last executing test programs:

3.360016513s ago: executing program 3 (id=824):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffe00, {0x0, 0x0, 0x0, r5, {0x8}, {0xffff}, {0xfff2, 0xffe1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0xe, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x6, 0x1, 0x4, 0x4, 0x10, 0x4], 0x3, [0xb, 0x5, 0x7fff, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x8000, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0x2, 0x5, 0x2, 0xfff5, 0x4, 0x8, 0x7, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x4)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=@newqdisc={0x24, 0x2a, 0x4ee4e6a52ff56541, 0x4001, 0xfffffe00, {0x0, 0x0, 0x0, r9, {0xb}, {0x8}, {0xfff2, 0xffe1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4400ae8f, &(0x7f0000000100)=@arm64={0x5, 0x8, 0x4, '\x00', 0x3})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000380)={0x2, 0x0, @ioapic={0x8080000, 0x9, 0x2, 0xfffffffe, 0x0, [{0x2, 0x4, 0x3}, {0x4, 0x8, 0xd, '\x00', 0xf}, {0xff, 0x7f, 0xd3, '\x00', 0xe9}, {0xfd, 0x5, 0xf5, '\x00', 0xf}, {0x7, 0x9, 0xf5, '\x00', 0xb4}, {0xf, 0x4, 0x54, '\x00', 0xff}, {0x75, 0xd5, 0xf1, '\x00', 0x7f}, {0x3, 0x5, 0xc}, {0x7f, 0x8, 0x4a, '\x00', 0x8}, {0xd7, 0xd, 0x8, '\x00', 0x6}, {0x0, 0x28, 0x80, '\x00', 0xdc}, {0xfb, 0x58, 0xff, '\x00', 0x1}, {0xfe, 0x7, 0x26}, {0xcf, 0xf, 0x8, '\x00', 0x6}, {0xf, 0xee, 0x7, '\x00', 0x3}, {0x39, 0x2, 0x6, '\x00', 0xb}, {0x9, 0x6, 0x2, '\x00', 0x9}, {0x4, 0xc, 0x5, '\x00', 0xe9}, {0x7, 0x2, 0x7, '\x00', 0xc2}, {0x2, 0x80, 0xe, '\x00', 0x7f}, {0x1, 0xc, 0x83, '\x00', 0x7c}, {0x10, 0x6, 0x92, '\x00', 0x10}, {0x1, 0x3, 0xf3, '\x00', 0x7}, {0x7, 0x6, 0x4}]}})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r12 = socket$netlink(0x10, 0x3, 0x0)
r13 = socket$nl_route(0x10, 0x3, 0x0)
r14 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r14, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r15=>0x0})
sendmsg$nl_route_sched(r13, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newtclass={0x34, 0x28, 0x20, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r15, {0x3, 0xf}, {0x8, 0x2}, {0x9, 0x3}}, [@tclass_kind_options=@c_mq={0x7}, @TCA_RATE={0x6, 0x5, {0x5, 0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x20040084)
sendmsg$nl_route_sched(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000000c0)=@getqdisc={0x3c, 0x26, 0x4, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0x6, 0x6}, {0x8, 0x8}, {0xfff3, 0xe}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)

3.107495935s ago: executing program 3 (id=828):
syz_emit_ethernet(0x46, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd60000000001c2c00fe8000000000000000000000000000bbfe8000000000000000000000070000aa"], 0x0)

3.107260098s ago: executing program 3 (id=829):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0xfffffffffffffff5, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x300000000000000, 0x0, 0x30, 0x0, 0x0, 0x18, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@binder={0x73622a85, 0x102, 0x2}, @flat=@weak_handle={0x77682a85, 0x1100, 0x2}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

3.032848077s ago: executing program 3 (id=830):
syz_emit_ethernet(0x34e, &(0x7f0000000780)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @random="524315cd731b", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00cd04", 0x318, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x5a, 0x1, 0x0, 0xfffffffc, [{0x3, 0xa, "a78c000005dc8080a2030003004003493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34060600000000000000dac15084dbaf736b41e5af0502"}, {0x0, 0x1, "000005000000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf3915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x22, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea468000000000054740a5d4901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2bce9ac946a3f0e2bc4000091394c02bcfbbb7d71138537d68e2d2c6393a9f3cc271a9ff09a48b5b303f4f0"}, {0x5, 0x7, "b8a3e10000a3e1100000006f00ffc0ffff00000000600000ff0bc0fe000000000000000000000000d9a0274400"/55}, {0x0, 0xc, "5e14ccb44d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d260600aa89c8f267d76ece1c9f6ae2e1eb3d8bf9c6ab2642c4808298e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c"}]}}}}}}, 0x0)

3.031941712s ago: executing program 3 (id=833):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000440)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000380)={@fd, @fda={0x66646185, 0x1, 0x1, 0x26}, @flat=@weak_handle={0x77682a85, 0x10a, 0x2}}, &(0x7f0000000180)={0x0, 0x18, 0x38}}}], 0x0, 0x5000, 0x0})

2.97008266s ago: executing program 3 (id=836):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="0200000034d2f7b47d197157de4121d85a0900020073797a3100000000080003400000000100"/53], 0x28}}, 0x4000040)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12013f00000000407f047842d1274080b01cd68ae4ffff00000000000109022400010000000009040000150300000009"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_io_uring_setup(0x487, &(0x7f0000000240)={0x0, 0xa5ba, 0x1, 0xffd, 0x5cc}, &(0x7f0000000300), &(0x7f0000000340))
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000040)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f00000001c0)={r3, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r5=>0x0, 0x0, <r6=>0x0], &(0x7f0000000380), 0x3, r4, 0xcccccccc})
ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, &(0x7f0000000580)={0x401, 0x1, &(0x7f0000000180)=[r4], &(0x7f00000000c0)=[0x3], &(0x7f0000000640)=[r6, r5, r5], &(0x7f0000000340), 0x0, 0xffffffffffffffff})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a32000000000500040000000000140007800800124000000000050015002200000005000500020000000500010006"], 0x64}}, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f00000083090007000b00000000b3748804fc"], 0x0}, 0x0)
r8 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$F2FS_IOC_GET_FEATURES(r8, 0x8004f50c, &(0x7f00000000c0))

308.756905ms ago: executing program 0 (id=892):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0xa2)
write$FUSE_INIT(r0, &(0x7f0000000140)={0x50, 0x0, 0x0, {0x7, 0x2d, 0x0, 0x0, 0x0, 0x0, 0x4000000}}, 0xffd3)

239.570939ms ago: executing program 0 (id=895):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000020000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010001fff0000000081000000000000ff", @ANYRES32=0x0, @ANYBLOB="00000000003f0000200012800b00010067656e657665000010000280060005004e24000004000e0008000a00", @ANYRES32=r2], 0x48}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x44010)

239.452644ms ago: executing program 1 (id=896):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0xfffffffffffffff5, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@binder={0x73622a85, 0x102, 0x2}, @flat=@weak_handle={0x77682a85, 0x1100, 0x2, 0x38000000}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

239.209747ms ago: executing program 2 (id=897):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="e80100002e000100000000000000000004001980d20109"], 0x1e8}], 0x1, 0x0, 0x0, 0x84}, 0x300)
socket$can_j1939(0x1d, 0x2, 0x7)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="e80100002e000100000000000000000004001980d20109"], 0x1e8}], 0x1, 0x0, 0x0, 0x84}, 0x300) (async)
socket$can_j1939(0x1d, 0x2, 0x7) (async)

239.115499ms ago: executing program 1 (id=898):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000440)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000380)={@fd, @fda={0x66646185, 0x1, 0x1, 0x26}, @flat=@weak_handle={0x77682a85, 0x10a, 0x2}}, &(0x7f0000000180)={0x0, 0x18, 0x38}}, 0xfffffffffffffff0}], 0x0, 0x0, 0x0})

238.969768ms ago: executing program 2 (id=899):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mlockall(0x7)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000440)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000240)={@ptr={0x70742a85, 0xf0ff, 0x0, 0x0, 0x0, 0x7}, @fda={0x66646185, 0x1, 0x1, 0x26}, @flat=@weak_handle={0x77682a85, 0x10a, 0x2}}, &(0x7f0000000180)={0x0, 0x28, 0x48}}}], 0x0, 0x0, 0x0})

170.354063ms ago: executing program 1 (id=900):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0xfffffffffffffff5, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {0x1, 0x0, 0xf0ff, 0x0, 0x30, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000680)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @fda={0x66646185, 0x3, 0x0, 0x1}, @fd={0x66642a85, 0x0, r3}}, &(0x7f0000000200)={0x0, 0x18, 0x38}}}], 0x0, 0x0, 0x0})

170.156591ms ago: executing program 2 (id=901):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = syz_clone(0x40000040, &(0x7f00000000c0)="9a766eafe3d96d1b854106de6f1c40b29071b7f8f7e103a9e80dddd3b448595ab9bea213c9fc1893603fb3e875bedcb0b1484d69a024fa9497c072ab5ce6c70ea36df5b6ed83a023997410cab5e60eaa3f87da4a8085", 0x56, &(0x7f0000000040), &(0x7f0000000140), &(0x7f00000001c0)="3567ca2f1b65b54b10daf292a5e81ac1641d75d2761b8da87ec61e10351d3b28224a610f65d93f8438b6")
pselect6(0x40, &(0x7f0000000240)={0x1, 0x1ff, 0x0, 0xe8, 0x3, 0x4, 0x4, 0x7}, &(0x7f0000000380)={0x0, 0x7, 0x0, 0x1, 0x2, 0xcd, 0xc6, 0x101}, &(0x7f00000003c0)={0x100000001, 0x6, 0xd6, 0x9, 0x4, 0x7, 0x7, 0xfffffffffffffff3}, &(0x7f0000000400)={0x0, 0x3938700}, &(0x7f0000000480)={&(0x7f0000000440)={[0x8]}, 0x8})
r2 = socket(0x10, 0x3, 0x0)
r3 = syz_open_dev$vbi(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_TRY_FMT(r3, 0xc0d05640, &(0x7f0000000280)={0x6, @pix={0x100, 0x7, 0x29335b58, 0x8, 0xfffffffb, 0xe6, 0xc, 0x4, 0x0, 0x2, 0x0, 0x2}})
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000000)={0xfffffff8}, 0x10)
write(r2, &(0x7f00000000c0)="240000001e005f0214fffffffffffff807000000b800000000000000080008000d000000", 0x24)
r4 = syz_open_procfs(r1, &(0x7f0000000200)='net/rt_acct\x00')
getdents64(r4, &(0x7f0000001ec0)=""/142, 0x8e)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r5=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={r5, 0x1, 0x6, @local}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r5, 0x1, 0x6, @random="2716157f3354"}, 0x10)

169.882652ms ago: executing program 1 (id=902):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c00000010000305000000400000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRESDEC=0x0], 0x5c}}, 0x0)

59.222464ms ago: executing program 0 (id=903):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000040)="24000000180003041dfffd946f610500020100000005fe060c10880008000f00fff3c00e140000001a00ffffba16a0aa1c091dbfa1090000", 0x38}], 0x1, 0x0, 0x0, 0x1f000000}, 0x0)

59.062769ms ago: executing program 2 (id=904):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x161200, 0x0) (async)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32)
r2 = socket$kcm(0x10, 0x2, 0x0) (rerun: 32)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="5c00000013006bcc9e3be35c6e17aa35066b876c3d0000007ea6e763160af36504001ac0080010000500e7daeb660000e764bc76bd7b6278c206b59838d833aa00000000eab556a705251e618294ff0051f60a9553adac000e4509c5955ea4", 0x5f}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x8000040) (async, rerun: 64)
ioctl$CDROMVOLCTRL(r1, 0x309, &(0x7f0000000080)={0xa1, 0x3, 0xfe, 0x5}) (async, rerun: 64)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x15) (async)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x14)

58.999009ms ago: executing program 1 (id=905):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800e80010000d0428bd7000fcdbff2500008000", @ANYRES32=r0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000"], 0x48}}, 0x4084)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)

58.849153ms ago: executing program 0 (id=906):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000e280)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8774da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdf06375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d68f1c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361b851de34ccb3c8071b96f1128d7ee79b41246e5628e70272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0ff22321e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6beffffffff5e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf21dad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5aa49df6e111c894d5f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d1150129176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040fa0200000000000000002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x10000, {0x3, 0x20000000, 0x0, 0x0, 0xfffffffd, 0x40004, {0x6, 0x0, 0x4, 0xe, 0x0, 0x400, 0xffffffff, 0x0, 0x1, 0x8000, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000500)={0x50, 0x0, r1, {0x7, 0x2b, 0x0, 0x10815, 0x0, 0x0, 0x1, 0x2000, 0x0, 0x0, 0x0, 0xfffd}}, 0x50)
link(&(0x7f0000000280)='./file0/../file0/file0\x00', &(0x7f0000000400)='./file0/../file0/file0\x00')
syz_fuse_handle_req(r0, &(0x7f000000a280)="1695367704d10dd832678e4e2d01860484a69eaac410e2d6cf3b3d3925f9a3cb602592377170dffdc4de86f163e390e21d07459b0f058cfc248c4bcbe896f3c68006f3c2cbe07c55b87170871c1d364d740faeb750c8c8acb76aca18bc0c018ed341b55b0ef80cefe95b85756aac978a0e0b5ce59cae6657643e7ada0c1336bab310888351664553c2faa6dd39054e19e23cc7c4b4d33546407f880194aa0761f2a9360c4ba26de342328b92db81ae84fc9c1e9eefb4b7ec3f58a6d5d23b907327b14480a37f3c84305729a91c28807f8809b997235bfa2d4b6f45ee9568bb4a416df34f4140c5e272bfc068ea61a48b365490ccb02772a906dad457f5d2dd1a57cc1209e8897c8115049d7e4e3c756a7f5ad0c004ef66c8bf91f600910e73b4aa5f516bab5cd62ad93642960ab32b7fdaeacb1a9587a389a529c231f8a47a65fb6d27ba6a0eeb46660cd75dbf47df89e9f578eafa6992a12d9d7de56d69fd0e30b15caabd13c28d63921597466292f8c4e87f23d53d52e6e8f1c9295af0743c8c671a49273074ba44dbce9e9b1136a93dbc19d2b8e60cda5f50eba2d814822a68a0fd4ff5e6a25dd5346f96b26b5e1563ebb97829a76fd8c2aa467499fdced91b05b193b68316494f11f5ce97ed8e13d474b03c6f6eda4eff54b0ec362fda53003e6e2a3868a5d57e2426aed5adccdac8e162c6cc20361dd4709889b79b2810ba42f531fdd3746562a00da65b4211fb7d8f482a3610748d3b80d2942d8432471f98c6e9036cb57f3913b31dd8baddd6d85b44e8463b838fcfb6979628c5fa3dbd30688e10b9ede257ebc7b96d4092f38d11b9e6a4d10490a9df1387b3743cf51e206c7dbc0741c408bbebaae7f36d81b5ce5b21bb9fe992c8a0cb3a91ea2df21e571ff094b53b17c46fe22c0cead29144d203294eb42c984790a6b6348ed8b7b0317ee5b2353cc54bcfd808bf0f61f73917584e17bd9259c8a04d2ba3b4f931571947c77035975933471fb1203088dce478eb4e411ddb7b88caeb02e1cda741245df701a2b5c29c48a631eaf18549bd90c70222fd6dafe5550726bb58dd0fbf84ffeeae683a0379505f03740a652025add8e0e4e6b5bfb4bd0876dfe1ecb639acc110eba97294a4e4642aefbcad04ba50d830e945fd9900ee7e02488694041f43cbaa86280c1df64e8f1f81f7cd5130914efd19b58262f3bd2c43bd8b4a5beac09f1ba27020521994465e62c329debb50efe0716d22cf0056febc7cb95aa818e10639077e91cac3c80b37d6eebc6907dde971b578383ee04086a0dad18750ceff6b8d6d373afa93a51fee65fe1318c1ac291b784e45d66962c8b54571bc1e92a996c11561d94af6ecdd37948d35adbd1ad63c1c05c31c7f4afd707aa1956d1444fec1137fb6d81f56566887131777e5fe3e2fafe8af8f21ed34480afe74afb25d8d16f8089fcb851ac49dd826b7f273aa3d771856d712c62397d49c72d93e3c2a5e6b9767fcff0fc5b3d70dcd70ff8bad5dfd7f5a84c194f99450601f970104f9be026852ead21824152dd8f6536fcd01a69177a65f2af266e619d61d20de0c738680fbec29e7c594cad29f009d46d87908c951b2e4ad8d9a67db8be6f570fe5416d9e4dd22a108140a1c95369731807325ee7f4201209a795fa1609ce8fa27384677816f651a96cc08400e1b647bdddfb851313e3ccaa472b9a6a1da3a0936e119a6d7808f09de244d739c39df3ed36004b77cb54b6b1396b718c87fba28cb1439c7d1d140dae1ee2c2a7d647427b1e7472710c7ac4f1fb0fc0c9d15ecce28167d23e2e42474dbf1c63c0819606be9c9b6dc2eb59bf9932568ef408c20e9498cf105e84eee30460d4348f4cdfab623b416adadb4427887d9b1b6b8db75b224e8a55fa0351d21093b2b7e42e6685491cbfce100d602d0281f4bd086b50612f3ccf055fab1aad97a52695a233c3d458be4536b66b0acdda5ce0aaab48bb7d7f39a8af473c4478991f1c4569839eab0c1d684001ee1772290871653a2293bb7754c1eac178c60f86e2a98e1992dee198c76365f2d04d159d7c210c6cc58764e3b7dfb5bc15190555febd01c69cab8f55926c28a13fa4f9060dde1ca2df7e1f71fd99a0c350d7f0e341ece8e0685e9c205b486ef400910211b688f07fb05b542261c74b45f4ac23ff53e9e620ab12dad7b5131f67128bb8ed6a4a70caec437f2157f8bcb3d080091e5715dfc7d7539dd0320c90d0aab6a6d7a447ebeea893a0efa2176292c648c62cedd4138c9d0535ab0621855484fc43e0e3e84357db6951bb21fe2f4e99fa188ebecbc23f73ea879bd304408acd1c470fd112606ccfd7b7970e950ebd363afbba359a51877248a42845097094ff785dc82264225752f3aefa980d9ed5309b48f47a5b5ef49f69808b91bde955277b6525f55436ffeba0bfa8c13f6314c57ec97eea295afc66a9f4ec844474c0da6ff1ef0c6c65c035f3bb74a70ffa668359b58a46af97600c428626b45c81a4e372e198894c02e2bee8010fb4c2c075ea623a6ee24a99e225f809322df6ea6f39b1566b1aee5403d45ba648f94f70976013199b3241744458d030a5319360780897413289d89267c389e04f23de79adf4b864c5ca76efc225eb1ecf6424887f0d8b3ac13cbe9df4eb69f7b702e85fb396dc4a030d57a8c4edd227ee568fb11a9859935ad53dcfdb01727f106af352c569a020b7e405a1ad4c6b39e2e8796fe9f16db3794550f5ef3ecd6af2b2ab0383e6c198f17ada5840bde84ccbaa661d9c456d9ddaf92763ba450098cd5a971d847fd5030a4c9b066ab3b0096dfdf7e5ce2f8349165f94c493b7e4192e85239bb11552f910fb41c5e96ee10fc8dce711e88e0572ce0bbbd9c9f3b7c9dae89f1dfa6af309c4321755a5b19070c8731ac590c30fffb69feeb75f699aebb101d3a30f784f1745182cb4f0bf63a148b521f0a03c691927694ee453b278523e3ed256c150098a932f62c90ac65faa4b9782c27a3ef6ca2b5ecae6a01d8a1d7096bf6a7d1b317a9eab22ef4907c631bcca224f723f5fb9a44d7e1295186cf37fd71343919aa167fa70a505a73e9f52a11cfbd40d8c1087d4ffdfe45a40ed5aebfa4b0c3622c78a914d68dd92f46478711437ff88803ab28cd9ce2223aa0fa37eb9d9a4a7866dec4ca6bb66e794ccac6bd19b11daa0b6d4d42cbcf7d6426b5718030ca51bf92b3d8ea0b11c46ec5c0c6e3805c88b39731b2b751d9928ed1ddba7c66bcc5273d709fd295aa0792384435b98c1f44575c028ff2869074156713931f7e62f8b0f8c7ee9dfeaeb2e096e77600586a47d6f6a2e13a17dfceae46ad84858bf8873f9f1e35fc700aef0a648af168ab0774a3441a203ef325577f2c76f5f0e5808acdc7965bc65e8ad1ca816bc3b67711ea42e619c957d0f26b394be1f3b0c4ac9af8558eaebf5c1c27b6549022513479b4c28dbe3f1c3131cc9211eee768f96a9c8b5e0e6425bef921a355faccf0072ba19b16d88b75feb5dc8fcfc1b7b5973eb9654ca3dcfd482831ff5d1fe09fe7ae43cf129c8c17a6686685a13ed076f34608b7ac16eb8e9de6a44418c4e3f8162e6a679bc9482df96a04b14575ebf093b99bf5cc26495f5dd6e571129d9760de3f801b001a1f3248d14f579bc519de2b656641a88da758a2ed3baf15fdf2739ddb44f0e5892de7ea48e9302129d0c939137b9d0687b296577675bcbf433a53f6a9816797cbfef1ba0caa2b8602387b5a8bae24d3e15d42b34d81708738fd269c3e8cbacdc3ff5ab1d4816a783d7be0f0a8086e345a6b4c231ffd61745f6c45cfceaf6089e70542aea1574e3c78740f77a08eb55b37f03549c1dd318cb5a76094210e8cf800c350d328fbf9442d0437e7affd54b3bfc33da3f24558f3ea8e59da8e61ae60e7e7b4de7179b8cf941d51d420c8eee69143966800dc4f7bcb50a033331fcac02a65e88de28ab219c68388a9da9196e044dd1ebbd3994bf8cc862f6f8b419fa1f4f4e5427f10866b498935fa28b8e6f9c5e48be8b74b9c2262823390480f71aff6cf72281f526265877d223eef9ad7a4be7438f9afb6aff0e80c5125c2c612ceb83f0470ea04479979c0a10fbbd0bed7379e949cc19fe36fbcbcc59a9fe30a2662d3e4d22862e8841b587b8995ef8482bc60fe0863b41752ef3dd44a387eff101595822bf1ce440ff9e5f73e560e4f7fbfe4754d9dabbcd92de02017eb43d3cf7c75e45ba04009a582a68ce11eefd52253c721daa5f37c6408e37b48d1f2e36d7c1793300f2c9039e69a52057486b63c0fa644d00528ce48f2e551ca88e356ac25ae74c73492ed3e6233490acfbe7ed8244f23e2af86e0ade6b78bb34a75a86f6cbadbd39762680cb0821d6d28f18d427df13d0e747f6da54be970e43ef8ca8285dc8bf44e3cecdbf2d8757a9800bb889b846d58cc636a2648809451a95736a0ecec6ea3fe61fb24dcd8a00ac0b8933918189cda555b17e431d99ee190d6d0d9f769e665ec193ba8889ae72a01e18b98cebb75d20ed778e5778ef657ce85d40eafa44b46f293d64023b877e8c5d58587c3abecf9a1ad8d874a4cdba0bfbea61b7eb19e81f7c932be12a83bacc51017b42dbe2931dc11c742a5a942cb6ed9bd9922ad78f55b0f6cbae0e8d4235140263ed8c83ab22e71a0f0a62b6920b5d5109e415254e527546546bd025cf1583e3e8d9d5bf735a4651fa2e5c3c86a185bb77e9b75224cdda8cb0eb21d9e3bb19e286832aa5dce19f055539a0a5caccfd752742a31d0af882c4f02c29cbd90ac2cdf5cc61c448cd09eb7b82b930ca99962c0e5ed84124fe37f7d30aad0296ee340377a7e0aa7413c495ac8ab0b482c4c5f59872efd5a1ceadbc7606e67d3c79a77d095bd82519db0893b9d2bbc2b2f3a7391826840e49424703c006399cde5f2a52a9383e89dfbfca284be4d75dd3aafd8a43dc6c71bd7fde9460647eb5c97707e96ddb9124d6020da38ee7ad743db8fd0377a8711905194c496e39a2132d7bbf35b79f920b6dcaa73625bf8b5320da250513cd45bf42c8072809ad59d69c02f0554cf82b79ff291e42d9227de1948352b0dba0281b69876ae0ca24972a5e75aee7e0a46bd4fc83f5a0dd3f22d666f2d950ca580c6da6dfaaa293beded10d1328613611b6e01d5d8567541e81466467302d8050a3ae4791fbddc1aec749edb68173be5341166c1d5c42d63e7368473e48bafa43459de3fa3a5550a4ac979711dd9a2d6796b0bcf9b5881124ade4b12bf64fa55724976a0da9d642e76a036c430fdfb2c06d599b0f78e978580f8eb763d2846177ff18b9b5cf8c76197ed809ef24212bc5563a1713214ce78e0e6cced6e41578d46a07839795c83c189610244bc1b680535fce39f290da90d719078015d90020b1d4567a97081b48514709df8e327d814e8c15496d90efacae6b13e297ed520d280203896bbc3a23f3b638adf594de03a782bb292a93ef0b14b8b3e13c01787a0b7bfb3abd8ab15eebbc651b7b054d3e56ebb7808de9b9bd067560ec6a6432455b37054292a3d9d32434506bf84b2907560017089de3f60c2deb4dfb7371f96d65a575d446aa1d2df81867135120df4e24e9227f72ff9f8f015a7754948704ecd084a1a93fbeb5a44af086ef73e9fc1c072b7d5473e92558fc2824acf27f1dbe9b019247d3074bf4256a966ceb674a2c4222632c8e4b6c0736de019ccfe4cca40b9b07f8c4df9753cdfb4ad66643ed71510983e29c2b5f9ae7db4913cb74d9dd0461a900810650d0da73f766aa6882385f3bb40644bf43f01faf2aa4cd187659edb0498527f201442b64349afa814b3dae5ce815971f3b11d177e3e1aaf90c7674c097d475640218ad27e63f9071c9081c06d9b5d1f3a070da3eed4f4080190a74063e7f97b5f35706dd1173dcbfa13a70d5362e50d57d0c5105c8d3beb926d93f61699e737ebe1a935839c3aa5b629dc93aa209d9e7774c40de7f59fca1eb274a8280022a15934e5dd2579a8cf5cd16a3b0a1ff3ea712c4258164fe2fa17a4cbfa5630f4041bad4204605eb2e762d610fa17dafa415ed8a678da1d4b5a6618d71d0066d66e3ac10b3ce65137a5a02344abc57f1be4ce0cbf1a2ac66dcb5e94495e863819c627e4704fb479c232b27aa4a5dfca8896a7eb8e0592b6b392ec9fa2767f569d5c1356d7ef7a909d8ee344ba017c75ca664d98f5288230b7f1ffa2fa7a5d07fab5f4b53b7f19c3fb361795fd632fa8a654004d931b4b7fc0890927aec727160cded3c01b7e40e6b81ce015796895f9c007762a1c22acfb9513eccd93c845e91ea8b0960b299b3ce788cbcce5bea9a94325289d2c3573975c512d56e19c4655f849b3652f8b5f9fa6f49e03202f2031debe3c299c3ceceb1febf4b285da9033493088a36f885ed6d3958b8d05cc6be00f3465de8bf6e41796d17e393067585b459b143d592cea102f584e48676a45f896cf662bd6b3b2309aa7f46d2b8ec6597a063f12bcc88922050c8c1e070134ce77ab1cb7a7f29983a0b30d9b2abeca5cfbfc55e941376c616c2834b1c1c9a9473b531c86c3b708478ee95923fe6a8108c2c4dc8a78a9d5e995f6c815b292b986cab0afa233ef10567a49d4e8dc17f438b90b620df4d291b52549ac8e1b69078b62011ed4bb0e288db740817ff07d01e779e11cb8e0606b5ca3aac6c7b262499f5a115acdad8a67b6eb77503318ef3bf0008347b270aa986d9e79e2af174f38a4743250c1091e6053a7a785464483161aad3ef3ad976e5329b71afe9bbfd93d7541a1014db4cc159ac266021e841c665217fa150e130f921ebd4cfb5accdb87f5f9bc0fd94b402289db4d0ac3f0906a689aef044c09fc2c5a00f7795ea935aeb943eb32826bd2176c1d1cb058195e3229d293595ebc07514c6b038a1d964199c59e59d4fc621c54b7bbd3410ccec22f7fb6751527c2aa0940ed2f0c9dcfc4e99ced91d09ba4a37042b5f48b127439cad24df2951ff1e769d3892dc4788dbbe27cce60f7f0138789444712e84e059ac0a4e87557f6c3369fc61b9a843c816df3cb4ec77a11e16390234da24dc0420f6a44554fc7954cc74d63ec030d4d964898e14500d0dacdbb2959f7a8a191773f66448348f36c3f4904187088bcfeafda7dd721236810d04469e93ca4e7926305c25b1ef1380d775008fd238e33e8dd2dc5a9783f97414487a7ef70eba3dcf71331803fad223f65aadfc87d79512bf311c14926d619a089f5e84c46f4a9ff393969f8eacc8fa20acaa9eb01a8aab625853e415d3871e555a11ee71ee93cba85ee9cde60b3962e294c2c840f0a1ba87714bac54f1ca0ebda74daa3e8e19d382b951d64a22da48c632ec5754f42129214a807427e69a93c128b6b0a8697c9ee375818dd79244a38287fe8f66c7cc3aa18aee2fbf804fc1aadcc7d2daf75be82a60276b6902a51f2bbb64c261915b80053fb9635f405f1fa855d1ec8adc0ebe9648b8151eda70ec5ad5f704fa2a337bcfb7ecbc845a11cae7a68d6bc58f107ac7bb0c2f6b83edc48703ba00c94036b9af4ada51d6d78bfe697df06f47573c14cd7191ec52dc0f208ecdcf54669529bba2c2fb7a6b38f6f2b5ec5fe876f03c096ae092b6f881a84b00edd1e9f67449069d876afaa99eb1a446f20656b5104c72ed28bd8553c724785f4e8bfdc33194409960de4969b708ce26e4cd608d21ace0c38e27d54b55369a9e807cfda9a6240466dd94f6150d4b0105f7b9ae392009b2cf146d1dad5d7c8664463d7d60d11b45f30d01db7364e21ac557d37a4c9ad88926c472e98710d2cbfc4b70d6a5dbb128d46909e634761c6f6952bf9021aa5282c391dcee3278a25e3e2ee31a7f6713979a546084fb2e598214c36a3b7618bf23c57bb23b33e9c98dfe5192ef257dc2d891a6f7c11be334fbdab015eedafe1c4aea95ff1fa6d340d0cade542f3f782c1589470fa64c6fd9ac0c31536ecee0ae312f992733beea6fcaf7562dd6e0f2c016f712ce14d93f02a54f577c75b444fd7f46e9bd2cd9cd1f89195781d88f984eca45c97355095d3b48b0d9bd730c7d6f63b1dc78d2344bdb0f18c4e1554822345c11efa2ba32bcef4f29ed05315cf44617a80d7d1392de077bbda08669c8c3cb6c0b12f872f1247bc1d07634bf5bf4acc3a4ecdae7e6acd7c4af9820147afe55500a7270d7eb511f907339e5af54cfaf33e2364f54091ebee2a245ba048452d383cd441604c4dd1c6376e4df8b83ebf6070d2be248174fc1dc0a1352c103325360aeb3ab71cb73bb646ac6247dd68155fd48b90250c3b0f250a74f827780367e117a94094e5005e2f926accaef0b3e36c25e315c1e80cd4c3481f3465d99025c7de91c45bb8dd0a5577174c1f366017d87d2033239a8b6f399a9095845b5fafe9cca113b93f455bb790709b6c93fcbbd0c4bd7b5d621088dca06802e241836291226ad56d40b3b4e90eb68bd5845742baf4cb4a69b4bdb07f02d0bd6fbb5a5fad3af030816b254725e6db4073b7a0536b884c8985c3a159cdb105c73f7e0e03546248336449eff6afeb96cf8ad3617df18ee2247bc2d11ebbe10e0379f5578c41611872c5461541fb4da5be3f3348e0592982a61c352315370a9b452306c9f31f9040ef755ad096a8733dd9daf6bdbcb7a3521ad2282ae4fa7bfdb9cda5997ba3a6652af46c6d0205bb356dfb411e2b931b357723bb70254211819b74a461ed5c126cec6573cda4f6107fc3ebc76483621e9ab5789a5575ea3a91463f76138ea0f3ec9c44e1cddb2de59bef83333d235e922b920e267453676575b38e6415bd136534b8df2360ab489fb69eefd04b66758ab5dd105be7b0635f7194f9e4b158b22b21ac97fda4e804747a9718b40a32531cd5c3fd1d3c1dd8ba5ef9c86d3c8df8c71f81da1a9756e5db4dddf70755053f7129d656a8069fe83c39ab240cf7a73f0f880ec7a791c5115ab262184839b906c238eaabf2268dfcd6560c5bcb70fea00b580ad52e7de0333e6de63ae351952e6e5dee6edf284de0a2f53e2089db13bd5eca5f98883a24eb2e1a58ae199f8db9c60a5b6b85585b2d2a17d6b5406e5668685d95c4718c375db05f7953b363c25d2ed0906eda70eb659845acd31fec9b8e4d5951d12fd50bbb969dd824a78c72622c8311a980f0f2e6a1ddc368879a1f3a07d3c0780e85a4e5d13223a3424782e3f77bf6a1ebf823f468d41b777ff61345064f1096ed653c277bab90ca5afc8ad6d25f4447236cdd82950afff27763f3fef5308f034379f4ad4955cb8cc5280d51b5427de4eba374f64dde2f1e7a6ae628aa4696160a5cf0ae9fc70e307b4eb19c0a5af2c2855710c8e117211d73a7e7f3f7f2ba55d03a4b73d816c9c3fc1edb86ec95ddcd77884a913805ad6549e7a5f776a1c2385dd6d83877727f128207cda29f83462269a7f606fa31934d06a6e0efd238d0a180c754a9d2e85609fd20c880ea0e79cbe887c442f9f682801da783529e1e45eb3e70195fa2711fa291dca43ee0672b7afc14cf87b9506a7ebe223019c856777e1783f6ae1b0ed90486b32e3b6f7ff77be834c7b6676da6c8052fa49450e3e16a6f90ee33742bbfe3dc025832e0bbc7abeb625077b8c1ea07dee89c7dc26fa42514ff9ac21e848e32309bc2862a873fb57796e05923fce42fa2833c73866e22a04497ec13acebcdff6ae1df71dd8756f1febac04f2034c1f3e1d401ddbdb7f2ef676d5c85437830d527a5fb04c9bbf0d892ee1306d2d2df37008916a3a66e70f865cd6d25de16fdb4bb4f2616204cf86a3ffdbf147223968c092a46dc2aae4aedb32fb850b85d4adb87bfada328bce4c2c70ec42affde442179fcc1d3d9f5e4a848c8ba03b0df3065d1b2d5f1b08d8c25148c51bb54e191a87ea59903084000b4b520fffda111fe831d4bdcf62423c1fcd673b020c5f2c41973dd1b9698054368081f917715e1c1592bc78dd265e051bcda5bf5877821fedfcf7790a58b328cf780f71ee71491e59194504bc800d319251607e53ba0e1ed15cd4fd5c959eaff4d3a1c7cb28c479f2776256633ef7c0f0e98688b54e8c8634cf57e27e5c1ee1e43573ae23bfbb1ff1bef6cabd33c02ff165c44f0f190426ba8391ba4f03458be3351869c5c5c9d5fa5600edbcce523525b9cd9c3bb040e34771ea277d05cb76302c72fac5edc815412dbbbc651371d70d044c4f89a68da7abd836fb3a495e212b5fd13819c41c9a240405582ae69b7c35b30935af3085d457a4d76a94c9272c5eafcecc4c92dd4f314b04b4739864e626a5bab27fa2f345f052afe3bae2ff4c442c42a1c83091bfcc23a3b5e06a511d02cefcd618a6d9761de00af192cf1aacc902cf3ba98f898c48fbc74b6710db7ac890b4f7ed7377e0fa3b4c46a131e775130a80db5014a79e674c8fc8b45495066e88201d2e320320fa4561abab617d0e67e9e879b0080a8ab404f4eb007a088990aa6a7b29afce5b8dd038ce96d43e1271315f6070e761e759c44fba1ce78730e35ca31e0bf5840cc01289c81613a07c497f288ed70a6d10d9f58fe135558b2a862bd877fcc939d7536e7dc988409290cd73da04a3b1399b0a2637f737d5f86bba4a31019546e2000a3ca57f8291cd9af28299eb93909061200c9738cca998add04e7bb0137ecc460fc3ef72872e7d13c159914fcdf577910e6c5d7a1636b13b78c5088551c614e3c75befb0f37fb89b918f4aad0126a9efd3390d6a0cab97ed0e01c7eae0e798a4142345578beb10d6b61a90b4d1fe836022def90bb8e37e07428a4592e7bf30e935951e492234a8db96f081379e7c4e18c3b6ce4ed1f97698dc1da940f14217e877bb8e0f33b392d801a01c48ec62ce2774d2e4e55e9415c063e1bfa31a8f0633443ec19c5fab977c1485147e46c06f86742278fd071de4a165dff7eddd5390a1e031d80e3d44477f6009c9fc27a7d92b865a292b0d586083f681c2d92da7e7f42eabd076fa7d61eba0c2b406c75f1cec561b1a523dd4c6f344b02ed59bd473d7d30a24144e981fc8da434931adeb841d63bb705485f8f58a180da91af64bad1379356787b37467dc9b4a0d12496e5048e7ccb40a978eebee5eaac4e9dd96faf194aa93a22333d7f68cccde147dce26c9ff18d7c8ffe0d1377c70dd1057d54473b2c2b2b3eea82fb223952c0dc3796efd0cd94afea38341ab9a83c6a9ee77f26bf8dea8510dfc964f9b9b4942c08ade50e43f06e5101f2e6b68b6a7f9cc5443c862b1198627461938daf4bd1fc7b21d6d7fd3f775f0e4a1f60434a242b049f159dbe5de145e741c5c9b4e59a7f5d7de54a6d51cd87845dde819ca74e3abf60356fbcf18bfff3b6ae1c545e243c08f9f41b86e55ed6e71be453843e0bffc5b6bdcfeefd33075ee5110627d4f05e008e54ddd62fb6979d9c2a5e4a2cb45fad7b2d77bd17508952889b30df2124cdc2fe6a749a12c9f6dbbd01226cc4ba2693b7e6a858d3c36ac6519ee70e896588a6df81b0e3be3604bbbe1a845088cf1834a04368dde8b6ee76d0492911dc09b05cf6642e0003cd8faafd398872c1a8dc3e85d3658ec8", 0x2000, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x90, 0x0, 0x0, {0xfffffffffffffffd, 0x0, 0x0, 0x5, 0x0, 0x7, {0x3, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, r2}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000061c0)="75c6c1015909d4338683df9486bbc81e43f13e4926c27c2f82f846633ae45dde55cd4aa48598dfcbe26577ac059a9420bca1c94427a6d7872a1b30832e91813fe7e1af1f00f4587326ea389615a22b9b665a4b77d6cd3efb7c7ef750596fd9d755e7c9200af5a208abf303434848890294b53f279f4390b8cba0f4c94ad8b0815e520566857afa936aea2e23f24e936f8f9b2e7aafcabd0f1fdc885b32e9dcf5eddf7cd4445f872327973e0789fe437e6201e32297c99c6be42731a056ed21fee6df04daae244d4164b1f27764dc0d3b38d824461b54c9b7f13dba393b8e2029454f5174b5a59a35970316b38de13bd00db37eb9029abcf71c734e0a865ce878284540125caad33853dc11039bda8f0fb6bb9f67065a858d9d13aa1e8a79727b376ac3b5e25f688821e19fa5573034c50882e3fcbd111e137b80b428f6986d9d8cdb2a2476fbebf22de118e27f0fc48bcfb54fccde391238eea73f5a9fbe2138ae958f44fcfe66845acb714d9b49bfba663b6fe29e09f58ff81d65abe5516378bc176bf7212ed988d1e306b36a37d35ca97a62fa5c70e76829b3f63b3deaa7b98b67fc19586cc60541fadf4b6c5da31a083e57a34399348f53b9c5ab83579ce5ea883195be71b8383cbc6e6227054f1867bcb321d9da7eff2a93f0487ecf6bd2ae805d95be46bea30d267f52ace8c21410b357fef133ace7eba38a326dae7c708a25320c70f229c555289cd8703b680d78b9c6eac6bc99c8abfe8e656f6054a7cede6330f335e9c43d88f1f31380e575fec7e04b1c8cb7b43288849dc0e1ec01e259a15986e23a501ce360a25ec565e0d7d12a20513e82c89fd4f89774ad4b395191b6a9d6b26c99bccd3bc61668dd642aeddeb506782ee87da02eab31f8281587b0dff57a7dd4d8f470c96b467a711f19855c939ef8b503a302673545eb77ba3e599962eeb4e30d5261490bde68860d14d7dfd2e797674384394a39ba4635f902d15e6198e6a2df8357fd0ef40c5a309a2aafd0d94f2983d83086b93ad787ae6b6c22389cd36ee9e958b6e297123ffa6dddfa0d5f7c56de809681b23b89ddb0f38c889c5d7957d47e2aaa1330b12cde716d47c9d60c5e0ded86c8f3c592394eec7c94740e14fdfe799d75f2417c9c8d7ff3247e85bcecda02f7c22d8133a92bc44f3c96f1b7c24fb8493b117efbb2fab56013a4f442da56c46beee7ff473e8e2618e387cb2576d6a4b1d8937203bd01d8f1f8bc035c4009ac67ebc53f88e314ceeda2c1156e0150ca1c4686db66be31986aac9d0799905058a998bf04b417fefa43a9d28e89eae3e5bce4e645097646708d26789c01ecd2b592bce9caffa134a2a31bdbd14d1cc20ef586e6827a009b3472b3fc6b8e759afce903e35f588416480621d1ffb3d7fb66dfe4f0f00e343128cd677ea9833c979cdf94f3cc3eccca626af6537a268297d860e1ee10dfa3e6ee4b30cc369208ab8d44d52e6bcc961766a303053a8e459bc95be9f0f815aba00a9f9e6d4f8c13289169e6f4c2ad4f4a0ddd88e3c54460fa01814a6e154447bade1c4d2dc99d9eadf2427ba9bffb6c3c1fe76d83971d082f7f60435f226754b647ed02aa4364ed22d4331647f4c7aa8bdf5822ecf2ec217d929e5aff4625fee1dcaf38bf4dcd2233d84eba0667c868a18a39c4337f41e9ac33b94bf7856994efcf2564fb1111518ab8dd5459939043c8d72636fc2b089aa99ff158d252a864cb2281592154ff3699623da1b8dfab8f874c14672e7a3f676a0bc654495dd1779e9ba599bfcab5b77bfdce1429dc68c8738ac23056328c918ff8e6eb735c524ce0a1413cdeebe26906d123999c3445d8a6b74dadc9b2d8718c028b52ca3bc5fd30411673dd5564111dcb4f1423c880c3160d2dd83a41bd76fc80474b7e0601a8bd2708ebe85f1b23e190833485f7f3f43b4767b9aba721711dd79d55ac5aecd9ddaa66b04490f52bf6b6475309f15bb64132dc6111be416267c04a2658c490542a7e04d6a7a9dec7237555cbdb32f051c33018452976101cda7d145f39011ac31d019dddb8755998ad1721a04b3fc3f7bb07b3ac2f2087e8f63c9070c65c509238b9d0e33a596b1247108bb7985b35bc33b9c4426e90554f00b6a9c37d1e9ddc27f2f8b16ec70a8fbf13a48659fd75cf71e245772848b4999d37e1b45a3253ae3900b03acd571f5f4621b5d0b672fd87ee83bc1c0d2c08a478fb57091c1634e10d196b4a185728736e75066eb222bfdb463762e773912d5f78fcaf400531fcb2ebe375ab81be7e5412dc153b18bdd3cb0a271e5c650ee2b3fb41727144659bd9e3867733ef3dafccff61adcbc079f0034080ad6cebd2d591f5519f374c1e9cfcc1e1d149b19ed169f3d0a63ee80513db620807e89ceb0ad9c8a5bfc3e1207aab30df7e460fc715bd0e1cf8bd1f346d56e2046f2174d67e89180e5b80c2b3947a3fa80a5def940eaabd2a53d8658d07dc7290dbbdd5277ae9a5e66a8afdbe591798e2f283903bb389274e70af2b45863e6660b62b31b0b0b7c3785f9b0cc292659f97464089399a3f517a8b3b48eb751b855f37ad65d5f2c8ff377a87225ed7c9a970dcde700c62a107b59d10e8c7a6bc2d218099c457be927e35ca4fcc839a5e77ebd022b12848a85c4611d81c6dfa703dae14cbde0e4f0d4df9c888976b09b36d4b63fd474777e8841fda0fa58a3d4291303440e5c7af3ccf8bb478068577214556f48bc14fe4f25c4566c300cde1b20aeeb90c8b6e14ceea3b1c2545e9add0036af3ef47b70eeb6a4bd945bbd514b6f297992aed30393295ac72a5170b0e4b004874405f6165721e69d5acfd091b1c31f6756a0750ab9cf5e1325b77678266b4ee9e5efab246bdee0f1d48b1281cfaa0578e063caeaab14508a340043e6ea18b495ecfe518aadbd0ba4e6d534376611121917ce1eb5197997daed456437207d1e83ad98aee13e3581b0a826eb34a6ec65b6258b0791a2e86a3cdae26d3ef60cfe77ea622bc234d42530c40bc63f86a66c2e6df3efb6b0b6f1c3370eee8e123fe6d952f03ca7ffb94f2f837296771294febf0e4dc28f626da6b4a5bfc7b4c980e3a1eb2d5fa669bc661be59a73d681cefae5def0b866bf4fd7fcd967f9a3bca09c327aaff7635e218b5b7f822c759fd2a6a0a2ddcbd1daa57aef73d69ca88679dfd39934377321e080f4fccaeb5a08786fbf7c6df97ae830f1b2ab77e66bbb9ed9aea46114638b1afd0443a625f0a6e708db7431ebd946638993ffcc7f837e30f5e66abfff9cddf1f9cefa7b025b2452014616c2a66db5d6f4afaf678b1330a70bbdfbbcfb950df9f75f03eb013189982ba8d204315ecd13d70b3ed75f14386224f83b0c95fa45fb4c40a2e655204a01187aaf705bec8e6dfa8f3a387fded3205a613606b794356818ba193a89c4eb716c66ccda98becddd25e9b681307d87d8bf1f3a581ec11becc96996cdc953fa357a1b9537c25c7ea3524d8a929caef9165970aa400e4a2d9ef6dbd7bab4a79491916112073880da0ebcc22035c1f0ea07512ef2908ec62a8e7993f2871aab05016d9cdc548bb7eb8962a54a5c13977ef6b79573d2ca2977b65c22519708af129cebc852563368c225f80d4ae2e51a7bb7d5cf7031c6379697bef8bd696f1e5671d41f4121da411d9ed6a9c345c64d71c469454c1ce8fd8f9c745f6160093cd6400e625e60b7b5646c1d1d167a63379cc87201987d28ad3dae05ab8651591ece4ddb055bf5f7310ea6858040f6cd4f38fea70568f10b09a98a12d1546e7fd5efe549622f54bbc10dcd42f60f8d61aa31fa050a0f7bcbc6e45f9dce0091b5e769ed9ed4aa31e9c1b97619945c03fccf60f8bd547dc0fa072093e4265940d223555534b77489f6cef12f523deab648d6e77b7af4614eaf283a292e3034c6bcd485e8c65f7cc52ff123d1432f53ca3bd42be8b348ba3bfaf57451a5483fce32956669ec96863c3989794fb3359a4b4ac54fbedf566859b9818a5d71779f676874fd126888ad4c03a0dd018732cf5a11e58836556d5378a50c31ae83c364ae9fdeb5e183e5b34587c13e814f2fc757cbb4dbbffeb2d362d442d0617050c33c6aaa1ea593f63374566f10b741f57805d4c74fb43435b54b92c532f865300b4351e1913a34cdc80f5eb0e09e29b248df71a08cfb93351f2af9c9cb052c46d100beeb326d92d70e40da88eabb5acca56fb5fe498ee5d9e1302c3fbd05c6bc7ab12446d089635cd4d9ad88752b131e6ec91fa553afb66ace2c2e3c3709d97b68647b244843e247cf09fd7d056002e4c1754434bd4507f0b79b964bddfd3ad9ed1d1e361995f448808c886998d69f2feadc6d2babcfda86e694866728701b8ae04ef2df56d11fe16da0da9390371fa1ad5158528c5e316b292c123e3f56a579b9e9f516e6f5d321b1df3080959443ce2f88460ec57d7707b87d7f0f878aa3a0c6dff6de51b778410906cb9668c86ebb43a856d651f475142809abecf6cfafff6ed7143b4923d375678f9cb05409a23875d180c3b60a8f80dab10cee5d54fd9b12521c47e09b5df1a5c6d05e25d81232c144385bb3b46f2b5436ee0836e066d12dfe7e844c249431dfd8713ae6428607a337f06d35778ecc5ddfe3470287fc777cde9f0f8aad11e5bf89fd3c097a0fd8f8da1ebd1e4d4de1b39ad0d1cc933e1386875cae224c29a232a15d4fc1e79196ede9ec8f2ec6fa72098a93b90d8cfce870bcffc270e0874f10dd5387867aadf6413925da4ad1d581201cc914bcbe7754685a25ee3b52bdbe20491d460f7275f943f5be210faa4e9d5dbcd4a4e23adc739c521dbc78a2040d33f206e85f3ac04dfc0195368d211de09ab29855f3ea400e12ac2d43f8ca8d12502bba88fe8e027f5970ccac619e9136ee0c9bce5ee7dd16d715a046a539e042c662723b7fac74c4e2de06f7f7ef4e31648a19b0bf9628d57f3bee570147aaa29faaa60ecf78e5eee6f2b5ce48706a498d72ada4334b82815af52991a77a3546dbbc80c3e53c3a4546fe7f1c0b2dd22100a943b83125c0d0e9a7c5412aa1245c228e13bb9d176fd3734c75963d18260ae25ee11a4588a41c480220bd089223cf5bb70318d4109b5ba190525362374b457b4f198a916ff6066acc5d6e1e3d19a48b2d89ce74cf9338c9ac9ed32343536549b694eb334a5c6316522bd7c703e2df29e6266d7b715ab740098dc98c4338ea91ca592f686ac5b09ceed0fc17ad127b817556289d039bed5f7afeb9922a25a64e6259e9dfa407bc595e97b3a234c053061e9d216292b60c9f2d2465b42c31a8b0357209c6134d3b94d9bc68af60204738301072792e416c8dc612405b766bc2bc4b97acde6f6844b5fb2dfee21be5c1d91a2301bdd5740852ebc8df9c36fb1ff7d8aaee18e2c75c9763366fa7692f87f7d1076980436892251203790599dc789310964a9c03f88dc1f1c0b1cac159f5e36399c75cdb805744486f5624876e81af3f0e1590d098183a40afecf0841d0acf687b13049148eed079796bbb6c1edd3f5c0f5661a2d329b0165ac12f5cf58606970656d2c4d13a4cf2e15aaec175fc59bd9f23ea7869db744fcc0eba039259c7e541efaa066106e9b2c92bdded3e42884a8a02e71457f44775692a1c4fd845ff5ba8595c55ad4bb2177f975de0d22e0feac37f5c3f16426ebcd99d17c829759ac72dc1448661394d3a104999cd40cb09d086146cc92c6408ab1a0b0ad898cbfe76d4962ad0eec1c572a78f9d7342c3de64e881e99afc5b1df3227e198c79c1727a141a8a9da7ba3aae5b3e4ee59a84020191b70fa928d7ce136904c0b03c6c13391f55b381e2df7087b00932251ad7688117cd02ef5ceb5c7dda16d069de3a3e3ff2e341db15df06a96cab1ad2a51db41310ac48d572229695ca941cdfc8416b4307ac6dc176566635bc87d94557e7e4f7a14bdf86d1293c6dafe9ecc280d1a36cc6734485d41b6bd6a33e3605591d98e17fc34f901cdbc33710d768f791b9600218fed28a5d21a0e6589c7d6fb5120c8446eba3a8c8b39dddff369b30cffc0426484ef0b6f6664bec8655e040b2bb3fe3f6863c0a36fe182e3627f6ac38d23050092327f8b67beef764bc35207ed73e4850b43a229d48105d3649c45dc658e27b964b149f978b884268e69a4b353a06e473da3dc7d94c93f7070aae7f3cd2b422840ae55105a6ade053b47b2c72f8b7bad5edc52bc6a8daae76922517e6e3f19b82c5a286e7bfc7254d764ddb79c612e91e1bc61927ad424d1914043a6aacfecb7c90ffb16797349a1ec02de9585b51f19da3a0665f484826f77759234b4b4b7ebf0e176fde2571abc3d4714b543000a1726743dc9e0e6c0bc393b25300287603f47464988eed454ca2dc4377c4c1056f688aa1b5a40d380ba787e962f5cbb902db29a084e305b68f289df8112d19b9a34a32b76a827aa607eb306982aa8aa071c3909c9d1120a0e15a041524eeb12cba62e0378ffcfdf14821710c0d767e32e6a1bd09e76e4f6f9fe4843a967bd633a5fae28a3ae1f64861df70aec3c0cff134a5c8609f011686a430a0c7ef3a36a34a36e0d401b51e51c7eb6e8d13e8616f8c40f0bea3ed9c2b722e141567dbb558da1d7c509ee205b2e9936702b79cec40270398b97dc3525bad7b6809aece6cbe80728c4a188935aaad9edf706a557b84614741259345dfcff830299c640ab3cc534bc1ed744b3a935bb2943e4f8582600394b43269bb94b7c8b6de766770c43b96b04d59d6bb15831fe0bfbc0bb930141d0bd64c280c0a42f49380dd315adab35a4ebaa081ae1f736669156088e2d07670169ec89b85fe4149362135b290336c20451330a968e457c1c8b30ba6ee5ec335b9356a84a19dd459d49ed0b12f730289c24565d2ab0c1d5ed68fb4fa92800c8be4eba970913dd2cec7cfc1617ef0b3f7cae1d2979d2944bcdc375cf0c16a86ac6d5ed98a8d9405b674108f0bfb16b9c0408b134bec0df951bbf261ebc0be30ef15321bf82a6a482bc02db237e1a3d0c401316082ba674962a819d73671829f329b67dd5fcf3715fe6219fbf3631d265a5f0c7cfc3c107e469a55318357fc4f5f28fe48c534025fe0c1f06fa815987b7e1f5acd5a16fdd1c0dccb18d1047f8fb837affeb16dffbf91e01ea904571b21a1c0ac3cab6054314a7becb4188c96596258661a8eb71fcb374ada50b4c8e381f8e76a6b56a9e20a04ecf87445eb164760a4b9abcf96be310a9e0c2ac067f3be2bc05aeb0e91e9998bd1be01c68ce885edb372ca48d8518b45ecce90e2144c2356ceac563bfb4735ce0f21427bec2f728798578ef3c83e0a9ec0e16c4bb1ee24e99ca4dec6888eec3727702e058a3e0d5b8d5a72819b5b9dedd5e698ddb1f4542bd19f6cfdfe62cc179c7ee17307d2d8868c61d061a9310b8a037009017d24dcc6137f79926e20ff015cef3de464c2a9774b1db06a885782ac5abfcd1d48a0d65cdb898d3acaf6fbe347d4a80c9455cf7f16d8c890bc629b5d28d669e74db300023471c887f718ad5e7150890e7fdb8c78f2e63f727b205c71640840bedc58f9a52445ea55b95a6b7ddb7919e64728f716ad19c416fb51bac0e3535ff50a16acf7bdfe8066d519ce21ca4a17e4008c00b9f21c72f718d4de2d0cbeff5ca13032d498540478685bc7e45b4d5773c28acc39e58737dc2a3c907bef44e3e2af584fc7aac8f0e7d82fffc341cc984a9a7523de2ef72970646ce8b0d608315d888cc7cfa0f32d1d8da8aa646d9ad12b5dbe8049178b1ffe3bd13183d76dd06073cbca93685f096d8aedfde7c16060ca6bf3d14a24fcfa073673d77321ebfb290b2e92ea026e69ac6881a94e9ebc9b8ddb799ffb8ee771b7951312cc110a1c99a06529c0a0775b830805c54367001ceb69dcf5ab6a11d197bf1d170f686d53ec1b9635db856fd27b92e966f6c6a59ba8bb1ba812937d1b1e68193b3d7e4b213f7eb2a716717a73db04dd22878bfc34646499ded4a7acbffe6694bbae40635e6f0f322dc1662eb7e34b5a1f4a19c0c77bf2faa29b4aa2e2bb88238302cebc0210674473a3a440ddd1ce34317d74638acef8f6b8e471568887a6192a9ddf7c9d003e4890e4390a05bb5a0de8ca6ee7cebe360e6a7b326b3bf56f08fe8732fe8cf56781054ee56db70b45719f40b529d9cc9ff65362fae742c19b958cced92dac22a880ed6def03c3729612bb0ee34ff18557087a103474eff4f8066f8f25379a4d823f95718afbe5601a613abf3af27d247c88fba62280e904c4038fd8b370018a103693091ad3a44fb8be1e73fe9651c8beb51d70f945ca6ac32585b1a693b2d4598178839c10a7e60553fc83122647c5853e31bdef3a1b304da02a5b6df5d37217749c03467024a70703e32d0ec971ce4a8bab10b7a5a12303a7db83526a7fa3c4ec9fc6e125089c05f3a16e7be89249495e5b20cd6857c93378f524d0c46894e595ee76e301bd6da1743ae4e7e750ad8c4f0282f0bbf12e90383af5796e447fee78e302cf46e3a45126fd59d49a624f7033caeac61d49e147d5ed8e85a90c8914efbdfe2bebdf2ae19b58ce9b61684697dc6f0c65088437df7ec3810724ad7a021ec82b0351826dad927acd1a0662f7fc0278bcfcaafa11315bf5121d1b62f0f0471c54052bee73f2b1fb4139243a6d8de170c80604eadab39021306ff9cf5ce751af1fef52e232fc7c64247e32119e4de98d076b0dc84cf918100d8d3ebff83abefee2353acd133612e3815b8ae14d4f0d1006152807e3b42e035b9a62b58d64706730809a21440c7a9ea228ee033abf7cff2343fc4360b541311fa9ad18110be064ccab41436ca6560081111528dd2eb46a961392f024026d127b5836466fdfba1078b1a89f4c88bf8244b640da376a81142db5b1f27bc7e429cc15e6bad993f3d76f2ba3ff0815895361f20067f57fddd43f44b47375340c39283b3871a68f28b0a8166ac3ee35c8393278d5d2d3887c8a0a964f56f1769c29adbba6fbca7901415e2ab3b63f82d09caa3bf6e7f2e743aa073b57ed8a097f80c47ee546e2fe7b4f6fcbc98770fd7e9f1480517f26656171d394cf47ea395bfb995c087f93cde36b07f3507de2ae23d75b000a532c71265521631e4f8126c5eb96f15d04f183e2162ad9c967c0a1c291f1f1fc2b644271f160764af4e469823c3535ebb25cbc37f09b43fbd258b4a1d45335f162ad5f3d9e5406b671811cc0a16e76f4874041bac7b116483a0727f59a2144ca0490fb8acac82e62cba2e45442d4bf35e49f240a57f542be5df86f6942a5a4b82ff437ff2494c7837d22711aae24265a954d8b6e44b731022214e97ef1111f9bd5fde591bba1541799641670bdb290bd45c15c6b7f594179e3a81873f60e382de67bfe33ec177b64950e05706f1243388ffce2a541c5f30a72cf25623e1c35e72bdebf6d87b4684ff156efb10f96392ddb71353d8c8535173ce57ca41905afbef07ba646a067b2fd71bf3e9335e47672fb43639d7a6a4d51923243121724cb3bca92d304ba2c3fc4942b50c302f1ebb15902c5e191d0b3588df150ddb6aa67477a0046394f6ba91c38cb70d4bf5181e5e99d5c5e1fc39ed3c9b793f0520cf96831d65d51b0ecd92e3bee353b413483fa57690152bb4b524fa6d81d82f66bc2b260a40c232dabe1962f0349a078ec42ccc93bd4acbbcfe61af01388719bcf395f27c401f604684a312624820bfa594755fba5a7f61a7d59f364122398b573f37af4b0526099350b43e5bb8c42300be4f2f78a7fd5a317cb6a7cba8758d25122bb3e0fdab6d4968a668fb6db5e9a790d3e9d44fe0438fe1f3c2e372f28f3787c1c0163fdcf4812c48c08a381a651d4acab89797cf7a4cb1b792d049fdb4d61eb5e65e2870d94b5b23adbabb1c3e6860a021ec90e226475e5b7358199ffe783536ad7be7437b536affb32c74d5c7702b2d6eb47f3b14132bc270ee6ff482fcf6bd5125ac3b17f72e1de54f07d8f97535a0e59c5b8738c9aa630eeddb0c72d3320bf6e99eaf2b321965734106a49b82c57851f2cdbfcbe7197c3eee3a51e03beedb57a186972f0c276579c0cd429e012b3c09f697ec9a71aa074385e1a1c3d3f235bf6e72072be48d025965866667d64a9d80a18baba65ebf3594c5514dee7e4b414e72f79a47a6aab389cfdc5258d08bbb808c97e1f6e0598bc8b7935dc6faa051a95635cc31169b5b8a044a7ecdb9435b1dd5dcf7d28998cb834212777b49a02932787bd690f102fb0772284feebc0aa7b5b4887c8d397c0350a010dffe01c6d35e0de2685e6dcc5e71e1542998610b12eec1cebf0bcfa4ddce0bf7b666216c1a352818e941904203dd64d7a253c9632672885e83e2bccd48410a80294a4628f24913cca629fbc5f4a5c4fa0c3c918f479c2247b8cd3768a144894ee10f41f73d18555661b68679dc09f6fb8647f85a4c752d66679468f96400f300d2636e97af596fccb3fa68038ec626d896b40b1297ab4f849dbbe109886fdb3db6cd230271a8c164be8565772125c86059dcb3aa18d40cbcc356450859b5c157f60f4c657d38c0abf8287a836ced10d852025b70000b04d6977306b5d19cac3ed6d50cf0f2a623fce68a233dd6263c0635783998d0a2da76d5080ca8aac7afe8b5750004be87b260f5c6f6dfe4ffbe55fa86924b3fae0f84e2c23f608f41e4d4e4611f22cb282d9ec2413817656806265cd4b0ec24b2ccf79235f348d5d327618c79717f4a849bf838ce3edf7b02fc27bf92abe64aded9f6f2ee8857384dbf63f88471c73cc28366c30b37361ccdb95e16523a6f65f198906b75e148e9ca78ea7e823db6ab7221697e5fc285dfb308ccfa47980e7c4bb4f6047da4cb127ba2334b6ae616098149ffb0cfd5467dc97580d838929b5363768030a59ee1b60f60194094ca8f02ba5aa3eccf7eab811a8204f6f73a886f74d0ac4669d282c7f1cfb29b26f4902f6f7e0b027b01090f362313a5ad20aa719432cea2444959d19c7889f5b3c37ae7439974bd7cb2c03279a402418600bc854b1f9456d62081a89c931b1bf427e3f495e4dcb6f85d9beb948c62a19ea47b40a00525704bda039ba87a7ea1a674da1e9d2da3878438ef4f48fb76e865841934fe0d1886714a422f1b13db25c0587f4557c042545fbae6c91aa2e9fc5a8f84b5fe90427192b0140527c56fc437be55a48d0a82d2fbb8e5254da21a3d48e5632933d1a54b3a2c0bc7ea34321640708a5790185b1f00439971d676ae6fddf92db22bc801cce738768b0618578f192fcfb4a9b9d736b61f7aeaac0ae76039ee17052f20c23754c9e3ab751a5567648eeae2de4183a7ae6d6149eeca6566a7388c3c7ff41bc7e3858978ea73dae0c9af915232f9f05308bb6b7f99fcd265a95edc4ff3ff5ccb02840c75f4d19a118deb7ef445f617bcd15a8c6fb975e51e776527eff86c7b50bcae2e3797d26237ae8e9722639decaf9489b12ad7aeaff6db3e447df91302ac942de2b6ff30b1eb506a43a0e65f02de7d512f41ee700d62b70b982d55dca30494c04a28adee874a1c7c00", 0x2000, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={0x90, 0x0, 0x8000000000000001, {0x3, 0x0, 0xb, 0x0, 0x2, 0x482c7, {0xffffffffffffffff, 0xa, 0x9, 0x108, 0x1a20, 0xb, 0x5e5, 0x81, 0x6, 0x8000, 0x7, 0x0, r3, 0x8, 0x10000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})

58.70349ms ago: executing program 1 (id=907):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x7d, &(0x7f0000000000)={0x0, 0xffff0006}, 0x8)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00', @ANYRESDEC=r1, @ANYBLOB=',version=9p2000,\x00'])
write$P9_RVERSION(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="150000006bffff", @ANYRES16=r4, @ANYRESHEX=r5, @ANYRES16=0x0], 0x15)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000200000002007a711726f4c303f8d276ea00"], 0x0, 0x26}, 0x28)
socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000030000000000350000000000957d64510f3ce9d7bb411375a5cb8c923a5f86370c917bac822528f73d98881ed85b65dbc196a8a99acfa2186870428a667196e3475f3df0623e1b3be0522abdaae89e37b1c67f7bafd3474aa7c39849c388bec8124e4111fd7ae065bd673b61d5aef2a5fdd5fa912ee1b94c3a6ef4a95ef4b68147d658a3c30dbb45303b191b4985c67688e9af13ec74caf16e989d967a8720001027a892c305bfb3790b9b3d8961b7822b9c39b9d6474763b6149732974cc744151c75f559b25abc6b1b6896fe4038f707e2160000000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r6}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2800, 0x0, 0x1, 0xfffffffffffffea4, &(0x7f00000000c0)='\x00', 0x0, 0x0, 0x0, 0x7f}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
r9 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
setsockopt(r9, 0xf1178ca7, 0x7, 0x0, 0x0)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r10, &(0x7f0000006000), 0x0, 0x22, 0x0)
setsockopt$sock_int(r3, 0x1, 0x28, 0x0, 0x0)
r11 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[], 0x0)
syz_usb_ep_write$ath9k_ep2(r11, 0x83, 0x8, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000240)={'veth0_to_bridge\x00'})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)

372.916µs ago: executing program 0 (id=908):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000440)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000380)={@fd, @fda={0x66646185, 0x1, 0x1, 0x26}, @flat=@weak_handle={0x77682a85, 0x10a, 0x2}}, &(0x7f0000000180)={0x0, 0x18, 0x38}}, 0xfffffffffffffff0}], 0x0, 0x0, 0x0})

195.782µs ago: executing program 2 (id=909):
setfsgid(0xee00)
setresgid(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r0 = syz_io_uring_setup(0x2115, &(0x7f0000000000)={0x0, 0x4b3a, 0x10, 0x3, 0x247}, &(0x7f0000000080), &(0x7f0000000140))
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@float={0x1, 0x0, 0x0, 0x10, 0x10}]}}, 0x0, 0x26, 0x0, 0x1}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x9, 0x8, 0x8, 0x90, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1, 0x5, 0x2}, 0x50)
r2 = syz_io_uring_setup(0x45, &(0x7f0000000300)={0x0, 0x0, 0x40, 0x2, 0x2a2, 0x0, r0}, &(0x7f0000000100), &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x22, &(0x7f0000000380)={&(0x7f0000001000)}, 0x1)

106.435µs ago: executing program 0 (id=910):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000040)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @info_reply={0x10, 0x0, 0x0, 0x3, 0xe}}}}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000100)={0x3, 0x0, 0xfffffffc}, 0x10)
write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000000fe0000000000000908000f00fd000000", 0x24)

0s ago: executing program 2 (id=911):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0xfffffffffffffff5, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {0x1, 0x40000000, 0x0, 0x0, 0x30, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@binder={0x73622a85, 0x102, 0x8000000000}, @flat=@weak_handle={0x77682a85, 0x1100, 0x2}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

0s ago: executing program 3 (id=912):
syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)

kernel console output (not intermixed with test programs):

ss=rxrpc_socket permissive=1
[   71.870445][ T6693] macsec1: left promiscuous mode
[   71.872280][ T6693] macsec1: left allmulticast mode
[   71.875371][  T212] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 20004 - 0
[   71.878258][  T212] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 20004 - 0
[   71.894080][  T212] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 20004 - 0
[   71.897228][  T212] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 20004 - 0
[   71.915972][ T6693] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.918802][ T6693] 8021q: adding VLAN 0 to HW filter on device team0
[   71.924510][ T6693] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   71.950449][ T6698] netlink: 12 bytes leftover after parsing attributes in process `syz.0.263'.
[   71.957504][ T6696] netlink: 44 bytes leftover after parsing attributes in process `syz.3.262'.
[   71.961836][ T6696] dlm: no locking on control device
[   71.967009][ T6700] netlink: 44 bytes leftover after parsing attributes in process `syz.3.262'.
[   72.001468][ T6698] bond1: (slave geneve2): Enslaving as an active interface with an up link
[   72.004981][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 20004 - 0
[   72.007655][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 20004 - 0
[   72.009438][ T6704] netlink: 8 bytes leftover after parsing attributes in process `syz.1.264'.
[   72.010382][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 20004 - 0
[   72.023536][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 20004 - 0
[   72.023859][ T6704] netlink: 12 bytes leftover after parsing attributes in process `syz.1.264'.
[   72.072556][   T40] audit: type=1400 audit(1774445792.376:278): avc:  denied  { create } for  pid=6707 comm="syz.3.265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   72.087213][   T40] audit: type=1400 audit(1774445792.386:279): avc:  denied  { write } for  pid=6707 comm="syz.3.265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   72.155389][ T6714] binder: 6713:6714 ioctl c0306201 2000000004c0 returned -14
[   72.184030][   T40] audit: type=1400 audit(1774445792.486:280): avc:  denied  { create } for  pid=6717 comm="syz.1.270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   72.190013][   T40] audit: type=1400 audit(1774445792.486:281): avc:  denied  { write } for  pid=6717 comm="syz.1.270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   72.192893][ T6720] binder: 6719:6720 ioctl d0009412 200000000780 returned -22
[   72.200400][ T6720] ip6t_srh: unknown srh invflags 4000
[   72.204604][ T6720] binder: 6719:6720 ioctl c0306201 2000000004c0 returned -14
[   72.205998][   T40] audit: type=1400 audit(1774445792.486:282): avc:  denied  { setopt } for  pid=6717 comm="syz.1.270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   72.214016][   T40] audit: type=1400 audit(1774445792.486:283): avc:  denied  { ioctl } for  pid=6717 comm="syz.1.270" path="socket:[13526]" dev="sockfs" ino=13526 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   72.226018][ T6724] netlink: 76 bytes leftover after parsing attributes in process `syz.1.273'.
[   72.240192][ T6726] FAULT_INJECTION: forcing a failure.
[   72.240192][ T6726] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   72.245585][ T6726] CPU: 1 UID: 0 PID: 6726 Comm: syz.3.274 Not tainted syzkaller #0 PREEMPT(full) 
[   72.245610][ T6726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   72.245620][ T6726] Call Trace:
[   72.245628][ T6726]  <TASK>
[   72.245635][ T6726]  dump_stack_lvl+0x100/0x190
[   72.245671][ T6726]  should_fail_ex.cold+0x5/0xa
[   72.245696][ T6726]  _copy_from_user+0x2e/0xd0
[   72.245717][ T6726]  binder_ioctl+0x4f5/0x7610
[   72.245763][ T6726]  ? tomoyo_path_number_perm+0x188/0x580
[   72.245794][ T6726]  ? __pfx_binder_ioctl+0x10/0x10
[   72.245826][ T6726]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   72.245855][ T6726]  ? do_vfs_ioctl+0x226/0x13e0
[   72.245882][ T6726]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   72.245908][ T6726]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   72.245945][ T6726]  ? hook_file_ioctl_common+0x146/0x410
[   72.245971][ T6726]  ? selinux_file_ioctl+0x139/0x290
[   72.245996][ T6726]  ? selinux_file_ioctl+0xb4/0x290
[   72.246024][ T6726]  ? __pfx_binder_ioctl+0x10/0x10
[   72.246053][ T6726]  __x64_sys_ioctl+0x18e/0x210
[   72.246083][ T6726]  do_syscall_64+0x106/0xf80
[   72.246109][ T6726]  ? clear_bhb_loop+0x40/0x90
[   72.246132][ T6726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.246151][ T6726] RIP: 0033:0x7fa6eeb9c799
[   72.246167][ T6726] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   72.246184][ T6726] RSP: 002b:00007fa6efa84028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   72.246203][ T6726] RAX: ffffffffffffffda RBX: 00007fa6eee15fa0 RCX: 00007fa6eeb9c799
[   72.246215][ T6726] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003
[   72.246226][ T6726] RBP: 00007fa6efa84090 R08: 0000000000000000 R09: 0000000000000000
[   72.246237][ T6726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.246248][ T6726] R13: 00007fa6eee16038 R14: 00007fa6eee15fa0 R15: 00007ffd77ce6b78
[   72.246273][ T6726]  </TASK>
[   72.246281][ T6726] binder: 6725:6726 ioctl c0306201 2000000001c0 returned -14
[   72.316003][   T40] audit: type=1400 audit(1774445792.626:284): avc:  denied  { create } for  pid=6732 comm="syz.0.276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   72.317300][   T40] audit: type=1400 audit(1774445792.626:285): avc:  denied  { write } for  pid=6732 comm="syz.0.276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   72.317434][   T40] audit: type=1400 audit(1774445792.626:286): avc:  denied  { nlmsg_read } for  pid=6732 comm="syz.0.276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   72.391002][ T6735] binder: 6734:6735 ioctl c0306201 2000000001c0 returned -14
[   72.426334][ T6745] binder: BINDER_SET_CONTEXT_MGR already set
[   72.428312][ T6745] binder: 6743:6745 ioctl 4018620d 200000000300 returned -16
[   72.493307][ T6753] netlink: 'syz.3.285': attribute type 10 has an invalid length.
[   72.500994][ T6755] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6
[   72.547506][ T6761] loop2: detected capacity change from 0 to 7
[   72.553376][ T6761]  loop2:
[   72.554446][ T6761] loop2: partition table partially beyond EOD, truncated
[   72.704774][ T6766] fuse: Bad value for 'fd'
[   72.778226][ T6771] binder: BINDER_SET_CONTEXT_MGR already set
[   72.780180][ T6771] binder: 6770:6771 ioctl 4018620d 200000000300 returned -16
[   72.890209][ T6783] Cannot find del_set index 0 as target
[   73.004443][ T6795] binder: 6793:6795 ioctl c0306201 2000000004c0 returned -14
[   73.008893][ T6797] fuse: Bad value for 'fd'
[   73.050908][ T6806] binder: BINDER_SET_CONTEXT_MGR already set
[   73.053476][ T6806] binder: 6803:6806 ioctl 4018620d 200000000300 returned -16
[   73.055899][ T6805] binder: 6804:6805 ioctl c0306201 2000000001c0 returned -14
[   73.101055][ T6811] binder: 6808:6811 ioctl c0306201 2000000004c0 returned -14
[   73.105363][ T6812] netlink: 'syz.3.305': attribute type 10 has an invalid length.
[   73.107949][ T6812] team0: entered promiscuous mode
[   73.109778][ T6812] team_slave_0: entered promiscuous mode
[   73.113236][ T6812] team_slave_1: entered promiscuous mode
[   73.115378][ T6809] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[   73.115465][ T6812] team0: entered allmulticast mode
[   73.118113][ T6809] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[   73.118296][ T6809] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[   73.119992][ T6812] team_slave_0: entered allmulticast mode
[   73.126965][ T6809] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[   73.127011][ T6812] team_slave_1: entered allmulticast mode
[   73.133570][ T6812] bridge0: port 3(team0) entered blocking state
[   73.136072][ T6812] bridge0: port 3(team0) entered disabled state
[   73.140559][ T6812] bridge0: port 3(team0) entered blocking state
[   73.142867][ T6812] bridge0: port 3(team0) entered forwarding state
[   73.206539][ T6819] xt_hashlimit: size too large, truncated to 1048576
[   73.222177][ T6823] fuse: Bad value for 'fd'
[   73.251660][ T6827] binder: 6825:6827 ioctl c0306201 2000000004c0 returned -14
[   73.297325][ T1027] usb 7-1: USB disconnect, device number 4
[   73.335205][ T6838] binder: 6837:6838 ioctl c0306201 2000000004c0 returned -14
[   73.587044][ T5447] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   73.641498][ T6852] binder: 6851:6852 ioctl c0306201 2000000004c0 returned -14
[   73.670695][ T6854] FAULT_INJECTION: forcing a failure.
[   73.670695][ T6854] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.676388][ T6854] CPU: 3 UID: 0 PID: 6854 Comm: syz.3.326 Not tainted syzkaller #0 PREEMPT(full) 
[   73.676412][ T6854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   73.676424][ T6854] Call Trace:
[   73.676432][ T6854]  <TASK>
[   73.676440][ T6854]  dump_stack_lvl+0x100/0x190
[   73.676484][ T6854]  should_fail_ex.cold+0x5/0xa
[   73.676509][ T6854]  _copy_from_user+0x2e/0xd0
[   73.676530][ T6854]  binder_thread_write+0x12cb/0x4dd0
[   73.676565][ T6854]  ? __x64_sys_ioctl+0xb7/0x210
[   73.676597][ T6854]  ? __lock_acquire+0x4a5/0x2630
[   73.676618][ T6854]  ? __pfx_binder_thread_write+0x10/0x10
[   73.676647][ T6854]  ? find_held_lock+0x2b/0x80
[   73.676670][ T6854]  ? binder_debug+0xe0/0x190
[   73.676695][ T6854]  ? __pfx_binder_debug+0x10/0x10
[   73.676718][ T6854]  ? binder_debug+0xe0/0x190
[   73.676742][ T6854]  ? __pfx_binder_debug+0x10/0x10
[   73.676781][ T6854]  binder_ioctl+0x2941/0x7610
[   73.676818][ T6854]  ? tomoyo_path_number_perm+0x188/0x580
[   73.676851][ T6854]  ? __pfx_binder_ioctl+0x10/0x10
[   73.676881][ T6854]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   73.676911][ T6854]  ? do_vfs_ioctl+0x226/0x13e0
[   73.676939][ T6854]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   73.676967][ T6854]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   73.677004][ T6854]  ? hook_file_ioctl_common+0x146/0x410
[   73.677030][ T6854]  ? selinux_file_ioctl+0x139/0x290
[   73.677056][ T6854]  ? selinux_file_ioctl+0xb4/0x290
[   73.677085][ T6854]  ? __pfx_binder_ioctl+0x10/0x10
[   73.677114][ T6854]  __x64_sys_ioctl+0x18e/0x210
[   73.677145][ T6854]  do_syscall_64+0x106/0xf80
[   73.677172][ T6854]  ? clear_bhb_loop+0x40/0x90
[   73.677194][ T6854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.677214][ T6854] RIP: 0033:0x7fa6eeb9c799
[   73.677230][ T6854] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   73.677272][ T6854] RSP: 002b:00007fa6efa84028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   73.677291][ T6854] RAX: ffffffffffffffda RBX: 00007fa6eee15fa0 RCX: 00007fa6eeb9c799
[   73.677304][ T6854] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003
[   73.677315][ T6854] RBP: 00007fa6efa84090 R08: 0000000000000000 R09: 0000000000000000
[   73.677325][ T6854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.677336][ T6854] R13: 00007fa6eee16038 R14: 00007fa6eee15fa0 R15: 00007ffd77ce6b78
[   73.677359][ T6854]  </TASK>
[   73.677370][ T6854] binder: 6853:6854 ioctl c0306201 2000000001c0 returned -14
[   73.733214][ T5447] usb 5-1: Using ep0 maxpacket: 8
[   73.774944][ T6858] binder: 6857:6858 ioctl c0306201 2000000004c0 returned -14
[   73.776784][ T5447] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[   73.786401][ T5447] usb 5-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[   73.789703][ T5447] usb 5-1: config 179 has no interface number 0
[   73.791983][ T5447] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[   73.801359][ T5447] usb 5-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[   73.807727][ T5447] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   73.811408][ T5447] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.858329][ T6862] binder: 6861:6862 ioctl c0306201 2000000004c0 returned -14
[   73.933214][ T6018] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   74.028815][ T6016] usb 5-1: USB disconnect, device number 4
[   74.105091][ T6018] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   74.109719][ T6018] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[   74.115056][ T6018] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   74.118022][ T6018] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.123962][ T6018] usb 7-1: config 0 descriptor??
[   74.132190][ T6018] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[   74.324854][ T6870] netlink: 'syz.1.334': attribute type 27 has an invalid length.
[   74.383770][ T6870] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.386730][ T6870] 8021q: adding VLAN 0 to HW filter on device team0
[   74.390746][ T6870] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   74.432937][ T6872] binder: 6871:6872 ioctl c0306201 2000000004c0 returned -14
[   74.476778][ T6874] __nla_validate_parse: 4 callbacks suppressed
[   74.476795][ T6874] netlink: 12 bytes leftover after parsing attributes in process `syz.1.336'.
[   74.563265][ T6879] netlink: 8 bytes leftover after parsing attributes in process `syz.0.338'.
[   74.566529][ T6879] netlink: 12 bytes leftover after parsing attributes in process `syz.0.338'.
[   74.578740][  T212] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   74.582355][  T212] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   74.587463][  T212] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   74.590744][  T212] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   74.702755][ T6898] comedi: No check for data length of config insn id 4050 is implemented
[   74.712015][ T6898] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[   74.729900][ T6898] comedi: Assuming n=15 is correct
[   74.773775][ T6906] FAULT_INJECTION: forcing a failure.
[   74.773775][ T6906] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.786062][ T6906] CPU: 0 UID: 0 PID: 6906 Comm: syz.1.349 Not tainted syzkaller #0 PREEMPT(full) 
[   74.786087][ T6906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   74.786097][ T6906] Call Trace:
[   74.786103][ T6906]  <TASK>
[   74.786109][ T6906]  dump_stack_lvl+0x100/0x190
[   74.786144][ T6906]  should_fail_ex.cold+0x5/0xa
[   74.786169][ T6906]  _copy_from_user+0x2e/0xd0
[   74.786189][ T6906]  binder_thread_write+0x12cb/0x4dd0
[   74.786218][ T6906]  ? __x64_sys_ioctl+0xb7/0x210
[   74.786248][ T6906]  ? __lock_acquire+0x4a5/0x2630
[   74.786264][ T6906]  ? __pfx_binder_thread_write+0x10/0x10
[   74.786292][ T6906]  ? find_held_lock+0x2b/0x80
[   74.786314][ T6906]  ? binder_debug+0xe0/0x190
[   74.786336][ T6906]  ? __pfx_binder_debug+0x10/0x10
[   74.786361][ T6906]  ? binder_debug+0xe0/0x190
[   74.786381][ T6906]  ? __pfx_binder_debug+0x10/0x10
[   74.786419][ T6906]  binder_ioctl+0x2941/0x7610
[   74.786466][ T6906]  ? tomoyo_path_number_perm+0x188/0x580
[   74.786497][ T6906]  ? __pfx_binder_ioctl+0x10/0x10
[   74.786528][ T6906]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   74.786556][ T6906]  ? do_vfs_ioctl+0x226/0x13e0
[   74.786583][ T6906]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   74.786675][ T6906]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   74.786711][ T6906]  ? hook_file_ioctl_common+0x146/0x410
[   74.786735][ T6906]  ? selinux_file_ioctl+0x139/0x290
[   74.786759][ T6906]  ? selinux_file_ioctl+0xb4/0x290
[   74.786785][ T6906]  ? __pfx_binder_ioctl+0x10/0x10
[   74.786814][ T6906]  __x64_sys_ioctl+0x18e/0x210
[   74.786844][ T6906]  do_syscall_64+0x106/0xf80
[   74.786869][ T6906]  ? clear_bhb_loop+0x40/0x90
[   74.786891][ T6906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.786910][ T6906] RIP: 0033:0x7f37a499c799
[   74.786926][ T6906] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   74.786943][ T6906] RSP: 002b:00007f37a58af028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   74.786961][ T6906] RAX: ffffffffffffffda RBX: 00007f37a4c15fa0 RCX: 00007f37a499c799
[   74.786972][ T6906] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003
[   74.786983][ T6906] RBP: 00007f37a58af090 R08: 0000000000000000 R09: 0000000000000000
[   74.786993][ T6906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.787003][ T6906] R13: 00007f37a4c16038 R14: 00007f37a4c15fa0 R15: 00007fff47011138
[   74.787027][ T6906]  </TASK>
[   74.787038][ T6906] binder: 6905:6906 ioctl c0306201 2000000001c0 returned -14
[   74.839580][ T6912] FAT-fs (sr0): bogus number of reserved sectors
[   74.888719][ T6912] FAT-fs (sr0): Can't find a valid FAT filesystem
[   75.015727][ T6926] netlink: 'syz.3.358': attribute type 10 has an invalid length.
[   75.043646][ T6930] Cannot find add_set index 0 as target
[   75.080370][ T6933] loop2: detected capacity change from 0 to 7
[   75.086361][ T5946]  loop2:
[   75.087733][ T5946] loop2: partition table partially beyond EOD, truncated
[   75.095146][ T1027] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   75.098357][ T6933]  loop2:
[   75.099514][ T6933] loop2: partition table partially beyond EOD, truncated
[   75.112098][ T6935] Mount JFS Failure: -5
[   75.114160][ T6935] jfs_mount failed w/return code = -5
[   75.263271][ T1027] usb 5-1: Using ep0 maxpacket: 16
[   75.267488][ T1027] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   75.272391][ T1027] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   75.278967][ T1027] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   75.282920][ T1027] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   75.286518][ T1027] usb 5-1: Product: syz
[   75.287929][ T1027] usb 5-1: Manufacturer: syz
[   75.289874][ T1027] usb 5-1: SerialNumber: syz
[   75.300771][ T1027] r8152-cfgselector 5-1: Unknown version 0x0000
[   75.302791][ T1027] r8152-cfgselector 5-1: config 0 descriptor??
[   75.437284][ T6955] SET target dimension over the limit!
[   75.477045][ T6960] netlink: 4 bytes leftover after parsing attributes in process `syz.1.373'.
[   75.513723][  T212] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.515639][ T6911] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   75.516418][  T212] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.520787][ T6911] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   75.533211][ T6965] binder: 6964:6965 ioctl c0306201 2000000004c0 returned -14
[   75.534955][ T1027] r8152-cfgselector 5-1: USB disconnect, device number 5
[   75.570858][ T6970] binder: 6969:6970 ioctl c0306201 2000000001c0 returned -14
[   75.616758][ T6976] binder: 6975:6976 ioctl c0306201 2000000004c0 returned -14
[   75.652433][ T6978] netlink: 'syz.3.380': attribute type 10 has an invalid length.
[   75.652448][ T6978] netlink: 40 bytes leftover after parsing attributes in process `syz.3.380'.
[   75.822246][ T6990] xt_hashlimit: size too large, truncated to 1048576
[   75.851097][ T6993] binder: 6992:6993 ioctl c0306201 2000000004c0 returned -14
[   76.101917][ T7009] FAULT_INJECTION: forcing a failure.
[   76.101917][ T7009] name failslab, interval 1, probability 0, space 0, times 0
[   76.109002][ T7009] CPU: 1 UID: 0 PID: 7009 Comm: syz.3.395 Not tainted syzkaller #0 PREEMPT(full) 
[   76.109024][ T7009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   76.109033][ T7009] Call Trace:
[   76.109040][ T7009]  <TASK>
[   76.109047][ T7009]  dump_stack_lvl+0x100/0x190
[   76.109079][ T7009]  should_fail_ex.cold+0x5/0xa
[   76.109100][ T7009]  should_failslab+0xc2/0x120
[   76.109116][ T7009]  __kmalloc_cache_noprof+0x7a/0x6f0
[   76.109136][ T7009]  ? binder_transaction+0x748/0x9ee0
[   76.109167][ T7009]  binder_transaction+0x748/0x9ee0
[   76.109193][ T7009]  ? ima_match_policy+0x8b8/0x2340
[   76.109222][ T7009]  ? __lock_acquire+0x4a5/0x2630
[   76.109263][ T7009]  ? __pfx_binder_transaction+0x10/0x10
[   76.109291][ T7009]  ? __lock_acquire+0x4a5/0x2630
[   76.109309][ T7009]  ? __lock_acquire+0x4a5/0x2630
[   76.109333][ T7009]  ? find_held_lock+0x2b/0x80
[   76.109353][ T7009]  ? is_bpf_text_address+0x8a/0x1a0
[   76.109376][ T7009]  ? is_bpf_text_address+0x8a/0x1a0
[   76.109402][ T7009]  ? __lock_acquire+0x4a5/0x2630
[   76.109419][ T7009]  ? __lock_acquire+0x4a5/0x2630
[   76.109434][ T7009]  ? __kernel_text_address+0xd/0x30
[   76.109453][ T7009]  ? unwind_get_return_address+0x59/0xa0
[   76.109481][ T7009]  ? find_held_lock+0x2b/0x80
[   76.109504][ T7009]  ? __might_fault+0xc5/0x140
[   76.109525][ T7009]  ? __might_fault+0xc5/0x140
[   76.109547][ T7009]  binder_thread_write+0x131f/0x4dd0
[   76.109567][ T7009]  ? __x64_sys_ioctl+0xb7/0x210
[   76.109587][ T7009]  ? __lock_acquire+0x4a5/0x2630
[   76.109598][ T7009]  ? __pfx_binder_thread_write+0x10/0x10
[   76.109617][ T7009]  ? find_held_lock+0x2b/0x80
[   76.109631][ T7009]  ? binder_debug+0xe0/0x190
[   76.109647][ T7009]  ? __pfx_binder_debug+0x10/0x10
[   76.109662][ T7009]  ? binder_debug+0xe0/0x190
[   76.109682][ T7009]  ? __pfx_binder_debug+0x10/0x10
[   76.109706][ T7009]  binder_ioctl+0x2941/0x7610
[   76.109728][ T7009]  ? tomoyo_path_number_perm+0x188/0x580
[   76.109747][ T7009]  ? __pfx_binder_ioctl+0x10/0x10
[   76.109766][ T7009]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   76.109784][ T7009]  ? do_vfs_ioctl+0x226/0x13e0
[   76.109802][ T7009]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   76.109820][ T7009]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   76.109842][ T7009]  ? hook_file_ioctl_common+0x146/0x410
[   76.109857][ T7009]  ? selinux_file_ioctl+0x139/0x290
[   76.109873][ T7009]  ? selinux_file_ioctl+0xb4/0x290
[   76.109890][ T7009]  ? __pfx_binder_ioctl+0x10/0x10
[   76.109908][ T7009]  __x64_sys_ioctl+0x18e/0x210
[   76.109927][ T7009]  do_syscall_64+0x106/0xf80
[   76.109944][ T7009]  ? clear_bhb_loop+0x40/0x90
[   76.109958][ T7009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.109970][ T7009] RIP: 0033:0x7fa6eeb9c799
[   76.109981][ T7009] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   76.110007][ T7009] RSP: 002b:00007fa6efa84028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   76.110019][ T7009] RAX: ffffffffffffffda RBX: 00007fa6eee15fa0 RCX: 00007fa6eeb9c799
[   76.110026][ T7009] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003
[   76.110033][ T7009] RBP: 00007fa6efa84090 R08: 0000000000000000 R09: 0000000000000000
[   76.110040][ T7009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.110046][ T7009] R13: 00007fa6eee16038 R14: 00007fa6eee15fa0 R15: 00007ffd77ce6b78
[   76.110061][ T7009]  </TASK>
[   76.217619][ T7015] binder: 7014:7015 ioctl c0306201 2000000004c0 returned -14
[   76.257784][ T7017] binder: 7016:7017 ioctl c0306201 2000000004c0 returned -14
[   76.289063][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[   76.292470][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[   76.324394][ T7025] netlink: 'syz.0.401': attribute type 1 has an invalid length.
[   76.359540][ T7025] 8021q: adding VLAN 0 to HW filter on device bond2
[   76.396637][ T7025] bond2: (slave veth3): Enslaving as an active interface with a down link
[   76.410869][ T7025] vlan2: entered allmulticast mode
[   76.412914][ T7025] bond2: entered allmulticast mode
[   76.415988][ T7025] bond2: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[   76.417107][ T7033] netlink: 8 bytes leftover after parsing attributes in process `syz.3.403'.
[   76.522322][ T7036] netlink: 'syz.0.404': attribute type 27 has an invalid length.
[   76.600917][ T7040] netlink: 12 bytes leftover after parsing attributes in process `syz.3.405'.
[   76.628341][ T7038] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.631908][ T7038] 8021q: adding VLAN 0 to HW filter on device team0
[   76.636178][ T7038] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   76.641034][   T46] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[   76.644935][   T46] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 20004 - 0
[   76.648539][   T46] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[   76.652857][   T46] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 20004 - 0
[   76.667626][   T46] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[   76.670461][   T46] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 20004 - 0
[   76.674634][   T46] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[   76.677807][   T46] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 20004 - 0
[   76.699593][ T6017] usb 7-1: USB disconnect, device number 5
[   76.702493][ T7044] binder: 7043:7044 ioctl 4018620d 0 returned -22
[   76.705753][ T7044] binder: 7043:7044 ioctl c0306201 2000000004c0 returned -14
[   76.723169][ T7046] netlink: 'syz.0.407': attribute type 1 has an invalid length.
[   76.740545][ T7050] netlink: 8 bytes leftover after parsing attributes in process `syz.3.409'.
[   76.744248][ T7050] netlink: 12 bytes leftover after parsing attributes in process `syz.3.409'.
[   76.800638][ T7046] 8021q: adding VLAN 0 to HW filter on device bond4
[   76.806423][ T7046] bond3: (slave bond4): making interface the new active one
[   76.810131][ T7046] bond3: (slave bond4): Enslaving as an active interface with an up link
[   76.836435][ T7046] bond3: (slave gretap1): Enslaving as a backup interface with an up link
[   76.841462][ T7046] netlink: 28 bytes leftover after parsing attributes in process `syz.0.407'.
[   76.847149][ T7046] 8021q: adding VLAN 0 to HW filter on device bond3
[   76.966951][   T40] kauditd_printk_skb: 35 callbacks suppressed
[   76.966970][   T40] audit: type=1400 audit(1774445797.276:322): avc:  denied  { unmount } for  pid=5934 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   77.054007][ T6017] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   77.063135][   T40] audit: type=1400 audit(1774445797.366:323): avc:  denied  { allowed } for  pid=7069 comm="syz.0.417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   77.095569][ T7073] binder: 7072:7073 ioctl 4018620d 0 returned -22
[   77.100434][ T7073] binder: 7072:7073 ioctl c0306201 2000000004c0 returned -14
[   77.192385][ T7081] FAULT_INJECTION: forcing a failure.
[   77.192385][ T7081] name failslab, interval 1, probability 0, space 0, times 0
[   77.198233][ T7081] CPU: 3 UID: 0 PID: 7081 Comm: syz.3.421 Not tainted syzkaller #0 PREEMPT(full) 
[   77.198258][ T7081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   77.198269][ T7081] Call Trace:
[   77.198275][ T7081]  <TASK>
[   77.198283][ T7081]  dump_stack_lvl+0x100/0x190
[   77.198318][ T7081]  should_fail_ex.cold+0x5/0xa
[   77.198342][ T7081]  should_failslab+0xc2/0x120
[   77.198363][ T7081]  __kmalloc_cache_noprof+0x7a/0x6f0
[   77.198388][ T7081]  ? binder_transaction+0x748/0x9ee0
[   77.198416][ T7081]  binder_transaction+0x748/0x9ee0
[   77.198446][ T7081]  ? ima_match_policy+0x8b8/0x2340
[   77.198480][ T7081]  ? __lock_acquire+0x4a5/0x2630
[   77.198500][ T7081]  ? __pfx_binder_transaction+0x10/0x10
[   77.198532][ T7081]  ? __lock_acquire+0x4a5/0x2630
[   77.198556][ T7081]  ? __lock_acquire+0x4a5/0x2630
[   77.198587][ T7081]  ? find_held_lock+0x2b/0x80
[   77.198609][ T7081]  ? is_bpf_text_address+0x8a/0x1a0
[   77.198633][ T7081]  ? is_bpf_text_address+0x8a/0x1a0
[   77.198670][ T7081]  ? __lock_acquire+0x4a5/0x2630
[   77.198687][ T7081]  ? __lock_acquire+0x4a5/0x2630
[   77.198703][ T7081]  ? __kernel_text_address+0xd/0x30
[   77.198722][ T7081]  ? unwind_get_return_address+0x59/0xa0
[   77.198751][ T7081]  ? find_held_lock+0x2b/0x80
[   77.198771][ T7081]  ? __might_fault+0xc5/0x140
[   77.198796][ T7081]  ? __might_fault+0xc5/0x140
[   77.198830][ T7081]  binder_thread_write+0x131f/0x4dd0
[   77.198864][ T7081]  ? __lock_acquire+0x4a5/0x2630
[   77.198880][ T7081]  ? __pfx_binder_thread_write+0x10/0x10
[   77.198906][ T7081]  ? binder_debug+0xe0/0x190
[   77.198927][ T7081]  ? __pfx_binder_debug+0x10/0x10
[   77.198952][ T7081]  ? binder_debug+0xe0/0x190
[   77.198975][ T7081]  ? __pfx_binder_debug+0x10/0x10
[   77.199011][ T7081]  binder_ioctl+0x2941/0x7610
[   77.199040][ T7081]  ? rcu_is_watching+0x12/0xc0
[   77.199061][ T7081]  ? trace_sched_exit_tp+0x13a/0x180
[   77.199094][ T7081]  ? __pfx_binder_ioctl+0x10/0x10
[   77.199124][ T7081]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   77.199152][ T7081]  ? do_vfs_ioctl+0x226/0x13e0
[   77.199178][ T7081]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   77.199201][ T7081]  ? preempt_schedule_irq+0x7b/0x90
[   77.199227][ T7081]  ? irqentry_exit+0x180/0x670
[   77.199250][ T7081]  ? lockdep_hardirqs_on+0x78/0x100
[   77.199283][ T7081]  ? security_file_ioctl+0x131/0x230
[   77.199308][ T7081]  ? write_comp_data+0x18/0x90
[   77.199332][ T7081]  ? __pfx_binder_ioctl+0x10/0x10
[   77.199357][ T7081]  __x64_sys_ioctl+0x18e/0x210
[   77.199383][ T7081]  do_syscall_64+0x106/0xf80
[   77.199406][ T7081]  ? clear_bhb_loop+0x40/0x90
[   77.199428][ T7081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.199445][ T7081] RIP: 0033:0x7fa6eeb9c799
[   77.199461][ T7081] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   77.199477][ T7081] RSP: 002b:00007fa6efa84028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   77.199493][ T7081] RAX: ffffffffffffffda RBX: 00007fa6eee15fa0 RCX: 00007fa6eeb9c799
[   77.199504][ T7081] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003
[   77.199515][ T7081] RBP: 00007fa6efa84090 R08: 0000000000000000 R09: 0000000000000000
[   77.199524][ T7081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.199533][ T7081] R13: 00007fa6eee16038 R14: 00007fa6eee15fa0 R15: 00007ffd77ce6b78
[   77.199554][ T7081]  </TASK>
[   77.223301][ T6017] usb 7-1: Using ep0 maxpacket: 8
[   77.286824][ T7083] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=7083 comm=syz.0.422
[   77.289699][ T6017] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[   77.291113][ T7083] syz.0.422 uses obsolete (PF_INET,SOCK_PACKET)
[   77.292542][ T6017] usb 7-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[   77.315044][   T40] audit: type=1400 audit(1774445797.626:324): avc:  denied  { read write } for  pid=7086 comm="syz.3.424" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   77.316575][ T6017] usb 7-1: config 179 has no interface number 0
[   77.319929][   T40] audit: type=1400 audit(1774445797.626:325): avc:  denied  { open } for  pid=7086 comm="syz.3.424" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   77.322013][ T6017] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[   77.322032][ T6017] usb 7-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[   77.322056][ T6017] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   77.322068][ T6017] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.326185][   T40] audit: type=1400 audit(1774445797.626:326): avc:  denied  { ioctl } for  pid=7086 comm="syz.3.424" path="/dev/ppp" dev="devtmpfs" ino=730 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   77.422898][ T7088] binder: BINDER_SET_CONTEXT_MGR already set
[   77.425904][ T7088] binder: 7086:7088 ioctl 4018620d 200000004a80 returned -16
[   77.431275][ T7088] (syz.3.424,7088,2):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[   77.431323][   T40] audit: type=1400 audit(1774445797.736:327): avc:  denied  { create } for  pid=7086 comm="syz.3.424" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   77.465956][ T7092] netlink: 'syz.0.426': attribute type 10 has an invalid length.
[   77.474638][ T7094] binder: 7093:7094 ioctl 4018620d 0 returned -22
[   77.479955][ T7094] binder: 7093:7094 ioctl c0306201 2000000004c0 returned -14
[   77.493199][ T7096] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6
[   77.522178][   T40] audit: type=1400 audit(1774445797.826:328): avc:  denied  { read } for  pid=7097 comm="syz.1.429" name="usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   77.532590][   T40] audit: type=1400 audit(1774445797.826:329): avc:  denied  { open } for  pid=7097 comm="syz.1.429" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   77.537972][ T6017] usb 7-1: USB disconnect, device number 6
[   77.541367][   T40] audit: type=1400 audit(1774445797.836:330): avc:  denied  { map } for  pid=7097 comm="syz.1.429" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   77.552387][   T40] audit: type=1400 audit(1774445797.856:331): avc:  denied  { ioctl } for  pid=7097 comm="syz.1.429" path="/dev/usbmon0" dev="devtmpfs" ino=737 ioctlcmd=0x9204 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   77.586741][ T7102] loop2: detected capacity change from 0 to 7
[   77.590217][ T7102]  loop2:
[   77.591378][ T7102] loop2: partition table partially beyond EOD, truncated
[   77.760589][ T7117] binder: BINDER_SET_CONTEXT_MGR already set
[   77.762877][ T7117] binder: 7116:7117 ioctl 4018620d 200000000300 returned -16
[   77.802015][ T7122] SET target dimension over the limit!
[   77.862707][ T7128] binder: 7127:7128 ioctl c0306201 2000000004c0 returned -14
[   77.905892][ T7135] binder: 7133:7135 ioctl c0306201 2000000004c0 returned -14
[   77.906092][ T7136] binder: 7134:7136 ioctl c0306201 2000000001c0 returned -14
[   77.949320][ T7141] binder: BINDER_SET_CONTEXT_MGR already set
[   77.951830][ T7141] binder: 7140:7141 ioctl 4018620d 200000000300 returned -16
[   77.990141][ T7143] netlink: 'syz.0.449': attribute type 10 has an invalid length.
[   78.033348][ T5292] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   78.037594][ T5292] Bluetooth: hci1: Injecting HCI hardware error event
[   78.041632][ T5939] Bluetooth: hci1: hardware error 0x00
[   78.047475][ T7147] fuse: Bad value for 'group_id'
[   78.049546][ T7147] fuse: Bad value for 'group_id'
[   78.102699][ T7153] binder: 7151:7153 ioctl c0306201 2000000004c0 returned -14
[   78.136018][ T7156] xt_hashlimit: size too large, truncated to 1048576
[   78.194011][ T7163] binder: BINDER_SET_CONTEXT_MGR already set
[   78.197297][ T7163] binder: 7161:7163 ioctl 4018620d 200000000300 returned -16
[   78.224814][ T7165] process 'syz.0.459' launched '/dev/fd/4' with NULL argv: empty string added
[   78.269311][ T7170] fuse: Bad value for 'group_id'
[   78.271314][ T7170] fuse: Bad value for 'group_id'
[   78.291006][ T7172] FAULT_INJECTION: forcing a failure.
[   78.291006][ T7172] name failslab, interval 1, probability 0, space 0, times 0
[   78.297283][ T7172] CPU: 0 UID: 0 PID: 7172 Comm: syz.1.462 Not tainted syzkaller #0 PREEMPT(full) 
[   78.297307][ T7172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   78.297316][ T7172] Call Trace:
[   78.297322][ T7172]  <TASK>
[   78.297328][ T7172]  dump_stack_lvl+0x100/0x190
[   78.297360][ T7172]  should_fail_ex.cold+0x5/0xa
[   78.297382][ T7172]  should_failslab+0xc2/0x120
[   78.297400][ T7172]  __kmalloc_cache_noprof+0x7a/0x6f0
[   78.297421][ T7172]  ? binder_transaction+0x1c15/0x9ee0
[   78.297451][ T7172]  binder_transaction+0x1c15/0x9ee0
[   78.297492][ T7172]  ? __lock_acquire+0x4a5/0x2630
[   78.297513][ T7172]  ? __pfx_binder_transaction+0x10/0x10
[   78.297541][ T7172]  ? __lock_acquire+0x4a5/0x2630
[   78.297563][ T7172]  ? __lock_acquire+0x4a5/0x2630
[   78.297599][ T7172]  ? find_held_lock+0x2b/0x80
[   78.297619][ T7172]  ? is_bpf_text_address+0x8a/0x1a0
[   78.297643][ T7172]  ? is_bpf_text_address+0x8a/0x1a0
[   78.297668][ T7172]  ? __lock_acquire+0x4a5/0x2630
[   78.297690][ T7172]  ? __lock_acquire+0x4a5/0x2630
[   78.297705][ T7172]  ? __kernel_text_address+0xd/0x30
[   78.297722][ T7172]  ? unwind_get_return_address+0x59/0xa0
[   78.297750][ T7172]  ? find_held_lock+0x2b/0x80
[   78.297769][ T7172]  ? __might_fault+0xc5/0x140
[   78.297790][ T7172]  ? __might_fault+0xc5/0x140
[   78.297820][ T7172]  binder_thread_write+0x131f/0x4dd0
[   78.297847][ T7172]  ? __x64_sys_ioctl+0xb7/0x210
[   78.297875][ T7172]  ? __lock_acquire+0x4a5/0x2630
[   78.297890][ T7172]  ? __pfx_binder_thread_write+0x10/0x10
[   78.297914][ T7172]  ? find_held_lock+0x2b/0x80
[   78.297933][ T7172]  ? binder_debug+0xe0/0x190
[   78.297952][ T7172]  ? __pfx_binder_debug+0x10/0x10
[   78.297974][ T7172]  ? binder_debug+0xe0/0x190
[   78.297994][ T7172]  ? __pfx_binder_debug+0x10/0x10
[   78.298056][ T7172]  binder_ioctl+0x2941/0x7610
[   78.298089][ T7172]  ? tomoyo_path_number_perm+0x188/0x580
[   78.298116][ T7172]  ? __pfx_binder_ioctl+0x10/0x10
[   78.298142][ T7172]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   78.298166][ T7172]  ? do_vfs_ioctl+0x226/0x13e0
[   78.298189][ T7172]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   78.298213][ T7172]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   78.298243][ T7172]  ? hook_file_ioctl_common+0x146/0x410
[   78.298265][ T7172]  ? selinux_file_ioctl+0x139/0x290
[   78.298286][ T7172]  ? selinux_file_ioctl+0xb4/0x290
[   78.298308][ T7172]  ? __pfx_binder_ioctl+0x10/0x10
[   78.298332][ T7172]  __x64_sys_ioctl+0x18e/0x210
[   78.298357][ T7172]  do_syscall_64+0x106/0xf80
[   78.298378][ T7172]  ? clear_bhb_loop+0x40/0x90
[   78.298398][ T7172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.298414][ T7172] RIP: 0033:0x7f37a499c799
[   78.298429][ T7172] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   78.298444][ T7172] RSP: 002b:00007f37a58af028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   78.298461][ T7172] RAX: ffffffffffffffda RBX: 00007f37a4c15fa0 RCX: 00007f37a499c799
[   78.298471][ T7172] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003
[   78.298481][ T7172] RBP: 00007f37a58af090 R08: 0000000000000000 R09: 0000000000000000
[   78.298490][ T7172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.298499][ T7172] R13: 00007f37a4c16038 R14: 00007f37a4c15fa0 R15: 00007fff47011138
[   78.298522][ T7172]  </TASK>
[   78.404636][ T7175] binder: 7173:7175 ioctl c0306201 2000000004c0 returned -14
[   78.421624][ T7176] atomic_op ffff88805ca7a198 conn xmit_atomic 0000000000000000
[   78.524892][ T7186] binder: 7185:7186 ioctl c0306201 0 returned -14
[   78.527937][ T7186] binder: 7185:7186 ioctl c0306201 2000000004c0 returned -14
[   78.675454][ T7203] netlink: 'syz.1.472': attribute type 27 has an invalid length.
[   78.692285][ T7205] fuse: Bad value for 'group_id'
[   78.694655][ T7205] fuse: Bad value for 'group_id'
[   78.764590][ T7203] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.773670][ T7203] 8021q: adding VLAN 0 to HW filter on device team0
[   78.787074][ T7203] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   78.893295][ T1027] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[   79.045824][ T1027] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   79.050062][ T1027] usb 7-1: New USB device found, idVendor=1e71, idProduct=200e, bcdDevice= 0.00
[   79.054041][ T1027] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.066594][ T1027] usb 7-1: config 0 descriptor??
[   79.080986][ T1027] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[   79.084297][ T6017] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   79.246047][ T6017] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   79.249381][ T6017] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[   79.254661][ T6017] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   79.258245][ T6017] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.262997][ T6017] usb 6-1: config 0 descriptor??
[   79.267366][ T6017] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[   79.422902][ T7201] can0: slcan on ttyS3.
[   79.473596][   T54] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   79.607295][ T7201] can0 (unregistered): slcan off ttyS3.
[   79.612284][ T5936] usb 7-1: USB disconnect, device number 7
[   79.635365][   T54] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   79.639861][   T54] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[   79.653865][   T54] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   79.659964][   T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.665904][   T54] usb 8-1: config 0 descriptor??
[   79.679581][   T54] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[   79.962085][ T7221] binder: 7220:7221 ioctl c0306201 0 returned -14
[   79.966313][ T7221] binder: 7220:7221 ioctl c0306201 2000000004c0 returned -14
[   80.113590][ T5939] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   80.191579][ T7226] __nla_validate_parse: 2 callbacks suppressed
[   80.191592][ T7226] netlink: 8 bytes leftover after parsing attributes in process `syz.2.480'.
[   80.197317][ T7226] netlink: 12 bytes leftover after parsing attributes in process `syz.2.480'.
[   80.206584][   T99] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   80.209803][   T99] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   80.214299][   T99] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   80.218393][   T99] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   80.263163][ T5936] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   80.403281][ T5936] usb 5-1: device descriptor read/64, error -71
[   80.408273][ T7239] netlink: 52 bytes leftover after parsing attributes in process `syz.2.485'.
[   80.414977][ T7239] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[   80.505422][ T7244] binder: 7243:7244 ioctl c0306201 0 returned -14
[   80.509504][ T7244] binder: 7243:7244 ioctl c0306201 2000000004c0 returned -14
[   80.582286][ T7247] FAULT_INJECTION: forcing a failure.
[   80.582286][ T7247] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.593800][ T7247] CPU: 1 UID: 0 PID: 7247 Comm: syz.3.476 Not tainted syzkaller #0 PREEMPT(full) 
[   80.593828][ T7247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   80.593839][ T7247] Call Trace:
[   80.593846][ T7247]  <TASK>
[   80.593853][ T7247]  dump_stack_lvl+0x100/0x190
[   80.593890][ T7247]  should_fail_ex.cold+0x5/0xa
[   80.593915][ T7247]  _copy_to_user+0x32/0xd0
[   80.593938][ T7247]  simple_read_from_buffer+0xcb/0x170
[   80.593961][ T7247]  proc_fail_nth_read+0x1af/0x230
[   80.593989][ T7247]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   80.594038][ T7247]  ? rw_verify_area+0xce/0x6d0
[   80.594064][ T7247]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   80.594089][ T7247]  vfs_read+0x1e4/0xb30
[   80.594120][ T7247]  ? __pfx_vfs_read+0x10/0x10
[   80.594147][ T7247]  ? __fget_files+0x215/0x3d0
[   80.594172][ T7247]  ? __fget_files+0x21f/0x3d0
[   80.594199][ T7247]  ksys_read+0x12a/0x250
[   80.594216][ T7247]  ? __pfx_ksys_read+0x10/0x10
[   80.594240][ T7247]  do_syscall_64+0x106/0xf80
[   80.594265][ T7247]  ? clear_bhb_loop+0x40/0x90
[   80.594289][ T7247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.594307][ T7247] RIP: 0033:0x7fa6eeb5cfce
[   80.594322][ T7247] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   80.594338][ T7247] RSP: 002b:00007fa6efa41fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   80.594357][ T7247] RAX: ffffffffffffffda RBX: 00007fa6efa426c0 RCX: 00007fa6eeb5cfce
[   80.594369][ T7247] RDX: 000000000000000f RSI: 00007fa6efa420a0 RDI: 0000000000000004
[   80.594380][ T7247] RBP: 00007fa6efa42090 R08: 0000000000000000 R09: 0000000000000000
[   80.594391][ T7247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.594402][ T7247] R13: 00007fa6eee16218 R14: 00007fa6eee16180 R15: 00007ffd77ce6b78
[   80.594428][ T7247]  </TASK>
[   80.653292][ T5936] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   80.661863][ T6017] usb 8-1: USB disconnect, device number 4
[   80.689881][ T7254] binder: 7253:7254 ioctl c0306201 2000000004c0 returned -14
[   80.778320][ T7259] FAULT_INJECTION: forcing a failure.
[   80.778320][ T7259] name failslab, interval 1, probability 0, space 0, times 0
[   80.786359][ T7259] CPU: 2 UID: 0 PID: 7259 Comm: syz.3.492 Not tainted syzkaller #0 PREEMPT(full) 
[   80.786384][ T7259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   80.786395][ T7259] Call Trace:
[   80.786400][ T7259]  <TASK>
[   80.786407][ T7259]  dump_stack_lvl+0x100/0x190
[   80.786440][ T7259]  should_fail_ex.cold+0x5/0xa
[   80.786463][ T7259]  should_failslab+0xc2/0x120
[   80.786489][ T7259]  __kmalloc_cache_noprof+0x7a/0x6f0
[   80.786512][ T7259]  ? binder_transaction+0x1c15/0x9ee0
[   80.786544][ T7259]  binder_transaction+0x1c15/0x9ee0
[   80.786589][ T7259]  ? __lock_acquire+0x4a5/0x2630
[   80.786613][ T7259]  ? __pfx_binder_transaction+0x10/0x10
[   80.786644][ T7259]  ? __lock_acquire+0x4a5/0x2630
[   80.786666][ T7259]  ? __lock_acquire+0x4a5/0x2630
[   80.786694][ T7259]  ? find_held_lock+0x2b/0x80
[   80.786719][ T7259]  ? is_bpf_text_address+0x8a/0x1a0
[   80.786750][ T7259]  ? is_bpf_text_address+0x8a/0x1a0
[   80.786785][ T7259]  ? __lock_acquire+0x4a5/0x2630
[   80.786802][ T7259]  ? __lock_acquire+0x4a5/0x2630
[   80.786819][ T7259]  ? __kernel_text_address+0xd/0x30
[   80.786839][ T7259]  ? unwind_get_return_address+0x59/0xa0
[   80.786869][ T7259]  ? find_held_lock+0x2b/0x80
[   80.786890][ T7259]  ? __might_fault+0xc5/0x140
[   80.786913][ T7259]  ? __might_fault+0xc5/0x140
[   80.786946][ T7259]  binder_thread_write+0x131f/0x4dd0
[   80.786976][ T7259]  ? __x64_sys_ioctl+0xb7/0x210
[   80.787005][ T7259]  ? __lock_acquire+0x4a5/0x2630
[   80.787022][ T7259]  ? __pfx_binder_thread_write+0x10/0x10
[   80.787047][ T7259]  ? find_held_lock+0x2b/0x80
[   80.787068][ T7259]  ? binder_debug+0xe0/0x190
[   80.787090][ T7259]  ? __pfx_binder_debug+0x10/0x10
[   80.787113][ T7259]  ? binder_debug+0xe0/0x190
[   80.787134][ T7259]  ? __pfx_binder_debug+0x10/0x10
[   80.787172][ T7259]  binder_ioctl+0x2941/0x7610
[   80.787206][ T7259]  ? tomoyo_path_number_perm+0x188/0x580
[   80.787235][ T7259]  ? __pfx_binder_ioctl+0x10/0x10
[   80.787264][ T7259]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   80.787290][ T7259]  ? do_vfs_ioctl+0x226/0x13e0
[   80.787316][ T7259]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   80.787380][ T7259]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   80.787414][ T7259]  ? hook_file_ioctl_common+0x146/0x410
[   80.787439][ T7259]  ? selinux_file_ioctl+0x139/0x290
[   80.787462][ T7259]  ? selinux_file_ioctl+0xb4/0x290
[   80.787493][ T7259]  ? __pfx_binder_ioctl+0x10/0x10
[   80.787518][ T7259]  __x64_sys_ioctl+0x18e/0x210
[   80.787547][ T7259]  do_syscall_64+0x106/0xf80
[   80.787569][ T7259]  ? clear_bhb_loop+0x40/0x90
[   80.787587][ T7259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.787603][ T7259] RIP: 0033:0x7fa6eeb9c799
[   80.787620][ T7259] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   80.787636][ T7259] RSP: 002b:00007fa6efa84028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   80.787654][ T7259] RAX: ffffffffffffffda RBX: 00007fa6eee15fa0 RCX: 00007fa6eeb9c799
[   80.787665][ T7259] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003
[   80.787676][ T7259] RBP: 00007fa6efa84090 R08: 0000000000000000 R09: 0000000000000000
[   80.787686][ T7259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.787695][ T7259] R13: 00007fa6eee16038 R14: 00007fa6eee15fa0 R15: 00007ffd77ce6b78
[   80.787718][ T7259]  </TASK>
[   80.803961][ T5936] usb 5-1: device descriptor read/64, error -71
[   80.851555][ T7254] kvm: kvm [7253]: vcpu2, guest rIP: 0x9130 Unhandled WRMSR(0x11e) = 0x0
[   80.963869][ T5936] usb usb5-port1: attempt power cycle
[   81.313285][ T5936] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   81.344208][ T5936] usb 5-1: device descriptor read/8, error -71
[   81.524387][ T7268] binder: 7267:7268 ioctl c0306201 2000000004c0 returned -14
[   81.564435][ T7270] fuse: blksize only supported for fuseblk
[   81.593180][ T5936] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   81.597592][ T7273] netlink: 'syz.2.498': attribute type 10 has an invalid length.
[   81.621315][ T5936] usb 5-1: device descriptor read/8, error -71
[   81.627284][ T7275] Cannot find add_set index 0 as target
[   81.743447][ T5936] usb usb5-port1: unable to enumerate USB device
[   81.837804][ T5936] usb 6-1: USB disconnect, device number 4
[   81.913017][ T7283] loop2: detected capacity change from 0 to 7
[   81.917776][ T7283]  loop2:
[   81.919165][ T7283] loop2: partition table partially beyond EOD, truncated
[   81.966175][ T7286] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[   81.969605][ T7286] SELinux: failed to load policy
[   81.971997][ T7285] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[   81.977710][ T7285] SELinux: failed to load policy
[   82.017967][ T7291] binder: 7290:7291 ioctl c0306201 2000000004c0 returned -14
[   82.067377][ T7295] mkiss: ax0: crc mode is auto.
[   82.079294][   T40] kauditd_printk_skb: 18 callbacks suppressed
[   82.079312][   T40] audit: type=1400 audit(1774445809.383:350): avc:  denied  { search } for  pid=5646 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   82.091854][   T40] audit: type=1400 audit(1774445809.383:351): avc:  denied  { search } for  pid=5646 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   82.100832][   T40] audit: type=1400 audit(1774445809.383:352): avc:  denied  { search } for  pid=5646 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   82.191511][ T7301] Cannot find del_set index 0 as target
[   82.215430][   T40] audit: type=1400 audit(1774445809.523:353): avc:  denied  { read write } for  pid=7302 comm="syz.1.512" name="uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   82.224436][   T40] audit: type=1400 audit(1774445809.523:354): avc:  denied  { open } for  pid=7302 comm="syz.1.512" path="/dev/uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   82.240724][ T7303] mkiss: ax0: crc mode is auto.
[   82.254840][  T831] hid-generic 0005:000B:0009.0002: unknown main item tag 0x0
[   82.258829][  T831] hid-generic 0005:000B:0009.0002: unknown main item tag 0x0
[   82.262203][  T831] hid-generic 0005:000B:0009.0002: unknown main item tag 0x0
[   82.265392][  T831] hid-generic 0005:000B:0009.0002: unknown main item tag 0x0
[   82.268473][  T831] hid-generic 0005:000B:0009.0002: unknown main item tag 0x0
[   82.271546][  T831] hid-generic 0005:000B:0009.0002: unknown main item tag 0x0
[   82.274766][  T831] hid-generic 0005:000B:0009.0002: unknown main item tag 0x0
[   82.277939][  T831] hid-generic 0005:000B:0009.0002: unknown main item tag 0x0
[   82.281671][  T831] hid-generic 0005:000B:0009.0002: unknown main item tag 0x0
[   82.285477][  T831] hid-generic 0005:000B:0009.0002: unknown main item tag 0x0
[   82.286143][ T7307] binder: 7306:7307 ioctl c0306201 2000000004c0 returned -14
[   82.306145][ T7308] tipc: Started in network mode
[   82.307887][ T7308] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[   82.311953][ T7308] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[   82.317084][ T7308] tipc: Enabled bearer <udp:syz0>, priority 10
[   82.317459][  T831] hid-generic 0005:000B:0009.0002: hidraw1: BLUETOOTH HID v0.01 Device [syz0] on syz1
[   82.331010][   T40] audit: type=1400 audit(1774445809.633:355): avc:  denied  { read } for  pid=7309 comm="syz.3.515" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   82.370148][ T7311] fido_id[7311]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   82.377875][ T7316] binder: 7315:7316 ioctl c0306201 2000000004c0 returned -14
[   82.432100][ T7318] binder: 7317:7318 ioctl c0306201 2000000004c0 returned -14
[   82.474350][ T7320] netlink: 'syz.3.519': attribute type 5 has an invalid length.
[   82.517056][ T7326] netlink: 'syz.1.521': attribute type 10 has an invalid length.
[   82.520498][ T7326] netlink: 40 bytes leftover after parsing attributes in process `syz.1.521'.
[   82.574688][ T7331] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[   82.578743][ T7331] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[   82.583554][ T7331] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[   82.587850][ T7331] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[   82.648257][ T7338] binder: 7337:7338 ioctl c0306201 2000000004c0 returned -14
[   82.701471][ T7344] binder: 7343:7344 ioctl c0306201 2000000004c0 returned -14
[   82.711731][ T7340] netlink: 4 bytes leftover after parsing attributes in process `syz.3.527'.
[   82.718779][   T40] audit: type=1400 audit(1774445810.023:356): avc:  denied  { mount } for  pid=7339 comm="syz.3.527" name="/" dev="ramfs" ino=15874 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   82.803243][ T5936] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[   82.813451][ T7353] xt_hashlimit: size too large, truncated to 1048576
[   82.973781][ T5936] usb 7-1: Using ep0 maxpacket: 8
[   82.981361][ T5936] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[   82.984612][ T5936] usb 7-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[   82.988446][ T5936] usb 7-1: config 179 has no interface number 0
[   82.990508][ T5936] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[   82.993683][   T40] audit: type=1400 audit(1774445810.303:357): avc:  denied  { read write } for  pid=7361 comm="syz.3.534" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   82.994202][ T5936] usb 7-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[   83.006094][   T40] audit: type=1400 audit(1774445810.303:358): avc:  denied  { open } for  pid=7361 comm="syz.3.534" path="/dev/uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   83.009470][ T5936] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   83.022689][ T5936] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.023813][ T7362] input: syz0 as /devices/virtual/input/input5
[   83.026555][   T40] audit: type=1400 audit(1774445810.313:359): avc:  denied  { ioctl } for  pid=7361 comm="syz.3.534" path="/dev/uinput" dev="devtmpfs" ino=943 ioctlcmd=0x5564 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   83.116817][ T7367] binder: BINDER_SET_CONTEXT_MGR already set
[   83.119068][ T7367] binder: 7366:7367 ioctl 4018620d 200000000300 returned -16
[   83.124315][ T7367] binder: 7366:7367 ioctl c0306201 2000000004c0 returned -14
[   83.125066][ T7371] FAULT_INJECTION: forcing a failure.
[   83.125066][ T7371] name failslab, interval 1, probability 0, space 0, times 0
[   83.138170][ T7371] CPU: 3 UID: 0 PID: 7371 Comm: syz.1.537 Not tainted syzkaller #0 PREEMPT(full) 
[   83.138195][ T7371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   83.138207][ T7371] Call Trace:
[   83.138213][ T7371]  <TASK>
[   83.138220][ T7371]  dump_stack_lvl+0x100/0x190
[   83.138245][ T7371]  should_fail_ex.cold+0x5/0xa
[   83.138260][ T7371]  should_failslab+0xc2/0x120
[   83.138273][ T7371]  __kmalloc_cache_noprof+0x7a/0x6f0
[   83.138289][ T7371]  ? binder_alloc_new_buf+0x1bb/0x3100
[   83.138311][ T7371]  binder_alloc_new_buf+0x1bb/0x3100
[   83.138331][ T7371]  ? binder_debug+0xe0/0x190
[   83.138347][ T7371]  ? __pfx_binder_debug+0x10/0x10
[   83.138366][ T7371]  ? __pfx_binder_alloc_new_buf+0x10/0x10
[   83.138390][ T7371]  binder_transaction+0x1f70/0x9ee0
[   83.138419][ T7371]  ? __lock_acquire+0x4a5/0x2630
[   83.138438][ T7371]  ? __pfx_binder_transaction+0x10/0x10
[   83.138459][ T7371]  ? __lock_acquire+0x4a5/0x2630
[   83.138473][ T7371]  ? __lock_acquire+0x4a5/0x2630
[   83.138491][ T7371]  ? find_held_lock+0x2b/0x80
[   83.138506][ T7371]  ? is_bpf_text_address+0x8a/0x1a0
[   83.138523][ T7371]  ? is_bpf_text_address+0x8a/0x1a0
[   83.138542][ T7371]  ? __lock_acquire+0x4a5/0x2630
[   83.138554][ T7371]  ? __lock_acquire+0x4a5/0x2630
[   83.138565][ T7371]  ? __kernel_text_address+0xd/0x30
[   83.138578][ T7371]  ? unwind_get_return_address+0x59/0xa0
[   83.138598][ T7371]  ? find_held_lock+0x2b/0x80
[   83.138613][ T7371]  ? __might_fault+0xc5/0x140
[   83.138628][ T7371]  ? __might_fault+0xc5/0x140
[   83.138650][ T7371]  binder_thread_write+0x131f/0x4dd0
[   83.138670][ T7371]  ? __x64_sys_ioctl+0xb7/0x210
[   83.138690][ T7371]  ? __lock_acquire+0x4a5/0x2630
[   83.138701][ T7371]  ? __pfx_binder_thread_write+0x10/0x10
[   83.138719][ T7371]  ? find_held_lock+0x2b/0x80
[   83.138734][ T7371]  ? binder_debug+0xe0/0x190
[   83.138748][ T7371]  ? __pfx_binder_debug+0x10/0x10
[   83.138764][ T7371]  ? binder_debug+0xe0/0x190
[   83.138778][ T7371]  ? __pfx_binder_debug+0x10/0x10
[   83.138802][ T7371]  binder_ioctl+0x2941/0x7610
[   83.138824][ T7371]  ? tomoyo_path_number_perm+0x188/0x580
[   83.138843][ T7371]  ? __pfx_binder_ioctl+0x10/0x10
[   83.138863][ T7371]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   83.138881][ T7371]  ? do_vfs_ioctl+0x226/0x13e0
[   83.138898][ T7371]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   83.138917][ T7371]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   83.138939][ T7371]  ? hook_file_ioctl_common+0x146/0x410
[   83.138954][ T7371]  ? selinux_file_ioctl+0x139/0x290
[   83.138970][ T7371]  ? selinux_file_ioctl+0xb4/0x290
[   83.138988][ T7371]  ? __pfx_binder_ioctl+0x10/0x10
[   83.139006][ T7371]  __x64_sys_ioctl+0x18e/0x210
[   83.139025][ T7371]  do_syscall_64+0x106/0xf80
[   83.139041][ T7371]  ? clear_bhb_loop+0x40/0x90
[   83.139055][ T7371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.139067][ T7371] RIP: 0033:0x7f37a499c799
[   83.139077][ T7371] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   83.139088][ T7371] RSP: 002b:00007f37a58af028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   83.139100][ T7371] RAX: ffffffffffffffda RBX: 00007f37a4c15fa0 RCX: 00007f37a499c799
[   83.139107][ T7371] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003
[   83.139114][ T7371] RBP: 00007f37a58af090 R08: 0000000000000000 R09: 0000000000000000
[   83.139121][ T7371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.139127][ T7371] R13: 00007f37a4c16038 R14: 00007f37a4c15fa0 R15: 00007fff47011138
[   83.139142][ T7371]  </TASK>
[   83.291066][ T7379] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   83.325412][   T54] tipc: Node number set to 1
[   83.344940][ T5447] usb 7-1: USB disconnect, device number 8
[   83.429491][ T7390] netlink: 12 bytes leftover after parsing attributes in process `syz.0.542'.
[   83.430860][ T7387] fuse: Unknown parameter 'grou00000000000000000000'
[   83.521654][ T7398] netlink: 'syz.0.544': attribute type 27 has an invalid length.
[   83.525612][ T7399] netlink: 12 bytes leftover after parsing attributes in process `syz.1.543'.
[   83.529498][ T7399] netlink: 60 bytes leftover after parsing attributes in process `syz.1.543'.
[   83.534226][ T7399] netlink: 12 bytes leftover after parsing attributes in process `syz.1.543'.
[   83.540938][ T7399] netlink: 60 bytes leftover after parsing attributes in process `syz.1.543'.
[   83.568635][ T7402] binder: 7401:7402 ioctl c0306201 2000000004c0 returned -14
[   83.571758][ T7402] binder_alloc: 7401: binder_alloc_buf, no vma
[   83.666784][ T7404] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.670911][ T7404] 8021q: adding VLAN 0 to HW filter on device team0
[   83.677367][ T7404] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   83.715650][ T7416] binder: 7415:7416 ioctl c0306201 2000000004c0 returned -14
[   83.748609][ T7422] dummy0: entered promiscuous mode
[   83.751404][ T7422] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[   83.758439][ T7422] hsr1: Slave B (netdevsim0) is not up; please bring it up to get a fully working HSR network
[   83.761766][ T7422] hsr1: entered allmulticast mode
[   83.763535][ T7422] dummy0: entered allmulticast mode
[   83.764707][ T7425] fuse: Unknown parameter 'grou00000000000000000000'
[   83.765215][ T7422] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[   83.844352][ T7437] binder: BINDER_SET_CONTEXT_MGR already set
[   83.847013][ T7437] binder: 7435:7437 ioctl 4018620d 200000004a80 returned -16
[   83.851267][ T7437] FAULT_INJECTION: forcing a failure.
[   83.851267][ T7437] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   83.858663][ T7437] CPU: 1 UID: 0 PID: 7437 Comm: syz.3.556 Not tainted syzkaller #0 PREEMPT(full) 
[   83.858686][ T7437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   83.858699][ T7437] Call Trace:
[   83.858704][ T7437]  <TASK>
[   83.858710][ T7437]  dump_stack_lvl+0x100/0x190
[   83.858750][ T7437]  should_fail_ex.cold+0x5/0xa
[   83.858772][ T7437]  _copy_to_user+0x32/0xd0
[   83.858791][ T7437]  simple_read_from_buffer+0xcb/0x170
[   83.858811][ T7437]  proc_fail_nth_read+0x1af/0x230
[   83.858835][ T7437]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   83.858859][ T7437]  ? rw_verify_area+0xce/0x6d0
[   83.858882][ T7437]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   83.858905][ T7437]  vfs_read+0x1e4/0xb30
[   83.858932][ T7437]  ? __pfx_vfs_read+0x10/0x10
[   83.858956][ T7437]  ? __fget_files+0x215/0x3d0
[   83.858979][ T7437]  ? __fget_files+0x21f/0x3d0
[   83.859003][ T7437]  ksys_read+0x12a/0x250
[   83.859017][ T7437]  ? __pfx_ksys_read+0x10/0x10
[   83.859039][ T7437]  do_syscall_64+0x106/0xf80
[   83.859061][ T7437]  ? clear_bhb_loop+0x40/0x90
[   83.859081][ T7437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.859097][ T7437] RIP: 0033:0x7fa6eeb5cfce
[   83.859112][ T7437] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   83.859126][ T7437] RSP: 002b:00007fa6efa83fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   83.859142][ T7437] RAX: ffffffffffffffda RBX: 00007fa6efa846c0 RCX: 00007fa6eeb5cfce
[   83.859152][ T7437] RDX: 000000000000000f RSI: 00007fa6efa840a0 RDI: 0000000000000006
[   83.859161][ T7437] RBP: 00007fa6efa84090 R08: 0000000000000000 R09: 0000000000000000
[   83.859170][ T7437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.859179][ T7437] R13: 00007fa6eee16038 R14: 00007fa6eee15fa0 R15: 00007ffd77ce6b78
[   83.859202][ T7437]  </TASK>
[   83.904537][ T7448] binder: 7447:7448 ioctl c0306201 2000000004c0 returned -14
[   83.915630][ T7443] bond4: entered promiscuous mode
[   83.938908][ T7443] 8021q: adding VLAN 0 to HW filter on device bond4
[   83.944361][ T7450] binder: 7446:7450 ioctl c0306201 2000000004c0 returned -14
[   83.982465][ T7455] fuse: Unknown parameter 'grou00000000000000000000'
[   83.986823][ T7457] netlink: 'syz.0.563': attribute type 10 has an invalid length.
[   84.013590][ T7459] Cannot find add_set index 0 as target
[   84.256794][ T7481] loop2: detected capacity change from 0 to 7
[   84.260911][ T5946]  loop2:
[   84.262185][ T5946] loop2: partition table partially beyond EOD, truncated
[   84.275194][ T7481]  loop2:
[   84.276527][ T7481] loop2: partition table partially beyond EOD, truncated
[   84.287076][  T841] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   84.324237][ T7483] binder: 7482:7483 ioctl c0306201 2000000004c0 returned -14
[   84.466141][  T841] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   84.471604][  T841] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[   84.477581][  T841] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   84.481169][  T841] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.486660][  T841] usb 8-1: config 0 descriptor??
[   84.497022][  T841] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[   84.720741][ T7487] fuse: Unknown parameter 'group_i00000000000000000000'
[   85.095519][ T7501] SET target dimension over the limit!
[   85.135323][ T7503] binder: 7502:7503 ioctl c0306201 2000000004c0 returned -14
[   85.153272][ T5939] Bluetooth: hci2: command 0x0c1a tx timeout
[   85.153277][  T831] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[   85.157903][  T831] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[   85.175453][ T7505] block nbd1: NBD_DISCONNECT
[   85.396346][ T7508] fuse: Unknown parameter 'group_i00000000000000000000'
[   85.450134][ T7513] binder: 7512:7513 ioctl c0306201 2000000004c0 returned -14
[   85.502090][ T7517] binder: 7516:7517 ioctl c0306201 2000000004c0 returned -14
[   85.587930][ T7523] binder: 7522:7523 ioctl 4018620d 0 returned -22
[   85.590447][ T7523] binder: 7522:7523 ioctl c0306201 2000000004c0 returned -14
[   85.618459][ T7525] netlink: 'syz.0.589': attribute type 10 has an invalid length.
[   85.621611][ T7525] __nla_validate_parse: 7 callbacks suppressed
[   85.621625][ T7525] netlink: 40 bytes leftover after parsing attributes in process `syz.0.589'.
[   85.714490][ T7529] fuse: Unknown parameter 'group_i00000000000000000000'
[   85.818676][ T7538] binder: 7537:7538 ioctl c0306201 2000000004c0 returned -14
[   86.102041][ T7548] binder: 7547:7548 ioctl 4018620d 0 returned -22
[   86.105631][ T7548] binder: 7547:7548 ioctl c0306201 2000000004c0 returned -14
[   86.242185][ T7555] xt_hashlimit: size too large, truncated to 1048576
[   86.372406][ T7561] fuse: Unknown parameter 'group_id00000000000000000000'
[   86.468576][ T7567] netlink: 12 bytes leftover after parsing attributes in process `syz.0.605'.
[   86.623177][  T831] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   86.671888][ T7569] binder: BINDER_SET_CONTEXT_MGR already set
[   86.674368][ T7569] binder: 7566:7569 ioctl 4018620d 200000004a80 returned -16
[   86.710986][ T7572] netlink: 12 bytes leftover after parsing attributes in process `syz.0.606'.
[   86.761228][ T7575] binder: 7574:7575 ioctl 4018620d 0 returned -22
[   86.763523][  T831] usb 6-1: device descriptor read/64, error -71
[   86.765641][ T7575] binder: 7574:7575 ioctl c0306201 2000000004c0 returned -14
[   86.805926][ T7577] SELinux:  policydb magic number 0x4b07fa81 does not match expected magic number 0xf97cff8c
[   86.810391][ T7577] SELinux: failed to load policy
[   86.961108][ T7580] NILFS (nullb0): couldn't find nilfs on the device
[   86.968910][ T7580] overlay: ./file0 is not a directory
[   86.972272][ T7581] NILFS (nullb0): couldn't find nilfs on the device
[   87.013500][  T831] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   87.023840][ T7585] binder: 7584:7585 ioctl c0306201 2000000004c0 returned -14
[   87.058260][ T6017] usb 8-1: USB disconnect, device number 5
[   87.164026][  T831] usb 6-1: device descriptor read/64, error -71
[   87.211090][ T7598] binder: 7597:7598 ioctl c0306201 0 returned -14
[   87.212381][ T7600] fuse: Unknown parameter 'group_id00000000000000000000'
[   87.233468][ T5292] Bluetooth: hci4: command 0xfc11 tx timeout
[   87.233672][ T5939] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   87.275683][  T831] usb usb6-port1: attempt power cycle
[   87.299910][ T7607] netlink: 'syz.3.621': attribute type 29 has an invalid length.
[   87.343733][   T40] kauditd_printk_skb: 23 callbacks suppressed
[   87.343750][   T40] audit: type=1400 audit(1774445814.653:383): avc:  denied  { watch } for  pid=7611 comm="syz.3.624" path="/145/file0" dev="tmpfs" ino=775 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   87.360716][   T40] audit: type=1400 audit(1774445814.653:384): avc:  denied  { watch_sb watch_reads } for  pid=7611 comm="syz.3.624" path="/145/file0" dev="tmpfs" ino=775 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   87.373142][   T40] audit: type=1400 audit(1774445814.663:385): avc:  denied  { bind } for  pid=7611 comm="syz.3.624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   87.382296][   T40] audit: type=1400 audit(1774445814.663:386): avc:  denied  { name_bind } for  pid=7611 comm="syz.3.624" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[   87.391677][   T40] audit: type=1400 audit(1774445814.663:387): avc:  denied  { node_bind } for  pid=7611 comm="syz.3.624" saddr=ff02::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   87.395507][ T7617] SET target dimension over the limit!
[   87.466022][   T40] audit: type=1326 audit(1774445814.773:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7622 comm="syz.3.627" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa6eeb9c799 code=0x0
[   87.525687][ T7625] binder: 7624:7625 ioctl c0306201 0 returned -14
[   87.584995][ T7630] binder: 7629:7630 ioctl c0306201 2000000004c0 returned -14
[   87.623157][  T831] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   87.643609][  T831] usb 6-1: device descriptor read/8, error -71
[   87.650826][ T7636] netlink: 'syz.2.633': attribute type 10 has an invalid length.
[   87.654823][ T7636] netlink: 40 bytes leftover after parsing attributes in process `syz.2.633'.
[   87.774744][ T7647] binder: 7646:7647 ioctl c0306201 0 returned -14
[   87.818262][ T7649] iommufd_mock iommufd_mock0: Adding to iommu group 9
[   87.883578][  T831] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   87.913949][  T831] usb 6-1: device descriptor read/8, error -71
[   87.943183][ T5447] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[   88.024269][  T831] usb usb6-port1: unable to enumerate USB device
[   88.103166][ T5447] usb 7-1: Using ep0 maxpacket: 32
[   88.107195][ T5447] usb 7-1: config 0 has an invalid interface number: 196 but max is 0
[   88.110793][ T5447] usb 7-1: config 0 has no interface number 0
[   88.113737][ T5447] usb 7-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[   88.118262][ T5447] usb 7-1: config 0 interface 196 altsetting 1 has a duplicate endpoint with address 0x82, skipping
[   88.122917][ T5447] usb 7-1: config 0 interface 196 has no altsetting 0
[   88.129924][ T5447] usb 7-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a
[   88.133949][ T5447] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.137464][ T5447] usb 7-1: Product: syz
[   88.139544][ T5447] usb 7-1: Manufacturer: syz
[   88.141581][ T5447] usb 7-1: SerialNumber: syz
[   88.147176][ T5447] usb 7-1: config 0 descriptor??
[   88.150045][ T7642] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   88.186081][   T40] audit: type=1400 audit(1774445815.493:389): avc:  denied  { setopt } for  pid=7659 comm="syz.0.642" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   88.351042][ T7669] netlink: 8 bytes leftover after parsing attributes in process `syz.0.645'.
[   88.358499][ T5447] ipheth 7-1:0.196: Unable to find endpoints
[   88.365324][ T5447] usb 7-1: USB disconnect, device number 9
[   88.377818][ T7669] sit3: entered allmulticast mode
[   88.388590][ T7671] FAULT_INJECTION: forcing a failure.
[   88.388590][ T7671] name failslab, interval 1, probability 0, space 0, times 0
[   88.392600][ T7671] CPU: 3 UID: 0 PID: 7671 Comm: syz.3.646 Not tainted syzkaller #0 PREEMPT(full) 
[   88.392616][ T7671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   88.392624][ T7671] Call Trace:
[   88.392629][ T7671]  <TASK>
[   88.392633][ T7671]  dump_stack_lvl+0x100/0x190
[   88.392656][ T7671]  should_fail_ex.cold+0x5/0xa
[   88.392671][ T7671]  should_failslab+0xc2/0x120
[   88.392684][ T7671]  __kmalloc_cache_noprof+0x7a/0x6f0
[   88.392698][ T7671]  ? binder_alloc_new_buf+0x1988/0x3100
[   88.392720][ T7671]  binder_alloc_new_buf+0x1988/0x3100
[   88.392744][ T7671]  ? __pfx_binder_alloc_new_buf+0x10/0x10
[   88.392766][ T7671]  binder_transaction+0x1f70/0x9ee0
[   88.392794][ T7671]  ? __lock_acquire+0x4a5/0x2630
[   88.392807][ T7671]  ? __pfx_binder_transaction+0x10/0x10
[   88.392827][ T7671]  ? __lock_acquire+0x4a5/0x2630
[   88.392840][ T7671]  ? __lock_acquire+0x4a5/0x2630
[   88.392857][ T7671]  ? find_held_lock+0x2b/0x80
[   88.392871][ T7671]  ? is_bpf_text_address+0x8a/0x1a0
[   88.392888][ T7671]  ? is_bpf_text_address+0x8a/0x1a0
[   88.392906][ T7671]  ? __lock_acquire+0x4a5/0x2630
[   88.392916][ T7671]  ? __lock_acquire+0x4a5/0x2630
[   88.392926][ T7671]  ? __kernel_text_address+0xd/0x30
[   88.392939][ T7671]  ? unwind_get_return_address+0x59/0xa0
[   88.392958][ T7671]  ? find_held_lock+0x2b/0x80
[   88.392972][ T7671]  ? __might_fault+0xc5/0x140
[   88.392987][ T7671]  ? __might_fault+0xc5/0x140
[   88.393007][ T7671]  binder_thread_write+0x131f/0x4dd0
[   88.393026][ T7671]  ? __x64_sys_ioctl+0xb7/0x210
[   88.393045][ T7671]  ? __lock_acquire+0x4a5/0x2630
[   88.393067][ T7671]  ? __pfx_binder_thread_write+0x10/0x10
[   88.393087][ T7671]  ? find_held_lock+0x2b/0x80
[   88.393100][ T7671]  ? binder_debug+0xe0/0x190
[   88.393114][ T7671]  ? __pfx_binder_debug+0x10/0x10
[   88.393129][ T7671]  ? binder_debug+0xe0/0x190
[   88.393147][ T7671]  ? __pfx_binder_debug+0x10/0x10
[   88.393193][ T7671]  binder_ioctl+0x2941/0x7610
[   88.393219][ T7671]  ? tomoyo_path_number_perm+0x188/0x580
[   88.393237][ T7671]  ? __pfx_binder_ioctl+0x10/0x10
[   88.393255][ T7671]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   88.393272][ T7671]  ? do_vfs_ioctl+0x226/0x13e0
[   88.393289][ T7671]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   88.393306][ T7671]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   88.393327][ T7671]  ? hook_file_ioctl_common+0x146/0x410
[   88.393341][ T7671]  ? selinux_file_ioctl+0x139/0x290
[   88.393357][ T7671]  ? selinux_file_ioctl+0xb4/0x290
[   88.393377][ T7671]  ? __pfx_binder_ioctl+0x10/0x10
[   88.393395][ T7671]  __x64_sys_ioctl+0x18e/0x210
[   88.393412][ T7671]  do_syscall_64+0x106/0xf80
[   88.393428][ T7671]  ? clear_bhb_loop+0x40/0x90
[   88.393442][ T7671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.393453][ T7671] RIP: 0033:0x7fa6eeb9c799
[   88.393463][ T7671] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   88.393474][ T7671] RSP: 002b:00007fa6efa84028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   88.393487][ T7671] RAX: ffffffffffffffda RBX: 00007fa6eee15fa0 RCX: 00007fa6eeb9c799
[   88.393494][ T7671] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003
[   88.393501][ T7671] RBP: 00007fa6efa84090 R08: 0000000000000000 R09: 0000000000000000
[   88.393507][ T7671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.393513][ T7671] R13: 00007fa6eee16038 R14: 00007fa6eee15fa0 R15: 00007ffd77ce6b78
[   88.393531][ T7671]  </TASK>
[   88.393965][ T7669] netlink: 'syz.0.645': attribute type 11 has an invalid length.
[   88.449044][ T7676] netlink: 12 bytes leftover after parsing attributes in process `syz.3.648'.
[   88.450097][ T7669] netlink: 132 bytes leftover after parsing attributes in process `syz.0.645'.
[   88.519342][   T40] audit: type=1400 audit(1774445815.823:390): avc:  denied  { bind } for  pid=7680 comm="syz.3.650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   88.519425][ T7681] netlink: 'syz.3.650': attribute type 10 has an invalid length.
[   88.519452][ T7681] netlink: 232 bytes leftover after parsing attributes in process `syz.3.650'.
[   88.551291][ T7683] binder: 7682:7683 ioctl c0306201 2000000004c0 returned -14
[   88.568052][ T7683] binder: 7682:7683 ioctl 80705864 200000000240 returned -22
[   88.754859][ T7690] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=512 sclass=netlink_route_socket pid=7690 comm=syz.0.653
[   88.800226][ T7694] netlink: 8 bytes leftover after parsing attributes in process `syz.3.654'.
[   88.803034][ T7694] netlink: 12 bytes leftover after parsing attributes in process `syz.3.654'.
[   88.834007][ T7696] fuse: Bad value for 'user_id'
[   88.836038][ T7696] fuse: Bad value for 'user_id'
[   88.848562][   T40] audit: type=1400 audit(1774445816.153:391): avc:  denied  { ioctl } for  pid=7697 comm="syz.0.656" path="pid:[4026532880]" dev="nsfs" ino=4026532880 ioctlcmd=0xb702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   88.859022][   T40] audit: type=1400 audit(1774445816.173:392): avc:  denied  { read } for  pid=7697 comm="syz.0.656" path="socket:[18597]" dev="sockfs" ino=18597 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   88.888539][ T7701] netlink: 'syz.3.657': attribute type 27 has an invalid length.
[   88.951830][ T7701] bridge0: port 3(team0) entered disabled state
[   88.954472][ T7701] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.957628][ T7701] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.967023][ T7701] bond0: left allmulticast mode
[   88.970165][ T7701] bond_slave_0: left allmulticast mode
[   88.972392][ T7701] bond_slave_1: left allmulticast mode
[   89.107078][ T7711] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.110074][ T7711] bridge0: port 3(team0) entered blocking state
[   89.112217][ T7711] bridge0: port 3(team0) entered forwarding state
[   89.114790][ T7711] 8021q: adding VLAN 0 to HW filter on device team0
[   89.119326][ T7711] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   89.126654][ T1204] bridge0: port 3(team0) entered disabled state
[   89.129618][   T99] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[   89.132738][   T99] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   89.135976][   T99] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 20004 - 0
[   89.144276][   T99] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[   89.147415][   T99] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   89.150706][   T99] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 20004 - 0
[   89.156044][   T99] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[   89.159174][   T99] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   89.162161][   T99] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 20004 - 0
[   89.166454][   T99] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[   89.169468][   T99] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   89.172425][   T99] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 20004 - 0
[   89.201676][ T7725] fuse: Bad value for 'user_id'
[   89.206151][ T7725] fuse: Bad value for 'user_id'
[   89.266250][ T7727] hfsplus: unable to find HFS+ superblock
[   89.279076][ T7727] binder: 7726:7727 ioctl c0306201 2000000004c0 returned -14
[   89.283682][ T7727] binder: 7726:7727 ioctl c0306201 2000000001c0 returned -14
[   89.329678][ T7735] Cannot find del_set index 0 as target
[   89.371614][ T7742] Cannot find add_set index 0 as target
[   89.439572][ T7751] binder: BINDER_SET_CONTEXT_MGR already set
[   89.441618][ T7751] binder: 7750:7751 ioctl 4018620d 200000004a80 returned -16
[   89.444413][ T7751] binder: 7750:7751 ioctl c0306201 2000000004c0 returned -14
[   89.455659][ T7753] fuse: Bad value for 'fd'
[   89.533869][ T7741] SELinux: failed to load policy
[   89.575559][ T7761] loop2: detected capacity change from 0 to 7
[   89.579078][ T7761]  loop2:
[   89.580394][ T7761] loop2: partition table partially beyond EOD, truncated
[   89.604443][ T7767] netlink: 'syz.1.684': attribute type 10 has an invalid length.
[   89.633013][ T7769] loop2: detected capacity change from 0 to 7
[   89.637121][ T7769] Dev loop2: unable to read RDB block 7
[   89.639704][ T7769]  loop2: unable to read partition table
[   89.642331][ T7769] loop2: partition table beyond EOD, truncated
[   89.645667][ T7769] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑච) failed (rc=-5)
[   89.649806][ T7773] fuse: Bad value for 'fd'
[   89.655271][ T5340] Dev loop2: unable to read RDB block 7
[   89.657110][ T5340]  loop2: unable to read partition table
[   89.659039][ T5340] loop2: partition table beyond EOD, truncated
[   89.963337][ T5340] Dev loop2: unable to read RDB block 7
[   89.965555][ T5340]  loop2: unable to read partition table
[   89.967614][ T5340] loop2: partition table beyond EOD, truncated
[   89.980319][ T7791] binder: 7790:7791 ioctl c018620c 2000000008c0 returned -22
[   90.020150][ T5340] Dev loop2: unable to read RDB block 7
[   90.022868][ T5340]  loop2: unable to read partition table
[   90.025626][ T5340] loop2: partition table beyond EOD, truncated
[   90.304911][ T7796] tipc: Started in network mode
[   90.306845][ T7796] tipc: Node identity 0adc536d0687, cluster identity 4711
[   90.309693][ T7796] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   90.313751][ T7796] syzkaller0: entered promiscuous mode
[   90.314314][  T831] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[   90.316272][ T7796] syzkaller0: entered allmulticast mode
[   90.339195][ T7796] tipc: Resetting bearer <eth:syzkaller0>
[   90.343537][ T7795] tipc: Resetting bearer <eth:syzkaller0>
[   90.349877][ T7795] tipc: Disabling bearer <eth:syzkaller0>
[   90.447473][ T7798] fuse: Bad value for 'fd'
[   90.463319][  T831] usb 7-1: Using ep0 maxpacket: 8
[   90.474593][  T831] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[   90.478379][  T831] usb 7-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[   90.481439][ T7800] FAULT_INJECTION: forcing a failure.
[   90.481439][ T7800] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   90.482845][  T831] usb 7-1: config 179 has no interface number 0
[   90.482885][  T831] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[   90.482908][  T831] usb 7-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[   90.487557][ T7800] CPU: 1 UID: 0 PID: 7800 Comm: syz.0.698 Not tainted syzkaller #0 PREEMPT(full) 
[   90.487574][ T7800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   90.487581][ T7800] Call Trace:
[   90.487585][ T7800]  <TASK>
[   90.487590][ T7800]  dump_stack_lvl+0x100/0x190
[   90.487612][ T7800]  should_fail_ex.cold+0x5/0xa
[   90.487625][ T7800]  ? prepare_alloc_pages+0x16d/0x5f0
[   90.487639][ T7800]  should_fail_alloc_page+0xeb/0x140
[   90.487652][ T7800]  prepare_alloc_pages+0x1f0/0x5f0
[   90.487667][ T7800]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[   90.487692][ T7800]  ? find_held_lock+0x2b/0x80
[   90.487707][ T7800]  ? is_bpf_text_address+0x8a/0x1a0
[   90.487724][ T7800]  ? is_bpf_text_address+0x8a/0x1a0
[   90.487741][ T7800]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   90.487759][ T7800]  ? is_bpf_text_address+0x94/0x1a0
[   90.487776][ T7800]  ? kernel_text_address+0x8d/0x100
[   90.487788][ T7800]  ? __kernel_text_address+0xd/0x30
[   90.487803][ T7800]  ? register_lock_class+0x40/0x560
[   90.487816][ T7800]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   90.487834][ T7800]  ? policy_nodemask+0xed/0x4f0
[   90.487848][ T7800]  alloc_pages_mpol+0x1fb/0x550
[   90.487861][ T7800]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   90.487878][ T7800]  alloc_pages_noprof+0x131/0x390
[   90.487890][ T7800]  pte_alloc_one+0x1c/0x3d0
[   90.487905][ T7800]  __pte_alloc+0x6d/0x3e0
[   90.487917][ T7800]  ? __pfx___pte_alloc+0x10/0x10
[   90.487928][ T7800]  ? walk_to_pmd+0x302/0x4c0
[   90.487942][ T7800]  get_locked_pte+0xa1/0xc0
[   90.487955][ T7800]  insert_page+0xcc/0x220
[   90.487968][ T7800]  ? __pfx_insert_page+0x10/0x10
[   90.487985][ T7800]  vm_insert_page+0x2c0/0x400
[   90.487999][ T7800]  binder_alloc_new_buf+0x2231/0x3100
[   90.488026][ T7800]  ? __pfx_binder_alloc_new_buf+0x10/0x10
[   90.488048][ T7800]  binder_transaction+0x1f70/0x9ee0
[   90.488076][ T7800]  ? __lock_acquire+0x4a5/0x2630
[   90.488089][ T7800]  ? __pfx_binder_transaction+0x10/0x10
[   90.488109][ T7800]  ? __lock_acquire+0x4a5/0x2630
[   90.488123][ T7800]  ? __lock_acquire+0x4a5/0x2630
[   90.488140][ T7800]  ? find_held_lock+0x2b/0x80
[   90.488154][ T7800]  ? is_bpf_text_address+0x8a/0x1a0
[   90.488170][ T7800]  ? is_bpf_text_address+0x8a/0x1a0
[   90.488188][ T7800]  ? __lock_acquire+0x4a5/0x2630
[   90.488199][ T7800]  ? __lock_acquire+0x4a5/0x2630
[   90.488209][ T7800]  ? __kernel_text_address+0xd/0x30
[   90.488221][ T7800]  ? unwind_get_return_address+0x59/0xa0
[   90.488240][ T7800]  ? find_held_lock+0x2b/0x80
[   90.488254][ T7800]  ? __might_fault+0xc5/0x140
[   90.488269][ T7800]  ? __might_fault+0xc5/0x140
[   90.488289][ T7800]  binder_thread_write+0x131f/0x4dd0
[   90.488308][ T7800]  ? __x64_sys_ioctl+0xb7/0x210
[   90.488340][ T7800]  ? __lock_acquire+0x4a5/0x2630
[   90.488351][ T7800]  ? __pfx_binder_thread_write+0x10/0x10
[   90.488368][ T7800]  ? find_held_lock+0x2b/0x80
[   90.488382][ T7800]  ? binder_debug+0xe0/0x190
[   90.488396][ T7800]  ? __pfx_binder_debug+0x10/0x10
[   90.488411][ T7800]  ? binder_debug+0xe0/0x190
[   90.488429][ T7800]  ? __pfx_binder_debug+0x10/0x10
[   90.488452][ T7800]  binder_ioctl+0x2941/0x7610
[   90.488473][ T7800]  ? tomoyo_path_number_perm+0x188/0x580
[   90.488491][ T7800]  ? __pfx_binder_ioctl+0x10/0x10
[   90.488510][ T7800]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   90.488527][ T7800]  ? do_vfs_ioctl+0x226/0x13e0
[   90.488570][ T7800]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   90.488588][ T7800]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   90.488610][ T7800]  ? hook_file_ioctl_common+0x146/0x410
[   90.488625][ T7800]  ? selinux_file_ioctl+0x139/0x290
[   90.488640][ T7800]  ? selinux_file_ioctl+0xb4/0x290
[   90.488657][ T7800]  ? __pfx_binder_ioctl+0x10/0x10
[   90.488676][ T7800]  __x64_sys_ioctl+0x18e/0x210
[   90.488693][ T7800]  do_syscall_64+0x106/0xf80
[   90.488709][ T7800]  ? clear_bhb_loop+0x40/0x90
[   90.488723][ T7800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.488734][ T7800] RIP: 0033:0x7f1503b9c799
[   90.488744][ T7800] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   90.488755][ T7800] RSP: 002b:00007f1504a8c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   90.488765][ T7800] RAX: ffffffffffffffda RBX: 00007f1503e15fa0 RCX: 00007f1503b9c799
[   90.488772][ T7800] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003
[   90.488779][ T7800] RBP: 00007f1504a8c090 R08: 0000000000000000 R09: 0000000000000000
[   90.488785][ T7800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   90.488791][ T7800] R13: 00007f1503e16038 R14: 00007f1503e15fa0 R15: 00007ffd30331f08
[   90.488805][ T7800]  </TASK>
[   90.488899][ T7800] binder_alloc: 7799: binder_install_single_page failed to insert page at offset 0 with -12
[   90.490274][  T831] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   90.631967][ T7811] binder: 7810:7811 ioctl c0306201 2000000004c0 returned -14
[   90.636053][  T831] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.652779][ T7813] binder: 7812:7813 ioctl c0306201 2000000004c0 returned -14
[   90.845311][ T6018] usb 7-1: USB disconnect, device number 10
[   90.855171][ T7819] binder: 7818:7819 ioctl c0306201 2000000004c0 returned -14
[   90.883482][ T7821] fuse: Bad value for 'fd'
[   90.937698][ T7826] __nla_validate_parse: 5 callbacks suppressed
[   90.937711][ T7826] netlink: 8 bytes leftover after parsing attributes in process `syz.0.709'.
[   90.942714][ T7826] netlink: 12 bytes leftover after parsing attributes in process `syz.0.709'.
[   91.029078][ T7835] binder_alloc: 7834: binder_alloc_buf, no vma
[   91.033596][ T7837] netlink: 'syz.0.713': attribute type 27 has an invalid length.
[   91.063782][ T7837] hsr1: left allmulticast mode
[   91.065421][ T7837] dummy0: left allmulticast mode
[   91.067231][ T7837] netdevsim netdevsim0 netdevsim0: left allmulticast mode
[   91.070380][ T7837] sit3: left allmulticast mode
[   91.094207][ T7837] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.097954][ T7837] 8021q: adding VLAN 0 to HW filter on device team0
[   91.102185][ T7837] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   91.130726][ T7843] fuse: Bad value for 'fd'
[   91.161947][ T7847] binder: 7846:7847 ioctl c0306201 2000000004c0 returned -14
[   91.221111][ T7856] SET target dimension over the limit!
[   91.226114][ T7858] binder_alloc: 7857: binder_alloc_buf, no vma
[   91.255013][ T7862] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.723'.
[   91.259521][ T7862] netlink: Unknown conntrack attr (0)
[   91.266536][ T7862] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44058 sclass=netlink_route_socket pid=7862 comm=syz.1.723
[   91.299047][ T7864] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6
[   91.339004][ T7868] fuse: Bad value for 'fd'
[   91.386411][ T7875] binder: 7874:7875 ioctl c0306201 2000000004c0 returned -14
[   91.479649][ T5340] Dev loop2: unable to read RDB block 7
[   91.481504][ T5340]  loop2: unable to read partition table
[   91.483772][ T5340] loop2: partition table beyond EOD, truncated
[   91.493500][  T841] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   91.505445][ T7884] binder_alloc: 7883: binder_alloc_buf, no vma
[   91.533458][ T5340] Dev loop2: unable to read RDB block 7
[   91.535693][ T5340]  loop2: unable to read partition table
[   91.537784][ T5340] loop2: partition table beyond EOD, truncated
[   91.611594][ T7895] netlink: 'syz.1.736': attribute type 10 has an invalid length.
[   91.614552][ T7895] netlink: 40 bytes leftover after parsing attributes in process `syz.1.736'.
[   91.647133][ T5340] Dev loop2: unable to read RDB block 7
[   91.649585][ T5340]  loop2: unable to read partition table
[   91.652134][ T5340] loop2: partition table beyond EOD, truncated
[   91.661457][ T7899] fuse: Invalid rootmode
[   91.667843][  T841] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   91.671491][  T841] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[   91.676742][  T841] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   91.679683][  T841] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.683763][  T841] usb 8-1: config 0 descriptor??
[   91.687453][  T841] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[   91.713283][ T5340] Dev loop2: unable to read RDB block 7
[   91.715748][ T5340]  loop2: unable to read partition table
[   91.718308][ T5340] loop2: partition table beyond EOD, truncated
[   91.769561][ T5340] Dev loop2: unable to read RDB block 7
[   91.772051][ T5340]  loop2: unable to read partition table
[   91.776096][ T5340] loop2: partition table beyond EOD, truncated
[   91.837123][ T7911] netlink: 4 bytes leftover after parsing attributes in process `syz.2.745'.
[   91.845769][ T7911] iommufd_mock iommufd_mock0: Adding to iommu group 9
[   91.863198][  T831] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   91.872250][ T5340] Dev loop2: unable to read RDB block 7
[   91.874264][ T5340]  loop2: unable to read partition table
[   91.876114][ T5340] loop2: partition table beyond EOD, truncated
[   91.975058][ T7918] fuse: Invalid rootmode
[   91.993179][  T831] usb 5-1: device descriptor read/64, error -71
[   92.009027][ T7920] FAULT_INJECTION: forcing a failure.
[   92.009027][ T7920] name failslab, interval 1, probability 0, space 0, times 0
[   92.014736][ T7920] CPU: 0 UID: 0 PID: 7920 Comm: syz.1.750 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[   92.014764][ T7920] Tainted: [L]=SOFTLOCKUP
[   92.014771][ T7920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   92.014780][ T7920] Call Trace:
[   92.014786][ T7920]  <TASK>
[   92.014793][ T7920]  dump_stack_lvl+0x100/0x190
[   92.014827][ T7920]  should_fail_ex.cold+0x5/0xa
[   92.014854][ T7920]  should_failslab+0xc2/0x120
[   92.014873][ T7920]  kmem_cache_alloc_noprof+0x7b/0x6e0
[   92.014925][ T7920]  ? ptlock_alloc+0x1f/0x70
[   92.014953][ T7920]  ptlock_alloc+0x1f/0x70
[   92.014977][ T7920]  pte_alloc_one+0x82/0x3d0
[   92.015002][ T7920]  __pte_alloc+0x6d/0x3e0
[   92.015020][ T7920]  ? __pfx___pte_alloc+0x10/0x10
[   92.015040][ T7920]  ? walk_to_pmd+0x302/0x4c0
[   92.015063][ T7920]  get_locked_pte+0xa1/0xc0
[   92.015085][ T7920]  insert_page+0xcc/0x220
[   92.015107][ T7920]  ? __pfx_insert_page+0x10/0x10
[   92.015135][ T7920]  vm_insert_page+0x2c0/0x400
[   92.015159][ T7920]  binder_alloc_new_buf+0x2231/0x3100
[   92.015199][ T7920]  ? __pfx_binder_alloc_new_buf+0x10/0x10
[   92.015235][ T7920]  binder_transaction+0x1f70/0x9ee0
[   92.015282][ T7920]  ? __lock_acquire+0x4a5/0x2630
[   92.015306][ T7920]  ? __pfx_binder_transaction+0x10/0x10
[   92.015339][ T7920]  ? __lock_acquire+0x4a5/0x2630
[   92.015363][ T7920]  ? __lock_acquire+0x4a5/0x2630
[   92.015394][ T7920]  ? find_held_lock+0x2b/0x80
[   92.015422][ T7920]  ? is_bpf_text_address+0x8a/0x1a0
[   92.015449][ T7920]  ? is_bpf_text_address+0x8a/0x1a0
[   92.015477][ T7920]  ? __lock_acquire+0x4a5/0x2630
[   92.015495][ T7920]  ? __lock_acquire+0x4a5/0x2630
[   92.015513][ T7920]  ? __kernel_text_address+0xd/0x30
[   92.015534][ T7920]  ? unwind_get_return_address+0x59/0xa0
[   92.015565][ T7920]  ? find_held_lock+0x2b/0x80
[   92.015585][ T7920]  ? __might_fault+0xc5/0x140
[   92.015610][ T7920]  ? __might_fault+0xc5/0x140
[   92.015643][ T7920]  binder_thread_write+0x131f/0x4dd0
[   92.015674][ T7920]  ? __x64_sys_ioctl+0xb7/0x210
[   92.015706][ T7920]  ? __lock_acquire+0x4a5/0x2630
[   92.015723][ T7920]  ? __pfx_binder_thread_write+0x10/0x10
[   92.015751][ T7920]  ? find_held_lock+0x2b/0x80
[   92.015773][ T7920]  ? binder_debug+0xe0/0x190
[   92.015795][ T7920]  ? __pfx_binder_debug+0x10/0x10
[   92.015819][ T7920]  ? binder_debug+0xe0/0x190
[   92.015840][ T7920]  ? __pfx_binder_debug+0x10/0x10
[   92.015879][ T7920]  binder_ioctl+0x2941/0x7610
[   92.015914][ T7920]  ? tomoyo_path_number_perm+0x188/0x580
[   92.015945][ T7920]  ? __pfx_binder_ioctl+0x10/0x10
[   92.015975][ T7920]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   92.016002][ T7920]  ? do_vfs_ioctl+0x226/0x13e0
[   92.016028][ T7920]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   92.016055][ T7920]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   92.016089][ T7920]  ? hook_file_ioctl_common+0x146/0x410
[   92.016114][ T7920]  ? selinux_file_ioctl+0x139/0x290
[   92.016138][ T7920]  ? selinux_file_ioctl+0xb4/0x290
[   92.016164][ T7920]  ? __pfx_binder_ioctl+0x10/0x10
[   92.016192][ T7920]  __x64_sys_ioctl+0x18e/0x210
[   92.016221][ T7920]  do_syscall_64+0x106/0xf80
[   92.016247][ T7920]  ? clear_bhb_loop+0x40/0x90
[   92.016268][ T7920]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.016286][ T7920] RIP: 0033:0x7f37a499c799
[   92.016302][ T7920] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   92.016319][ T7920] RSP: 002b:00007f37a58af028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   92.016336][ T7920] RAX: ffffffffffffffda RBX: 00007f37a4c15fa0 RCX: 00007f37a499c799
[   92.016346][ T7920] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003
[   92.016357][ T7920] RBP: 00007f37a58af090 R08: 0000000000000000 R09: 0000000000000000
[   92.016367][ T7920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   92.016376][ T7920] R13: 00007f37a4c16038 R14: 00007f37a4c15fa0 R15: 00007fff47011138
[   92.016400][ T7920]  </TASK>
[   92.016458][ T7920] binder_alloc: 7919: binder_install_single_page failed to insert page at offset 0 with -12
[   92.188822][ T5340] Dev loop2: unable to read RDB block 7
[   92.191280][ T5340]  loop2: unable to read partition table
[   92.195192][ T5340] loop2: partition table beyond EOD, truncated
[   92.197364][ T7922] netlink: 12 bytes leftover after parsing attributes in process `syz.1.751'.
[   92.216469][ T7925] binder: 7924:7925 ioctl c0306201 2000000004c0 returned -14
[   92.220443][ T7925] binder: 7924:7925 ioctl c0306201 2000000001c0 returned -14
[   92.233291][  T831] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[   92.245194][ T5340] Dev loop2: unable to read RDB block 7
[   92.247545][ T5340]  loop2: unable to read partition table
[   92.250068][ T5340] loop2: partition table beyond EOD, truncated
[   92.270105][ T7932] binder: 7931:7932 ioctl c0306201 2000000004c0 returned -14
[   92.300038][ T7936] binder: 7935:7936 ioctl c0306201 2000000004c0 returned -14
[   92.326528][ T7939] netlink: 24 bytes leftover after parsing attributes in process `syz.1.756'.
[   92.363196][  T831] usb 5-1: device descriptor read/64, error -71
[   92.430047][ T5340] Dev loop2: unable to read RDB block 7
[   92.432472][ T5340]  loop2: unable to read partition table
[   92.435685][ T5340] loop2: partition table beyond EOD, truncated
[   92.442204][ T7945] fuse: Invalid rootmode
[   92.473569][  T831] usb usb5-port1: attempt power cycle
[   92.474340][ T5340] Dev loop2: unable to read RDB block 7
[   92.478137][ T5340]  loop2: unable to read partition table
[   92.480150][ T5340] loop2: partition table beyond EOD, truncated
[   92.495415][ T7947] binder: 7946:7947 ioctl c0306201 2000000004c0 returned -14
[   92.505208][ T7949] ip6t_REJECT: TCP_RESET illegal for non-tcp
[   92.510434][   T40] kauditd_printk_skb: 14 callbacks suppressed
[   92.510445][   T40] audit: type=1400 audit(1774445819.813:407): avc:  denied  { create } for  pid=7948 comm="syz.1.760" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   92.519029][   T40] audit: type=1400 audit(1774445819.813:408): avc:  denied  { bind } for  pid=7948 comm="syz.1.760" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   92.526364][   T40] audit: type=1400 audit(1774445819.813:409): avc:  denied  { name_bind } for  pid=7948 comm="syz.1.760" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[   92.526874][ T5340] Dev loop2: unable to read RDB block 7
[   92.535389][   T40] audit: type=1400 audit(1774445819.813:410): avc:  denied  { node_bind } for  pid=7948 comm="syz.1.760" saddr=172.20.20.43 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[   92.536704][ T5340]  loop2: unable to read partition table
[   92.541112][ T7951] netlink: 8 bytes leftover after parsing attributes in process `syz.2.761'.
[   92.541163][ T7951] netlink: 12 bytes leftover after parsing attributes in process `syz.2.761'.
[   92.554865][ T5340] loop2: partition table beyond EOD, truncated
[   92.580641][   T40] audit: type=1400 audit(1774445819.883:411): avc:  denied  { ioctl } for  pid=7948 comm="syz.1.760" path="/dev/ptp1" dev="devtmpfs" ino=1288 ioctlcmd=0x3d0f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   92.601068][ T5340] Dev loop2: unable to read RDB block 7
[   92.604412][ T5340]  loop2: unable to read partition table
[   92.606867][ T5340] loop2: partition table beyond EOD, truncated
[   92.646554][ T5340] Dev loop2: unable to read RDB block 7
[   92.648965][ T5340]  loop2: unable to read partition table
[   92.651512][ T5340] loop2: partition table beyond EOD, truncated
[   92.666193][ T7959] binder: BINDER_SET_CONTEXT_MGR already set
[   92.668798][ T7959] binder: 7958:7959 ioctl 4018620d 200000004a80 returned -16
[   92.774265][ T7961] binder: 7958:7961 ioctl c018620c 200000000280 returned -1
[   92.833258][  T831] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[   92.853851][  T831] usb 5-1: device descriptor read/8, error -71
[   93.103236][  T831] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[   93.123974][  T831] usb 5-1: device descriptor read/8, error -71
[   93.233503][  T831] usb usb5-port1: unable to enumerate USB device
[   93.419744][ T7965] netlink: 'syz.1.766': attribute type 27 has an invalid length.
[   93.473812][ T7965] bond4: left promiscuous mode
[   93.491019][ T7970] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.495349][ T7970] 8021q: adding VLAN 0 to HW filter on device team0
[   93.499480][ T7970] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   93.523240][ T5340] Dev loop2: unable to read RDB block 7
[   93.525736][ T5340]  loop2: unable to read partition table
[   93.528330][ T5340] loop2: partition table beyond EOD, truncated
[   93.568555][ T7976] fuse: Bad value for 'rootmode'
[   93.596595][ T5340] Dev loop2: unable to read RDB block 7
[   93.599031][ T5340]  loop2: unable to read partition table
[   93.601558][ T5340] loop2: partition table beyond EOD, truncated
[   93.603772][   T40] audit: type=1400 audit(1774445820.913:412): avc:  denied  { create } for  pid=7977 comm="syz.1.769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   93.615418][   T40] audit: type=1400 audit(1774445820.913:413): avc:  denied  { write } for  pid=7977 comm="syz.1.769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   93.631875][   T40] audit: type=1400 audit(1774445820.933:414): avc:  denied  { append } for  pid=7979 comm="syz.1.771" name="pmem0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   93.637294][ T7981] overlayfs: overlapping lowerdir path
[   93.693523][ T7982] binder: 7980:7982 ioctl c0306201 2000000004c0 returned -14
[   93.711472][ T5340] Dev loop2: unable to read RDB block 7
[   93.714398][ T5340]  loop2: unable to read partition table
[   93.717028][ T5340] loop2: partition table beyond EOD, truncated
[   93.724941][ T7986] binder: BINDER_SET_CONTEXT_MGR already set
[   93.726903][ T7986] binder: 7985:7986 ioctl 4018620d 200000004a80 returned -16
[   93.769718][ T7990] SET target dimension over the limit!
[   93.777331][ T5340] Dev loop2: unable to read RDB block 7
[   93.779634][ T5340]  loop2: unable to read partition table
[   93.782008][ T5340] loop2: partition table beyond EOD, truncated
[   93.801662][ T7994] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6
[   93.844396][ T8000] fuse: Bad value for 'rootmode'
[   93.936777][ T8006] binder: 8005:8006 ioctl c0306201 2000000004c0 returned -14
[   94.014406][ T8010] binder: BINDER_SET_CONTEXT_MGR already set
[   94.015187][ T5340] Dev loop2: unable to read RDB block 7
[   94.017090][ T8010] binder: 8009:8010 ioctl 4018620d 200000004a80 returned -16
[   94.021741][ T5340]  loop2: unable to read partition table
[   94.023919][ T5340] loop2: partition table beyond EOD, truncated
[   94.030681][ T8012] netlink: 'syz.2.783': attribute type 1 has an invalid length.
[   94.047386][ T8012] 8021q: adding VLAN 0 to HW filter on device bond2
[   94.058420][ T8015] openvswitch: netlink: IP tunnel dst address not specified
[   94.062315][ T8012] bond2: (slave geneve2): making interface the new active one
[   94.066280][ T8012] bond2: (slave geneve2): Enslaving as an active interface with an up link
[   94.100793][ T5340] Dev loop2: unable to read RDB block 7
[   94.102612][ T5340]  loop2: unable to read partition table
[   94.104698][ T5340] loop2: partition table beyond EOD, truncated
[   94.147201][ T5340] Dev loop2: unable to read RDB block 7
[   94.149021][ T5340]  loop2: unable to read partition table
[   94.150977][ T5340] loop2: partition table beyond EOD, truncated
[   94.167737][ T8021] trusted_key: encrypted_key: hex blob is missing
[   94.184662][ T5340] Dev loop2: unable to read RDB block 7
[   94.186657][ T5340]  loop2: unable to read partition table
[   94.188677][ T5340] loop2: partition table beyond EOD, truncated
[   94.194302][ T8025] fuse: Bad value for 'rootmode'
[   94.210332][ T5340] Dev loop2: unable to read RDB block 7
[   94.212251][ T5340]  loop2: unable to read partition table
[   94.214559][ T5340] loop2: partition table beyond EOD, truncated
[   94.267115][ T6059] usb 8-1: USB disconnect, device number 6
[   94.296466][ T8029] netlink: 'syz.3.789': attribute type 10 has an invalid length.
[   94.299829][ T8029] netlink: 40 bytes leftover after parsing attributes in process `syz.3.789'.
[   94.342588][   T40] audit: type=1400 audit(1774445821.643:415): avc:  denied  { bind } for  pid=8030 comm="syz.3.790" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   94.373917][  T841] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[   94.390358][ T5340] Dev loop2: unable to read RDB block 7
[   94.392157][ T5340]  loop2: unable to read partition table
[   94.394529][ T5340] loop2: partition table beyond EOD, truncated
[   94.429075][ T8036] binder: BINDER_SET_CONTEXT_MGR already set
[   94.431084][ T8036] binder: 8035:8036 ioctl 4018620d 200000004a80 returned -16
[   94.431582][ T5340] Dev loop2: unable to read RDB block 7
[   94.436167][ T5340]  loop2: unable to read partition table
[   94.439082][ T5340] loop2: partition table beyond EOD, truncated
[   94.457883][ T5340] Dev loop2: unable to read RDB block 7
[   94.459637][ T5340]  loop2: unable to read partition table
[   94.461643][ T5340] loop2: partition table beyond EOD, truncated
[   94.498452][   T40] audit: type=1400 audit(1774445821.803:416): avc:  denied  { ioctl } for  pid=8039 comm="syz.1.794" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x330b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   94.509613][ T5340] Dev loop2: unable to read RDB block 7
[   94.511512][ T5340]  loop2: unable to read partition table
[   94.512318][ T8040] overlay: Unknown parameter 'Ñb]D'Â;ñS½;Ù“ÍÏH¹“]½Ž¶ÿóz¤ECŸ¹ÿçÀª¿5ÐD{™edî<ʃi¨
óÈžQæâýÖ}+Nüéü§£^ϤzJX„~WRm†v'
[   94.513755][ T5340] loop2: partition table beyond EOD, truncated
[   94.532861][ T8040] overlayfs: failed to resolve '/Êo': -2
[   94.539342][ T8049] fuse: Unknown parameter 'use00000000000000000000'
[   94.582315][ T8057] FAULT_INJECTION: forcing a failure.
[   94.582315][ T8057] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.587195][ T8057] CPU: 1 UID: 0 PID: 8057 Comm: syz.2.800 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[   94.587215][ T8057] Tainted: [L]=SOFTLOCKUP
[   94.587219][ T8057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   94.587226][ T8057] Call Trace:
[   94.587234][ T8057]  <TASK>
[   94.587240][ T8057]  dump_stack_lvl+0x100/0x190
[   94.587267][ T8057]  should_fail_ex.cold+0x5/0xa
[   94.587283][ T8057]  _copy_from_user+0x2e/0xd0
[   94.587296][ T8057]  binder_alloc_copy_user_to_buffer+0x2e2/0x520
[   94.587316][ T8057]  binder_transaction+0x23f0/0x9ee0
[   94.587343][ T8057]  ? __lock_acquire+0x4a5/0x2630
[   94.587358][ T8057]  ? __pfx_binder_transaction+0x10/0x10
[   94.587378][ T8057]  ? __lock_acquire+0x4a5/0x2630
[   94.587391][ T8057]  ? __lock_acquire+0x4a5/0x2630
[   94.587408][ T8057]  ? find_held_lock+0x2b/0x80
[   94.587423][ T8057]  ? is_bpf_text_address+0x8a/0x1a0
[   94.587495][ T8057]  ? is_bpf_text_address+0x8a/0x1a0
[   94.587515][ T8057]  ? __lock_acquire+0x4a5/0x2630
[   94.587527][ T8057]  ? __lock_acquire+0x4a5/0x2630
[   94.587537][ T8057]  ? __kernel_text_address+0xd/0x30
[   94.587550][ T8057]  ? unwind_get_return_address+0x59/0xa0
[   94.587569][ T8057]  ? find_held_lock+0x2b/0x80
[   94.587584][ T8057]  ? __might_fault+0xc5/0x140
[   94.587598][ T8057]  ? __might_fault+0xc5/0x140
[   94.587619][ T8057]  binder_thread_write+0x131f/0x4dd0
[   94.587642][ T8057]  ? __x64_sys_ioctl+0xb7/0x210
[   94.587661][ T8057]  ? __lock_acquire+0x4a5/0x2630
[   94.587671][ T8057]  ? __pfx_binder_thread_write+0x10/0x10
[   94.587689][ T8057]  ? find_held_lock+0x2b/0x80
[   94.587703][ T8057]  ? binder_debug+0xe0/0x190
[   94.587717][ T8057]  ? __pfx_binder_debug+0x10/0x10
[   94.587731][ T8057]  ? binder_debug+0xe0/0x190
[   94.587745][ T8057]  ? __pfx_binder_debug+0x10/0x10
[   94.587767][ T8057]  binder_ioctl+0x2941/0x7610
[   94.587789][ T8057]  ? tomoyo_path_number_perm+0x188/0x580
[   94.587807][ T8057]  ? __pfx_binder_ioctl+0x10/0x10
[   94.587825][ T8057]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   94.587843][ T8057]  ? do_vfs_ioctl+0x226/0x13e0
[   94.587860][ T8057]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   94.587877][ T8057]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   94.587898][ T8057]  ? hook_file_ioctl_common+0x146/0x410
[   94.587912][ T8057]  ? selinux_file_ioctl+0x139/0x290
[   94.587927][ T8057]  ? selinux_file_ioctl+0xb4/0x290
[   94.587944][ T8057]  ? __pfx_binder_ioctl+0x10/0x10
[   94.587961][ T8057]  __x64_sys_ioctl+0x18e/0x210
[   94.587978][ T8057]  do_syscall_64+0x106/0xf80
[   94.587994][ T8057]  ? clear_bhb_loop+0x40/0x90
[   94.588007][ T8057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.588019][ T8057] RIP: 0033:0x7f4077d9c799
[   94.588029][ T8057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   94.588040][ T8057] RSP: 002b:00007f4078cf3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   94.588051][ T8057] RAX: ffffffffffffffda RBX: 00007f4078015fa0 RCX: 00007f4077d9c799
[   94.588058][ T8057] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003
[   94.588064][ T8057] RBP: 00007f4078cf3090 R08: 0000000000000000 R09: 0000000000000000
[   94.588070][ T8057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   94.588076][ T8057] R13: 00007f4078016038 R14: 00007f4078015fa0 R15: 00007ffe705dabd8
[   94.588090][ T8057]  </TASK>
[   94.724750][ T8065] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   94.758147][ T8069] binder: BINDER_SET_CONTEXT_MGR already set
[   94.760092][ T8069] binder: 8067:8069 ioctl 4018620d 200000004a80 returned -16
[   94.762819][ T8069] binder: 8067:8069 ioctl c0306201 2000000004c0 returned -14
[   94.792530][ T8071] binder: 8070:8071 ioctl c0306201 2000000004c0 returned -14
[   94.858126][ T8076] fuse: Unknown parameter 'use00000000000000000000'
[   94.901426][ T8082] program syz.1.801 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   94.905842][ T8082] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=8082 comm=syz.1.801
[   94.911128][ T8082] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8082 comm=syz.1.801
[   94.921451][ T8084] binder: 8083:8084 ioctl c018620c 200000000300 returned -1
[   95.028472][ T8098] netlink: 'syz.2.818': attribute type 27 has an invalid length.
[   95.052494][ T8098] bridge0: port 3(team0) entered disabled state
[   95.055542][ T8098] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.058122][ T8098] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.103603][ T8105] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   95.189319][ T8103] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.191982][ T8103] 8021q: adding VLAN 0 to HW filter on device team0
[   95.197643][ T8103] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   95.204474][ T1204] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[   95.207424][ T1204] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.211956][ T1204] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[   95.216342][ T1204] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.219559][ T1204] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[   95.222643][ T1204] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.234506][ T1204] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[   95.237918][ T1204] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.243302][  T841] usb 6-1: device descriptor read/64, error -71
[   95.248394][ T8109] fuse: Unknown parameter 'use00000000000000000000'
[   95.316203][ T8115] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=42 sclass=netlink_tcpdiag_socket pid=8115 comm=syz.3.824
[   95.316289][ T8117] Cannot find del_set index 0 as target
[   95.354837][ T8120] Cannot find add_set index 0 as target
[   95.493518][  T841] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[   95.565348][ T8129] binder: 8128:8129 ioctl c0306201 2000000004c0 returned -14
[   95.622266][ T8134] binder: BINDER_SET_CONTEXT_MGR already set
[   95.626304][ T8134] binder: 8132:8134 ioctl 4018620d 200000004a80 returned -16
[   95.628141][ T8135] fuse: Unknown parameter 'user_i00000000000000000000'
[   95.653469][  T841] usb 6-1: Using ep0 maxpacket: 8
[   95.657869][  T841] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   95.661472][  T841] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   95.666003][  T841] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   95.670101][  T841] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   95.677635][  T841] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   95.684190][  T841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.699545][ T8147] netlink: 'syz.2.837': attribute type 10 has an invalid length.
[   95.708085][ T8143] kvm: kvm [8141]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x1
[   95.902219][  T841] usb 6-1: GET_CAPABILITIES returned 0
[   95.904073][  T841] usbtmc 6-1:16.0: can't read capabilities
[   95.943898][   T54] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[   96.103889][   T54] usb 8-1: too many configurations: 28, using maximum allowed: 8
[   96.108089][   T54] usb 8-1: unable to read config index 0 descriptor/start: -61
[   96.108430][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   96.111039][   T54] usb 8-1: can't read configurations, error -61
[   96.120305][ T6059] usb 6-1: USB disconnect, device number 10
[   96.243191][   T54] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[   96.413890][   T54] usb 8-1: too many configurations: 28, using maximum allowed: 8
[   96.418253][   T54] usb 8-1: unable to read config index 0 descriptor/start: -61
[   96.420954][   T54] usb 8-1: can't read configurations, error -61
[   96.423635][   T54] usb usb8-port1: attempt power cycle
[   96.653299][ T8163] fuse: Unknown parameter 'user_i00000000000000000000'
[   96.680299][ T8165] binder: BINDER_SET_CONTEXT_MGR already set
[   96.682240][ T8165] binder: 8164:8165 ioctl 4018620d 200000004a80 returned -16
[   96.763225][   T54] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[   96.772549][ T8171] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8171 comm=syz.1.847
[   96.785507][   T54] usb 8-1: too many configurations: 28, using maximum allowed: 8
[   96.789398][   T54] usb 8-1: unable to read config index 0 descriptor/start: -61
[   96.791940][   T54] usb 8-1: can't read configurations, error -61
[   96.854741][ T8177] __nla_validate_parse: 5 callbacks suppressed
[   96.854753][ T8177] netlink: 16 bytes leftover after parsing attributes in process `syz.0.849'.
[   96.869596][ T8177] netlink: 8 bytes leftover after parsing attributes in process `syz.0.849'.
[   96.874883][ T8177] netlink: 12 bytes leftover after parsing attributes in process `syz.0.849'.
[   96.883200][ T1027] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[   96.933491][   T54] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[   96.954859][   T54] usb 8-1: too many configurations: 28, using maximum allowed: 8
[   96.959501][   T54] usb 8-1: unable to read config index 0 descriptor/start: -61
[   96.962690][   T54] usb 8-1: can't read configurations, error -61
[   96.965511][   T54] usb usb8-port1: unable to enumerate USB device
[   97.037447][ T8179] binder: BINDER_SET_CONTEXT_MGR already set
[   97.041240][ T8179] binder: 8178:8179 ioctl 4018620d 200000004a80 returned -16
[   97.043246][ T1027] usb 7-1: Using ep0 maxpacket: 8
[   97.049998][ T1027] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[   97.051507][ T8182] netlink: 12 bytes leftover after parsing attributes in process `syz.0.851'.
[   97.052656][ T1027] usb 7-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[   97.059918][ T1027] usb 7-1: config 179 has no interface number 0
[   97.062024][ T1027] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[   97.066163][ T1027] usb 7-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[   97.070406][ T1027] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   97.075828][ T1027] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.117249][ T8190] fuse: Unknown parameter 'user_i00000000000000000000'
[   97.131102][ T8192] binder: BINDER_SET_CONTEXT_MGR already set
[   97.133731][ T8192] binder: 8191:8192 ioctl 4018620d 200000004a80 returned -16
[   97.165188][ T8194] binder: 8193:8194 ioctl c0306201 2000000004c0 returned -14
[   97.266590][ T8204] openvswitch: netlink: IP tunnel dst address not specified
[   97.293209][ T7967] usb 7-1: USB disconnect, device number 11
[   97.313444][ T5447] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[   97.463764][ T5447] usb 8-1: too many configurations: 28, using maximum allowed: 8
[   97.468897][ T5447] usb 8-1: unable to read config index 0 descriptor/start: -61
[   97.472007][ T5447] usb 8-1: can't read configurations, error -61
[   97.480447][ T8206] binder: 8205:8206 ioctl c0306201 2000000004c0 returned -14
[   97.603264][ T5447] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[   97.649274][ T8215] netlink: 8 bytes leftover after parsing attributes in process `syz.1.862'.
[   97.652877][ T8215] netlink: 12 bytes leftover after parsing attributes in process `syz.1.862'.
[   97.686408][ T8217] fuse: Unknown parameter 'user_id00000000000000000000'
[   97.714138][   T40] kauditd_printk_skb: 5 callbacks suppressed
[   97.714150][   T40] audit: type=1400 audit(1774445825.023:422): avc:  denied  { bind } for  pid=8218 comm="syz.1.864" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   97.723581][ T8219] sp0: Synchronizing with TNC
[   97.727886][   T40] audit: type=1400 audit(1774445825.023:423): avc:  denied  { write } for  pid=8218 comm="syz.1.864" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   97.774402][ T5447] usb 8-1: too many configurations: 28, using maximum allowed: 8
[   97.780120][ T5447] usb 8-1: unable to read config index 0 descriptor/start: -61
[   97.783449][ T5447] usb 8-1: can't read configurations, error -61
[   97.787125][ T5447] usb usb8-port1: attempt power cycle
[   97.860310][ T8228] netlink: 'syz.2.867': attribute type 27 has an invalid length.
[   97.906247][ T8228] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.910258][ T8228] 8021q: adding VLAN 0 to HW filter on device team0
[   97.917178][ T8228] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   98.000490][ T8239] fuse: Unknown parameter 'user_id00000000000000000000'
[   98.024697][ T8241] Cannot find del_set index 0 as target
[   98.051253][ T8244] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6
[   98.063618][ T8245] netlink: 8 bytes leftover after parsing attributes in process `syz.2.875'.
[   98.066396][ T8245] openvswitch: netlink: Flow actions attr not present in new flow.
[   98.121191][ T8252] binder: 8251:8252 ioctl c0306201 2000000004c0 returned -14
[   98.121658][ T8255] IPVS: set_ctl: invalid protocol: 0 224.0.0.2:20004
[   98.133154][ T5447] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[   98.159232][ T5447] usb 8-1: too many configurations: 28, using maximum allowed: 8
[   98.162805][ T5447] usb 8-1: unable to read config index 0 descriptor/start: -61
[   98.165329][ T5447] usb 8-1: can't read configurations, error -61
[   98.179833][ T8267] fuse: Unknown parameter 'user_id00000000000000000000'
[   98.201381][ T8270] netlink: 'syz.1.884': attribute type 10 has an invalid length.
[   98.204722][ T8270] netlink: 40 bytes leftover after parsing attributes in process `syz.1.884'.
[   98.240541][ T8274] ISOFS: Unable to identify CD-ROM format.
[   98.303171][ T5447] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[   98.324164][ T5447] usb 8-1: too many configurations: 28, using maximum allowed: 8
[   98.328479][ T5447] usb 8-1: unable to read config index 0 descriptor/start: -61
[   98.331050][ T5447] usb 8-1: can't read configurations, error -61
[   98.333421][ T5447] usb usb8-port1: unable to enumerate USB device
[   98.362035][ T8287] netlink: 'syz.2.891': attribute type 1 has an invalid length.
[   98.399688][ T8294] fuse: Bad value for 'fd'
[   98.414975][ T8296] binder: 8295:8296 ioctl c0306201 2000000004c0 returned -14
[   98.422114][ T8298] netlink: 'syz.2.897': attribute type 9 has an invalid length.
[   98.425228][ T8299] netlink: 'syz.2.897': attribute type 9 has an invalid length.
[   98.476371][ T8305] binder: 8304:8305 ioctl c0306201 2000000004c0 returned -14
[   98.529554][ T8311] netlink: 12 bytes leftover after parsing attributes in process `syz.0.895'.
[   98.564592][ T8313] batadv_slave_1: entered promiscuous mode
[   98.597204][ T8323] netlink: 8 bytes leftover after parsing attributes in process `syz.1.905'.
[   98.602573][ T8320] netlink: 'syz.2.904': attribute type 16 has an invalid length.
[   98.620493][ T8320] veth1_macvtap: entered allmulticast mode
[   98.623404][ T8326] fuse: Bad value for 'fd'
[   98.646700][ T8328] 9pnet_fd: Insufficient options for proto=fd
[   98.650430][   T40] audit: type=1400 audit(1774445825.953:424): avc:  denied  { setopt } for  pid=8327 comm="syz.1.907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   98.696847][ T8334] binder: BINDER_SET_CONTEXT_MGR already set
[   98.698983][ T8334] binder: 8333:8334 ioctl 4018620d 200000004a80 returned -16
[   98.720568][ T8334] binder: 8333:8334 ioctl c0306201 2000000004c0 returned -14
[   98.722926][ T8338] ==================================================================
[   98.725818][ T8338] BUG: KASAN: slab-out-of-bounds in try_module_get+0x4c/0xd0
[   98.728188][ T8338] Write of size 4 at addr ffff88802dce7308 by task syz.3.912/8338
[   98.731492][ T8338] 
[   98.733136][ T8338] CPU: 1 UID: 0 PID: 8338 Comm: syz.3.912 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[   98.733167][ T8338] Tainted: [L]=SOFTLOCKUP
[   98.733174][ T8338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   98.733186][ T8338] Call Trace:
[   98.733193][ T8338]  <TASK>
[   98.733200][ T8338]  dump_stack_lvl+0x100/0x190
[   98.733233][ T8338]  print_report+0x156/0x4c9
[   98.733259][ T8338]  ? __virt_addr_valid+0x81/0x620
[   98.733285][ T8338]  ? __phys_addr+0xe8/0x180
[   98.733311][ T8338]  ? try_module_get+0x4c/0xd0
[   98.733341][ T8338]  kasan_report+0xdf/0x1e0
[   98.733361][ T8338]  ? try_module_get+0x4c/0xd0
[   98.733387][ T8338]  kasan_check_range+0x10f/0x1e0
[   98.733407][ T8338]  try_module_get+0x4c/0xd0
[   98.733427][ T8338]  dvb_device_open+0x124/0x3b0
[   98.733453][ T8338]  ? __pfx_dvb_device_open+0x10/0x10
[   98.733469][ T8338]  chrdev_open+0x234/0x6a0
[   98.733482][ T8338]  ? __pfx_chrdev_open+0x10/0x10
[   98.733495][ T8338]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[   98.733511][ T8338]  do_dentry_open+0x6d8/0x1660
[   98.733522][ T8338]  ? __pfx_chrdev_open+0x10/0x10
[   98.733535][ T8338]  vfs_open+0x82/0x3f0
[   98.733548][ T8338]  path_openat+0x208c/0x31a0
[   98.733565][ T8338]  ? __pfx_path_openat+0x10/0x10
[   98.733579][ T8338]  do_file_open+0x20e/0x430
[   98.733591][ T8338]  ? __pfx_do_file_open+0x10/0x10
[   98.733607][ T8338]  ? alloc_fd+0x476/0x790
[   98.733619][ T8338]  ? do_getname+0x191/0x390
[   98.733633][ T8338]  do_sys_openat2+0x10d/0x1e0
[   98.733647][ T8338]  ? __pfx_do_sys_openat2+0x10/0x10
[   98.733663][ T8338]  __x64_sys_openat+0x12d/0x210
[   98.733677][ T8338]  ? __pfx___x64_sys_openat+0x10/0x10
[   98.733691][ T8338]  ? do_user_addr_fault+0x8d6/0x12f0
[   98.733705][ T8338]  do_syscall_64+0x106/0xf80
[   98.733728][ T8338]  ? clear_bhb_loop+0x40/0x90
[   98.733741][ T8338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.733757][ T8338] RIP: 0033:0x7fa6eeb5cfce
[   98.733771][ T8338] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   98.733787][ T8338] RSP: 002b:00007fa6efa83b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   98.733799][ T8338] RAX: ffffffffffffffda RBX: 00007fa6efa846c0 RCX: 00007fa6eeb5cfce
[   98.733807][ T8338] RDX: 0000000000000002 RSI: 00007fa6efa83c00 RDI: ffffffffffffff9c
[   98.733815][ T8338] RBP: 00007fa6efa83c00 R08: 0000000000000000 R09: 0000000000000000
[   98.733823][ T8338] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[   98.733830][ T8338] R13: 00007fa6eee16038 R14: 00007fa6eee15fa0 R15: 00007ffd77ce6b78
[   98.733842][ T8338]  </TASK>
[   98.733846][ T8338] 
[   98.816955][ T8338] Allocated by task 1:
[   98.818270][ T8338]  kasan_save_stack+0x30/0x50
[   98.819760][ T8338]  kasan_save_track+0x14/0x30
[   98.821241][ T8338]  __kasan_kmalloc+0xaa/0xb0
[   98.822762][ T8338]  bus_add_driver+0x92/0x5b0
[   98.824233][ T8338]  driver_register+0x1e2/0x360
[   98.825771][ T8338]  i2c_register_driver+0xd9/0x1f0
[   98.827428][ T8338]  do_one_initcall+0x11d/0x760
[   98.828952][ T8338]  kernel_init_freeable+0x6e5/0x7a0
[   98.830619][ T8338]  kernel_init+0x1f/0x1e0
[   98.831986][ T8338]  ret_from_fork+0x754/0xd80
[   98.833516][ T8338]  ret_from_fork_asm+0x1a/0x30
[   98.835067][ T8338] 
[   98.835843][ T8338] The buggy address belongs to the object at ffff88802dce7200
[   98.835843][ T8338]  which belongs to the cache kmalloc-256 of size 256
[   98.840237][ T8338] The buggy address is located 56 bytes to the right of
[   98.840237][ T8338]  allocated 208-byte region [ffff88802dce7200, ffff88802dce72d0)
[   98.844782][ T8338] 
[   98.845568][ T8338] The buggy address belongs to the physical page:
[   98.847648][ T8338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2dce6
[   98.850377][ T8338] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   98.852988][ T8338] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   98.855410][ T8338] page_type: f5(slab)
[   98.856718][ T8338] raw: 00fff00000000040 ffff88801b842b40 dead000000000100 dead000000000122
[   98.859571][ T8338] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[   98.862325][ T8338] head: 00fff00000000040 ffff88801b842b40 dead000000000100 dead000000000122
[   98.865004][ T8338] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[   98.867777][ T8338] head: 00fff00000000001 ffffea0000b73981 00000000ffffffff 00000000ffffffff
[   98.870566][ T8338] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   98.873276][ T8338] page dumped because: kasan: bad access detected
[   98.875350][ T8338] page_owner tracks the page as allocated
[   98.877217][ T8338] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 18767513231, free_ts 0
[   98.883258][ T8338]  post_alloc_hook+0x153/0x170
[   98.884773][ T8338]  get_page_from_freelist+0x111d/0x3140
[   98.886512][ T8338]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[   98.888465][ T8338]  new_slab+0xa6/0x6b0
[   98.889845][ T8338]  refill_objects+0x26b/0x400
[   98.891460][ T8338]  __pcs_replace_empty_main+0x1ab/0x660
[   98.893207][ T8338]  __kmalloc_cache_noprof+0x493/0x6f0
[   98.894901][ T8338]  bus_add_driver+0x92/0x5b0
[   98.896368][ T8338]  driver_register+0x1e2/0x360
[   98.897966][ T8338]  usb_register_driver+0x21c/0x3e0
[   98.899615][ T8338]  do_one_initcall+0x11d/0x760
[   98.901177][ T8338]  kernel_init_freeable+0x6e5/0x7a0
[   98.902808][ T8338]  kernel_init+0x1f/0x1e0
[   98.904177][ T8338]  ret_from_fork+0x754/0xd80
[   98.905639][ T8338]  ret_from_fork_asm+0x1a/0x30
[   98.907133][ T8338] page_owner free stack trace missing
[   98.908855][ T8338] 
[   98.909640][ T8338] Memory state around the buggy address:
[   98.911367][ T8338]  ffff88802dce7200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   98.913876][ T8338]  ffff88802dce7280: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc
[   98.916354][ T8338] >ffff88802dce7300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   98.918860][ T8338]                       ^
[   98.920279][ T8338]  ffff88802dce7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   98.922959][ T8338]  ffff88802dce7400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   98.925463][ T8338] ==================================================================
[   98.928240][   T40] audit: type=1400 audit(1774445826.233:425): avc:  denied  { read } for  pid=5322 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   98.935449][   T40] audit: type=1400 audit(1774445826.233:426): avc:  denied  { search } for  pid=5322 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   98.935886][ T8338] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   98.935900][ T8338] CPU: 1 UID: 0 PID: 8338 Comm: syz.3.912 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[   98.935918][ T8338] Tainted: [L]=SOFTLOCKUP
[   98.935924][ T8338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   98.935931][ T8338] Call Trace:
[   98.935936][ T8338]  <TASK>
[   98.935941][ T8338]  dump_stack_lvl+0x100/0x190
[   98.935963][ T8338]  vpanic+0x552/0x970
[   98.935975][ T8338]  ? __pfx_vpanic+0x10/0x10
[   98.935987][ T8338]  ? try_module_get+0x4c/0xd0
[   98.936004][ T8338]  panic+0xd1/0xe0
[   98.936015][ T8338]  ? __pfx_panic+0x10/0x10
[   98.936025][ T8338]  ? try_module_get+0x4c/0xd0
[   98.936039][ T8338]  ? preempt_schedule_common+0x42/0xc0
[   98.936056][ T8338]  check_panic_on_warn.cold+0x19/0x34
[   98.936067][ T8338]  end_report.part.0+0x3a/0x90
[   98.936082][ T8338]  kasan_report.cold+0xe/0x18
[   98.936098][ T8338]  ? try_module_get+0x4c/0xd0
[   98.936113][ T8338]  kasan_check_range+0x10f/0x1e0
[   98.936126][ T8338]  try_module_get+0x4c/0xd0
[   98.936141][ T8338]  dvb_device_open+0x124/0x3b0
[   98.936158][ T8338]  ? __pfx_dvb_device_open+0x10/0x10
[   98.936173][ T8338]  chrdev_open+0x234/0x6a0
[   98.936185][ T8338]  ? __pfx_chrdev_open+0x10/0x10
[   98.936197][ T8338]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[   98.936212][ T8338]  do_dentry_open+0x6d8/0x1660
[   98.936222][ T8338]  ? __pfx_chrdev_open+0x10/0x10
[   98.936235][ T8338]  vfs_open+0x82/0x3f0
[   98.936249][ T8338]  path_openat+0x208c/0x31a0
[   98.936264][ T8338]  ? __pfx_path_openat+0x10/0x10
[   98.936278][ T8338]  do_file_open+0x20e/0x430
[   98.936290][ T8338]  ? __pfx_do_file_open+0x10/0x10
[   98.936306][ T8338]  ? alloc_fd+0x476/0x790
[   98.936319][ T8338]  ? do_getname+0x191/0x390
[   98.936351][ T8338]  do_sys_openat2+0x10d/0x1e0
[   98.936368][ T8338]  ? __pfx_do_sys_openat2+0x10/0x10
[   98.936384][ T8338]  __x64_sys_openat+0x12d/0x210
[   98.936398][ T8338]  ? __pfx___x64_sys_openat+0x10/0x10
[   98.936413][ T8338]  ? do_user_addr_fault+0x8d6/0x12f0
[   98.936429][ T8338]  do_syscall_64+0x106/0xf80
[   98.936445][ T8338]  ? clear_bhb_loop+0x40/0x90
[   98.936458][ T8338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.936469][ T8338] RIP: 0033:0x7fa6eeb5cfce
[   98.936478][ T8338] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   98.936489][ T8338] RSP: 002b:00007fa6efa83b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   98.936501][ T8338] RAX: ffffffffffffffda RBX: 00007fa6efa846c0 RCX: 00007fa6eeb5cfce
[   98.936508][ T8338] RDX: 0000000000000002 RSI: 00007fa6efa83c00 RDI: ffffffffffffff9c
[   98.936514][ T8338] RBP: 00007fa6efa83c00 R08: 0000000000000000 R09: 0000000000000000
[   98.936521][ T8338] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[   98.936528][ T8338] R13: 00007fa6eee16038 R14: 00007fa6eee15fa0 R15: 00007ffd77ce6b78
[   98.936538][ T8338]  </TASK>
[   98.942803][ T8338] Kernel Offset: disabled

VM DIAGNOSIS:
13:36:59  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff82753f00 RBX=0000000000000001 RCX=ffffffff917d62fc RDX=ffffc900043a7701
RSI=ffffc900043a76d0 RDI=ffffc900043a77b0 RBP=ffffc900043a76d0 RSP=ffffc900043a7618
R8 =ffffffff917d6300 R9 =0000000000000007 R10=0000000000000200 R11=000000000000f36f
R12=ffffc900043a76d8 R13=ffffc900043a7688 R14=ffffc900043a77b8 R15=ffffc900043a76bc
RIP=ffffffff81b82a65 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d633f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fa6eede7158 CR3=000000003e815000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=0000000002fefcfe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 737570635f657669 7463656666652e74
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff47011626
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff47011626 00007fff4701162c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f37a4a3327c
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f37a4a332bc
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f37a4a33420
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f37a4a332ae
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6379656b00657461 69746e6174736e69 246c746379656b00 7974697275636573
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff857a46b5 RDI=ffffffff9b4a6b40 RBP=ffffffff9b4a6b00 RSP=ffffc900254f72b0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000033333854
R12=0000000000000000 R13=000000000000002e R14=0000000000000010 R15=ffffffff857a4650
RIP=ffffffff857a46df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007fa6efa846c0 ffffffff 00c00000
GS =0000 ffff8880d643f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fa6eeb85dc0 CR3=00000000126f9000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000f8000000 Opmask01=0000000000000000 Opmask02=00000000ff02fefe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 203a6b6361747320 6461657268747020
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd77ce7066
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd77ce7066 00007ffd77ce706c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa6eec3327c
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa6eec332bc
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa6eec33420
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa6eec332ae
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000030646e 65746e6f72662f30 726574706164612f 6276642f7665642f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000013474d 46574d4c51450c13 514657534247420c 4155470c5546470c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa6eedec5f8 00007fa6eedec5c8 00007fa6eedec600 00007fa6eedec5e0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff918b9222 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000001 RBP=ffffc900252be430 RSP=ffffc900252be378
R8 =ffffffff918b9226 R9 =0000000000000007 R10=0000000000000200 R11=000000000001ab85
R12=ffffc900252be438 R13=ffffc900252be3e8 R14=ffffc900252bf5b8 R15=ffffc900252bf5e0
RIP=ffffffff81b82997 RFL=00000287 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f4078cf36c0 ffffffff 00c00000
GS =0000 ffff8880d653f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f37a4c17dac CR3=000000001286d000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=0000000002fefcfe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f37a574d560
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff47011626
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff47011626 00007fff4701162c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f37a4a3327c
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f37a4a332bc
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f37a4a33420
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f37a4a332ae
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f37a4bec600 00007f37a4bec5e0 00007f37a4bec5e8 00007f37a4bec618
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f37a574d020 00007f37a4bec5c0 00007f37a4bec5d0 00007f37a4bec610
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f37a4bec5f8 00007f37a4bec5c8 00007f37a4bec600 00007f37a4bec5e0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff81fc7d82 RDX=ffff888026b6a4c0
RSI=ffffffff81fc7d5c RDI=ffff888026b6a4c0 RBP=ffff88806a542e20 RSP=ffffc900045d7a18
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=0000000000000003 R13=ffffed100d4a85c5 R14=0000000000000001 R15=ffff88806a73c440
RIP=ffffffff81fc7d5e RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d663f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f1503dea078 CR3=000000002fa91000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000041004040 Opmask01=0000000000000101 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 656d69745f656c64 692e7166622e6f69
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd303323f6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd303323f6 00007ffd303323fc
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1503c3327c
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1503c332bc
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1503c33420
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1503c332ae
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5300796461655200 656b616873646e61 48006c616974696e 4900656c676e616d
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000100980070 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000028 000000000000001c 0000000000000001
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000