last executing test programs: 1.8925707s ago: executing program 1 (id=273): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x108) mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file2\x00', 0x48) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) chdir(&(0x7f0000000080)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x800) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 1.821474977s ago: executing program 1 (id=274): openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x80000000000, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)=@abs, 0x6e, &(0x7f0000000140)=[{&(0x7f0000000100)=""/29, 0x1d}], 0x1}, 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x100, 0x5, 0x2, 0x4002, 0x5, 0x37, 0xefffffffffffffff, 0x0, 0x0, 0x2000001, 0xfffffffface6e3cd, 0x40000000001c, 0x1, 0xffffffffffffffff, 0xfd]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.778260908s ago: executing program 1 (id=276): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x110a, 0x2}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs/binder0\x00', 0x0, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x8b, 0xfffa}, 0x1d, [0x7ffe, 0xc95a, 0xfff7fff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4d, 0x39cc191a, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x5, 0x4, 0x3c5b, 0x1, 0x3, 0x9, 0x1, 0x1f461e2c, 0x57, 0xe660, 0x4, 0x7, 0x101, 0x7fff, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x71, 0xfffffffb, 0x7, 0x0, 0x0, 0xd, 0x3e, 0x8f, 0x6, 0x10000006, 0x0, 0x8, 0x6, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x134, 0x7ffe, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xfb, 0x4, 0x2bf, 0x6c9, 0x9, 0x6, 0x3, 0x0, 0x7, 0x5, 0x0, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x4, 0x8000, 0x809, 0x400, 0x5, 0x6, 0x7, 0xff, 0x400005, 0x5, 0x5f31, 0x4, 0x0, 0x2, 0x2, 0xa, 0x4, 0x9, 0x8, 0x801, 0x6, 0x0, 0x8000, 0x1, 0xfe000000, 0xff7f, 0x2, 0x7f, 0x9, 0x2, 0xffffffff, 0x1, 0x1, 0x7, 0x4, 0x9, 0x48c93690, 0x42, 0x2], [0x400, 0x4, 0x0, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x45, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x83, 0x80000003, 0x9, 0x3e7, 0x2009, 0x5, 0x2, 0x2, 0x0, 0x8, 0x4, 0x6d01, 0xe, 0x38, 0x800003, 0x200, 0x80, 0xf, 0xd, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0xac8, 0xbf, 0x1, 0x3, 0x7ff, 0xfffffff9, 0x1, 0x1, 0xffff, 0x0, 0x1a, 0x1c, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0x65], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x2, 0xf58, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7ffe, 0x80000000, 0x200a620, 0x2, 0x5, 0x1, 0x2, 0x14e, 0x60a7, 0xe, 0x6, 0xffffffff, 0x80000000, 0x10000005, 0x8, 0xc8, 0x2, 0xfffff000, 0xffff, 0x3, 0x7f, 0x100, 0xfffffffd, 0x7, 0x2, 0x4, 0x6, 0x1, 0x10080, 0x5, 0x8, 0x30b1d693, 0xa1f, 0x8, 0x5, 0x1, 0x6c1b, 0x0, 0x4, 0xb0b2748, 0xb1c, 0x0, 0x200, 0xffbf2441, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x42, 0x1000000, 0x0}) 1.744544782s ago: executing program 1 (id=277): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000040)={0x8, 0x3, 0xffffffff, 0x9, 0x19, "e88d78e35214c065134300"}) 1.663046747s ago: executing program 1 (id=278): socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x6) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e27}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) open$dir(0x0, 0x40201, 0x20) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002ac0)=@polexpire={0xd8, 0x1b, 0x1, 0x0, 0x0, {{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x73}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x300, 0x5}, {0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3}}, [@sec_ctx={0xc, 0x8, {0x8}}, @mark={0xc, 0x15, {0x0, 0xd}}]}, 0xd8}}, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000200), r3) r5 = openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x11) ioctl$UI_DEV_DESTROY(r5, 0x5502) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newsa={0x138, 0x10, 0x1, 0xbffffffe, 0x100, {{@in=@empty, @in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x1, 0x394, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@remote, {0x0, 0x9, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0x6, 0x0, 0x1f, 0x1ff}, {0x2, 0xfffffffc}, 0x70bd2e, 0x3504, 0xa, 0x1, 0xfd, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x10) 1.10449041s ago: executing program 2 (id=282): r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(r0, &(0x7f00000001c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000003c0)=0x6121, 0x4) sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000001640)=ANY=[@ANYBLOB="02011400012918000e1a80009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d206", @ANYBLOB="ebe42bde4340155d7bfbd1ea2ac08cfa60206e362a491781d46bdc6478d751637183a55add08bbf1b9fb42afd58f9dfa39"], 0xdd12}], 0x1, 0x0, 0x0, 0x4000007}, 0x4000) 1.055206221s ago: executing program 2 (id=283): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x108) mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file2\x00', 0x48) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) chdir(&(0x7f0000000080)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x800) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 989.586728ms ago: executing program 2 (id=284): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000002080), 0x80840, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, &(0x7f00000020c0)=""/178) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000640)="d8df0f23b3b9ce000000b807000000ba000000000f301b8154fea900c12106803200e28da4c182fd3f0000c8b950020000b801000400b9a608000001b800004fa5a5b87a000f00d8330fc630c6300fc79d53bf0000c4b9e16dc30101220f01c3d8", 0x61}], 0x1, 0x14, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 809.483594ms ago: executing program 1 (id=287): openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) socket$inet_tcp(0x2, 0x1, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x103081, 0x0) syz_usb_connect$uac1(0x3, 0xdc, &(0x7f00000017c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r2, @ANYBLOB='\a'], 0x0) 805.904764ms ago: executing program 0 (id=288): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x3, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0x7, @loopback, 0x6}, 0x1c) r1 = epoll_create(0x2) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x20000004}) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @empty, 0x23}, 0x1c) 649.518044ms ago: executing program 0 (id=290): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000c40)={0x8000203d}) 648.540124ms ago: executing program 0 (id=291): r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(r0, &(0x7f00000001c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000003c0)=0x6121, 0x4) sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000001640)=ANY=[@ANYBLOB="02011400012918000e1a80009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d206", @ANYBLOB="ebe42bde4340155d7bfbd1ea2ac08cfa60206e362a491781d46bdc6478d751637183a55add08bbf1b9fb42afd58f9dfa39eda225"], 0xdd12}], 0x1, 0x0, 0x0, 0x4000007}, 0x4000) 602.506885ms ago: executing program 0 (id=292): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x108) mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file2\x00', 0x48) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) chdir(&(0x7f0000000080)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x800) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 548.518065ms ago: executing program 0 (id=293): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000000)={'filter\x00', 0x4, "e3c00fb6"}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 333.492574ms ago: executing program 0 (id=294): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cgroup.controllers\x00', 0x300, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f00000000c0)=ANY=[@ANYBLOB="18448d7900000000b607b8a59d5563e0d8b49adab5c704931352b3c72ac9810493957f137c0a61f4aeec6408f6f6a67848953ca357311558"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$bt_BT_POWER(0xffffffffffffffff, 0x112, 0x9, &(0x7f0000000080)=0x4, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000007c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 333.372014ms ago: executing program 3 (id=295): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00') preadv(r0, &(0x7f0000000200)=[{&(0x7f0000000340)=""/127, 0x7f}], 0x1, 0x6, 0x0) 330.570393ms ago: executing program 3 (id=296): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x110a, 0x2}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs/binder0\x00', 0x0, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x8b, 0xfffa}, 0x1d, [0x7ffe, 0xc95a, 0xfff7fff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4d, 0x39cc191a, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x5, 0x4, 0x3c5b, 0x1, 0x3, 0x9, 0x1, 0x1f461e2c, 0x57, 0xe660, 0x4, 0x7, 0x101, 0x7fff, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x71, 0xfffffffb, 0x7, 0x0, 0x0, 0xd, 0x3e, 0x8f, 0x6, 0x10000006, 0x0, 0x8, 0x6, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x134, 0x7ffe, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xfb, 0x4, 0x2bf, 0x6c9, 0x9, 0x6, 0x3, 0x0, 0x7, 0x5, 0x0, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x4, 0x8000, 0x809, 0x400, 0x5, 0x6, 0x7, 0xff, 0x400005, 0x5, 0x5f31, 0x4, 0x0, 0x2, 0x2, 0xa, 0x4, 0x9, 0x8, 0x801, 0x6, 0x0, 0x8000, 0x1, 0xfe000000, 0xff7f, 0x2, 0x7f, 0x9, 0x2, 0xffffffff, 0x1, 0x1, 0x7, 0x4, 0x9, 0x48c93690, 0x42, 0x2], [0x400, 0x4, 0x0, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x45, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x83, 0x80000003, 0x9, 0x3e7, 0x2009, 0x5, 0x2, 0x2, 0x0, 0x8, 0x4, 0x6d01, 0xe, 0x38, 0x800003, 0x200, 0x80, 0xf, 0xd, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0xac8, 0xbf, 0x1, 0x3, 0x7ff, 0xfffffff9, 0x1, 0x1, 0xffff, 0x0, 0x1a, 0x1c, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0x65], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x2, 0xf58, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7ffe, 0x80000000, 0x200a620, 0x2, 0x5, 0x1, 0x2, 0x14e, 0x60a7, 0xe, 0x6, 0xffffffff, 0x80000000, 0x10000005, 0x8, 0xc8, 0x2, 0xfffff000, 0xffff, 0x3, 0x7f, 0x100, 0xfffffffd, 0x7, 0x2, 0x4, 0x6, 0x1, 0x10080, 0x5, 0x8, 0x30b1d693, 0xa1f, 0x8, 0x5, 0x1, 0x6c1b, 0x0, 0x4, 0xb0b2748, 0xb1c, 0x0, 0x200, 0xffbf2441, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x42, 0x1000000, 0x0}) 224.765383ms ago: executing program 3 (id=297): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)) 81.836085ms ago: executing program 3 (id=298): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x5, 0x7fff7ffc}]}) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1cb0c2, 0x90) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2401, 0x0) syz_open_procfs$namespace(0x0, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) clock_adjtime(0xffffffd3, &(0x7f0000000000)={0x10000, 0x6, 0x2, 0x0, 0x7, 0xb, 0x20000000000005, 0xfffffffffffffff9, 0x8000009657, 0x1, 0x7fffffff, 0x0, 0x10, 0xb, 0x80000000000000, 0xcc0, 0x1, 0x5, 0x94d6, 0x4, 0x0, 0x809, 0x0, 0xfffffffffffffffa, 0x3, 0x2000000000004}) 33.570207ms ago: executing program 2 (id=299): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wake_lock', 0x101001, 0x391) pwritev(r0, &(0x7f0000000440)=[{&(0x7f0000000200)="e4", 0x1}, {0x0}], 0x2, 0x3, 0x8) 33.453336ms ago: executing program 3 (id=300): r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(r0, &(0x7f00000001c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000003c0)=0x6121, 0x4) sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000001640)=ANY=[@ANYBLOB="02011400012918000e1a80009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d206", @ANYBLOB="ebe42bde4340155d7bfbd1ea2ac08cfa60206e362a491781d46bdc6478d751637183a55add08bbf1b9fb42afd58f9dfa39eda225"], 0xdd12}], 0x1, 0x0, 0x0, 0x4000007}, 0x4000) 33.404207ms ago: executing program 2 (id=301): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x108) mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file2\x00', 0x48) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) chdir(0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x800) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 7.382751ms ago: executing program 3 (id=302): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x1100, 0x1}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000380)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @ptr={0x70742a85, 0x0, &(0x7f0000000280)=""/105, 0x69, 0x0, 0x11}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000200)={0x0, 0x18, 0x40}}}], 0x0, 0x0, 0x0}) 0s ago: executing program 2 (id=303): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000004c0)) kernel console output (not intermixed with test programs): syzkaller syzkaller login: [ 19.124548][ T36] kauditd_printk_skb: 31 callbacks suppressed [ 19.124566][ T36] audit: type=1400 audit(1771979013.140:59): avc: denied { transition } for pid=261 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 19.129813][ T36] audit: type=1400 audit(1771979013.140:60): avc: denied { noatsecure } for pid=261 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 19.133873][ T36] audit: type=1400 audit(1771979013.150:61): avc: denied { write } for pid=261 comm="sh" path="pipe:[2274]" dev="pipefs" ino=2274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 19.137477][ T36] audit: type=1400 audit(1771979013.150:62): avc: denied { rlimitinh } for pid=261 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 19.140322][ T36] audit: type=1400 audit(1771979013.150:63): avc: denied { siginh } for pid=261 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.0.146' (ED25519) to the list of known hosts. [ 27.389526][ T36] audit: type=1400 audit(1771979021.410:64): avc: denied { mounton } for pid=283 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 27.393336][ T283] cgroup: Unknown subsys name 'net' [ 27.412485][ T36] audit: type=1400 audit(1771979021.410:65): avc: denied { mount } for pid=283 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 27.439838][ T36] audit: type=1400 audit(1771979021.440:66): avc: denied { unmount } for pid=283 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 27.440344][ T283] cgroup: Unknown subsys name 'devices' [ 27.548612][ T283] cgroup: Unknown subsys name 'hugetlb' [ 27.554620][ T283] cgroup: Unknown subsys name 'rlimit' [ 27.650686][ T36] audit: type=1400 audit(1771979021.670:67): avc: denied { setattr } for pid=283 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 27.673911][ T36] audit: type=1400 audit(1771979021.670:68): avc: denied { mounton } for pid=283 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 27.698832][ T36] audit: type=1400 audit(1771979021.670:69): avc: denied { mount } for pid=283 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 27.722369][ T285] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 27.731225][ T36] audit: type=1400 audit(1771979021.750:70): avc: denied { relabelto } for pid=285 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 27.756687][ T36] audit: type=1400 audit(1771979021.750:71): avc: denied { write } for pid=285 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 27.772338][ T283] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 27.782963][ T36] audit: type=1400 audit(1771979021.780:72): avc: denied { read } for pid=283 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 27.816824][ T36] audit: type=1400 audit(1771979021.780:73): avc: denied { open } for pid=283 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 28.557572][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.564697][ T290] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.586236][ T290] bridge_slave_0: entered allmulticast mode [ 28.592760][ T290] bridge_slave_0: entered promiscuous mode [ 28.608943][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.617843][ T290] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.625399][ T290] bridge_slave_1: entered allmulticast mode [ 28.632639][ T290] bridge_slave_1: entered promiscuous mode [ 28.752406][ T294] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.759524][ T294] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.766849][ T294] bridge_slave_0: entered allmulticast mode [ 28.773126][ T294] bridge_slave_0: entered promiscuous mode [ 28.781199][ T294] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.788298][ T294] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.795463][ T294] bridge_slave_1: entered allmulticast mode [ 28.801916][ T294] bridge_slave_1: entered promiscuous mode [ 28.825612][ T295] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.832731][ T295] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.839880][ T295] bridge_slave_0: entered allmulticast mode [ 28.846256][ T295] bridge_slave_0: entered promiscuous mode [ 28.853931][ T295] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.861093][ T295] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.868355][ T295] bridge_slave_1: entered allmulticast mode [ 28.874612][ T295] bridge_slave_1: entered promiscuous mode [ 28.944223][ T296] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.951411][ T296] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.958682][ T296] bridge_slave_0: entered allmulticast mode [ 28.964989][ T296] bridge_slave_0: entered promiscuous mode [ 28.986973][ T296] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.994063][ T296] bridge0: port 2(bridge_slave_1) entered disabled state [ 29.001417][ T296] bridge_slave_1: entered allmulticast mode [ 29.007849][ T296] bridge_slave_1: entered promiscuous mode [ 29.055866][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.062962][ T290] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.070334][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.077576][ T290] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.132520][ T295] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.139710][ T295] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.147077][ T295] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.154178][ T295] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.174505][ T294] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.181609][ T294] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.188965][ T294] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.196077][ T294] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.226657][ T296] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.233742][ T296] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.241122][ T296] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.248229][ T296] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.269685][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 29.277067][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 29.284339][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 29.291902][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 29.299727][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 29.307197][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 29.332728][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.339836][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.361265][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.368374][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.383525][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.390686][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.405163][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.412341][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.425981][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.433106][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.454138][ T290] veth0_vlan: entered promiscuous mode [ 29.461943][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.469054][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.492227][ T290] veth1_macvtap: entered promiscuous mode [ 29.520892][ T295] veth0_vlan: entered promiscuous mode [ 29.532239][ T294] veth0_vlan: entered promiscuous mode [ 29.548600][ T295] veth1_macvtap: entered promiscuous mode [ 29.578796][ T294] veth1_macvtap: entered promiscuous mode [ 29.596498][ T290] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 29.649427][ T296] veth0_vlan: entered promiscuous mode [ 29.687849][ T339] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 29.701451][ T296] veth1_macvtap: entered promiscuous mode [ 29.860708][ T345] kvm: kvm [344]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00 [ 29.870337][ T345] kvm: kvm [344]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00 [ 29.987714][ T359] rust_binder: 5: no such ref 0 [ 29.992983][ T359] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0 [ 30.000817][ T359] rust_binder: Write failure EINVAL in pid:5 [ 30.315873][ T31] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 30.495832][ T31] usb 4-1: Using ep0 maxpacket: 32 [ 30.502505][ T31] usb 4-1: config 0 has an invalid interface number: 196 but max is 0 [ 30.516300][ T31] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 30.528774][ T31] usb 4-1: config 0 has no interface number 0 [ 30.539493][ T31] usb 4-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 16 [ 30.549824][ T31] usb 4-1: config 0 interface 196 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 30.563277][ T31] usb 4-1: config 0 interface 196 has no altsetting 0 [ 30.571761][ T31] usb 4-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 30.581017][ T31] usb 4-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 30.589138][ T31] usb 4-1: Product: syz [ 30.593448][ T31] usb 4-1: Manufacturer: syz [ 30.598543][ T31] usb 4-1: SerialNumber: syz [ 30.606473][ T31] usb 4-1: config 0 descriptor?? [ 30.612156][ T367] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 30.670091][ T381] rust_binder: 10: no such ref 0 [ 30.675350][ T381] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0 [ 30.683163][ T381] rust_binder: Write failure EINVAL in pid:10 [ 30.752899][ T387] kvm: MWAIT instruction emulated as NOP! [ 30.822948][ T31] ipheth 4-1:0.196: Unable to find endpoints [ 30.842138][ T31] usb 4-1: USB disconnect, device number 2 [ 31.182894][ T411] rust_binder: 25: no such ref 0 [ 31.188307][ T411] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0 [ 31.195710][ T411] rust_binder: Write failure EINVAL in pid:25 [ 31.431521][ T419] SELinux: failed to load policy [ 31.947795][ T453] overlayfs: failed to resolve './file2': -2 [ 32.035799][ T31] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 32.108227][ T461] kvm: kvm [460]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 32.177921][ T461] kvm: kvm [460]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 32.196668][ T31] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 32.207836][ T31] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 32.217935][ T31] usb 4-1: New USB device found, idVendor=0757, idProduct=0a00, bcdDevice= 0.00 [ 32.227173][ T31] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 32.236471][ T31] usb 4-1: config 0 descriptor?? [ 32.278002][ T461] kvm: kvm [460]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 32.346613][ T461] kvm: kvm [460]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 32.414279][ T461] kvm: kvm [460]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 32.422736][ T331] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 32.488271][ T461] kvm: kvm [460]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 32.558321][ T461] kvm: kvm [460]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 32.594564][ T331] usb 3-1: config 1 has an invalid interface number: 188 but max is 0 [ 32.603145][ T331] usb 3-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config [ 32.614021][ T331] usb 3-1: config 1 has no interface number 0 [ 32.620218][ T331] usb 3-1: config 1 interface 188 altsetting 209 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 32.633568][ T331] usb 3-1: config 1 interface 188 has no altsetting 0 [ 32.646270][ T331] usb 3-1: New USB device found, idVendor=2040, idProduct=7200, bcdDevice=5b.6b [ 32.657189][ T31] nti 0003:0757:0A00.0001: invalid report_size -1552376498 [ 32.664466][ T31] nti 0003:0757:0A00.0001: item 0 4 1 7 parsing failed [ 32.671435][ T331] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 32.679421][ T461] kvm: kvm [460]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 32.696036][ T31] nti 0003:0757:0A00.0001: probe with driver nti failed with error -22 [ 32.713498][ T331] usb 3-1: Product: syz [ 32.718148][ T331] usb 3-1: Manufacturer: syz [ 32.722800][ T331] usb 3-1: SerialNumber: syz [ 32.736829][ T331] usb 3-1: Audio class v2/v3 interfaces need an interface association [ 32.747301][ T331] snd-usb-audio 3-1:1.188: probe with driver snd-usb-audio failed with error -22 [ 32.769442][ T335] udevd[335]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.188/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 32.845828][ T56] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 32.857439][ T65] usb 4-1: USB disconnect, device number 3 [ 32.931509][ T331] usb 3-1: USB disconnect, device number 2 [ 32.947783][ T36] kauditd_printk_skb: 89 callbacks suppressed [ 32.947802][ T36] audit: type=1400 audit(1771979026.970:163): avc: denied { execute } for pid=477 comm="syz.1.64" name="file0" dev="tmpfs" ino=152 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 32.947847][ T478] process 'syz.1.64' launched './file0' with NULL argv: empty string added [ 32.984811][ T36] audit: type=1400 audit(1771979027.000:164): avc: denied { execute_no_trans } for pid=477 comm="syz.1.64" path="/25/file0" dev="tmpfs" ino=152 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 33.016251][ T480] overlayfs: failed to resolve './file2': -2 [ 33.032524][ T56] usb 1-1: Using ep0 maxpacket: 16 [ 33.043237][ T56] usb 1-1: config 0 has an invalid interface number: 251 but max is 0 [ 33.051639][ T56] usb 1-1: config 0 has no interface number 0 [ 33.058065][ T56] usb 1-1: config 0 interface 251 altsetting 0 endpoint 0x4 has invalid maxpacket 16400, setting to 1024 [ 33.075782][ T56] usb 1-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024 [ 33.086703][ T56] usb 1-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 33.102934][ T56] usb 1-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 33.112304][ T56] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 33.120411][ T56] usb 1-1: Product: syz [ 33.124811][ T56] usb 1-1: Manufacturer: syz [ 33.129754][ T56] usb 1-1: SerialNumber: syz [ 33.136208][ T56] usb 1-1: config 0 descriptor?? [ 33.141821][ T475] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 33.149140][ T475] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 33.359891][ T475] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 33.367475][ T475] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 33.423423][ T505] overlayfs: failed to resolve './file2': -2 [ 33.471559][ T36] audit: type=1400 audit(1771979027.490:165): avc: denied { read } for pid=510 comm="syz.3.78" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 33.545925][ T36] audit: type=1400 audit(1771979027.560:166): avc: denied { ioctl } for pid=516 comm="syz.3.81" path="socket:[5313]" dev="sockfs" ino=5313 ioctlcmd=0x48dc scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 33.631002][ T526] syz.3.85 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 33.643462][ T36] audit: type=1400 audit(1771979027.670:167): avc: denied { read write } for pid=525 comm="syz.3.85" name="fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 33.669535][ T36] audit: type=1400 audit(1771979027.670:168): avc: denied { open } for pid=525 comm="syz.3.85" path="/dev/fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 33.693207][ T36] audit: type=1400 audit(1771979027.690:169): avc: denied { mounton } for pid=525 comm="syz.3.85" path="/20/file0" dev="tmpfs" ino=130 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 33.716694][ T36] audit: type=1400 audit(1771979027.690:170): avc: denied { mount } for pid=525 comm="syz.3.85" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 33.738583][ T36] audit: type=1400 audit(1771979027.740:171): avc: denied { unmount } for pid=296 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 33.765806][ T65] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 33.775648][ T56] asix 1-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 33.796102][ T56] asix 1-1:0.251 (unnamed net_device) (uninitialized): Failed to read software interface selection register: -71 [ 33.824034][ T56] asix 1-1:0.251: probe with driver asix failed with error -71 [ 33.834890][ T56] usb 1-1: USB disconnect, device number 2 [ 33.862824][ T36] audit: type=1400 audit(1771979027.880:172): avc: denied { mounton } for pid=535 comm="syz.1.89" path="/38/file0" dev="tmpfs" ino=220 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 33.925858][ T65] usb 3-1: Using ep0 maxpacket: 16 [ 33.940438][ T65] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 33.960725][ T65] usb 3-1: config 0 interface 0 has no altsetting 0 [ 33.967740][ T65] usb 3-1: New USB device found, idVendor=056a, idProduct=00d7, bcdDevice= 0.00 [ 33.977236][ T65] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 33.988873][ T65] usb 3-1: config 0 descriptor?? [ 34.216576][ T558] kvm: pic: single mode not supported [ 34.216657][ T558] kvm: pic: single mode not supported [ 34.222543][ T558] kvm: pic: non byte read [ 34.232814][ T558] kvm: pic: level sensitive irq not supported [ 34.234891][ T558] kvm: pic: non byte read [ 34.245877][ T558] kvm: pic: non byte read [ 34.250500][ T558] kvm: pic: non byte read [ 34.255132][ T558] kvm: pic: single mode not supported [ 34.255149][ T558] kvm: pic: level sensitive irq not supported [ 34.260795][ T558] kvm: pic: non byte read [ 34.271688][ T558] kvm: pic: non byte read [ 34.276486][ T558] kvm: pic: level sensitive irq not supported [ 34.277519][ T558] kvm: pic: non byte read [ 34.288531][ T558] kvm: pic: non byte read [ 34.293188][ T558] kvm: pic: non byte read [ 34.298328][ T558] kvm: pic: non byte read [ 34.399725][ T65] wacom 0003:056A:00D7.0002: Unknown device_type for 'HID 056a:00d7'. Assuming pen. [ 34.420321][ T65] wacom 0003:056A:00D7.0002: hidraw0: USB HID v0.05 Device [HID 056a:00d7] on usb-dummy_hcd.2-1/input0 [ 34.453938][ T65] input: Wacom BambooPT 2FG Small Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:00D7.0002/input/input4 [ 34.600683][ T65] usb 3-1: USB disconnect, device number 3 [ 35.105948][ T10] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 35.264500][ T10] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 35.291553][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 35.312859][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 35.329740][ T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 35.365523][ T10] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 35.380494][ T10] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 35.395776][ T10] usb 1-1: Manufacturer: syz [ 35.404627][ T10] usb 1-1: config 0 descriptor?? [ 35.805821][ T31] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 35.818632][ T10] appleir 0003:05AC:8243.0003: item fetching failed at offset 0/1 [ 35.827467][ T10] appleir 0003:05AC:8243.0003: parse failed [ 35.833566][ T10] appleir 0003:05AC:8243.0003: probe with driver appleir failed with error -22 [ 35.966942][ T31] usb 3-1: config 1 has an invalid interface number: 108 but max is 0 [ 35.975271][ T31] usb 3-1: config 1 has no interface number 0 [ 35.981536][ T31] usb 3-1: config 1 interface 108 has no altsetting 0 [ 35.990073][ T31] usb 3-1: New USB device found, idVendor=0403, idProduct=c1e0, bcdDevice=1e.77 [ 35.999374][ T31] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 36.007481][ T31] usb 3-1: Product: syz [ 36.014542][ T31] usb 3-1: Manufacturer: syz [ 36.021656][ T31] usb 3-1: SerialNumber: syz [ 36.030366][ T31] ftdi_sio 3-1:1.108: FTDI USB Serial Device converter detected [ 36.038750][ T31] ftdi_sio ttyUSB0: unknown device type: 0x1e77 [ 36.215330][ T666] overlayfs: missing 'lowerdir' [ 36.233038][ T10] usb 3-1: USB disconnect, device number 4 [ 36.244163][ T10] ftdi_sio 3-1:1.108: device disconnected [ 36.323268][ T678] netlink: 'syz.1.151': attribute type 1 has an invalid length. [ 36.403995][ T688] overlayfs: missing 'lowerdir' [ 36.721238][ T10] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 37.715593][ T713] overlayfs: missing 'lowerdir' [ 37.746903][ T10] usb 2-1: config index 0 descriptor too short (expected 39, got 27) [ 37.758190][ T10] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 37.768187][ T10] usb 2-1: config 0 interface 0 has no altsetting 0 [ 37.776788][ T10] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 37.786227][ T10] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 37.794433][ T10] usb 2-1: Product: syz [ 37.798696][ T10] usb 2-1: Manufacturer: syz [ 37.803332][ T10] usb 2-1: SerialNumber: syz [ 37.811087][ T10] usb 2-1: config 0 descriptor?? [ 37.816970][ T10] hub 2-1:0.0: bad descriptor, ignoring hub [ 37.822953][ T10] hub 2-1:0.0: probe with driver hub failed with error -5 [ 37.830803][ T10] usb 2-1: selecting invalid altsetting 0 [ 37.883594][ T31] usb 1-1: USB disconnect, device number 3 [ 38.125920][ T331] usb 2-1: USB disconnect, device number 2 [ 38.305870][ T31] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 38.457185][ T31] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 38.467024][ T31] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 38.479870][ T31] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 38.488963][ T31] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 38.497957][ T31] usb 1-1: config 0 descriptor?? [ 38.546475][ T726] kvm: emulating exchange as write [ 38.855872][ T10] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 38.909599][ T31] kovaplus 0003:1E7D:2D50.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.0-1/input0 [ 39.007150][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 39.018232][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 39.028079][ T10] usb 3-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.01 [ 39.037273][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.046271][ T10] usb 3-1: config 0 descriptor?? [ 39.307306][ T31] kovaplus 0003:1E7D:2D50.0004: couldn't init struct kovaplus_device [ 39.315664][ T31] kovaplus 0003:1E7D:2D50.0004: couldn't install mouse [ 39.323343][ T31] kovaplus 0003:1E7D:2D50.0004: probe with driver kovaplus failed with error -71 [ 39.334021][ T31] usb 1-1: USB disconnect, device number 4 [ 39.458217][ T10] arvo 0003:1E7D:30D4.0005: item fetching failed at offset 4/7 [ 39.466152][ T10] arvo 0003:1E7D:30D4.0005: parse failed [ 39.471851][ T10] arvo 0003:1E7D:30D4.0005: probe with driver arvo failed with error -22 [ 39.849450][ T739] overlayfs: missing 'lowerdir' [ 39.869446][ T36] kauditd_printk_skb: 32 callbacks suppressed [ 39.869467][ T36] audit: type=1400 audit(1771979033.890:205): avc: denied { create } for pid=740 comm="syz.0.177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 40.205871][ T56] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 40.355803][ T56] usb 1-1: Using ep0 maxpacket: 16 [ 40.362278][ T56] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 40.373104][ T56] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 40.382339][ T56] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 40.390581][ T56] usb 1-1: Product: syz [ 40.394830][ T56] usb 1-1: Manufacturer: syz [ 40.399514][ T56] usb 1-1: SerialNumber: syz [ 40.404934][ T56] usb 1-1: config 0 descriptor?? [ 40.411262][ T56] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 40.419226][ T56] usb 1-1: Detected FT232R [ 40.612249][ T56] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 40.818978][ T756] capability: warning: `syz.3.183' uses 32-bit capabilities (legacy support in use) [ 40.831505][ T56] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 40.883105][ T761] overlayfs: missing 'lowerdir' [ 40.910830][ T765] tipc: Started in network mode [ 40.915822][ T765] tipc: Node identity , cluster identity 4711 [ 40.922056][ T765] tipc: Failed to obtain node identity [ 40.928066][ T765] tipc: Enabling of bearer rejected, failed to enable media [ 41.030157][ T10] usb 1-1: USB disconnect, device number 5 [ 41.037857][ T10] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 41.047600][ T10] ftdi_sio 1-1:0.0: device disconnected [ 41.054899][ T36] audit: type=1400 audit(1771979035.070:206): avc: denied { create } for pid=773 comm="syz.1.191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 41.077962][ T36] audit: type=1400 audit(1771979035.070:207): avc: denied { setopt } for pid=773 comm="syz.1.191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 41.205801][ T56] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 41.355812][ T56] usb 4-1: Using ep0 maxpacket: 16 [ 41.362435][ T56] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 41.372654][ T56] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 41.383527][ T56] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 41.396356][ T56] usb 4-1: New USB device found, idVendor=1d6b, idProduct=1101, bcdDevice= 0.40 [ 41.405471][ T56] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 41.413555][ T56] usb 4-1: Product: syz [ 41.417798][ T56] usb 4-1: Manufacturer: syz [ 41.422413][ T56] usb 4-1: SerialNumber: syz [ 41.582226][ T36] audit: type=1400 audit(1771979035.600:208): avc: denied { create } for pid=781 comm="syz.0.194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 41.589498][ T782] netlink: 168 bytes leftover after parsing attributes in process `syz.0.194'. [ 41.602614][ T36] audit: type=1400 audit(1771979035.610:209): avc: denied { write } for pid=781 comm="syz.0.194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 41.638084][ T36] audit: type=1400 audit(1771979035.610:210): avc: denied { nlmsg_write } for pid=781 comm="syz.0.194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 41.661495][ T56] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 41.671078][ T331] usb 3-1: USB disconnect, device number 5 [ 41.695706][ T56] usb 4-1: USB disconnect, device number 4 [ 41.713111][ T335] udevd[335]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 41.760641][ T788] overlayfs: missing 'lowerdir' [ 41.768399][ T36] audit: type=1400 audit(1771979035.790:211): avc: denied { bind } for pid=789 comm="syz.0.198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 41.830628][ T36] audit: type=1400 audit(1771979035.850:212): avc: denied { create } for pid=795 comm="syz.2.201" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 41.855055][ T36] audit: type=1400 audit(1771979035.850:213): avc: denied { read } for pid=795 comm="syz.2.201" name="file0" dev="tmpfs" ino=225 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 41.893345][ T36] audit: type=1400 audit(1771979035.850:214): avc: denied { open } for pid=795 comm="syz.2.201" path="/38/file0" dev="tmpfs" ino=225 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 42.016591][ T815] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 42.025614][ T815] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 42.163830][ T837] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 42.177765][ T837] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 42.349018][ T856] capability: warning: `syz.1.229' uses deprecated v2 capabilities in a way that may be insecure [ 42.444425][ T867] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 42.468000][ T867] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 42.682012][ T890] overlayfs: missing 'lowerdir' [ 42.707557][ T892] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 42.768176][ T896] sock: sock_set_timeout: `syz.1.248' (pid 896) tries to set negative timeout [ 43.055830][ T56] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 43.207071][ T56] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 43.216907][ T56] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 43.226890][ T56] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 43.241654][ T56] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 43.250971][ T56] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 43.259165][ T476] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 43.267031][ T56] usb 2-1: Product: syz [ 43.271316][ T56] usb 2-1: Manufacturer: syz [ 43.276414][ T56] usb 2-1: SerialNumber: syz [ 43.388456][ T909] overlayfs: missing 'lowerdir' [ 43.433185][ T476] usb 3-1: config 0 interface 0 altsetting 11 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 43.449316][ T476] usb 3-1: config 0 interface 0 altsetting 11 endpoint 0x81 has invalid wMaxPacketSize 0 [ 43.461742][ T476] usb 3-1: config 0 interface 0 has no altsetting 0 [ 43.468609][ T476] usb 3-1: New USB device found, idVendor=056a, idProduct=0144, bcdDevice= 0.00 [ 43.487441][ T56] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 43.490450][ T918] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0 [ 43.498362][ T476] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 43.515052][ T918] rust_binder: Write failure EINVAL in pid:108 [ 43.524042][ T476] usb 3-1: config 0 descriptor?? [ 43.602803][ T928] overlayfs: missing 'lowerdir' [ 43.625426][ T930] input: syz0 as /devices/virtual/input/input9 [ 43.685983][ T56] usb 2-1: USB disconnect, device number 3 [ 43.693675][ T56] usblp0: removed [ 43.905804][ T65] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 43.947288][ T476] wacom 0003:056A:0144.0006: Unknown device_type for 'HID 056a:0144'. Ignoring. [ 44.057091][ T65] usb 1-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 44.070489][ T65] usb 1-1: config 0 interface 0 has no altsetting 0 [ 44.077228][ T65] usb 1-1: New USB device found, idVendor=17ef, idProduct=60a3, bcdDevice= 0.00 [ 44.086346][ T65] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 44.095209][ T65] usb 1-1: config 0 descriptor?? [ 44.147152][ T476] usb 3-1: USB disconnect, device number 6 [ 44.210992][ T936] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0 [ 44.218386][ T936] rust_binder: Write failure EINVAL in pid:230 [ 44.320799][ T948] overlayfs: missing 'workdir' [ 44.440720][ T955] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0 [ 44.449051][ T955] rust_binder: Write failure EINVAL in pid:247 [ 44.504077][ T65] lenovo 0003:17EF:60A3.0007: unknown main item tag 0x2 [ 44.517599][ T65] lenovo 0003:17EF:60A3.0007: item fetching failed at offset 3/5 [ 44.525522][ T65] lenovo 0003:17EF:60A3.0007: hid_parse failed [ 44.531888][ T65] lenovo 0003:17EF:60A3.0007: probe with driver lenovo failed with error -22 [ 44.769151][ T476] usb 1-1: USB disconnect, device number 6 [ 44.885117][ T36] kauditd_printk_skb: 34 callbacks suppressed [ 44.885136][ T36] audit: type=1400 audit(1771979038.900:249): avc: denied { read write } for pid=295 comm="syz-executor" name="loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 44.916376][ T36] audit: type=1400 audit(1771979038.900:250): avc: denied { open } for pid=295 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 44.940592][ T36] audit: type=1400 audit(1771979038.900:251): avc: denied { ioctl } for pid=295 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 44.971658][ T36] audit: type=1400 audit(1771979038.990:252): avc: denied { read write } for pid=966 comm="syz.2.280" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 44.996428][ T36] audit: type=1400 audit(1771979038.990:253): avc: denied { open } for pid=966 comm="syz.2.280" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 45.029158][ T36] audit: type=1400 audit(1771979039.040:254): avc: denied { read write } for pid=968 comm="syz.2.281" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 45.052651][ T36] audit: type=1400 audit(1771979039.040:255): avc: denied { open } for pid=968 comm="syz.2.281" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 45.076494][ T36] audit: type=1400 audit(1771979039.040:256): avc: denied { ioctl } for pid=968 comm="syz.2.281" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 45.108100][ T36] audit: type=1400 audit(1771979039.130:257): avc: denied { create } for pid=970 comm="syz.2.282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 45.127928][ T36] audit: type=1400 audit(1771979039.130:258): avc: denied { ioctl } for pid=970 comm="syz.2.282" path="socket:[7930]" dev="sockfs" ino=7930 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 45.159987][ T973] overlayfs: missing 'workdir' [ 45.291693][ T975] kvm_pr_unimpl_wrmsr: 2 callbacks suppressed [ 45.291713][ T975] kvm: kvm [974]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 45.372779][ T983] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0 [ 45.385828][ T983] rust_binder: Write failure EINVAL in pid:124 [ 45.403149][ T975] kvm: kvm [974]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 45.497508][ T975] kvm: kvm [974]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 45.620904][ T994] overlayfs: missing 'workdir' [ 45.625789][ T476] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 45.646507][ T975] kvm: kvm [974]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 45.733374][ T975] kvm: kvm [974]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 45.775808][ T476] usb 2-1: Using ep0 maxpacket: 16 [ 45.782226][ T476] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 45.792776][ T476] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 45.803504][ T476] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 45.813214][ T476] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 45.823762][ T476] usb 2-1: Product: syz [ 45.828192][ T476] usb 2-1: Manufacturer: syz [ 45.832880][ T476] usb 2-1: SerialNumber: syz [ 45.886930][ T975] kvm: kvm [974]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 45.920374][ T1004] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0 [ 45.937646][ T1004] rust_binder: Write failure EINVAL in pid:140 [ 46.004998][ T975] kvm: kvm [974]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x0 [ 46.054733][ T476] usb 2-1: 0:2 : does not exist [ 46.062223][ T476] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 46.083968][ T476] usb 2-1: USB disconnect, device number 4 [ 46.106303][ T335] udevd[335]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 46.208938][ T1017] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 112, size: 105) [ 46.209034][ T1017] rust_binder: Error while translating object. [ 46.220060][ C1] BUG: TASK stack guard page was hit at ffffc9000f467f98 (stack is ffffc9000f468000..ffffc9000f470000) [ 46.220112][ C1] Oops: stack guard page: 0000 [#1] PREEMPT SMP KASAN PTI [ 46.220149][ C1] CPU: 1 UID: 0 PID: 1017 Comm: syz.3.302 Not tainted syzkaller #0 2d062ab55dbbb5fe01543989d0c3f882a8d2e457 [ 46.220184][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 46.220198][ C1] RIP: 0010:_RNvMNtNtCs1ewLyjEZ7Le_6kernel4sync3arcINtB2_8ArcInnerNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoE12container_ofBT_+0x27/0x380 [ 46.220257][ C1] Code: 90 90 90 f3 0f 1e fa 55 48 89 e5 41 57 41 56 41 54 53 48 83 e4 e0 48 81 ec a0 01 00 00 48 89 fb 49 be 00 00 00 00 00 fc ff df c4 df 41 fd 48 c7 04 24 b3 8a b5 41 48 c7 44 24 08 56 09 1c 87 [ 46.220275][ C1] RSP: 0018:ffffc9000f467fa0 EFLAGS: 00010286 [ 46.220303][ C1] RAX: ffffffff8445ba6d RBX: ffff888116cbdf08 RCX: 0000000000080000 [ 46.220319][ C1] RDX: ffffc90002a06000 RSI: 00000000000026f6 RDI: ffff888116cbdf08 [ 46.220334][ C1] RBP: ffffc9000f468170 R08: ffff888116cbdf67 R09: 0000000000000000 [ 46.220349][ C1] R10: ffff888116cbdf58 R11: ffffed1022d97bed R12: 1ffff1102319726c [ 46.220363][ C1] R13: 1ffff11022d97beb R14: dffffc0000000000 R15: 0000000000000000 [ 46.220379][ C1] FS: 00007f64c67a36c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 46.220397][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 46.220412][ C1] CR2: ffffc9000f467f98 CR3: 0000000116ec4000 CR4: 00000000003526b0 [ 46.220431][ C1] Call Trace: [ 46.220440][ C1] [ 46.220455][ C1] ? _RNvMs6_NtCs1ewLyjEZ7Le_6kernel4listINtB5_4ListNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoKy2da16350fb724a10_E21remove_internal_innerBM_+0x279/0x420 [ 46.220503][ C1] ? __cfi__RNvMs6_NtCs1ewLyjEZ7Le_6kernel4listINtB5_4ListNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoKy2da16350fb724a10_E21remove_internal_innerBM_+0x10/0x10 [ 46.220549][ C1] ? __kasan_check_write+0x18/0x20 [ 46.220574][ C1] ? _raw_spin_lock+0x92/0x120 [ 46.220594][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 46.220616][ C1] ? _RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main4nodeNtB5_4Node16remove_node_info+0x312/0x440 [ 46.220656][ C1] ? __cfi__RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main4nodeNtB5_4Node16remove_node_info+0x10/0x10 [ 46.220696][ C1] ? _RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main4nodeNtB5_4Node22update_refcount_locked+0x41a/0x8a0 [ 46.220729][ C1] ? _RNvMNtNtCs1ewLyjEZ7Le_6kernel4sync3arcINtB2_8ArcInnerNtNtCskDQVOo9v79Q_16rust_binder_main7process7ProcessE12container_ofBT_+0x2b0/0x380 [ 46.220785][ C1] ? __cfi__RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreemINtNtNtB7_4list3arc7ListArcNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoKyd703a5263dcc8650_EE9raw_entryB1i_+0x10/0x10 [ 46.220841][ C1] ? __kasan_check_write+0x18/0x20 [ 46.220865][ C1] ? _raw_spin_lock+0x92/0x120 [ 46.220886][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x1229/0x22f0 [ 46.220927][ C1] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x10/0x10 [ 46.220981][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ea/0x3d0 [ 46.221017][ C1] ? __asan_memcpy+0x5a/0x80 [ 46.221042][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ea/0x3d0 [ 46.221079][ C1] ? __cfi__RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x10/0x10 [ 46.221115][ C1] ? __kasan_check_write+0x18/0x20 [ 46.221140][ C1] ? _raw_spin_lock+0x92/0x120 [ 46.221167][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 46.221187][ C1] ? _RINvMs4_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x6cd/0xc90 [ 46.221230][ C1] ? __asan_memcpy+0x5a/0x80 [ 46.221254][ C1] ? _RINvMs4_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x61e/0xc90 [ 46.221298][ C1] ? __cfi__RINvMs4_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x10/0x10 [ 46.221341][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ea/0x3d0 [ 46.221374][ C1] ? __asan_memcpy+0x5a/0x80 [ 46.221399][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ea/0x3d0 [ 46.221433][ C1] ? __cfi__RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x10/0x10 [ 46.221468][ C1] ? __kasan_check_write+0x18/0x20 [ 46.221493][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 46.221513][ C1] ? _RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x343/0x5680 [ 46.221551][ C1] ? __asan_memcpy+0x5a/0x80 [ 46.221576][ C1] ? _RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x1744/0x5680 [ 46.221618][ C1] ? kernel_text_address+0xa9/0xe0 [ 46.221648][ C1] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 46.221668][ C1] ? stack_depot_save_flags+0x399/0x800 [ 46.221693][ C1] ? __se_sys_ioctl+0x135/0x1b0 [ 46.221721][ C1] ? __cfi__RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x10/0x10 [ 46.221759][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 46.221792][ C1] ? kasan_save_track+0x4f/0x80 [ 46.221817][ C1] ? kasan_save_track+0x3e/0x80 [ 46.221844][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 46.221866][ C1] ? __kasan_kmalloc+0x96/0xb0 [ 46.221895][ C1] ? __kmalloc_node_track_caller_noprof+0x251/0x4f0 [ 46.221924][ C1] ? krealloc_noprof+0x8d/0x130 [ 46.221952][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCskDQVOo9v79Q_16rust_binder_main+0xb4/0x200 [ 46.221994][ C1] ? __asan_memset+0x39/0x50 [ 46.222019][ C1] ? __asan_set_shadow_00+0x12/0x20 [ 46.222039][ C1] ? _RINvMsj_NtNtCs1ewLyjEZ7Le_6kernel4sync3arcINtB6_9UniqueArcINtNtNtCsb7ts3l0a5c3_4core3mem12maybe_uninit11MaybeUninitNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoEE13pin_init_withNtNtB11_7convert10InfallibleINtNtNtBa_4init10___internal11InitClosureNCNvMs1_B1R_B1P_3news_0B1P_B31_EEB1T_+0x3bd/0x990 [ 46.222110][ C1] ? _RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x181/0x2d0 [ 46.222144][ C1] ? __asan_memcpy+0x5a/0x80 [ 46.222175][ C1] ? _RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x1c8/0x2d0 [ 46.222209][ C1] ? __cfi__RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x10/0x10 [ 46.222243][ C1] ? _RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x1c8/0x2d0 [ 46.222276][ C1] ? __cfi__RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x10/0x10 [ 46.222312][ C1] ? _RNvMs9_NtCsb7ts3l0a5c3_4core3fmtNtB5_9Formatter12pad_integral+0x342/0x760 [ 46.222337][ C1] ? put_dec_trunc8+0x229/0x380 [ 46.222355][ C1] ? put_dec+0xd7/0xf0 [ 46.222383][ C1] ? __asan_memset+0x39/0x50 [ 46.222406][ C1] ? move_right+0x8e/0xb0 [ 46.222425][ C1] ? format_decode+0x1bb/0x1610 [ 46.222454][ C1] ? vsnprintf+0x7b4/0x1ad0 [ 46.222483][ C1] ? __asan_memcpy+0x5a/0x80 [ 46.222506][ C1] ? vsnprintf+0x19ef/0x1ad0 [ 46.222536][ C1] ? desc_read+0x202/0x3e0 [ 46.222568][ C1] ? __kasan_check_write+0x18/0x20 [ 46.222590][ C1] ? desc_read+0x1ab/0x3e0 [ 46.222620][ C1] ? prb_first_seq+0x109/0x1d0 [ 46.222650][ C1] ? __cfi_prb_first_seq+0x10/0x10 [ 46.222679][ C1] ? __kasan_check_write+0x18/0x20 [ 46.222702][ C1] ? desc_read+0x1ab/0x3e0 [ 46.222730][ C1] ? __kasan_check_read+0x15/0x20 [ 46.222754][ C1] ? this_cpu_in_panic+0x56/0x90 [ 46.222772][ C1] ? _prb_read_valid+0x9f3/0xa80 [ 46.222802][ C1] ? record_print_text+0x290/0x450 [ 46.222828][ C1] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 46.222853][ C1] ? __rb_erase_color+0x38c/0xb50 [ 46.222875][ C1] ? __cfi_min_vruntime_cb_rotate+0x10/0x10 [ 46.222905][ C1] ? xfd_validate_state+0x68/0x140 [ 46.222931][ C1] ? save_fpregs_to_fpstate+0x196/0x220 [ 46.222951][ C1] ? __kasan_check_write+0x18/0x20 [ 46.222975][ C1] ? __switch_to+0xc4f/0x1300 [ 46.223002][ C1] ? __cfi_sched_clock_cpu+0x10/0x10 [ 46.223029][ C1] ? __cfi___switch_to+0x10/0x10 [ 46.223055][ C1] ? psi_task_switch+0xad/0xa10 [ 46.223078][ C1] ? _raw_spin_unlock+0x45/0x60 [ 46.223098][ C1] ? finish_task_switch+0x139/0x760 [ 46.223121][ C1] ? __switch_to_asm+0x3d/0x70 [ 46.223150][ C1] ? __schedule+0x1357/0x1ea0 [ 46.223185][ C1] ? _RNvMs_NtNtCs1ewLyjEZ7Le_6kernel5alloc9allocatorNtB4_7Kmalloc14aligned_layout+0x9a/0x180 [ 46.223227][ C1] ? __cfi__RNvMs_NtNtCs1ewLyjEZ7Le_6kernel5alloc9allocatorNtB4_7Kmalloc14aligned_layout+0x10/0x10 [ 46.223267][ C1] ? __sched_text_start+0x10/0x10 [ 46.223289][ C1] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 46.223309][ C1] ? up+0x10a/0x1b0 [ 46.223334][ C1] ? __cfi_up+0x10/0x10 [ 46.223360][ C1] ? krealloc_noprof+0xfa/0x130 [ 46.223387][ C1] ? _RNvNtCs1ewLyjEZ7Le_6kernel5alloc20dangling_from_layout+0x11/0x20 [ 46.223424][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0xed/0x200 [ 46.223459][ C1] ? __cfi_llist_add_batch+0x10/0x10 [ 46.223479][ C1] ? __cfi__RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0x10/0x10 [ 46.223513][ C1] ? preempt_schedule+0xc5/0xe0 [ 46.223535][ C1] ? __cfi_preempt_schedule+0x10/0x10 [ 46.223558][ C1] ? tick_nohz_tick_stopped+0x4c/0x60 [ 46.223582][ C1] ? __irq_work_queue_local+0xc4/0x260 [ 46.223606][ C1] ? irq_work_queue+0xc2/0x160 [ 46.223629][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main6thread18ScatterGatherStateEEB16_+0x3a3/0x660 [ 46.223682][ C1] ? __cfi_vprintk_emit+0x10/0x10 [ 46.223704][ C1] ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main6thread18ScatterGatherStateEEB16_+0x10/0x10 [ 46.223762][ C1] ? vprintk_default+0x2a/0x40 [ 46.223783][ C1] ? vprintk+0x93/0xa0 [ 46.223810][ C1] ? _printk+0xde/0x140 [ 46.223830][ C1] ? __cfi___check_object_size+0x10/0x10 [ 46.223857][ C1] ? __cfi__printk+0x10/0x10 [ 46.223877][ C1] ? _copy_from_user+0x87/0xa0 [ 46.223905][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCskDQVOo9v79Q_16rust_binder_main10allocation10AllocationEBK_+0x26/0x1a0 [ 46.223944][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCskDQVOo9v79Q_16rust_binder_main10allocation13NewAllocationEBK_+0x5b/0x80 [ 46.223990][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x6e44/0x8520 [ 46.224046][ C1] ? __cfi__RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x10/0x10 [ 46.224113][ C1] ? __cfi__RNvYNCINvMNtNtCsb7ts3l0a5c3_4core3fmt2rtNtB8_8Argument11new_displayjE0INtNtNtBc_3ops8function6FnOnceTINtNtNtBc_3ptr8non_null7NonNulluEQNtBa_9FormatterEE9call_onceCskDQVOo9v79Q_16rust_binder_main+0x10/0x10 [ 46.224175][ C1] ? __cfi__RNvYNCINvMNtNtCsb7ts3l0a5c3_4core3fmt2rtNtB8_8Argument11new_displayjE0INtNtNtBc_3ops8function6FnOnceTINtNtNtBc_3ptr8non_null7NonNulluEQNtBa_9FormatterEE9call_onceCskDQVOo9v79Q_16rust_binder_main+0x10/0x10 [ 46.224228][ C1] ? __cfi__RNvYNCINvMNtNtCsb7ts3l0a5c3_4core3fmt2rtNtB8_8Argument11new_displayjE0INtNtNtBc_3ops8function6FnOnceTINtNtNtBc_3ptr8non_null7NonNulluEQNtBa_9FormatterEE9call_onceCskDQVOo9v79Q_16rust_binder_main+0x10/0x10 [ 46.224311][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 46.224338][ C1] ? kernel_text_address+0xa9/0xe0 [ 46.224364][ C1] ? __kasan_check_write+0x18/0x20 [ 46.224389][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 46.224409][ C1] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 46.224431][ C1] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 46.224452][ C1] ? stack_depot_save_flags+0x399/0x800 [ 46.224478][ C1] ? kasan_save_track+0x4f/0x80 [ 46.224506][ C1] ? kasan_save_track+0x3e/0x80 [ 46.224533][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 46.224555][ C1] ? __kasan_kmalloc+0x96/0xb0 [ 46.224583][ C1] ? __kmalloc_node_track_caller_noprof+0x251/0x4f0 [ 46.224612][ C1] ? krealloc_noprof+0x8d/0x130 [ 46.224638][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCskDQVOo9v79Q_16rust_binder_main+0xb4/0x200 [ 46.224682][ C1] ? __asan_memset+0x39/0x50 [ 46.224706][ C1] ? __asan_set_shadow_00+0x12/0x20 [ 46.224727][ C1] ? _RINvMsj_NtNtCs1ewLyjEZ7Le_6kernel4sync3arcINtB6_9UniqueArcINtNtNtCsb7ts3l0a5c3_4core3mem12maybe_uninit11MaybeUninitNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoEE13pin_init_withNtNtB11_7convert10InfallibleINtNtNtBa_4init10___internal11InitClosureNCNvMs1_B1R_B1P_3news_0B1P_B31_EEB1T_+0x3bd/0x990 [ 46.224803][ C1] ? __cfi__RINvMsj_NtNtCs1ewLyjEZ7Le_6kernel4sync3arcINtB6_9UniqueArcINtNtNtCsb7ts3l0a5c3_4core3mem12maybe_uninit11MaybeUninitNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoEE13pin_init_withNtNtB11_7convert10InfallibleINtNtNtBa_4init10___internal11InitClosureNCNvMs1_B1R_B1P_3news_0B1P_B31_EEB1T_+0x10/0x10 [ 46.224883][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 46.224906][ C1] ? __kasan_check_write+0x18/0x20 [ 46.224931][ C1] ? _raw_spin_lock+0x92/0x120 [ 46.224950][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 46.224970][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process23insert_or_update_handle+0xbf1/0x1e70 [ 46.225009][ C1] ? __cfi__RNvMs5_NtCs1ewLyjEZ7Le_6kernel6bitmapNtB5_6Bitmap7set_bit+0x10/0x10 [ 46.225045][ C1] ? _RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main4nodeNtB5_4Node16insert_node_info+0x470/0x540 [ 46.225084][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionINtNtCs1ewLyjEZ7Le_6kernel6rbtree10RBTreeNodejmEEECskDQVOo9v79Q_16rust_binder_main+0xd8/0x1b0 [ 46.225134][ C1] ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionINtNtCs1ewLyjEZ7Le_6kernel6rbtree10RBTreeNodejmEEECskDQVOo9v79Q_16rust_binder_main+0x10/0x10 [ 46.225209][ C1] ? __kasan_check_write+0x18/0x20 [ 46.225233][ C1] ? mutex_unlock+0x90/0x240 [ 46.225256][ C1] ? __cfi_mutex_unlock+0x10/0x10 [ 46.225281][ C1] ? _RNvMso_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_14RawVacantEntrymINtNtNtB7_4list3arc7ListArcNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoKyd703a5263dcc8650_EE6insertB1r_+0x114/0x150 [ 46.225338][ C1] ? __asan_set_shadow_00+0x12/0x20 [ 46.225359][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process23insert_or_update_handle+0x11ed/0x1e70 [ 46.225402][ C1] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process23insert_or_update_handle+0x10/0x10 [ 46.225445][ C1] ? cgroup_rstat_updated+0x141/0x810 [ 46.225475][ C1] ? __cfi_min_vruntime_cb_rotate+0x10/0x10 [ 46.225502][ C1] ? __cfi_cgroup_rstat_updated+0x10/0x10 [ 46.225530][ C1] ? __enqueue_entity+0x58a/0x630 [ 46.225561][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process23insert_or_update_handle+0xbf1/0x1e70 [ 46.225600][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 46.225623][ C1] ? kernel_text_address+0xa9/0xe0 [ 46.225646][ C1] ? __kasan_check_write+0x18/0x20 [ 46.225670][ C1] ? _raw_spin_lock+0x92/0x120 [ 46.225686][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 46.225712][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process23insert_or_update_handle+0xbf1/0x1e70 [ 46.225749][ C1] ? stack_depot_save_flags+0x399/0x800 [ 46.225775][ C1] ? kasan_save_free_info+0x4a/0x60 [ 46.225806][ C1] ? _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x3a2/0x2150 [ 46.225847][ C1] ? kasan_save_track+0x3e/0x80 [ 46.225883][ C1] ? _RINvMNtNtCs1ewLyjEZ7Le_6kernel4list3arcINtB3_7ListArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtBS_11DeliverCodeEE8pin_initNtNtB7_5error5ErrorINtNtNtB7_4init10___internal11InitClosureNCNvMs0_BS_BP_11arc_try_news0_0BP_B1Z_EEBS_+0xcb/0x650 [ 46.225946][ C1] ? __se_sys_ioctl+0x135/0x1b0 [ 46.225969][ C1] ? x64_sys_call+0x1878/0x2ee0 [ 46.226000][ C1] ? do_syscall_64+0x57/0xf0 [ 46.226022][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 46.226063][ C1] ? __cfi__RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x10/0x10 [ 46.226108][ C1] ? __wake_up+0x169/0x190 [ 46.226146][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 46.226184][ C1] ? __kasan_kmalloc+0x96/0xb0 [ 46.226221][ C1] ? __kmalloc_node_track_caller_noprof+0x251/0x4f0 [ 46.226257][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCskDQVOo9v79Q_16rust_binder_main+0xb4/0x200 [ 46.226307][ C1] ? krealloc_noprof+0xfa/0x130 [ 46.226343][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCskDQVOo9v79Q_16rust_binder_main+0xcb/0x200 [ 46.226393][ C1] ? __cfi__RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCskDQVOo9v79Q_16rust_binder_main+0x10/0x10 [ 46.226444][ C1] ? slow_avc_audit+0x19f/0x220 [ 46.226477][ C1] ? __asan_memset+0x39/0x50 [ 46.226508][ C1] ? _RINvMNtNtCs1ewLyjEZ7Le_6kernel4list3arcINtB3_7ListArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtBS_11DeliverCodeEE8pin_initNtNtB7_5error5ErrorINtNtNtB7_4init10___internal11InitClosureNCNvMs0_BS_BP_11arc_try_news0_0BP_B1Z_EEBS_+0x26e/0x650 [ 46.226583][ C1] ? __cfi__RINvMNtNtCs1ewLyjEZ7Le_6kernel4list3arcINtB3_7ListArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtBS_11DeliverCodeEE8pin_initNtNtB7_5error5ErrorINtNtNtB7_4init10___internal11InitClosureNCNvMs0_BS_BP_11arc_try_news0_0BP_B1Z_EEBS_+0x10/0x10 [ 46.226658][ C1] ? avc_has_perm_noaudit+0x2bd/0x360 [ 46.226691][ C1] ? avc_has_perm+0x1ec/0x240 [ 46.226724][ C1] ? __cfi__RNvNtCs1ewLyjEZ7Le_6kernel5error9to_result+0x10/0x10 [ 46.226768][ C1] ? __kasan_check_write+0x18/0x20 [ 46.226800][ C1] ? _raw_spin_lock+0x92/0x120 [ 46.226822][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 46.226848][ C1] ? selinux_binder_transaction+0x165/0x1d0 [ 46.226883][ C1] ? bpf_lsm_binder_transaction+0xd/0x20 [ 46.226914][ C1] ? _RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_17transaction_innerEB8_+0x8c4/0x1110 [ 46.226969][ C1] ? __cfi__RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_17transaction_innerEB8_+0x10/0x10 [ 46.227031][ C1] ? __kasan_check_write+0x18/0x20 [ 46.227062][ C1] ? _raw_spin_lock+0x92/0x120 [ 46.227088][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 46.227110][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x1790/0xa690 [ 46.227153][ C1] ? __asan_memcpy+0x5a/0x80 [ 46.227192][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x17dc/0xa690 [ 46.227257][ C1] ? __cfi__RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x10/0x10 [ 46.227384][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 46.227423][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 46.227455][ C1] ? kernel_text_address+0xa9/0xe0 [ 46.227484][ C1] ? __kernel_text_address+0x11/0x40 [ 46.227515][ C1] ? unwind_get_return_address+0x51/0x90 [ 46.227545][ C1] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 46.227570][ C1] ? arch_stack_walk+0x10a/0x170 [ 46.227610][ C1] ? stack_depot_save_flags+0x38/0x800 [ 46.227642][ C1] ? kasan_save_track+0x4f/0x80 [ 46.227677][ C1] ? kasan_save_track+0x3e/0x80 [ 46.227710][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 46.227736][ C1] ? __kasan_kmalloc+0x96/0xb0 [ 46.227772][ C1] ? __kmalloc_node_track_caller_noprof+0x251/0x4f0 [ 46.227807][ C1] ? krealloc_noprof+0x8d/0x130 [ 46.227840][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCskDQVOo9v79Q_16rust_binder_main+0xb4/0x200 [ 46.227889][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process8get_node+0x89e/0x1820 [ 46.227937][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process14set_as_manager+0x1b8/0xa50 [ 46.227979][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x183b/0x5da0 [ 46.228012][ C1] ? __se_sys_ioctl+0x135/0x1b0 [ 46.228046][ C1] ? __x64_sys_ioctl+0x7f/0xa0 [ 46.228079][ C1] ? x64_sys_call+0x1878/0x2ee0 [ 46.228114][ C1] ? do_syscall_64+0x57/0xf0 [ 46.228140][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 46.228188][ C1] ? _RNvMs6_NtCs1ewLyjEZ7Le_6kernel4listINtB5_4ListINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapDNtBL_13DeliverToReadEL_EE12insert_innerBL_+0x43a/0x6c0 [ 46.228248][ C1] ? __cfi__RNvMs6_NtCs1ewLyjEZ7Le_6kernel4listINtB5_4ListINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapDNtBL_13DeliverToReadEL_EE12insert_innerBL_+0x10/0x10 [ 46.228310][ C1] ? _RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main4nodeNtB5_4Node28incr_refcount_allow_zero2one+0x4d4/0xe50 [ 46.228350][ C1] ? __kasan_check_write+0x18/0x20 [ 46.228379][ C1] ? _raw_spin_lock+0x92/0x120 [ 46.228404][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 46.228430][ C1] ? _raw_spin_unlock+0x45/0x60 [ 46.228453][ C1] ? _RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_12ProcessInner24new_node_ref_with_thread+0x62d/0xa50 [ 46.228493][ C1] ? __cfi__RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_12ProcessInner24new_node_ref_with_thread+0x10/0x10 [ 46.228535][ C1] ? krealloc_noprof+0xfa/0x130 [ 46.228570][ C1] ? _RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreeyINtNtNtB7_4sync3arc3ArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtNtB1d_4node4NodeEEE9raw_entryB1d_+0x403/0x500 [ 46.228623][ C1] ? __cfi__RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreeyINtNtNtB7_4sync3arc3ArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtNtB1d_4node4NodeEEE9raw_entryB1d_+0x10/0x10 [ 46.228680][ C1] ? __kasan_check_write+0x18/0x20 [ 46.228709][ C1] ? _raw_spin_lock+0x92/0x120 [ 46.228734][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 46.228756][ C1] ? _RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreelINtNtNtB7_4sync3arc3ArcNtNtCskDQVOo9v79Q_16rust_binder_main6thread6ThreadEE9raw_entryB1e_+0x416/0x580 [ 46.228812][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process8get_node+0xfa9/0x1820 [ 46.228861][ C1] ? __asan_memcpy+0x5a/0x80 [ 46.228893][ C1] ? __kasan_check_write+0x18/0x20 [ 46.228920][ C1] ? _raw_spin_lock+0x92/0x120 [ 46.228945][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 46.228969][ C1] ? _raw_spin_unlock+0x45/0x60 [ 46.228993][ C1] ? __asan_set_shadow_00+0x12/0x20 [ 46.229020][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process18get_current_thread+0x9e6/0x1cf0 [ 46.229064][ C1] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process8get_node+0x10/0x10 [ 46.229115][ C1] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 46.229177][ C1] ? avc_has_perm_noaudit+0x26c/0x360 [ 46.229210][ C1] ? __asan_memcpy+0x5a/0x80 [ 46.229241][ C1] ? avc_has_perm_noaudit+0x28a/0x360 [ 46.229274][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main4node7NodeRefEEB16_+0xf6/0x490 [ 46.229323][ C1] ? avc_has_perm+0x155/0x240 [ 46.229356][ C1] ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main4node7NodeRefEEB16_+0x10/0x10 [ 46.229405][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel4sync3arc3ArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtNtB1o_4node4NodeEEEB1o_+0xf9/0x1f0 [ 46.229456][ C1] ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel4sync3arc3ArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtNtB1o_4node4NodeEEEB1o_+0x10/0x10 [ 46.229508][ C1] ? __kasan_check_write+0x18/0x20 [ 46.229539][ C1] ? _raw_spin_lock+0x92/0x120 [ 46.229565][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 46.229587][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process14set_as_manager+0x54c/0xa50 [ 46.229629][ C1] ? __asan_memcpy+0x5a/0x80 [ 46.229661][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process14set_as_manager+0x794/0xa50 [ 46.229706][ C1] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process14set_as_manager+0x10/0x10 [ 46.229750][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 46.229783][ C1] ? __kasan_check_write+0x18/0x20 [ 46.229815][ C1] ? _raw_spin_lock+0x92/0x120 [ 46.229837][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x1019/0x5da0 [ 46.229871][ C1] ? __asan_memcpy+0x5a/0x80 [ 46.229903][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x1077/0x5da0 [ 46.229936][ C1] ? stack_trace_save+0xaa/0x100 [ 46.229960][ C1] ? stack_depot_save_flags+0x38/0x800 [ 46.229992][ C1] ? kasan_save_stack+0x4d/0x60 [ 46.230026][ C1] ? kasan_save_stack+0x3e/0x60 [ 46.230065][ C1] ? __kasan_record_aux_stack+0xb2/0xd0 [ 46.230092][ C1] ? kasan_record_aux_stack_noalloc+0xf/0x20 [ 46.230122][ C1] ? __call_rcu_common+0xd7/0x720 [ 46.230166][ C1] ? call_rcu+0x14/0x20 [ 46.230205][ C1] ? __cfi__RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x10/0x10 [ 46.230238][ C1] ? _raw_spin_trylock+0xb5/0x140 [ 46.230259][ C1] ? __cfi__raw_spin_trylock+0x10/0x10 [ 46.230285][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 46.230325][ C1] ? _raw_spin_unlock+0x45/0x60 [ 46.230348][ C1] ? call_rcu_nocb+0x6d7/0xc80 [ 46.230382][ C1] ? swake_up_one_online_ipi+0x30/0x30 [ 46.230421][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 46.230454][ C1] ? kernel_text_address+0xa9/0xe0 [ 46.230486][ C1] ? __kernel_text_address+0x11/0x40 [ 46.230514][ C1] ? __kasan_check_write+0x18/0x20 [ 46.230545][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 46.230572][ C1] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 46.230597][ C1] ? stack_trace_save+0xaa/0x100 [ 46.230623][ C1] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 46.230651][ C1] ? stack_depot_save_flags+0x399/0x800 [ 46.230682][ C1] ? kasan_save_track+0x4f/0x80 [ 46.230714][ C1] ? kasan_save_track+0x3e/0x80 [ 46.230748][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 46.230777][ C1] ? __kasan_kmalloc+0x96/0xb0 [ 46.230812][ C1] ? __kmalloc_node_track_caller_noprof+0x251/0x4f0 [ 46.230844][ C1] ? krealloc_noprof+0x8d/0x130 [ 46.230877][ C1] ? kvrealloc_noprof+0x59/0x120 [ 46.230909][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main16rust_binder_mmap+0x7a1/0x1210 [ 46.230941][ C1] ? mmap_region+0x157c/0x1d60 [ 46.230970][ C1] ? do_mmap+0xb85/0x13c0 [ 46.231000][ C1] ? vm_mmap_pgoff+0x36e/0x4b0 [ 46.231031][ C1] ? ksys_mmap_pgoff+0x165/0x1e0 [ 46.231061][ C1] ? __x64_sys_mmap+0x121/0x140 [ 46.231094][ C1] ? x64_sys_call+0x13bf/0x2ee0 [ 46.231129][ C1] ? do_syscall_64+0x57/0xf0 [ 46.231155][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 46.231207][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 46.231240][ C1] ? cgroup_rstat_updated+0x141/0x810 [ 46.231279][ C1] ? kernel_text_address+0xa9/0xe0 [ 46.231307][ C1] ? __cfi_cgroup_rstat_updated+0x10/0x10 [ 46.231345][ C1] ? unwind_get_return_address+0x51/0x90 [ 46.231375][ C1] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 46.231406][ C1] ? detach_entity_load_avg+0x7b0/0x7b0 [ 46.231443][ C1] ? update_curr+0x50c/0x9e0 [ 46.231478][ C1] ? detach_entity_load_avg+0x7b0/0x7b0 [ 46.231514][ C1] ? cgroup_rstat_updated+0x141/0x810 [ 46.231553][ C1] ? place_entity+0x4e9/0x620 [ 46.231593][ C1] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 46.231626][ C1] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 46.231658][ C1] ? update_curr+0xf8/0x9e0 [ 46.231694][ C1] ? xfd_validate_state+0x68/0x140 [ 46.231726][ C1] ? save_fpregs_to_fpstate+0x196/0x220 [ 46.231751][ C1] ? __kasan_check_write+0x18/0x20 [ 46.231783][ C1] ? __switch_to+0xc4f/0x1300 [ 46.231817][ C1] ? __cfi_sched_clock_cpu+0x10/0x10 [ 46.231847][ C1] ? __cfi___switch_to+0x10/0x10 [ 46.231880][ C1] ? psi_task_switch+0xad/0xa10 [ 46.231911][ C1] ? _raw_spin_unlock+0x45/0x60 [ 46.231932][ C1] ? finish_task_switch+0x139/0x760 [ 46.231961][ C1] ? __switch_to_asm+0x3d/0x70 [ 46.231997][ C1] ? __schedule+0x1357/0x1ea0 [ 46.232028][ C1] ? __sched_text_start+0x10/0x10 [ 46.232055][ C1] ? avc_has_extended_perms+0x80b/0xe70 [ 46.232088][ C1] ? __asan_memcpy+0x5a/0x80 [ 46.232120][ C1] ? avc_has_extended_perms+0x969/0xe70 [ 46.232154][ C1] ? __cfi_preempt_schedule+0x10/0x10 [ 46.232190][ C1] ? __asan_set_shadow_00+0x12/0x20 [ 46.232216][ C1] ? do_vfs_ioctl+0x182d/0x2010 [ 46.232253][ C1] ? __ia32_compat_sys_ioctl+0x920/0x920 [ 46.232294][ C1] ? __cfi_try_to_wake_up+0x10/0x10 [ 46.232323][ C1] ? ioctl_has_perm+0x39a/0x500 [ 46.232350][ C1] ? has_cap_mac_admin+0xd0/0xd0 [ 46.232380][ C1] ? selinux_file_ioctl+0x732/0x1480 [ 46.232409][ C1] ? __cfi_userfaultfd_unmap_complete+0x10/0x10 [ 46.232444][ C1] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 46.232469][ C1] ? do_futex+0x37d/0x510 [ 46.232500][ C1] ? __cfi_do_futex+0x10/0x10 [ 46.232529][ C1] ? vm_mmap_pgoff+0x153/0x4b0 [ 46.232562][ C1] ? __fget_files+0x2c5/0x340 [ 46.232597][ C1] ? bpf_lsm_file_ioctl+0xd/0x20 [ 46.232623][ C1] ? security_file_ioctl+0x3e/0x110 [ 46.232649][ C1] ? __cfi__RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x10/0x10 [ 46.232680][ C1] ? __se_sys_ioctl+0x135/0x1b0 [ 46.232716][ C1] ? __x64_sys_ioctl+0x7f/0xa0 [ 46.232752][ C1] ? x64_sys_call+0x1878/0x2ee0 [ 46.232787][ C1] ? do_syscall_64+0x57/0xf0 [ 46.232812][ C1] ? clear_bhb_loop+0x50/0xa0 [ 46.232837][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 46.232879][ C1] [ 46.232889][ C1] Modules linked in: [ 46.232923][ C1] ---[ end trace 0000000000000000 ]--- [ 46.232938][ C1] RIP: 0010:_RNvMNtNtCs1ewLyjEZ7Le_6kernel4sync3arcINtB2_8ArcInnerNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoE12container_ofBT_+0x27/0x380 [ 46.232990][ C1] Code: 90 90 90 f3 0f 1e fa 55 48 89 e5 41 57 41 56 41 54 53 48 83 e4 e0 48 81 ec a0 01 00 00 48 89 fb 49 be 00 00 00 00 00 fc ff df c4 df 41 fd 48 c7 04 24 b3 8a b5 41 48 c7 44 24 08 56 09 1c 87 [ 46.233011][ C1] RSP: 0018:ffffc9000f467fa0 EFLAGS: 00010286 [ 46.233037][ C1] RAX: ffffffff8445ba6d RBX: ffff888116cbdf08 RCX: 0000000000080000 [ 46.233055][ C1] RDX: ffffc90002a06000 RSI: 00000000000026f6 RDI: ffff888116cbdf08 [ 46.233077][ C1] RBP: ffffc9000f468170 R08: ffff888116cbdf67 R09: 0000000000000000 [ 46.233095][ C1] R10: ffff888116cbdf58 R11: ffffed1022d97bed R12: 1ffff1102319726c [ 46.233117][ C1] R13: 1ffff11022d97beb R14: dffffc0000000000 R15: 0000000000000000 [ 46.233136][ C1] FS: 00007f64c67a36c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 46.233168][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 46.233189][ C1] CR2: ffffc9000f467f98 CR3: 0000000116ec4000 CR4: 00000000003526b0 [ 46.233214][ C1] Kernel panic - not syncing: Fatal exception in interrupt [ 46.233799][ C1] Kernel Offset: disabled