last executing test programs:

2.280901483s ago: executing program 2:
clock_nanosleep(0x0, 0x0, &(0x7f0000000000), 0x0)

2.236422872s ago: executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nullb0', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nullb0', 0x800, 0x0)

2.201327755s ago: executing program 2:
socket$bt_rfcomm(0x1f, 0x1, 0x3)

2.170891285s ago: executing program 2:
syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x1)
syz_open_dev$vim2m(&(0x7f00000000c0), 0x0, 0x2)
syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x800)
syz_open_dev$vim2m(&(0x7f0000000140), 0x1, 0x0)
syz_open_dev$vim2m(&(0x7f0000000180), 0x1, 0x1)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x1, 0x2)
syz_open_dev$vim2m(&(0x7f0000000200), 0x1, 0x800)
syz_open_dev$vim2m(&(0x7f0000000240), 0x2, 0x0)
syz_open_dev$vim2m(&(0x7f0000000280), 0x2, 0x1)
syz_open_dev$vim2m(&(0x7f00000002c0), 0x2, 0x2)
syz_open_dev$vim2m(&(0x7f0000000300), 0x2, 0x800)
syz_open_dev$vim2m(&(0x7f0000000340), 0x3, 0x0)
syz_open_dev$vim2m(&(0x7f0000000380), 0x3, 0x1)
syz_open_dev$vim2m(&(0x7f00000003c0), 0x3, 0x2)
syz_open_dev$vim2m(&(0x7f0000000400), 0x3, 0x800)
syz_open_dev$vim2m(&(0x7f0000000440), 0x4, 0x0)
syz_open_dev$vim2m(&(0x7f0000000480), 0x4, 0x1)
syz_open_dev$vim2m(&(0x7f00000004c0), 0x4, 0x2)
syz_open_dev$vim2m(&(0x7f0000000500), 0x4, 0x800)

2.079923715s ago: executing program 2:
getpgid(0x0)

2.043696538s ago: executing program 2:
pause()

295.148967ms ago: executing program 1:
pread64(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0)

236.72365ms ago: executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/damon/attrs', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/damon/attrs', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/damon/attrs', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/damon/attrs', 0x800, 0x0)

227.491204ms ago: executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.0/attach', 0x1, 0x0)

214.767443ms ago: executing program 3:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/checkreqprot', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/checkreqprot', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/checkreqprot', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/checkreqprot', 0x800, 0x0)

213.017698ms ago: executing program 4:
syslog(0x0, 0x0, 0x0)

204.297163ms ago: executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ashmem', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ashmem', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ashmem', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ashmem', 0x800, 0x0)

179.468621ms ago: executing program 3:
setpriority(0x0, 0x0, 0x0)

175.782827ms ago: executing program 1:
socket$pppoe(0x18, 0x1, 0x0)

169.423891ms ago: executing program 0:
linkat(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffffff, &(0x7f0000000000), 0x0)

145.940966ms ago: executing program 3:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/load', 0x2, 0x0)

144.191561ms ago: executing program 1:
socket$inet_smc(0x2b, 0x1, 0x0)

140.865346ms ago: executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/relabel', 0x2, 0x0)

138.612381ms ago: executing program 0:
fstat(0xffffffffffffffff, &(0x7f0000000000))

117.971516ms ago: executing program 3:
capget(&(0x7f0000000000), &(0x7f0000000000))

107.108532ms ago: executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/mls', 0x0, 0x0)

95.249473ms ago: executing program 1:
delete_module(&(0x7f0000000000), 0x0)

92.13824ms ago: executing program 4:
setresuid(0x0, 0x0, 0x0)

65.628399ms ago: executing program 4:
semtimedop(0x0, &(0x7f0000000000), 0x0, &(0x7f0000000000))

57.727096ms ago: executing program 0:
pselect6(0x0, &(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000000))

55.845493ms ago: executing program 3:
socket$nl_netfilter(0x10, 0x3, 0xc)

45.53498ms ago: executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/policy', 0x0, 0x0)

27.156036ms ago: executing program 4:
vmsplice(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0)

12.398952ms ago: executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/cipso', 0x2, 0x0)

0s ago: executing program 3:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/xen/evtchn', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/xen/evtchn', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/xen/evtchn', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/xen/evtchn', 0x800, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.31' (ED25519) to the list of known hosts.
2024/06/18 13:24:04 fuzzer started
2024/06/18 13:24:04 dialing manager at 10.128.0.169:30007
[   74.043125][   T29] audit: type=1400 audit(1718717044.631:87): avc:  denied  { node_bind } for  pid=5079 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   74.069740][   T29] audit: type=1400 audit(1718717044.651:88): avc:  denied  { name_bind } for  pid=5079 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   74.354932][   T29] audit: type=1400 audit(1718717044.941:89): avc:  denied  { read } for  pid=5079 comm="syz-fuzzer" name="raw-gadget" dev="devtmpfs" ino=733 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   74.378093][   T29] audit: type=1400 audit(1718717044.941:90): avc:  denied  { open } for  pid=5079 comm="syz-fuzzer" path="/dev/raw-gadget" dev="devtmpfs" ino=733 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   74.440807][   T29] audit: type=1400 audit(1718717045.011:91): avc:  denied  { mounton } for  pid=5088 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   74.468938][ T5088] cgroup: Unknown subsys name 'net'
[   74.556018][   T29] audit: type=1400 audit(1718717045.011:92): avc:  denied  { mount } for  pid=5088 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   74.660371][   T29] audit: type=1400 audit(1718717045.071:93): avc:  denied  { setattr } for  pid=5094 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=733 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   74.709626][   T29] audit: type=1400 audit(1718717045.081:94): avc:  denied  { mounton } for  pid=5095 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   74.751242][   T29] audit: type=1400 audit(1718717045.081:95): avc:  denied  { mount } for  pid=5095 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   74.779518][ T5112] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   74.781405][   T29] audit: type=1400 audit(1718717045.091:96): avc:  denied  { unmount } for  pid=5088 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   74.897642][ T5088] cgroup: Unknown subsys name 'rlimit'
2024/06/18 13:24:06 starting 5 executor processes
[   76.177261][ T5103] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   79.067169][   T29] kauditd_printk_skb: 64 callbacks suppressed
[   79.067194][   T29] audit: type=1400 audit(1718717049.651:161): avc:  denied  { create } for  pid=5359 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   79.173557][   T29] audit: type=1400 audit(1718717049.661:162): avc:  denied  { write } for  pid=5361 comm="syz-executor.3" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   79.231285][   T29] audit: type=1400 audit(1718717049.691:163): avc:  denied  { create } for  pid=5362 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   79.343768][   T29] audit: type=1400 audit(1718717049.931:164): avc:  denied  { module_request } for  pid=5383 comm="syz-executor.3" kmod="fs-" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   79.365811][    C0] vkms_vblank_simulate: vblank timer overrun
[   79.517217][   T29] audit: type=1400 audit(1718717050.101:165): avc:  denied  { create } for  pid=5398 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   79.567951][   T29] audit: type=1400 audit(1718717050.121:166): avc:  denied  { read } for  pid=5399 comm="syz-executor.3" name="uinput" dev="devtmpfs" ino=836 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   79.588073][ T5403] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   79.650520][   T29] audit: type=1400 audit(1718717050.121:167): avc:  denied  { open } for  pid=5399 comm="syz-executor.3" path="/dev/uinput" dev="devtmpfs" ino=836 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   79.742214][   T29] audit: type=1400 audit(1718717050.121:168): avc:  denied  { write } for  pid=5399 comm="syz-executor.3" name="uinput" dev="devtmpfs" ino=836 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   79.766737][    C0] vkms_vblank_simulate: vblank timer overrun
[   79.814658][   T29] audit: type=1400 audit(1718717050.308:169): avc:  denied  { read } for  pid=5413 comm="syz-executor.3" name="mouse0" dev="devtmpfs" ino=839 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[   79.914382][   T29] audit: type=1400 audit(1718717050.308:170): avc:  denied  { open } for  pid=5413 comm="syz-executor.3" path="/dev/input/mouse0" dev="devtmpfs" ino=839 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[   81.598150][ T1057] 
[   81.600892][ T1057] =============================
[   81.605795][ T1057] WARNING: suspicious RCU usage
[   81.611152][ T1057] 6.10.0-rc4-syzkaller-00033-g14d7c92f8df9 #0 Not tainted
[   81.618735][ T1057] -----------------------------
[   81.624099][ T1057] net/netfilter/ipset/ip_set_core.c:1200 suspicious rcu_dereference_protected() usage!
[   81.634076][ T1057] 
[   81.634076][ T1057] other info that might help us debug this:
[   81.634076][ T1057] 
[   81.644476][ T1057] 
[   81.644476][ T1057] rcu_scheduler_active = 2, debug_locks = 1
[   81.652698][ T1057] 3 locks held by kworker/u8:7/1057:
[   81.658019][ T1057]  #0: ffff8880162d3148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12bf/0x1b60
[   81.668637][ T1057]  #1: ffffc90004287d80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x957/0x1b60
[   81.678844][ T1057]  #2: ffffffff8f7371d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xbf0
[   81.688389][ T1057] 
[   81.688389][ T1057] stack backtrace:
2024/06/18 13:24:12 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[   81.694609][ T1057] CPU: 1 PID: 1057 Comm: kworker/u8:7 Not tainted 6.10.0-rc4-syzkaller-00033-g14d7c92f8df9 #0
[   81.705043][ T1057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   81.715387][ T1057] Workqueue: netns cleanup_net
[   81.720291][ T1057] Call Trace:
[   81.723678][ T1057]  <TASK>
[   81.726667][ T1057]  dump_stack_lvl+0x16c/0x1f0
[   81.731417][ T1057]  lockdep_rcu_suspicious+0x20b/0x3b0
[   81.736829][ T1057]  _destroy_all_sets+0x261/0x6d0
[   81.741803][ T1057]  ? __pfx_ip_set_net_exit+0x10/0x10
[   81.747292][ T1057]  ip_set_net_exit+0x26/0x60
[   81.751929][ T1057]  ops_exit_list+0xb0/0x180
[   81.756556][ T1057]  cleanup_net+0x5b7/0xbf0
[   81.760996][ T1057]  ? __pfx_cleanup_net+0x10/0x10
[   81.765945][ T1057]  process_one_work+0x9fb/0x1b60
[   81.770887][ T1057]  ? __pfx_lock_acquire+0x10/0x10
[   81.775919][ T1057]  ? __pfx_process_one_work+0x10/0x10
[   81.781294][ T1057]  ? assign_work+0x1a0/0x250
[   81.786156][ T1057]  worker_thread+0x6c8/0xf70
[   81.790749][ T1057]  ? __pfx_worker_thread+0x10/0x10
[   81.795859][ T1057]  kthread+0x2c1/0x3a0
[   81.799931][ T1057]  ? _raw_spin_unlock_irq+0x23/0x50
[   81.805314][ T1057]  ? __pfx_kthread+0x10/0x10
[   81.809939][ T1057]  ret_from_fork+0x45/0x80
[   81.814368][ T1057]  ? __pfx_kthread+0x10/0x10
[   81.818983][ T1057]  ret_from_fork_asm+0x1a/0x30
[   81.823760][ T1057]  </TASK>
[   81.857535][ T1057] 
[   81.859951][ T1057] =============================
[   81.865248][ T1057] WARNING: suspicious RCU usage
[   81.870125][ T1057] 6.10.0-rc4-syzkaller-00033-g14d7c92f8df9 #0 Not tainted
[   81.877693][ T1057] -----------------------------
[   81.882770][ T1057] net/netfilter/ipset/ip_set_core.c:1211 suspicious rcu_dereference_protected() usage!
[   81.892493][ T1057] 
[   81.892493][ T1057] other info that might help us debug this:
[   81.892493][ T1057] 
[   81.902841][ T1057] 
[   81.902841][ T1057] rcu_scheduler_active = 2, debug_locks = 1
[   81.911068][ T1057] 3 locks held by kworker/u8:7/1057:
[   81.916629][ T1057]  #0: ffff8880162d3148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12bf/0x1b60
[   81.927341][ T1057]  #1: ffffc90004287d80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x957/0x1b60
[   81.937578][ T1057]  #2: ffffffff8f7371d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xbf0
[   81.947035][ T1057] 
[   81.947035][ T1057] stack backtrace:
[   81.953210][ T1057] CPU: 0 PID: 1057 Comm: kworker/u8:7 Not tainted 6.10.0-rc4-syzkaller-00033-g14d7c92f8df9 #0
[   81.963623][ T1057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   81.973739][ T1057] Workqueue: netns cleanup_net
[   81.978548][ T1057] Call Trace:
[   81.981846][ T1057]  <TASK>
[   81.984779][ T1057]  dump_stack_lvl+0x16c/0x1f0
[   81.989495][ T1057]  lockdep_rcu_suspicious+0x20b/0x3b0
[   81.994911][ T1057]  _destroy_all_sets+0x4e6/0x6d0
[   81.999982][ T1057]  ? __pfx_ip_set_net_exit+0x10/0x10
[   82.005388][ T1057]  ip_set_net_exit+0x26/0x60
[   82.009997][ T1057]  ops_exit_list+0xb0/0x180
[   82.014504][ T1057]  cleanup_net+0x5b7/0xbf0
[   82.018924][ T1057]  ? __pfx_cleanup_net+0x10/0x10
[   82.023869][ T1057]  process_one_work+0x9fb/0x1b60
[   82.028814][ T1057]  ? __pfx_lock_acquire+0x10/0x10
[   82.033847][ T1057]  ? __pfx_process_one_work+0x10/0x10
[   82.039220][ T1057]  ? assign_work+0x1a0/0x250
[   82.043817][ T1057]  worker_thread+0x6c8/0xf70
[   82.048410][ T1057]  ? __pfx_worker_thread+0x10/0x10
[   82.053530][ T1057]  kthread+0x2c1/0x3a0
[   82.057689][ T1057]  ? _raw_spin_unlock_irq+0x23/0x50
[   82.062983][ T1057]  ? __pfx_kthread+0x10/0x10
[   82.067662][ T1057]  ret_from_fork+0x45/0x80
[   82.072085][ T1057]  ? __pfx_kthread+0x10/0x10
[   82.076678][ T1057]  ret_from_fork_asm+0x1a/0x30
[   82.081459][ T1057]  </TASK>
[   82.084511][    C0] vkms_vblank_simulate: vblank timer overrun