
[  134.249041][    C1]  sock_hash_delete_elem+0xb1/0x2f0
[  134.249094][    C1]  ? audit_log_d_path+0x270/0x2e0
[  134.249140][    C1]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xbb8
[  134.249178][    C1]  bpf_trace_run2+0xec/0x210
[  134.249231][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  134.249281][    C1]  ? d_path+0x40a/0x5e0
[  134.249323][    C1]  ? audit_log_d_path+0x270/0x2e0
[  134.249371][    C1]  ? audit_log_d_path+0x270/0x2e0
[  134.249418][    C1]  __bpf_trace_kfree+0x6f/0x90
[  134.249469][    C1]  ? audit_log_d_path+0x270/0x2e0
[  134.249515][    C1]  kfree+0x1f3/0x220
[  134.249579][    C1]  audit_log_d_path+0x270/0x2e0
[  134.249628][    C1]  common_lsm_audit+0x9c0/0x18b0
[  134.249679][    C1]  ? avc_audit_pre_callback+0x2b0/0x2b0
[  134.249728][    C1]  ? call_rcu+0x5ed/0x1310
[  134.249775][    C1]  ? ipv6_skb_to_auditdata+0xd90/0xd90
[  134.249830][    C1]  ? rcu_gp_kthread_wake+0x90/0x90
[  134.249878][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  134.249935][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  134.249992][    C1]  slow_avc_audit+0x26c/0x3c0
[  134.250040][    C1]  ? avc_get_hash_stats+0x180/0x180
[  134.250095][    C1]  ? avc_denied+0x13f/0x1b0
[  134.250146][    C1]  avc_has_extended_perms+0xa2d/0x10f0
[  134.250205][    C1]  ? avc_flush+0x290/0x290
[  134.250252][    C1]  ? __kasan_check_write+0x14/0x20
[  134.250301][    C1]  ? mutex_unlock+0xb2/0x260
[  134.250350][    C1]  ? __mutex_lock_slowpath+0x10/0x10
[  134.250398][    C1]  ? tracepoint_add_func+0x77e/0x940
[  134.250459][    C1]  ? __kasan_check_write+0x14/0x20
[  134.250509][    C1]  ? _raw_spin_lock_bh+0xa4/0x1b0
[  134.250566][    C1]  ? fd_install+0x144/0x250
[  134.250608][    C1]  ? ioctl_has_perm+0x1f8/0x560
[  134.250657][    C1]  ioctl_has_perm+0x3f5/0x560
[  134.250707][    C1]  ? has_cap_mac_admin+0x3c0/0x3c0
[  134.250764][    C1]  selinux_file_ioctl+0x3cc/0x540
[  134.250819][    C1]  ? selinux_file_alloc_security+0x120/0x120
[  134.250878][    C1]  ? __fget_files+0x31e/0x380
[  134.250926][    C1]  security_file_ioctl+0x74/0xb0
[  134.250982][    C1]  __se_sys_ioctl+0x53/0x190
[  134.251026][    C1]  __x64_sys_ioctl+0x7b/0x90
[  134.251068][    C1]  do_syscall_64+0x3d/0xb0
[  134.251114][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  134.251161][    C1] RIP: 0033:0x7f3851edfee9
[  134.251222][    C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  134.251259][    C1] RSP: 002b:00007f3850c540c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  134.251304][    C1] RAX: ffffffffffffffda RBX: 00007f3852016fa0 RCX: 00007f3851edfee9
[  134.251339][    C1] RDX: 0000000020000340 RSI: 00000000401c5504 RDI: 0000000000000003
[  134.251369][    C1] RBP: 00007f3851f2c47f R08: 0000000000000000 R09: 0000000000000000
[  134.251399][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  134.251435][    C1] R13: 000000000000000b R14: 00007f3852016fa0 R15: 00007fff14202ec8
[  134.251476][    C1]  </TASK>
[  134.252395][    C0] NMI backtrace for cpu 0
[  134.777290][    C0] CPU: 0 PID: 359 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0
[  134.787258][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  134.797932][    C0] Call Trace:
[  134.801054][    C0]  <IRQ>
[  134.803745][    C0]  dump_stack_lvl+0x151/0x1b7
[  134.808264][    C0]  ? io_uring_drop_tctx_refs+0x190/0x190
[  134.813743][    C0]  ? ttwu_do_wakeup+0x187/0x430
[  134.818421][    C0]  dump_stack+0x15/0x17
[  134.822414][    C0]  nmi_cpu_backtrace+0x2f7/0x300
[  134.827338][    C0]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  134.833258][    C0]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  134.838555][    C0]  ? __kasan_check_write+0x14/0x20
[  134.843531][    C0]  ? _raw_spin_lock+0x1b0/0x1b0
[  134.848193][    C0]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  134.854088][    C0]  nmi_trigger_cpumask_backtrace+0x15d/0x270
[  134.859906][    C0]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  134.865899][    C0]  arch_trigger_cpumask_backtrace+0x10/0x20
[  134.871623][    C0]  rcu_dump_cpu_stacks+0x1d8/0x330
[  134.876579][    C0]  print_cpu_stall+0x315/0x5f0
[  134.881174][    C0]  rcu_sched_clock_irq+0x989/0x12f0
[  134.886218][    C0]  ? rcu_boost_kthread_setaffinity+0x340/0x340
[  134.892197][    C0]  ? hrtimer_run_queues+0x15f/0x440
[  134.897251][    C0]  update_process_times+0x198/0x200
[  134.902504][    C0]  tick_sched_timer+0x188/0x240
[  134.907190][    C0]  ? tick_setup_sched_timer+0x480/0x480
[  134.912563][    C0]  __hrtimer_run_queues+0x41a/0xad0
[  134.917607][    C0]  ? hrtimer_interrupt+0xaa0/0xaa0
[  134.922549][    C0]  ? clockevents_program_event+0x22f/0x300
[  134.928194][    C0]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[  134.934182][    C0]  hrtimer_interrupt+0x40c/0xaa0
[  134.938963][    C0]  __sysvec_apic_timer_interrupt+0xfd/0x3c0
[  134.944685][    C0]  sysvec_apic_timer_interrupt+0x95/0xc0
[  134.950166][    C0]  </IRQ>
[  134.953120][    C0]  <TASK>
[  134.955879][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  134.961731][    C0] RIP: 0010:kvm_wait+0x147/0x180
[  134.967673][    C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  134.987405][    C0] RSP: 0018:ffffc900057df3e0 EFLAGS: 00000246
[  134.993300][    C0] RAX: 0000000000000003 RBX: 1ffff92000afbe80 RCX: ffffffff8154fa7f
[  135.001410][    C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810cd79698
[  135.009307][    C0] RBP: ffffc900057df490 R08: dffffc0000000000 R09: ffffed10219af2d4
[  135.017279][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  135.025165][    C0] R13: ffff88810cd79698 R14: 0000000000000003 R15: 1ffff92000afbe84
[  135.033062][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  135.039147][    C0]  ? kvm_arch_para_hints+0x30/0x30
[  135.044220][    C0]  ? pv_hash+0x86/0x150
[  135.048203][    C0]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[  135.054196][    C0]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  135.060435][    C0]  ? _raw_spin_lock+0x1b0/0x1b0
[  135.065120][    C0]  _raw_spin_lock_bh+0x139/0x1b0
[  135.069892][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  135.074926][    C0]  ? sock_hash_bucket_hash+0x31c/0x7e0
[  135.080227][    C0]  sock_hash_delete_elem+0xb1/0x2f0
[  135.085254][    C0]  ? sock_map_unref+0x352/0x4d0
[  135.089941][    C0]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xbb8
[  135.095409][    C0]  bpf_trace_run2+0xec/0x210
[  135.099836][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[  135.104520][    C0]  ? __unix_dgram_recvmsg+0xcbb/0x1260
[  135.109815][    C0]  ? sock_map_unref+0x352/0x4d0
[  135.114503][    C0]  ? sock_map_unref+0x352/0x4d0
[  135.119201][    C0]  __bpf_trace_kfree+0x6f/0x90
[  135.123790][    C0]  ? sock_map_unref+0x352/0x4d0
[  135.128563][    C0]  kfree+0x1f3/0x220
[  135.132299][    C0]  sock_map_unref+0x352/0x4d0
[  135.136816][    C0]  sock_hash_delete_elem+0x274/0x2f0
[  135.141964][    C0]  ? ___sys_recvmsg+0x210/0x690
[  135.146812][    C0]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xbb8
[  135.152192][    C0]  bpf_trace_run2+0xec/0x210
[  135.156599][    C0]  ? irqentry_exit+0x30/0x40
[  135.161034][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[  135.165711][    C0]  ? ___sys_recvmsg+0x210/0x690
[  135.170402][    C0]  ? ___sys_recvmsg+0x210/0x690
[  135.175095][    C0]  ? ___sys_recvmsg+0x210/0x690
[  135.179780][    C0]  __bpf_trace_kfree+0x6f/0x90
[  135.184487][    C0]  ? ___sys_recvmsg+0x210/0x690
[  135.189163][    C0]  kfree+0x1f3/0x220
[  135.192891][    C0]  ? import_iovec+0xe5/0x120
[  135.197345][    C0]  ___sys_recvmsg+0x210/0x690
[  135.201942][    C0]  ? __sys_recvmsg+0x260/0x260
[  135.206522][    C0]  ? preempt_schedule_irq+0xe7/0x140
[  135.211954][    C0]  ? asm_sysvec_call_function_single+0x1b/0x20
[  135.217931][    C0]  ? do_recvmmsg+0x376/0x8b0
[  135.222484][    C0]  do_recvmmsg+0x36b/0x8b0
[  135.226887][    C0]  ? __sys_recvmmsg+0x270/0x270
[  135.231574][    C0]  ? put_pid+0xc3/0x110
[  135.235573][    C0]  __x64_sys_recvmmsg+0x195/0x240
[  135.240662][    C0]  ? do_recvmmsg+0x8b0/0x8b0
[  135.245158][    C0]  ? __kasan_check_read+0x11/0x20
[  135.250451][    C0]  ? exit_to_user_mode_prepare+0x7e/0xa0
[  135.256149][    C0]  do_syscall_64+0x3d/0xb0
[  135.260414][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  135.266107][    C0] RIP: 0033:0x7f7bfe2dfee9
[  135.270408][    C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  135.289920][    C0] RSP: 002b:00007f7bfd0330c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  135.298137][    C0] RAX: ffffffffffffffda RBX: 00007f7bfe417070 RCX: 00007f7bfe2dfee9
[  135.305961][    C0] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003
[  135.314202][    C0] RBP: 00007f7bfe32c47f R08: 0000000000000000 R09: 0000000000000000
[  135.322157][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  135.330193][    C0] R13: 000000000000006e R14: 00007f7bfe417070 R15: 00007ffcdfa06d48
[  135.338064][    C0]  </TASK>
[  135.340915][    C0] Sending NMI from CPU 0 to CPUs 1:
[  135.345990][    C1] NMI backtrace for cpu 1
[  135.346014][    C1] CPU: 1 PID: 371 Comm: syz-executor.4 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0
[  135.346063][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  135.346088][    C1] RIP: 0010:kvm_wait+0x147/0x180
[  135.346139][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  135.346177][    C1] RSP: 0018:ffffc900056c7200 EFLAGS: 00000246
[  135.346213][    C1] RAX: 0000000000000001 RBX: 1ffff92000ad8e44 RCX: 1ffffffff0d1aa9c
[  135.346247][    C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4
[  135.346277][    C1] RBP: ffffc900056c72b0 R08: dffffc0000000000 R09: ffffed103ee26fdb
[  135.346313][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  135.346346][    C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff92000ad8e48
[  135.346379][    C1] FS:  00007f3850c546c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  135.346429][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  135.346468][    C1] CR2: 0000001b2f025000 CR3: 000000012bd18000 CR4: 00000000003506a0
[  135.346504][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  135.346532][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  135.346562][    C1] Call Trace:
[  135.346575][    C1]  <NMI>
[  135.346590][    C1]  ? show_regs+0x58/0x60
[  135.346637][    C1]  ? nmi_cpu_backtrace+0x29f/0x300
[  135.346693][    C1]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  135.346753][    C1]  ? kvm_wait+0x147/0x180
[  135.346796][    C1]  ? kvm_wait+0x147/0x180
[  135.346839][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  135.346890][    C1]  ? nmi_handle+0xa8/0x280
[  135.346939][    C1]  ? kvm_wait+0x147/0x180
[  135.346981][    C1]  ? kvm_wait+0x147/0x180
[  135.347024][    C1]  ? default_do_nmi+0x69/0x160
[  135.347074][    C1]  ? exc_nmi+0xaf/0x120
[  135.347120][    C1]  ? end_repeat_nmi+0x16/0x31
[  135.347170][    C1]  ? kvm_wait+0x147/0x180
[  135.347214][    C1]  ? kvm_wait+0x147/0x180
[  135.347259][    C1]  ? kvm_wait+0x147/0x180
[  135.347302][    C1]  </NMI>
[  135.347314][    C1]  <TASK>
[  135.347330][    C1]  ? kvm_arch_para_hints+0x30/0x30
[  135.347381][    C1]  __pv_queued_spin_lock_slowpath+0x41b/0xc40
[  135.347444][    C1]  ? string+0x28b/0x2a0
[  135.347491][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  135.347553][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[  135.347607][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  135.347663][    C1]  ? sock_hash_bucket_hash+0x31c/0x7e0
[  135.347719][    C1]  sock_hash_delete_elem+0xb1/0x2f0
[  135.347772][    C1]  ? audit_log_d_path+0x270/0x2e0
[  135.347819][    C1]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xbb8
[  135.347856][    C1]  bpf_trace_run2+0xec/0x210
[  135.347908][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  135.347958][    C1]  ? d_path+0x40a/0x5e0
[  135.348000][    C1]  ? audit_log_d_path+0x270/0x2e0
[  135.348048][    C1]  ? audit_log_d_path+0x270/0x2e0
[  135.348095][    C1]  __bpf_trace_kfree+0x6f/0x90
[  135.348139][    C1]  ? audit_log_d_path+0x270/0x2e0
[  135.348185][    C1]  kfree+0x1f3/0x220
[  135.348238][    C1]  audit_log_d_path+0x270/0x2e0
[  135.348288][    C1]  common_lsm_audit+0x9c0/0x18b0
[  135.348338][    C1]  ? avc_audit_pre_callback+0x2b0/0x2b0
[  135.348388][    C1]  ? call_rcu+0x5ed/0x1310
[  135.348443][    C1]  ? ipv6_skb_to_auditdata+0xd90/0xd90
[  135.348498][    C1]  ? rcu_gp_kthread_wake+0x90/0x90
[  135.348546][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  135.348603][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  135.348660][    C1]  slow_avc_audit+0x26c/0x3c0
[  135.348709][    C1]  ? avc_get_hash_stats+0x180/0x180
[  135.348764][    C1]  ? avc_denied+0x13f/0x1b0
[  135.348815][    C1]  avc_has_extended_perms+0xa2d/0x10f0
[  135.348873][    C1]  ? avc_flush+0x290/0x290
[  135.348920][    C1]  ? __kasan_check_write+0x14/0x20
[  135.348970][    C1]  ? mutex_unlock+0xb2/0x260
[  135.349018][    C1]  ? __mutex_lock_slowpath+0x10/0x10
[  135.349066][    C1]  ? tracepoint_add_func+0x77e/0x940
[  135.349120][    C1]  ? __kasan_check_write+0x14/0x20
[  135.349170][    C1]  ? _raw_spin_lock_bh+0xa4/0x1b0
[  135.349227][    C1]  ? fd_install+0x144/0x250
[  135.349268][    C1]  ? ioctl_has_perm+0x1f8/0x560
[  135.349317][    C1]  ioctl_has_perm+0x3f5/0x560
[  135.349367][    C1]  ? has_cap_mac_admin+0x3c0/0x3c0
[  135.349433][    C1]  selinux_file_ioctl+0x3cc/0x540
[  135.349488][    C1]  ? selinux_file_alloc_security+0x120/0x120
[  135.349547][    C1]  ? __fget_files+0x31e/0x380
[  135.349595][    C1]  security_file_ioctl+0x74/0xb0
[  135.349651][    C1]  __se_sys_ioctl+0x53/0x190
[  135.349694][    C1]  __x64_sys_ioctl+0x7b/0x90
[  135.349736][    C1]  do_syscall_64+0x3d/0xb0
[  135.349782][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  135.349829][    C1] RIP: 0033:0x7f3851edfee9
[  135.349863][    C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  135.349900][    C1] RSP: 002b:00007f3850c540c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  135.349945][    C1] RAX: ffffffffffffffda RBX: 00007f3852016fa0 RCX: 00007f3851edfee9
[  135.349979][    C1] RDX: 0000000020000340 RSI: 00000000401c5504 RDI: 0000000000000003
[  135.350009][    C1] RBP: 00007f3851f2c47f R08: 0000000000000000 R09: 0000000000000000
[  135.350039][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  135.350068][    C1] R13: 000000000000000b R14: 00007f3852016fa0 R15: 00007fff14202ec8
[  135.350108][    C1]  </TASK>
[  287.166616][    C0] watchdog: BUG: soft lockup - CPU#0 stuck for 246s! [syz-executor.2:359]
[  287.174994][    C0] Modules linked in:
[  287.178864][    C0] CPU: 0 PID: 359 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0
[  287.188977][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  287.198887][    C0] RIP: 0010:kvm_wait+0x147/0x180
[  287.203661][    C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  287.224083][    C0] RSP: 0018:ffffc900057df3e0 EFLAGS: 00000246
[  287.230454][    C0] RAX: 0000000000000003 RBX: 1ffff92000afbe80 RCX: ffffffff8154fa7f
[  287.238502][    C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810cd79698
[  287.246477][    C0] RBP: ffffc900057df490 R08: dffffc0000000000 R09: ffffed10219af2d4
[  287.256044][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  287.263881][    C0] R13: ffff88810cd79698 R14: 0000000000000003 R15: 1ffff92000afbe84
[  287.271832][    C0] FS:  00007f7bfd0336c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  287.281064][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  287.287467][    C0] CR2: 00007fef323996c6 CR3: 000000012bf38000 CR4: 00000000003506b0
[  287.295379][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  287.303277][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  287.311252][    C0] Call Trace:
[  287.314391][    C0]  <IRQ>
[  287.317115][    C0]  ? show_regs+0x58/0x60
[  287.321208][    C0]  ? watchdog_timer_fn+0x4b1/0x5f0
[  287.326175][    C0]  ? proc_watchdog_cpumask+0xd0/0xd0
[  287.331454][    C0]  ? __hrtimer_run_queues+0x41a/0xad0
[  287.336757][    C0]  ? hrtimer_interrupt+0xaa0/0xaa0
[  287.341696][    C0]  ? clockevents_program_event+0x22f/0x300
[  287.347427][    C0]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[  287.353336][    C0]  ? hrtimer_interrupt+0x40c/0xaa0
[  287.358287][    C0]  ? __sysvec_apic_timer_interrupt+0xfd/0x3c0
[  287.364290][    C0]  ? sysvec_apic_timer_interrupt+0x95/0xc0
[  287.369931][    C0]  </IRQ>
[  287.372704][    C0]  <TASK>
[  287.375629][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  287.381764][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  287.387944][    C0]  ? kvm_wait+0x147/0x180
[  287.392056][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  287.398114][    C0]  ? kvm_arch_para_hints+0x30/0x30
[  287.403054][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  287.409646][    C0]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[  287.415853][    C0]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  287.422349][    C0]  ? _raw_spin_lock+0x1b0/0x1b0
[  287.427163][    C0]  _raw_spin_lock_bh+0x139/0x1b0
[  287.432219][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  287.437955][    C0]  ? sock_hash_bucket_hash+0x31c/0x7e0
[  287.443563][    C0]  sock_hash_delete_elem+0xb1/0x2f0
[  287.448903][    C0]  ? sock_map_unref+0x352/0x4d0
[  287.453584][    C0]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xbb8
[  287.458985][    C0]  bpf_trace_run2+0xec/0x210
[  287.463538][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[  287.468633][    C0]  ? __unix_dgram_recvmsg+0xcbb/0x1260
[  287.473930][    C0]  ? sock_map_unref+0x352/0x4d0
[  287.478765][    C0]  ? sock_map_unref+0x352/0x4d0
[  287.483793][    C0]  __bpf_trace_kfree+0x6f/0x90
[  287.488870][    C0]  ? sock_map_unref+0x352/0x4d0
[  287.493791][    C0]  kfree+0x1f3/0x220
[  287.497489][    C0]  sock_map_unref+0x352/0x4d0
[  287.502006][    C0]  sock_hash_delete_elem+0x274/0x2f0
[  287.508485][    C0]  ? ___sys_recvmsg+0x210/0x690
[  287.513642][    C0]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xbb8
[  287.519484][    C0]  bpf_trace_run2+0xec/0x210
[  287.524043][    C0]  ? irqentry_exit+0x30/0x40
[  287.528644][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[  287.533441][    C0]  ? ___sys_recvmsg+0x210/0x690
[  287.538131][    C0]  ? ___sys_recvmsg+0x210/0x690
[  287.543024][    C0]  ? ___sys_recvmsg+0x210/0x690
[  287.547800][    C0]  __bpf_trace_kfree+0x6f/0x90
[  287.552408][    C0]  ? ___sys_recvmsg+0x210/0x690
[  287.557261][    C0]  kfree+0x1f3/0x220
[  287.560985][    C0]  ? import_iovec+0xe5/0x120
[  287.565418][    C0]  ___sys_recvmsg+0x210/0x690
[  287.569930][    C0]  ? __sys_recvmsg+0x260/0x260
[  287.574528][    C0]  ? preempt_schedule_irq+0xe7/0x140
[  287.580180][    C0]  ? asm_sysvec_call_function_single+0x1b/0x20
[  287.586161][    C0]  ? do_recvmmsg+0x376/0x8b0
[  287.590894][    C0]  do_recvmmsg+0x36b/0x8b0
[  287.595452][    C0]  ? __sys_recvmmsg+0x270/0x270
[  287.600315][    C0]  ? put_pid+0xc3/0x110
[  287.604323][    C0]  __x64_sys_recvmmsg+0x195/0x240
[  287.609265][    C0]  ? do_recvmmsg+0x8b0/0x8b0
[  287.613967][    C0]  ? __kasan_check_read+0x11/0x20
[  287.618835][    C0]  ? exit_to_user_mode_prepare+0x7e/0xa0
[  287.624508][    C0]  do_syscall_64+0x3d/0xb0
[  287.628798][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  287.634480][    C0] RIP: 0033:0x7f7bfe2dfee9
[  287.638744][    C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  287.658945][    C0] RSP: 002b:00007f7bfd0330c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  287.667620][    C0] RAX: ffffffffffffffda RBX: 00007f7bfe417070 RCX: 00007f7bfe2dfee9
[  287.675428][    C0] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003
[  287.683242][    C0] RBP: 00007f7bfe32c47f R08: 0000000000000000 R09: 0000000000000000
[  287.691054][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  287.698861][    C0] R13: 000000000000006e R14: 00007f7bfe417070 R15: 00007ffcdfa06d48
[  287.706809][    C0]  </TASK>
[  287.709638][    C0] Sending NMI from CPU 0 to CPUs 1:
[  287.714742][    C1] NMI backtrace for cpu 1
[  287.714766][    C1] CPU: 1 PID: 371 Comm: syz-executor.4 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0
[  287.714816][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  287.714840][    C1] RIP: 0010:kvm_wait+0x147/0x180
[  287.714892][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  287.714930][    C1] RSP: 0018:ffffc900056c7200 EFLAGS: 00000246
[  287.714968][    C1] RAX: 0000000000000001 RBX: 1ffff92000ad8e44 RCX: 1ffffffff0d1aa9c
[  287.715001][    C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4
[  287.715032][    C1] RBP: ffffc900056c72b0 R08: dffffc0000000000 R09: ffffed103ee26fdb
[  287.715067][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  287.715100][    C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff92000ad8e48
[  287.715134][    C1] FS:  00007f3850c546c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  287.715176][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  287.715209][    C1] CR2: 0000001b2f025000 CR3: 000000012bd18000 CR4: 00000000003506a0
[  287.715246][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  287.715274][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  287.715304][    C1] Call Trace:
[  287.715316][    C1]  <NMI>
[  287.715331][    C1]  ? show_regs+0x58/0x60
[  287.715378][    C1]  ? nmi_cpu_backtrace+0x29f/0x300
[  287.715434][    C1]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  287.715494][    C1]  ? kvm_wait+0x147/0x180
[  287.715537][    C1]  ? kvm_wait+0x147/0x180
[  287.715594][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  287.715645][    C1]  ? nmi_handle+0xa8/0x280
[  287.715694][    C1]  ? kvm_wait+0x147/0x180
[  287.715736][    C1]  ? kvm_wait+0x147/0x180
[  287.715779][    C1]  ? default_do_nmi+0x69/0x160
[  287.715829][    C1]  ? exc_nmi+0xaf/0x120
[  287.715875][    C1]  ? end_repeat_nmi+0x16/0x31
[  287.715925][    C1]  ? kvm_wait+0x147/0x180
[  287.715969][    C1]  ? kvm_wait+0x147/0x180
[  287.716013][    C1]  ? kvm_wait+0x147/0x180
[  287.716056][    C1]  </NMI>
[  287.716069][    C1]  <TASK>
[  287.716084][    C1]  ? kvm_arch_para_hints+0x30/0x30
[  287.716135][    C1]  __pv_queued_spin_lock_slowpath+0x41b/0xc40
[  287.716191][    C1]  ? string+0x28b/0x2a0
[  287.716238][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  287.716299][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[  287.716354][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  287.716411][    C1]  ? sock_hash_bucket_hash+0x31c/0x7e0
[  287.716467][    C1]  sock_hash_delete_elem+0xb1/0x2f0
[  287.716519][    C1]  ? audit_log_d_path+0x270/0x2e0
[  287.716574][    C1]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xbb8
[  287.716612][    C1]  bpf_trace_run2+0xec/0x210
[  287.716664][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  287.716714][    C1]  ? d_path+0x40a/0x5e0
[  287.716756][    C1]  ? audit_log_d_path+0x270/0x2e0
[  287.716804][    C1]  ? audit_log_d_path+0x270/0x2e0
[  287.716850][    C1]  __bpf_trace_kfree+0x6f/0x90
[  287.716896][    C1]  ? audit_log_d_path+0x270/0x2e0
[  287.716941][    C1]  kfree+0x1f3/0x220
[  287.716993][    C1]  audit_log_d_path+0x270/0x2e0
[  287.717042][    C1]  common_lsm_audit+0x9c0/0x18b0
[  287.717092][    C1]  ? avc_audit_pre_callback+0x2b0/0x2b0
[  287.717142][    C1]  ? call_rcu+0x5ed/0x1310
[  287.717189][    C1]  ? ipv6_skb_to_auditdata+0xd90/0xd90
[  287.717244][    C1]  ? rcu_gp_kthread_wake+0x90/0x90
[  287.717292][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  287.717351][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  287.717407][    C1]  slow_avc_audit+0x26c/0x3c0
[  287.717456][    C1]  ? avc_get_hash_stats+0x180/0x180
[  287.717511][    C1]  ? avc_denied+0x13f/0x1b0
[  287.717569][    C1]  avc_has_extended_perms+0xa2d/0x10f0
[  287.717628][    C1]  ? avc_flush+0x290/0x290
[  287.717675][    C1]  ? __kasan_check_write+0x14/0x20
[  287.717724][    C1]  ? mutex_unlock+0xb2/0x260
[  287.717772][    C1]  ? __mutex_lock_slowpath+0x10/0x10
[  287.717820][    C1]  ? tracepoint_add_func+0x77e/0x940
[  287.717873][    C1]  ? __kasan_check_write+0x14/0x20
[  287.717922][    C1]  ? _raw_spin_lock_bh+0xa4/0x1b0
[  287.717979][    C1]  ? fd_install+0x144/0x250
[  287.718020][    C1]  ? ioctl_has_perm+0x1f8/0x560
[  287.718070][    C1]  ioctl_has_perm+0x3f5/0x560
[  287.718119][    C1]  ? has_cap_mac_admin+0x3c0/0x3c0
[  287.718177][    C1]  selinux_file_ioctl+0x3cc/0x540
[  287.718232][    C1]  ? selinux_file_alloc_security+0x120/0x120
[  287.718291][    C1]  ? __fget_files+0x31e/0x380
[  287.718339][    C1]  security_file_ioctl+0x74/0xb0
[  287.718394][    C1]  __se_sys_ioctl+0x53/0x190
[  287.718438][    C1]  __x64_sys_ioctl+0x7b/0x90
[  287.718480][    C1]  do_syscall_64+0x3d/0xb0
[  287.718526][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  287.718582][    C1] RIP: 0033:0x7f3851edfee9
[  287.718618][    C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  287.718656][    C1] RSP: 002b:00007f3850c540c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  287.718701][    C1] RAX: ffffffffffffffda RBX: 00007f3852016fa0 RCX: 00007f3851edfee9
[  287.718735][    C1] RDX: 0000000020000340 RSI: 00000000401c5504 RDI: 0000000000000003
[  287.718766][    C1] RBP: 00007f3851f2c47f R08: 0000000000000000 R09: 0000000000000000
[  287.718796][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  287.718824][    C1] R13: 000000000000000b R14: 00007f3852016fa0 R15: 00007fff14202ec8
[  287.718865][    C1]  </TASK>