last executing test programs:

5m29.401118327s ago: executing program 3 (id=104):
syz_open_procfs$pagemap(0x0, &(0x7f0000000280))
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
syz_open_dev$usbfs(&(0x7f0000000140), 0x3233, 0x8000)
mlock(&(0x7f0000fed000/0x13000)=nil, 0x13000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @flat=@weak_binder={0x77622a85, 0x1, 0x2}, @fda={0x66646185, 0x8, 0x1, 0x18}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x8)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)

5m29.400624817s ago: executing program 3 (id=105):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x1a066042, 0x0, 0x0, 0x3}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c58b3bd0000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x2, {0x0, 0x1e}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e1100d6704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6ccb0e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f41c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111ff6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab43fa6104d5a99aa36b73ac3622ccae12252457cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd4132290b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc408a1258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a16d470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="50010000000000000000000000000000060000000000000002000000000000000600000000000000060000000000000005000000ffffffff090000000000000003000000000000000e010000000000000400000000000000000000000000000008000000000000000001000003000000040000000020000005000000", @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0300000007000000000000000400000000000000000003000000000008"], 0x0, 0x0, 0x0})
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2000063, &(0x7f0000000240)=ANY=[@ANYBLOB='fowner<', @ANYRESDEC=r2, @ANYBLOB="2c005172847b6fb26c16200419ba3f4be9d26dd1f288518907ef865bb02600266bb5fd78783b76fa9543725739b4f008e93f23a2bf0321553af9701c946870be050ea8367fd89acb"])
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x145480, 0x0)
close_range(r4, r4, 0x0)
ioctl$BLKRRPART(r4, 0x125f, 0x0)

5m29.399201997s ago: executing program 3 (id=106):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f00000001c0)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}}, 0x1c)
keyctl$read(0xb, r2, &(0x7f0000000000)=""/89, 0x59)
connect$vsock_stream(r1, &(0x7f0000000740), 0x10)

5m28.505547461s ago: executing program 3 (id=109):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000011c0)={0x2020, 0x0, <r0=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000300)={0x50, 0xfffffffffffffffe, r0, {0x7, 0x2b, 0x0, 0x1000249, 0x200, 0xa0, 0x8, 0x7, 0x0, 0x0, 0x100, 0x4}}, 0x50)
newfstatat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x800)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0, <r2=>0x0}, &(0x7f00000002c0)=0xc)
lchown(&(0x7f0000000080)='./file1/file0\x00', r1, r2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), r3)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, r5, 0x7d243a6ea807936d, 0x12, 0x25dfdbf7, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4c891}, 0x880)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000500)='./file1/file0\x00', 0x0, 0x201008, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000001180)='./bus\x00')
r6 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_CAP_ACK(r6, 0x10e, 0xa, &(0x7f0000000000)=0x10, 0x4)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)={0x14, r7, 0x5, 0x70bd2c, 0x0, {{}, {@void, @void}}}, 0x14}}, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

5m28.5048101s ago: executing program 3 (id=110):
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0x4008af20, &(0x7f0000000a40)={0x0, 0x1, 0x0, [0xff, 0x7, 0x68d, 0x3, 0x401], [0x71bf62aa, 0x1, 0xffffffff, 0x5, 0x81, 0x81, 0x7, 0x8, 0xf841, 0x5, 0x101, 0x8, 0x7, 0x7, 0x9, 0x7, 0x100000001, 0x80000000000, 0x6, 0x9, 0x2, 0xba, 0x3, 0x7, 0x6, 0x3, 0x7f, 0x8001, 0x1, 0x4, 0x4, 0x1d, 0x10000, 0x2, 0x0, 0x5, 0x2f8, 0x3, 0x100, 0xf9, 0xfff, 0x5, 0x9, 0x1, 0x9, 0xb, 0x100000001, 0x7, 0x40, 0x10, 0x6b0, 0xee0f, 0x1, 0xc3, 0x9de, 0x0, 0x7b2, 0x18000, 0x3, 0x6, 0xd, 0x8fe, 0x2, 0x100000000, 0x0, 0x7, 0x4, 0x1, 0x5, 0x5, 0xa9a, 0xffff, 0x80, 0xfffffffffffffab4, 0x3, 0x4, 0x7, 0x4, 0x974b, 0x4, 0xff, 0xfffffffffffffff8, 0x36, 0xed6, 0x9, 0x9, 0x2b2c891e, 0x9, 0xffff, 0x3ff, 0x1ff, 0x0, 0x2, 0xee, 0x5cd, 0x4, 0x80, 0xfffffffffffff000, 0x0, 0x1, 0xffffffffffff7fff, 0x6, 0x0, 0x8, 0x4, 0x101, 0xeb51, 0xcdf, 0x6, 0x5, 0x5, 0x7, 0x2, 0x3, 0x5400000000000000, 0x1800000000, 0x7fffffff, 0x6, 0xfff, 0x8, 0x6]})
r0 = socket$inet6(0xa, 0x2, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000540), 0x80001, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000006340)="7c7a6a069306f2c5ddf91f36944f207a1bd11284b4445fa3507bbc5def2e6fec4bb7c6001eafe381e277221f30085acd5d0c251f7c60c23874c04db6aa516f773dd2e57e746d1a085193c8b7664fceb1fe764d87f4395c66e5d4eee443a555692ebe80f3a11b8be74963f1a18c1d0cd71dec65e609e065e14615d2e8b283e55b4aa8b485f81ce52443d61fac9f08cf34f2997c05a63f98f988cfcea9a5650b37dff5817e5033b3912c226bd9bf68b528dec710584242fbdcf7dd0d55e394d3742039e6960bb589fb9ba18ac8e9e82cdbd08e9b584d0a8224cae3e9dd91e25699549007dc0d99165a73cda1c99fc48f6bfdb900c60e4481222505c58cc1108fbaf317d361d1f2d78f6db6e14b283ca9f1927f4f8a0f6f52818be03c7b257aec57f06a0a4279131a2bb0a13b23ab188ea50a686abb2f7e4d0f7a166f358e4cb886b7fbdf51cd9a153410dcc4cc5db7e8e94cc9ba2371a328480ad20f51d7fa012f367a0a8f9c882c47b5f714f0e1b35f72b2261989513c1428d648aa8ab8c12c87dfea38d5be0d49097fce804c9cd2ac8f61b68579853129351e3bcdbdae3371d2b12a150d94b3097161c226c50a1d2c1f8b4c10a986e21dbbb854ad1d26d0ce5d950835d14664ee8f58c537f5256b761b4707fe8d46cc1658798d285310a1cff127b1280cab3f1f633569391d5a7cc08aa1d108b93c38df397d90bbb81753930934df7dcaf8f960dff660fe239aa15cf48872668cacf4d664dc0809fe9d780ab202c3a968abb56655267c907eb3343809b2407105a5c14d53a3b17a9a1552314d27e13daf48a2bb7b2c9fc15aba9ae1d6325c11fbe8432c067efa72878ca56c6463b6cf4d29646905422908a4a1f7741d0049febed4fc2b7cc27154031e50a0ab297826383935bef6a0f968db92128e8a940509b5368146bdcacc852b9d0b4ae9624635f9e69f3a7bc8e6f3340c7de46f49feb20a46f11aef464fa6696a60865bdd0c40b1c411c9661fa9f6393a33a7eb4afaef3eb1ab4634a42baeea780ac6c0c4fc8cf7a92cf0592f993ac85bdfd6c18ba4b7cf4c4438a8330413de8365b4a080234f59edefca0c5ce9697b20cc7b71d04438c00cf3d557bd03b5e1b86e167d2d6e09714135ef720667d0f2e7ca54da419d1bf6722eda31381059216009cd8c99ba1d7f9ebc1bc021457a195fa5be2f0727a84cf4cac5e080f22c836a4955d5ed06bee2eec0d39abc5f459ac43596fee3b341dfbd7ce6f4e57ea42e1e8d4f65880b8b77d2ee27dc1efe95ff1bacf5aa14933456b68645380d0f2ef6284b9946857456d64f4cb656998e99e3e286f596b31c69a69d0ee8444ed838ca2f0ead1be9538e4e927239d0e65a3f871dcad33881f69592eed93a9fafc934aefa67bb87d582d0ae4cfbb5c50325774bbc259a277749751228d3610f95fd56e9fbccb288eca1b14c8255b6996a59c91efbb08440ed91cdd53b0aab82600906904cee2a117a06157e24fa822e1cf4f9db4c2e8a5e842cfc503e578e69002fbae194b6bc7c8b69aac7359292109b712eb49d21946f5ea2745ab77ef59950dcfd926df2aef20e85f2a14554aabb417f15c725c73edd4853926ad6c525afa2c65de213cee799c18d1ced9424d10d7076fc5862579702a5f91031381f41cb8d9899ab514cfa1c8c51437df9710271d8cf69e8900921cba296703f1a7b5234500c1625884fea594d836a930b06142a6e577cd9c2a32cae65e712624abeeffc423a5d5ed7bd75fcb1a82ecec8acd0da9918a5c7c189f14f8cdf37062f93b87f9188501556060ffc6eac435cb1624f2af688316366e03cfb869eacf83d9d45fce910c3347f810b614c2e4291e70471ca2b574241c3f3d9740c6a45c7296a2f275acbde72e513ef4e5a1123a57c2eb1bd023af716c16a7747204338f60b6e3ac514af50b21952c21592aefb6149828a5183ba581d5ee8647f374645ff941bab67bef760ce353b456c4b51c5d3a0c5372b1773b944ad67a92937dd838e1b6f550a1dca975d6230e430bcc278afed54e0621008b2f850107b0244359e3747be5282630452d432e5df0fd160795effed150f9396a7da5a1e4dce0c8f62280ff2fbfaa813859a671208b4b9f05fe450729b0efad83a790acd688a90e5fee5550de4ddeac70ecd125ad076c4e2b68652e6ea520e2b6b339b4b9dc219d853e06b9aa79d022e53607213fc254e15ec3e6b776d2b562997e0fe52b98c58e1c0316b22a4219460053da87e7baff7dc1892c2de2f324dd1169b977f3a6698d0234c78de3e46ba5824f3e373f264e8d28fbb4cc108a41fdecd4b629d92b0a65f84366bf504eb5a894ba40c89f9df854dc469fa174ac85cb8d2adfdc099ca9848a1032b2e2f375bd1544dfb69e33492e1a4b921ad7ff17c4c7e357ff69f42d2301c302ee2ed313f0e9a20ebfe028a8737d6e38bf179940179cb779b70c2276264cb4f23249db7d5f179baa842b70f5b287cf74ce1ff6b70a56be8f2fe15aeadca229804923d28a793838bc605eaf5dcd362f757577ebdac54b09fd73326720d3522d002a41a3b5f2450f48286a5ea45836b5ee77fc415f47e0716049ec2610d607737fd5a73b066b4876f9d744f6b3486b088dd3bfc3d393a27c6c799ce078e2ee348257b5ec1ba9de76da2a67ca912dc2dd5afc70834ceecbb8bd41f6e790294cacd5891bef1b4e2124dcd6dffdedee8f16b3bddc030429dcb0f98e6fe0649cb14eed3293fa4933b2ab8c0ec0ff4dbbced1e32dceb317252e715b872b00478cbd7b0275b7394a0ccfe9887410b32f1ce9266b3b83470ec982cf908507d3ad0cc366bff3759388b624701b3e0dc0e7928386b155b50b42a8e352622516beeeddfb79866a2eb1d360802cd19d62fd171267a0fece5f54e315a8cd49c41072f2a7a0baab5aadae2c1ff28e285b642f8d3869321bd18b4aed107feaa12d055b179a8ab7b50e2796d287a196e280d527b526c45c8aa98696d88a02d923d06fedf51336c0695c218e70448073921971093ea44b5352e10ce6cec26d082b93f69958165bd986f56650a62224c2d9fd044bd8fefd33544c6bd141b4cc211a087fa57c09e195c8edffe559048db738d1395f5e2625dd7cd035b8c76aad6c238fb52a7c5ff0965fc7122a5899746ca88abd699d6078623722fff92726e18613519f2b1927504fd5cb7a38ffa373c3883022f0387953530834affb5f05e0f44c24caa75561b2b63994493ab857fdc30900586fed09298d846e5936869b43d81c4b91902028e57a8f2da16355ccb7a77d29ecc8e66015e979b2f3edc5b8d77c45348dea55c9ed6b7465acf899f4bc1a7edcae0b0daf69ff85c504eea1294620b6d3dbb004575044a5ae7c110010c2cf39827fbdab3b42ac35d147fc53bb5e7de6c47091dc80c14b8da494b2e913d1a52085e29af19edc4a417346c5a896a3851cb6132511e0627d190b77623c8a3bb6085eff22ede7127f7988a1d388fb70ea20d5c1b2424c5aa83532bc5162a5d177968b4a46583f2d4b92d04a5f19145221aeaf724d92ea1d4dfb53021b47585bbe5ce35f8d09a83e13fdb1de8e52dc646d41e810879ce9c830959c3ee93f11a16d030d141863244395e3f847505fe6d9594a34009fec9a743c033b9793335684cc5c3d0eb0ad094f40a60264b02cd88c583c850d99c5b9c6c5dcef467ca3ea38f2aa42f5657cd940aeb12960efa18d571e4f958b9cd90918e069a486d84f214617ce29c0f2c26bf84f12f5036f26a8de0c8359f572654bf5ee06d38f741c464976d95ae3fdda45c2ed2d08ef71d3590e82d235e0fa357c568158791a195d4a2d9615e1edc85be64cfd169f925ffc4f636f86783cf43624a77bdb9b172228097f02f391df00668dafbd9932298b23cfadfd1b8d14a25cb408a440f930f0813de73c1eb2eb4b3c802d718a672453d0038965c6dc98db96fb4e06f1fda72782d0839d4e8b477ebdb2c73510db44f643ec7dc4fcb837806853caa35cf622aff9d44381d3f7adae00650cbb6f0334ceca14ec982dfb5817d7fd49251c203b6463a09c14885f754603291ccf0a7ceaa57284ee751774fa5ad72f9f7a32fa542947af40601e98057895f2869d4ec2db0d73930962535fc9e12ba7e6777cb458592bee505b367012ebd27b256fa0fac1452cf3b28eab573549b7c7a13752ca0189768f738d5f8030fe999f7bdc466d67bb32937ae469f1a1e21fac2ae2ab92a0a260bf0e9ce20625e82f88d0ed4d13876aed768765d77433bb9137d92d622df502aef574de82fe28063128fe5a1787ced99734c2f3f221e80d3baefd367d01d950ee1bc981b4b5ff86b2a96ab78fa3c1201303cab473103d89bb185afc77dd2cb7ac1564045036fe9fcf85af5d73a7553bc45bf5e221564540982db2f81e612e7c1715d3498b8d7851c0160146d6eaae9e30c81dedfca8e7122fcb69b26b396629b723f1e1822b8d5d8f2ac583728a5ab40010f88aa42f37f2031a3e99d8d6661e63f86f65af521066ea6af89c89e1748521b8368cd03409e895a941025ee777653f55e66cd1a0cca21308666260c3b9a306ddadb322eb1d09f7b27fd570cd35b6ec88bb391e3ae4745e17fb4dd7aef1d75b4ebb91e6e7789b241566d7c0cc97a3a126ed50b0cb621e015414f62641afd85bad78470463f86d8287aa56d331911c23c4cae8e5dfea33f3789c03d61f51c590417b5ff9f1aa35ab6a15364296c5f9399216ce565210a4075ac5e43e916850774a127f9174d95b43d839e056b4a7d679bb8804951ca171c0b59f4d6f32c4fe8f908b9a1614591f5d1e1cf3348e02317ec4655c693417a4c4e7007a8db02faa1634f8eea9c9bbe5b149ce2279953a54884392dc7251dd38670fd59d9d1da5203340909d50f779e864339014bcb545d825cdcccedc558a1d01a2784b8f499ce9fa2ddb0dd1dc0b93d1b282a96cb4ecf152474dbc4b2853b30c8e5fcea85bdab949f5eb1e98d81c102c349f680230082db5aba9e20209c35b16598507d28211b49763b598a7e60519d5b28b67c027cb2657cf2ac7c7455291fcfe63f0b43afcd3afaea934da97c209d02e5b47a686c1c284aeee5d662fd9d9be7c576259d9f1a36fc0f7fe329a1da1dbe078381233940745fc28a56db98b1a8442325168158e3f0b3cbf8a368d19dd20cdfc1c4f3893a30a49223050159b0bb8b7c59ca705ae25453988d87ca6cdd2bd2fe37847ba67cbcf7a494925a8598b7b50a741c9ced10ea08e35c422b79265561a07f40ebb89bc46069a1c1ad95949fe757a76ff6b5386a043abc967c367a9d86b54d374e573540dfc1f6d396f398abe9735f523b778fd124ac1e1eb832a66dd4b1838a50e6a4eb1b95b8a60a94f067b24d1194976c539d5ec287a261bf25904575be3ff49e7411a8dc09739649828124c14fc2b89dad1f3f5725db2e45f5a447cd3e4bdf9e1e95c5ad7c76fcf0c1021cb6c32e6985e1d113030d534eecb0dff2554183ee18da2da5d21a8b994a81f05e0e6ae89b20bffb4be333d1956270da23e9905830921b1f3d615a56a20b11d45ccd1d22b910e33f475a92c31fa5b4675ddee18336d0ee7b75c07df2a9d4ad53d83142219a00aef15e1e9dace0f039d63a530fdf671a54aba3882dad0d439632af5576726c3aa095cc1a0a03063e8a6581b78bef501acc24b05a0150d8f683c90e8e5e283a49f898906dab926e544ead48cb9bf9a6e1bf140b5273443b8cb8166b2d8a5464a3e9d9f4246ac81ea91b33a0b399dde9f5efaf792bb04cfa028f40b7c92db2d9c33e16ef58b9263350879ea94e581a1187b2d1931b1cd7606a76bd8943b7c3098a33bdf476960af7bdf2854b1336e72feb603b8bb2242df0839d157843d369a50a615068ff5d99ecebe8dc19158a6c654e853cedf860a727bf8140c062f5d307fdcd150ad0af03d2c3a913b91047858ed6382d2d2d30f5c0bd419c2cd4047f225107ea8bf4a3a69384f16b5b5bb2655bdb750db4e975794592987df95f6a90374b0a08769b2c957faa16a21270196afba76b4527f01f0c5db7fa16e2da81fc49336e20bc3ee1ccbcb62255c84513d9ceb706f03c25000517070c03b7bce838e6b6cbc7f767959fbd62e11ab7ea6d760cff674a4296e6185eb348028b472290922160f3ea36c22c8375a016f505017c0a0e041dd8e52b4f19ccfc701109a19391a059d77db239d40a06d84a6f0ccd08aaad764e53ad1da19ee825a4d25ca7cd538289bffe135486ec1614e28b3682c7081a1b0a2c7272f4e36f6d0d9e68d84209126dc59312d48eed1c63c90efeadd472259392c28746abf394c5c6c97d3fb00b70a74c313a817ee1719c33f16d58f297fc7eacbca5803df115745079c5434e851ad6c1f0e8ba0bdbb66cbb6789b89a23526b476ad0f2cea0907e72702f93d37bdfe7b39fb9b33fb1111e58f5c45db8cc38afe4e03a318aa0690afb870a67aeda7da9640fdad1e1f551dd4757c69b4f523b616e502514a2e35495916f2e5ddab1ad9534644d99ec56e818caba173773aa5e45104deb869b23063eaea5542d3bc503a6948b83779aa46879443cad02477451b46429f1f67560c31d4377f96031ab94866a73be753c4ab91cc6576c3991c3423103ebae604e887c56cbacb9e95b8b46300b62e698a6456a0d175cf682eacabbe301e0b0ea34f963daed0dc6c1b75fa5e3870959913e69e61911d9ff646e9c6bab33fe566871027e861577c4d7fdfdf94ce7ac1a3f6d29daf28d660431a89c0b56c4b95090e2ca5df62c1e5c5dbf98f067751819d4c5914aa33883b7b521aab30d14e1cfae74fcf3ad4b2cf9448009d3223ad984e0c50f92d465573a6fc2894f8a5d4e855316738ecfd6a6c157d39b5c44d80a7cba944cf9f7a701899859821cf2bc248459f7a350fefba53c1481a7197f024f2eb74251455c06f4b82dfcf3ccf3e3b98b898fa1b16c310125e5e9fd4019acccbe91b4d842ddd52ee56f6d3112dec80159d6d3ef93bca70e7afcccb223361c39addbe3c429934cd0ae35f36a8f6309f08e36b27341db1f21fd8a148b239361b31a85f53bd1ad49fadace6c64d5f4363427fb2f268e8aec6d81cdb7f1252baa4652dc55881661114bf98cdf17190379591f0e22dc97e790f53f463bbb0ad0ead78ddf7dfe2e26052acc31cfe52b822afd5ec5c75957106cb5c368c09252ff3e4f624d90e599279fb985ecdb7d8880dfe05ac2d2da83e34e2b9b88f5dd60107a4509902fcddf4a36605e5c7a2606a4aea9fd4b5b24ca6b67d6945d133869cf9276d8c30b08c2a9f4bf03f4e0b956fd5f3c80b958ac5c41e4115b6708799c3102bd8b6c7fe17ff8c3f89c7437255faf69d1e16074086dd44d038bc0211ac74743169b462dbc085d77bf45eea72bf8348308bf48feea02d739a0fee9fbf71023ef8c6828da1aec8618cc2345ff663f88bc52a990e6b9591425435b0c7900ea4068f5aa6345e94254e259a71290fa23281658a6a165d1dee10dcb355518264824665ff2c5538de9ae4487782911f79e0bb09bc2c2d8e0d91b33cbec839075c9b38c848e9d2fad7368e96c1932042c3e85fd95b7d4500e6cae9e649082e9d5ca6f2cf91fc7ecaccc1049525d4325003424cacbd6eb5b8cc30b6893bd1ef46a8e7cbcc87dc2dda5c802ef1f8bb607c7457eb161254dc0feb60ed5ed0383fdb4db91d7e41d45c8eb80c1981e801ef05703f97f8710a2e00eb0559f854f700f946937b9e68c75ad6d0015d5d79be5423d0d846bc76f92ea7ebb0302b3d3c695c0aafa83b2bf029a444709cbf2cefbdcc7eaf3dd7a16f8ca8c861e883db10d433f7fec547be45e6829962e430bb3c93e8cdfb342c1cb7e53d8a6ea625d5574c4b4303f61c4338a658e652ab2bc0029c0a78a5114f495a439956909cf42128cb4348affbecb20b7fea98e22160e9a58e7666a00e7b37fbec4bd3860d66a39d1232a57e8cc50710c5c666f7efa98f16f9a02d843c94b0842a383945d06899998ff2fd01ffb58ab53ea89b2c93634c48d0420edb9791b8e451b35b534b8b2874c4859c684cd14afb5335a2555c75ad9df018635bb7131a7ef204ccecfed33a675fc51687e3f8818406fbf58e7b5fde1ca96153817e1b632e89a78d967eb6a34af1dac0d9ffa448b7b9bac27afc305a7b47febbe0a37036c18aef6852b1b2759d67479f9edb169e796d949844a1624b1e832a2eee9be36dc5866d6fde431cfcbd4e305d322c9dd07f83b5b361daaa74bfc9fbce8b447210c327468659ecbb0a5fc20d0cb79de7d1d70bf251c81d5f38711f3f4bd4752685b077058beb465711b1359d2a7d2f59216c5a807121bb97e7ccacc46526e4072f1d6de3b487d492fed0995e2273fa3bb115bd08d32d8e57eb2aa8f9d3b81babd1b8334c3a5e69422b75502ced3793d07b9bdf38e9d9fa1d2e48c7886dfc41985e8ffc49f09c4ba58ddc3b4cbf562b591f8939ced5d18214a77cc753075334a157373cc33cbc07a731cd6342492f5e05f78108e627bc88777203c76632bbe0120924c7a51bbfc9dc789a5695b7c95ef544935032fb81d499c454a2d78727875c20bc8a48a9f23cf6595c17c9cdaa8d04bab8ac567ebd3bbcdb40e11f1893fea3970f176f75f38d17d6ee1bd4ab76c660723a776bc72319199ab82c40ac4a9f4f475e8fd4643a4be8601cb5172e112c236c7c430078601bf183a59a03885e994c1116a9d4ef275790ff2417ffd85b43274fc57654466fa394958aeb11f343c3439604af13997011af70b67df1a9dfa4cdb751a2dc3e5bbf42f7b9ebc6dcebb2dbdc57d7a2cef7409dba307b7cf6eab148a924566341d035cabc877c68d0fbfaebdd39c16304b63a1bae376fb4650708bf5695dfd7ffc01f43f0021f622de0b116ea494454497337a0ec469963de7f9d2b1d6c5a7a0a7835777a78a2b9e16eec696446981d2fea550f011419b96f7b2018d027b87fc715521b0302bd7b5b3bc5f033346029eced73df07dd1bb1f91848376b40b9e9da7233e7832edcc7b54ef6fd320d19efce78d58ea7020fbbdf77612dc8a4f3281915ac9706f346e405b9f489f8f2e9a2decb8d18bec1e5f735a4ec69bba4dc5d36c9c1cc50b92fe67b2cdd53fa671c0cbe331abdf46787e7c9912b951aa20700dba6cf5a209fe5c9c61ef62a8e2e572ec774b2d0f42d570633fc44d44826e848d47a8f386a5704e0a3eaf1d06617181aeb166334ab55d5aedccb27abf19a42a480930e25465721336c70a2ea7799d21a3659124ac9503efc99c1b13ca2b9723e3e338055f9b3cef7502017ebbb09a64b06462db353a5c562101cb7fbf29e056deeb1ff0c7bc877210c941c87401ceae52bcecc83e87655069ab931bd813c1a87d67554f5d2cf435e6dd92a515c22f5d5a9a44ebc81e9c4849104343b80824005619312a9e349d996e366d381da42edad1a560bf5e31ecd049e92ceaf42954958600a7868599fe10e9b34587368d3044250c3d1a8ba6c8dcb6d318d4f9e71c2d33fc74cb57620a8343258d072f3aa767b4b178f3f66d5a713dae2426296c12edf9ee37636869e30df64cd3855fae20bc7602c1b7e6c8246ed4be71231a5ec7b5e7a9ebb08bf8667d8f2900ecdb0a0addc14a2328eebc448db13013e6a3c1a661065e5ac0a04b5171bd84c9d9d947a6c31257ed13a966530c5e20168c100117cf82b4c00ea3ad00ea65e1af89535b3f11a1418ddad33db8cec281543732d2ff4eab54b12cc95f7d872e75bc01bf6c580540b0e26413c6c2321ddfb0447bdb6acf05ddf2bb92534a3a5f37d6da882289f6fefc6a213cdfcf34902137fa3b982b2b4c27c611f08909a18405482f1e3a2bf3635d3e970457541da16e37bb3c422cceeb484bb64c78724431a543ecf4ca851914c1555e3b785ec87bba3769927f6c29f80e7ae8632bdb9acdddf7c3b5580740d9b2bfc25086c9566844136f3fac74f429121f86c378c68c20a194b0c98b1e92991954cbf60477e217a2e25297fc7b18972e40c531ec19e1eea193bbc8893392d8528c6a0375bcb4b082d20d5c47cb330bbb4b74b91ab55d4a0d3e1dee8182c581e8e70ac30108eeb7185c6ea3f786881ad124e1404651ee95cdb0fbb0d0f4a2b43c795ec1cd4e46234a88862d57903ce878b641004fb637341e5d6bf5163f1a3467b828f6eea96c3c2bb79503687867e11eec32dec452e0fdd2eaacfc0a477ee839ef049855da734d18212142dfe2a95ab9ad9bc4f98c3bfa34134c7e6c9f8669303314d4e8c1bc5475e8fcf418cbdb3246ebf393d911cdfee8f2550dc1593ece59ced81a4ffb2484f9c8ebed0aed8d418138445c4e96b209adcc4afd70f09901662daa2c8c557d6039768d97e6b9518f0de4ac2e0187ba08a4a9128d3e632fca102137338b5e568f12c7bd28db772c800fb5f4d4e683b201840731bb7c034235cd73313cde88891bbb31597bb537696e6c987302297f9717b8053779aed447d33ef9129e84d3031fa9b453bd5731fb010ffd19a9133e0ccbec2461cdd31ba294d68c60a8535b15584bab6e6d0ce6c1cef4755bd5f7d90f4debb40af1437a19a96ef9c0709692156152091c7efb58f2d39a65b96416dc09e8091ae08d9be5235a3c1ec062862baa1aab788f28e83ba4635cecc6671f2320f42b4f711e7d0fcad89d6727d3630da1ef35e32dee39eda665946abe6224f17f2acc29e62518fd51eb7f193d9bb16c38204069098c293fdce24c1c79229fd08622a4256b581cffce12e46c20248dc902753f0e3c91f9685b3d45f984620e262b3487d67d152f1c50de3fd2067a9d3debf715f346dd2f712c55545336a9036ba82bb06cfae59a48d083c3388f77790c9639fa0a9c33f4c66c7513042bffb765c2a4b3657dddf0ea094d8d79018f66c8ef8e9df980a89906275edf4a467a5db0a623976899f0efd167aab6ff385cdde59027a95a570277cb94ebce503906c28527e3114eb9ed739d0c2f4cf82786b35c0054718f47381ed8ce9b107e1f1019be5fc877166da667036f0c1b84e2b5118b5f4babc052d997e5f1e8c4cf45eb26430b74d9e1df3735b8d5df559903143d983e974bed6cc608c2580a991bdd3628ec676d348de8752cafa80c1661f162e35c25fc0ba0198423f83214fed800f9355ac8ea67951cfeeb3736b50c1e14d45d33aa25fc72c38702bd5dd217842e54114f4799c45ff1b7cec9729382ff7fc3ff80cbe1a13d03e19eecd7de676f6791fe34143ae30c97da9623907d974a37b65d0ef5d46b718d58541c6b1902814de71218ca7396ceb5fdacdc3cf4d110862402e7cc6254f1e44e28593fd443290262db75fd482ce1d305d6bf9fd3e5e0efbedac5a4d097650b111e6e9e1b2c66a23ac5bf27ed78d25d1a54c16ca4287126736c2f17ab73e683798c29d16481775ada8e20d94b00b6b29654b18f60e2853fdc7d3ba55d7df660db90288b6f440efd19f0478047b12c7b07ab2b1c9529597e6462d20612e6c3b6d1b1d11305f8ddc811860450504b7cbf9794edd0d07c25ab6307d74afdce958355eb919dcb1fcb8038c6dd5e774ee398dc8553a9ddeb551f", 0x2000, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x76, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00'])
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x8, 0x32, 0xffffffffffffffff, 0x6931b000)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r7 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_NAME(r7, 0x81007702, 0x0)
r8 = open(&(0x7f0000000380)='./bus\x00', 0x48141, 0x0)
fcntl$setlease(r8, 0x400, 0x1)
fsmount(0xffffffffffffffff, 0x0, 0xf4)
r9 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r9, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4)
listen(r9, 0x1)
setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x40}]}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r10 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r10, 0x0)

5m28.456987861s ago: executing program 3 (id=111):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
writev(r0, &(0x7f0000003e80)=[{&(0x7f0000000b00)="e17d7d078ebb15423428cac1adc4ddb2fe673df0848eda8fd7583195e04acc0e9de3214e3c37317e64a41a5f4e456de63a6fd60f62b8cf87fc6ac3fd4b6149b381d699f9d6e1903b1e38d813d8683f70d243405ff35838d23fd52a747ecc92ff475688909dbb548e6dfaea6e4788f2e0fb04ec9df48cd4d046d59bf086333ccc98f05e7941f8d6494eafa400519cd627d2c716843b0d1b605963090a6aecd18d52bc75c3c7c2431883274a77296313978f180e02e81432adf1efd7bce230716eb58b78642183441cd83dd10e46233cf20aaf99fee605ed76e32bcaf2946a74fd2a7961f238c6492c6a", 0xe9}, {&(0x7f0000000240)="2d52e91a4d80", 0x6}, {&(0x7f0000000280)="a2e621f20a8a64f93cc8f55e2268bf579274c09a6bd7cd92888dbeb80b0245fb0a77f417b0079ec81b12bd534effe1d67a", 0x31}, {&(0x7f0000000c00)="282d86c7e4a80e881b5c1a69b1714ab6c6cb85fdfe66b4bb25183e1dba50f3cfab949cc4c299601e0b32620155765ed0d47056677630da37b76bf19a8c4879a5b59883bba280ec6e51fc2f31241686901f1f7ed71d26c3c4c9d6c495d1a36c2f5b163bcfb81ac800b6843bf8589e68df9611172fc75e96489c4a7befcfc94a4e051bba8b39dfa1f5626e784093b68fc70bc246f7eed622816c78eb7480011fc356c90154b6b5f45c606ce738eee242f728eadd77f3d709ace27a3ef2d2a94291ace46d6eace81f9fb3b09950eb94273726ed1e0416c12e3da2364cfa0e9922cfa9c5e64e3f149f327d539096eca45decc41fd7", 0xf3}, {&(0x7f0000000d00)="55fbb78c79fe64dab9c9207c9a8d3bcd45437d178fc765da54e06004bd0d5c64f31ae8e866fd80b050e07070445d33ab18b9bf6078fe07bbe4ddb12812a3527eafa35333fc24af195310cf3bae46ec050a6a0e109d867ad714884398bad2f8d9b16ad2f6178e7f6a836dca8ff58d39d6f54ac0339ac1e132ed1fb132b035a59aab041fee", 0x84}, {&(0x7f0000000dc0)="4214dcfab33deb5b47277b96ae8b3eab0f11e88a8bb96acaef0061b300f269054583495cbe7ad0e4685930366e2c3722dbfb107a4ea7bec73efb20ec2af3dc2f910e08dc3f0b9185343e4a6fc259bb0aba259fdd0fe050f773b9d582c39ecbdfe3576b92ce4fb7f39ade8dc6021672aeae8195f4b8c36f2ee18b7445fe4b150cf273cbf6bd78463f93d904b4c51fd9542a3746908f48a295bc2a589f5cf5a3ba043a9becca2b11641d3a8f1d66cb883e95c0211b83ca3db5ca609f7a0661ccc7ed5fc800ca214938508cf4f4ee911b63ff515411d40198b44df673cf06b9b63782f0b1c52f91b2490841c9a8fd584ed4790c0138e74111e2181845ca1564842c918e7dfc0dacc88e40e7cc0aaf3e74c98bd8e58067e299029716e0965faf42c2e7076987f26a507ce21fc8c049498fb481355312a70c80eb9ef39310d7638fa69b1b8ec60916b2800e36eaf70fab60551b068e0afb02615b8689f4ff631fb928f1f314821f07093bd4ebacad8b6f80451dd52914d560fb9b60098a76e5a1ca2247ff6c291bf0e95d4ce6a135743ced4c58ec8165198c210c25e2181953f79c2de5c024eaee7c0dc26c58e808f558ad3033029f76a6934c8effab765c62aa499fcd5c26fb70642b4272d7bc036d204ab52eeadf7850aa92ba7dadc09f0ca8507bdcfd5810f6b1b2c1c6f149f17ea90ce934a69fcb194060eef74f2eceb367665f710087d94d6f85aa9ceb101f7c7f377a43200ee8807a775784ce21a200faffa7634db9176d8793ccb2cdbc7a4163ce301e36d82a65ca1c2ace5942e857b2d1012971a3ef6ef1a2dc8fe91c894306c6ecff82a2aa6f79d8c22ff22264a10272a26af7004247e75ea982021fa38ba1cbc83ada7d9f3c8ad2f83b369eada0f574c6c96732e88ea54564f4913ff9a21dc4a51d5779bbd1d9b728596dd3cb29506b7e5a61c8c070aa11564a6f51db720f025752849e34cb3f74807b42daaba7c03790889e", 0x2c2}], 0x6)

5m28.398162942s ago: executing program 32 (id=111):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
writev(r0, &(0x7f0000003e80)=[{&(0x7f0000000b00)="e17d7d078ebb15423428cac1adc4ddb2fe673df0848eda8fd7583195e04acc0e9de3214e3c37317e64a41a5f4e456de63a6fd60f62b8cf87fc6ac3fd4b6149b381d699f9d6e1903b1e38d813d8683f70d243405ff35838d23fd52a747ecc92ff475688909dbb548e6dfaea6e4788f2e0fb04ec9df48cd4d046d59bf086333ccc98f05e7941f8d6494eafa400519cd627d2c716843b0d1b605963090a6aecd18d52bc75c3c7c2431883274a77296313978f180e02e81432adf1efd7bce230716eb58b78642183441cd83dd10e46233cf20aaf99fee605ed76e32bcaf2946a74fd2a7961f238c6492c6a", 0xe9}, {&(0x7f0000000240)="2d52e91a4d80", 0x6}, {&(0x7f0000000280)="a2e621f20a8a64f93cc8f55e2268bf579274c09a6bd7cd92888dbeb80b0245fb0a77f417b0079ec81b12bd534effe1d67a", 0x31}, {&(0x7f0000000c00)="282d86c7e4a80e881b5c1a69b1714ab6c6cb85fdfe66b4bb25183e1dba50f3cfab949cc4c299601e0b32620155765ed0d47056677630da37b76bf19a8c4879a5b59883bba280ec6e51fc2f31241686901f1f7ed71d26c3c4c9d6c495d1a36c2f5b163bcfb81ac800b6843bf8589e68df9611172fc75e96489c4a7befcfc94a4e051bba8b39dfa1f5626e784093b68fc70bc246f7eed622816c78eb7480011fc356c90154b6b5f45c606ce738eee242f728eadd77f3d709ace27a3ef2d2a94291ace46d6eace81f9fb3b09950eb94273726ed1e0416c12e3da2364cfa0e9922cfa9c5e64e3f149f327d539096eca45decc41fd7", 0xf3}, {&(0x7f0000000d00)="55fbb78c79fe64dab9c9207c9a8d3bcd45437d178fc765da54e06004bd0d5c64f31ae8e866fd80b050e07070445d33ab18b9bf6078fe07bbe4ddb12812a3527eafa35333fc24af195310cf3bae46ec050a6a0e109d867ad714884398bad2f8d9b16ad2f6178e7f6a836dca8ff58d39d6f54ac0339ac1e132ed1fb132b035a59aab041fee", 0x84}, {&(0x7f0000000dc0)="4214dcfab33deb5b47277b96ae8b3eab0f11e88a8bb96acaef0061b300f269054583495cbe7ad0e4685930366e2c3722dbfb107a4ea7bec73efb20ec2af3dc2f910e08dc3f0b9185343e4a6fc259bb0aba259fdd0fe050f773b9d582c39ecbdfe3576b92ce4fb7f39ade8dc6021672aeae8195f4b8c36f2ee18b7445fe4b150cf273cbf6bd78463f93d904b4c51fd9542a3746908f48a295bc2a589f5cf5a3ba043a9becca2b11641d3a8f1d66cb883e95c0211b83ca3db5ca609f7a0661ccc7ed5fc800ca214938508cf4f4ee911b63ff515411d40198b44df673cf06b9b63782f0b1c52f91b2490841c9a8fd584ed4790c0138e74111e2181845ca1564842c918e7dfc0dacc88e40e7cc0aaf3e74c98bd8e58067e299029716e0965faf42c2e7076987f26a507ce21fc8c049498fb481355312a70c80eb9ef39310d7638fa69b1b8ec60916b2800e36eaf70fab60551b068e0afb02615b8689f4ff631fb928f1f314821f07093bd4ebacad8b6f80451dd52914d560fb9b60098a76e5a1ca2247ff6c291bf0e95d4ce6a135743ced4c58ec8165198c210c25e2181953f79c2de5c024eaee7c0dc26c58e808f558ad3033029f76a6934c8effab765c62aa499fcd5c26fb70642b4272d7bc036d204ab52eeadf7850aa92ba7dadc09f0ca8507bdcfd5810f6b1b2c1c6f149f17ea90ce934a69fcb194060eef74f2eceb367665f710087d94d6f85aa9ceb101f7c7f377a43200ee8807a775784ce21a200faffa7634db9176d8793ccb2cdbc7a4163ce301e36d82a65ca1c2ace5942e857b2d1012971a3ef6ef1a2dc8fe91c894306c6ecff82a2aa6f79d8c22ff22264a10272a26af7004247e75ea982021fa38ba1cbc83ada7d9f3c8ad2f83b369eada0f574c6c96732e88ea54564f4913ff9a21dc4a51d5779bbd1d9b728596dd3cb29506b7e5a61c8c070aa11564a6f51db720f025752849e34cb3f74807b42daaba7c03790889e", 0x2c2}], 0x6)

4m42.615915104s ago: executing program 4 (id=671):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newsa={0xf0, 0x10, 0x713, 0x70bd26, 0x0, {{@in=@empty, @in6=@mcast1, 0x4e22, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x2f}, {@in6=@private2, 0x0, 0x32}, @in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, {0x0, 0x0, 0x10000, 0x0, 0xfffffffffffffffc, 0x20000000}, {0x0, 0x0, 0x8000000000000000}, {0x10000000}, 0xfffffffc, 0x0, 0x2, 0x4, 0x0, 0xb}}, 0xf0}, 0x1, 0x0, 0x0, 0x24000804}, 0x0)

4m42.604945594s ago: executing program 4 (id=672):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0) (async)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet_SIOCSIFPFLAGS(r1, 0x8934, &(0x7f0000000000)={'team0\x00', 0xffff0000}) (async, rerun: 32)
r2 = socket$packet(0x11, 0x3, 0x300) (rerun: 32)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000380)=0x9, 0x4) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'veth0_to_team\x00', <r3=>0x0}) (rerun: 32)
sendto$packet(r2, &(0x7f0000000580)="100833fe1e5b0c9a728e92038fce", 0xe, 0x4000, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}}, 0x14) (async)
mmap(&(0x7f000013b000/0x3000)=nil, 0x3000, 0x1, 0x8010, r0, 0xfffff000)

4m42.586403075s ago: executing program 4 (id=673):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x0, {{@in6=@mcast1, @in6=@loopback}, {@in=@private=0x20, 0x0, 0x32}, @in6=@loopback, {}, {0x3}, {}, 0x0, 0x0, 0x2}, [@algo_aead={0x4c, 0x12, {{'rfc4543(rfc4106(gcm(aes)))\x00'}, 0x0, 0xc0}}]}, 0x13c}}, 0x0)

4m42.525748275s ago: executing program 4 (id=674):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.kill\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x2, 0x1b8, 0x4})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f00000000c0)={0x7, 0x1, 0x9})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000000000002404"])
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYRES8])
r4 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
mmap$binder(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1, 0x11, r4, 0x0)
fcntl$lock(r0, 0x6, &(0x7f0000000080)={0x2, 0x2, 0x1000000020, 0x4})
r5 = getpgid(0x0)
syz_open_procfs(r5, &(0x7f0000000040)='ns\x00')

4m42.518584065s ago: executing program 4 (id=675):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x38, r3, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7ff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8c7e}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x24004101}, 0x4000)
ioctl$USBDEVFS_RELEASEINTERFACE(r1, 0x80045510, &(0x7f0000000100)=0x165)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000010101010000080600124000040000"], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)

4m42.441648197s ago: executing program 4 (id=676):
fsopen(&(0x7f0000000180)='ramfs\x00', 0x0) (async)
r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x1, 0x0) (async)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x400, 0x6)
renameat2(r2, &(0x7f00000000c0)='./file0\x00', r2, &(0x7f0000000140)='./file0\x00', 0x7)
r3 = gettid()
ioctl$BINDER_GET_FROZEN_INFO(r1, 0xc00c620f, &(0x7f0000000000)={r3})
r4 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read(r4, &(0x7f0000000180)=""/95, 0xffffff51) (async)
read(r4, &(0x7f0000000180)=""/95, 0xffffff51)

4m26.377570602s ago: executing program 33 (id=676):
fsopen(&(0x7f0000000180)='ramfs\x00', 0x0) (async)
r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x1, 0x0) (async)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x400, 0x6)
renameat2(r2, &(0x7f00000000c0)='./file0\x00', r2, &(0x7f0000000140)='./file0\x00', 0x7)
r3 = gettid()
ioctl$BINDER_GET_FROZEN_INFO(r1, 0xc00c620f, &(0x7f0000000000)={r3})
r4 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read(r4, &(0x7f0000000180)=""/95, 0xffffff51) (async)
read(r4, &(0x7f0000000180)=""/95, 0xffffff51)

1m29.013755317s ago: executing program 0 (id=2941):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000280)={0x1, &(0x7f0000000100)=[{0x6, 0xfc, 0x0, 0x7fff0000}]})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r2 = userfaultfd(0x801)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents(r3, &(0x7f0000000080)=""/64, 0x40)
getdents64(r3, 0x0, 0x11)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x10003, 0x3, 0x4000, 0x2000, &(0x7f0000002000/0x2000)=nil})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000280))
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000040)=0x1)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x11, r4, 0x0)
r5 = dup2(r1, r1)
read$FUSE(r5, &(0x7f0000000b00)={0x2020}, 0x2020)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x0)

1m29.003030637s ago: executing program 0 (id=2942):
pipe2$9p(&(0x7f00000003c0)={<r0=>0xffffffffffffffff}, 0x84800)
readv(r0, &(0x7f00000008c0)=[{&(0x7f0000000400)=""/113, 0x71}], 0x1)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000400)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@empty, 0x4e23, 0x4000, 0x0, 0x0, 0xa, 0x0, 0x30, 0x0, 0x0, 0xee01}, {0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1bd}, {0x1, 0xfffffffffffffffc, 0x0, 0x6}, 0xfffbffff, 0x0, 0x1, 0x0, 0x2}, {{@in=@local, 0x0, 0x6c}, 0x2, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9}}, 0xe8)
sendmmsg$inet6(r1, &(0x7f00000090c0)=[{{&(0x7f0000000080)={0xa, 0x4e21, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x0)
r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f00000002c0)={0x1, 0x0, &(0x7f0000000040)=""/228, &(0x7f0000000200)=""/166, &(0x7f0000000140)=""/86, 0x8000000})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x103403, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$KVM_SET_IRQCHIP(r5, 0x4020aeb2, &(0x7f0000000080)={0x0, 0x2c01, @ioapic={0x100010000, 0x1, 0x0, 0x0, 0x0, [{0x6, 0x7, 0x8, '\x00', 0xab}, {0x2, 0x0, 0x2, '\x00', 0x5b}, {0x60, 0x4, 0x8, '\x00', 0x3}, {0x5, 0xe, 0x7, '\x00', 0xf1}, {0xc, 0xc, 0x9, '\x00', 0x43}, {0x4, 0x79, 0xc5, '\x00', 0x9}, {0x94, 0x5, 0x9, '\x00', 0xfe}, {0xf, 0x0, 0x6, '\x00', 0xfc}, {0x1, 0x4, 0x8, '\x00', 0x33}, {0x81, 0xf, 0x57, '\x00', 0x9}, {0x5, 0x4, 0x1, '\x00', 0x6}, {0x81, 0x6, 0x6, '\x00', 0x48}, {0x3, 0x1, 0x8, '\x00', 0xff}, {0x6, 0x3, 0x2, '\x00', 0x2}, {0x6, 0x5, 0x3, '\x00', 0x50}, {0xd, 0x2, 0xd, '\x00', 0x2}, {0x8, 0x80, 0x81, '\x00', 0xb}, {0x3, 0x89, 0x1, '\x00', 0xf}, {0x78, 0x7, 0x2, '\x00', 0x5}, {0x3, 0x3, 0xc1, '\x00', 0x7}, {0x5, 0x26, 0x5, '\x00', 0x9}, {0x7, 0x9, 0xe4, '\x00', 0x6}, {0xc1, 0xd, 0x81, '\x00', 0x10}, {0xfd, 0x3, 0x80, '\x00', 0x6}]}})
ioctl$ASHMEM_GET_PROT_MASK(r2, 0x7706, 0x0)
sigaltstack(&(0x7f0000000380)={&(0x7f0000000300)=""/99, 0x80000002, 0x63}, &(0x7f00000003c0)={&(0x7f0000000500)=""/87, 0x0, 0x57})
openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)

1m28.897049518s ago: executing program 0 (id=2944):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200)

1m28.896533388s ago: executing program 0 (id=2945):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r2=>0x0})
connect$packet(r1, &(0x7f0000000180)={0x11, 0xf5, r2, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x14)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x10010, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])

1m28.78957265s ago: executing program 0 (id=2946):
r0 = socket$packet(0x11, 0x3, 0x300) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) (async)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000280)=0x10) (async)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
setsockopt$packet_int(r0, 0x107, 0xe, &(0x7f00000000c0)=0xc, 0x4) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioperm(0x1, 0x3, 0x163f) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
ioperm(0x9, 0x7ff, 0x100000000) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000}) (async)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000240)={0x20, 0x0, &(0x7f0000000140)=[@enter_looper, @increfs={0x40046304, 0x1}, @acquire_done={0x40106309, 0x2}], 0x58, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b418709844"}) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r4, 0x0) (async)
setsockopt$packet_int(r2, 0x107, 0x8, &(0x7f0000000080)=0x7, 0x4)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_FILTER(r5, 0x0, 0x2, 0x0, 0x112)
madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x12) (async)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0}) (async)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r3, 0x4008ae73, &(0x7f0000000180)={0x7, 0x5}) (async)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

1m28.78924594s ago: executing program 0 (id=2947):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88, {0x0, 0x10}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x1)
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
pselect6(0x65, &(0x7f0000000180)={0xfffffffffffffffd, 0x3}, 0x0, 0x0, 0x0, 0x0)

1m12.718696419s ago: executing program 34 (id=2947):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88, {0x0, 0x10}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x1)
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
pselect6(0x65, &(0x7f0000000180)={0xfffffffffffffffd, 0x3}, 0x0, 0x0, 0x0, 0x0)

45.470045594s ago: executing program 2 (id=3475):
r0 = openat$binfmt_register(0xffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f00000000c0)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0x821e, 0x3a, '\'-*\')!-', 0x3a, '\x00', 0x3a, './file0'}, 0x2f) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r1, 0x45809000)
syz_clone3(&(0x7f0000001280)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async, rerun: 32)
r2 = socket$inet_tcp(0x2, 0x1, 0x0) (rerun: 32)
setsockopt$inet_tcp_int(r2, 0x6, 0x7, &(0x7f0000000000)=0x4800008, 0x4) (async)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r3, 0x4068aea3, 0x0) (async, rerun: 64)
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x50001, 0x0) (rerun: 64)
r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000d40), 0x1, 0x0) (async)
write$cgroup_subtree(r4, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
sendto(r5, &(0x7f0000000080)="580b26803deb2ee63cc731e62bdf5b3b27c36f96da7abea241d681d8993525", 0x1f, 0x80001, &(0x7f0000000200)=@phonet={0x23, 0x8, 0xb, 0xc4}, 0x80)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) (async)
r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4e7, 0x30, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040b827"], 0x0) (async)
syz_usb_control_io$hid(r9, 0x0, 0x0)
syz_usb_control_io(r9, &(0x7f0000000000)={0x2c, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00\a\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x4b564d01, 0x0, 0xfffffffffffffff7}]}) (async)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x103183, 0x0) (async)
write$FUSE_NOTIFY_DELETE(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="3c000000060000000000000000000000060000000000000006000000000000001b000000000000002e2f62696e64657266732f62696e646572300000"], 0x3c)

45.349700936s ago: executing program 2 (id=3476):
prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x1081, 0x200000000000}) (async)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r2, &(0x7f0000000b80)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e612721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ef42eeb66c3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a068e9607f57f626a5b8d476636ef1ee76307524009ae49be402000000000000001e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408074c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dff02ba9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669cc43c320544317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb252f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2e02fad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea09364ab42ee9802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c59d88a29af5886c1f5dfc6837c58aaef12a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e218daa5a3ef64617beb30cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe90400fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97184339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f40029d7cfcaf26fd1900d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60e7222697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b7884db26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20d4774d66c5ae270adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac3909750f46a9a8e76a13264ed2b654b9a6eb1809", 0x587, 0x0, &(0x7f0000000180)={0xa, 0x5e64, 0x100000, @mcast2, 0x4}, 0x1c) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_int(r3, 0x1, 0x2d, 0x0, &(0x7f0000001640))
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00', 0x800, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0}) (async)
madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x10)

45.332317506s ago: executing program 2 (id=3477):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r1 = epoll_create1(0x0)
r2 = fcntl$dupfd(r1, 0x406, 0xffffffffffffffff)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$UI_SET_LEDBIT(r3, 0x40045569, 0x80000000086)
r4 = epoll_create1(0x80000)
r5 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$selinux_load(r5, &(0x7f0000000080)={0xf97cff8c, 0x8}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000040))
r6 = socket$inet6(0xa, 0x2, 0x3a)
sendto$inet6(r6, &(0x7f0000000000)="800037bbfa9ba1ce", 0x8, 0x0, &(0x7f0000001100)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
recvmmsg(r6, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}, 0x3422a61a}], 0x1, 0x10102, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r7, 0x8933, &(0x7f0000000080)={'wg2\x00', <r9=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x50, r8, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x34, 0x8, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x3}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r9}]}, 0x50}}, 0x0)
sendmsg$inet(r6, &(0x7f0000000440)={&(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000000180)="7ddfe27cd1c080fd7776ade56dbcdfe30e8a7b34b097e6f7d77171c9b443563ec280f866b78b05", 0x27}, {&(0x7f00000001c0)="a238b5813002c4424612190773cb53dd1385d5ec33b482a9e587dadf00197ae8800dcb622995d40c614bb40f682ee5a82e55f606d7bb8e45f0aebdb5c849ec9551aba940bcda2e308781a017b5bb2e8d8510b82c620742a823bc15c1a9754b13395e128a4d1bd85d45511df674f93004bf3ae5ce5bf1789be6ec5fee63f68088ad7455", 0x83}, {&(0x7f0000000280)="b395999d966cb9271045f00d1001515d0f9e1b6bcc329ca7a2a590a73909bfde0667a072b3f251ef649f", 0x2a}], 0x3, &(0x7f0000000300)=[@ip_retopts={{0x14, 0x0, 0x7, {[@ra={0x94, 0x4}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0xd}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x93}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @dev={0xac, 0x14, 0x14, 0x29}, @broadcast}}}, @ip_retopts={{0xa8, 0x0, 0x7, {[@timestamp={0x44, 0x28, 0x78, 0x0, 0xd, [0x3, 0x8a, 0x401, 0x67d, 0x6, 0xfffffffb, 0xfc6c, 0x8, 0xea4]}, @ssrr={0x89, 0xf, 0x15, [@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @empty]}, @lsrr={0x83, 0x1b, 0x9b, [@rand_addr=0x64010101, @local, @remote, @multicast1, @loopback, @private=0xa010102]}, @rr={0x7, 0x1b, 0xa4, [@dev={0xac, 0x14, 0x14, 0x21}, @remote, @remote, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty]}, @end, @rr={0x7, 0x7, 0x5b, [@broadcast]}, @timestamp={0x44, 0x20, 0x2c, 0x0, 0x7, [0x1, 0x1, 0x5, 0x1, 0x3, 0x0, 0x8]}]}}}], 0x128}, 0x4000000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000100)={0x1})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = openat$cgroup_int(r10, &(0x7f00000000c0)='cpuset.memory_spread_slab\x00', 0x2, 0x0)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000480)={r2, 0x6, 0x3, r2})
write$cgroup_int(r11, &(0x7f00000003c0)=0x1000, 0x12)
close_range(r0, 0xffffffffffffffff, 0x0)

45.217630358s ago: executing program 2 (id=3478):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000340)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x36c18523, 0x401, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0xa4001f7e}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f0000002100)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65be667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x20, 0x0, 0x20000000000, {0x0, 0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x2, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r3, &(0x7f00000000c0)='!', 0xb7f40}])
lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0))
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x16)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="5c01000008ffffffff000000000000000000000000000000007916625cc9f2ead5"])
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x1e1243, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000000000000030100c00000000006000000000000008a040000000000000600000000000000e70b000086809a02aae56c2e00000000ae020000000000000100100000000000940200000000000007bed03d000000000d060000000000000180000000000000cf1a7f2a66db0748d34868a4347829bce2850b1b88955cf7c415660340a3b243ea0c9a7e1197c18a10e87022fed8f51b2c05add52457e609893220cd481ca79fef671d770bfc84783ece9ddc68767a64436aa441ea8d0ee82dbb2c78dfe9416ace59b61b515fd882ca364dc350bf4cc909303f2038c0e86f0000b4152826e2f110fc0cc7672058f1d69f2cf9f0e8fddac81dbb512508ee59f2a83d82994a0ce5a3c9e3e5d58545a740d7"])
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r8, 0x107, 0x14, &(0x7f0000000380)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r9=>0x0})
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x3}, 0x4)
sendto$packet(r8, &(0x7f00000003c0)="1003", 0x2, 0x4000, &(0x7f0000000140)={0x11, 0xf7, r9, 0x1, 0x0, 0x6, @local}, 0x14)
r10 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r10, 0xae60)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r11, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x6, 0x8, 0x40, 0xf, 0x120000, 0x5, 0x0, 0x8, 0x8000000000000001, 0x8, 0x800000000, 0xf, 0x3, 0x1], 0x3000, 0x141200})
r12 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r12)
ptrace$getregset(0x4204, r12, 0x204, 0x0)

41.816306538s ago: executing program 2 (id=3508):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cgroup.controllers\x00', 0x26e1, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cgroup.controllers\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b35, &(0x7f0000000000)={'wg1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000080), 0x20e02, 0x0) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000080), 0x20e02, 0x0)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x100000a, 0x40010, r1, 0x45809000)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_LOG_BASE(r2, 0x4008af04, &(0x7f0000000300)=&(0x7f0000000240))
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) (async)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$SIOCGSTAMPNS(r5, 0x8907, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x6e0}]}) (async)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x6e0}]})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0, 0xeeee0000}) (async)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0, 0xeeee0000})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)) (async)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680))
r7 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$inet_MCAST_MSFILTER(r7, 0x0, 0x30, 0x0, 0x0) (async)
setsockopt$inet_MCAST_MSFILTER(r7, 0x0, 0x30, 0x0, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x309c82, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r9, 0xae60) (async)
ioctl$KVM_CREATE_IRQCHIP(r9, 0xae60)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="820000000000000071000040"])
r11 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cgroups\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r11, 0x7fffffffffffffff)
mmap$KVM_VCPU(&(0x7f000032d000/0x2000)=nil, 0x0, 0x0, 0x810, r10, 0x0) (async)
mmap$KVM_VCPU(&(0x7f000032d000/0x2000)=nil, 0x0, 0x0, 0x810, r10, 0x0)

41.68985407s ago: executing program 2 (id=3509):
r0 = socket(0xa, 0x1, 0x0)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$PTP_SYS_OFFSET(r1, 0x43403d05, &(0x7f0000000740)={0xf})
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e24, @private=0xa010100}, 0x18)

41.648273741s ago: executing program 35 (id=3509):
r0 = socket(0xa, 0x1, 0x0)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$PTP_SYS_OFFSET(r1, 0x43403d05, &(0x7f0000000740)={0xf})
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e24, @private=0xa010100}, 0x18)

1.401657809s ago: executing program 5 (id=3969):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x3, &(0x7f0000000000)=[{0x4, 0x6, 0x0, 0x4}, {0x64}, {0x401, 0x4}]})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1341, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00222200000096231306e53f070c0000002ad001f1"], 0x0}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.controllers\x00', 0x300, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="18000000760001"], 0x1c}], 0x1, 0x0, 0x0, 0x4004000}, 0x0)

1.181872912s ago: executing program 7 (id=3972):
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)

1.166698133s ago: executing program 7 (id=3973):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cgroup.controllers\x00', 0x26e1, 0x0)
close(r0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0x806000)
ioctl$FS_IOC_RESVSP(r1, 0x40305829, &(0x7f0000000380)={0x0, 0x0, 0x4000, 0x9ffffc})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
ioctl$SIOCSIFHWADDR(r0, 0x8b35, &(0x7f0000000000)={'wlan1\x00', @remote})

1.109912854s ago: executing program 7 (id=3974):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x800000000000000, &(0x7f00000002c0)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/255, 0xff, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x31}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x50, 0x0, &(0x7f0000000380)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f61"})

779.228329ms ago: executing program 5 (id=3975):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r1, 0x107, 0xc, 0x0, &(0x7f0000000040))
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, r2, &(0x7f0000000280), 0x8, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000001040)=ANY=[@ANYBLOB="010095f2e746a9b281d656ae00"/36])
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000018010040"])
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_SET_GUEST_DEBUG(r6, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d46549b, 0x0, [0x4, 0x0, 0x0, 0x0, 0x0, 0x2]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r8 = dup(r7)
ioctl$HIDIOCSUSAGES(0xffffffffffffffff, 0x501c4814, &(0x7f0000000000)={{0x1, 0x1, 0x7f, 0x3, 0x6, 0x1}, 0x60, [0x7, 0x7fffffff, 0xc146, 0x2, 0x7fffffff, 0x40, 0xf, 0x3ef, 0x7fff, 0x7, 0x462a, 0x2, 0xf, 0x9, 0x1, 0x1, 0x101, 0x1, 0x5, 0x4, 0x4, 0xa59c, 0x10001, 0x7ff, 0x5, 0x80000000, 0x1, 0x38000, 0x0, 0xe, 0x1346, 0x2, 0x10, 0x800, 0xffffffff, 0xffffdd51, 0x8, 0x7ff, 0x7ff, 0x2, 0x8, 0x4, 0x1, 0x6, 0x9, 0x2, 0x0, 0xfff, 0x9, 0x1, 0x2, 0x4fb00, 0x3, 0x5, 0x5, 0x3, 0x2, 0x4, 0xfffffffe, 0x0, 0x16b, 0x4, 0x3, 0x2, 0xfffffff9, 0x5, 0x9, 0x8, 0x6c8f, 0x3, 0x1, 0x0, 0x7, 0x5, 0x733, 0x3ff, 0x2, 0x5, 0x9, 0x0, 0x6, 0xff, 0x5, 0xab, 0x3ff, 0x3ff, 0x3000000, 0x640, 0x1, 0x40, 0x39, 0x2, 0x80, 0x9, 0x100, 0x7fff, 0x21, 0x141, 0x12f2, 0x1, 0x8001, 0xb, 0x9, 0xf8f, 0x5, 0x2, 0x1ff, 0x2, 0x5, 0x6, 0x8, 0x7, 0x5, 0xb7, 0x9, 0x0, 0xe7c705a, 0x8, 0x0, 0x7fffffff, 0x3, 0xb, 0x3, 0xc2, 0x100, 0x136, 0x30000000, 0x3, 0x5e, 0x5, 0x2, 0xd, 0x1faf, 0x1, 0x5, 0xb8f4, 0x22f, 0x3, 0x7, 0x7, 0x80000001, 0x7, 0x6, 0x31, 0xa, 0x7f, 0x5, 0x6, 0x400, 0x400, 0x4, 0x80000001, 0x8000, 0x8001, 0xa2, 0xab23, 0x7, 0x9, 0x80000000, 0x4, 0x7, 0x60e1, 0x4, 0x8, 0x7fffffff, 0x8, 0x80, 0x5, 0x101, 0x8, 0x800, 0x0, 0x0, 0x3, 0x2, 0x5f8, 0x0, 0xffffffff, 0x2, 0xffff, 0x5, 0x9, 0x90, 0x4, 0x0, 0x1, 0x7fffffff, 0x0, 0x10001, 0x6, 0x80000000, 0x3, 0xed, 0x80000000, 0x50, 0x7fff, 0x0, 0x50000000, 0x81, 0x9, 0xfffffff8, 0x9, 0x2, 0x1, 0x0, 0x9, 0x0, 0x3, 0x49, 0x7f, 0x6, 0x0, 0x0, 0x2, 0x2, 0x9, 0x3, 0x0, 0x5, 0x1000, 0x7, 0x2, 0xf, 0x3ff, 0x1, 0x6, 0x0, 0xd, 0xb, 0x9, 0x9, 0x4, 0xb, 0x7, 0xfffffff1, 0x2, 0x9, 0xd72, 0x9, 0x6, 0x100, 0xa3, 0xff, 0x0, 0x2, 0x3, 0x9, 0x2, 0x7fffffff, 0xfffffffb, 0xdba, 0x6, 0x10, 0x400, 0x340, 0xd, 0x5044, 0xfce, 0x0, 0x8, 0x3, 0x6, 0xe4a, 0xed47, 0x0, 0x5, 0x9, 0xa83, 0x8, 0x2, 0x3800, 0xe8, 0xf, 0x10001, 0xb7d6, 0x5, 0x4, 0xf, 0x3b4, 0x5, 0x4, 0x2, 0x5, 0x4, 0x7fffffff, 0x8, 0xb, 0x0, 0x6, 0x9, 0x0, 0x6, 0x400, 0x1, 0xbd9d, 0x3, 0x4, 0x40, 0xbb7, 0xffff, 0x9, 0x10000, 0xffff8a10, 0x800, 0x54, 0x84e2, 0x1, 0x2, 0x8000, 0x57, 0x0, 0x0, 0xe, 0x6, 0x6, 0x4, 0xffffff07, 0x1, 0x7, 0x8, 0x9, 0x4, 0xd, 0x7, 0x1, 0x3, 0x8, 0x31bc8007, 0x3, 0x8, 0x3, 0x0, 0x7ff, 0xe8, 0x4, 0x7, 0x0, 0x9, 0x4, 0x80000001, 0x2, 0x0, 0x6, 0xffffffff, 0x9, 0xf44e, 0x3, 0x9, 0x0, 0x3, 0x5, 0x1, 0xfffffff9, 0x9, 0x31fe, 0x7, 0x100, 0x5, 0x2, 0x80, 0x0, 0x5, 0x942, 0x8, 0xfffffff8, 0x2, 0x3, 0x0, 0x10000, 0x0, 0x1, 0x7, 0x9, 0x6, 0x99d, 0xc2, 0x2, 0x7, 0x966, 0xffff, 0xa, 0x9b, 0x5, 0x1, 0x2c, 0xffffffff, 0x7, 0x8, 0x80, 0x4, 0x8, 0x9, 0x7, 0xffffffff, 0x3, 0x49e, 0x8, 0x0, 0xfffffffc, 0x53eb, 0x78, 0x3, 0x75ec36e2, 0x40000000, 0x7fff, 0x9, 0x1, 0x81, 0x9, 0x9, 0x1, 0x9, 0x8, 0x4, 0x0, 0x9, 0x10, 0x9, 0x4, 0x6, 0x80000001, 0xd, 0x8, 0x9, 0x4, 0x1, 0x5, 0x1, 0x5d9, 0x0, 0x68000, 0x20000000, 0x1, 0x599, 0x2d08000, 0xe45, 0x100, 0x2, 0x2, 0xffffffff, 0x92cf, 0x1234, 0x2, 0x7, 0x4, 0x6ae, 0x6, 0x1a, 0xe44, 0x1, 0x4, 0x40, 0x6, 0x40, 0x80000000, 0xe, 0x3, 0x8a4, 0x0, 0x46e3f9b, 0x3ff, 0xb, 0x1, 0x4e, 0x63, 0xfffffffc, 0x9, 0x1, 0x4, 0x9, 0x0, 0x0, 0x5, 0x5, 0x80000001, 0x6, 0x800, 0x0, 0x9945, 0x401, 0xa5f, 0x401, 0xecd, 0x5, 0x5, 0x506, 0x9, 0x4, 0x8, 0x9, 0x7fffffff, 0x2, 0x9, 0x6, 0x4, 0x5, 0x8, 0x7fffffff, 0x1, 0x9, 0x9, 0x10001, 0x9, 0x7, 0x400, 0x5, 0x7, 0x0, 0x7ff, 0xfffffffa, 0xfffffc00, 0x9, 0x360, 0x81, 0x6, 0x461, 0x2, 0x9, 0x8, 0x10001, 0x7fff, 0xc74, 0x3, 0x7e, 0x1000, 0x6, 0x8, 0x9, 0x6fa938e6, 0x90d0, 0x6, 0x8, 0xd47, 0xf, 0x7, 0x2, 0x1, 0x9, 0x1, 0x4, 0xf3, 0x7, 0xf012, 0x8, 0x5, 0x7, 0x7f, 0x3, 0x9, 0xff, 0x6, 0x101, 0xfffffff8, 0xff, 0x4, 0x3, 0x1, 0x8001, 0x2f8, 0x7, 0x80, 0x3, 0x8001, 0x4, 0x37b1, 0x6, 0x4, 0x0, 0x3, 0xfff, 0x80000000, 0x2, 0xe, 0x8, 0x0, 0x1, 0x18e7, 0x9, 0x401, 0x800, 0x3, 0x6, 0x5, 0xf49d, 0x6, 0x2, 0x4, 0x1, 0x8, 0x4, 0x40, 0x9, 0x7644, 0x5, 0x7, 0x5, 0x5, 0x6, 0x0, 0xf330, 0xfffffff7, 0xf, 0x64f0, 0x3, 0x90c7, 0x8, 0xd2cf, 0x7, 0x400, 0x30b1, 0xfffffff9, 0x7, 0x0, 0xd, 0x3, 0xb, 0x3, 0x7fff, 0x400, 0x5, 0x2, 0x5, 0x10, 0x53e8, 0x5, 0x4d95, 0x82c, 0x8, 0x5, 0x1, 0x5, 0x6d, 0x3ff, 0x0, 0x7f, 0x7, 0x9, 0x6, 0x8, 0x0, 0x4, 0xe, 0x8001, 0x0, 0xfffffccf, 0x10001, 0x3, 0xc, 0x9, 0x4, 0xcc, 0x4, 0x6425, 0xffffffff, 0x7fff, 0x8, 0xff, 0x6, 0x0, 0xb, 0x9c5, 0x0, 0x8a, 0x91b, 0xffff, 0x2, 0x6, 0x3598, 0x4, 0x6, 0x3874, 0x7, 0xd, 0x6, 0x4, 0x6, 0x0, 0xf48, 0x10001, 0x40, 0x1, 0x7, 0x7, 0x81, 0x7, 0xe, 0x1, 0x8, 0x4, 0x5, 0x5, 0x9, 0xfffffff7, 0xce6c, 0x2, 0x0, 0xff92, 0x7fffffff, 0x5, 0x9, 0x2, 0x2e, 0x1, 0x5, 0x3ff, 0x0, 0x4, 0x1, 0xee, 0x87, 0xd66, 0x200, 0x6, 0x100, 0x5, 0x8, 0xfffffff9, 0x3, 0xb23, 0x4, 0x4, 0x80000000, 0x2, 0xe, 0x6, 0xffffffff, 0x2, 0x6, 0x6b18, 0xa8c, 0x727, 0x9, 0x800, 0x8, 0x4b, 0x10, 0x0, 0xb1a, 0xf5cb, 0x8, 0x4, 0xc0000, 0xa0, 0x5, 0xa, 0x67, 0x9, 0x1, 0x2, 0x6, 0x8, 0x100, 0x8, 0x1, 0x2, 0x400, 0x2, 0x7fff, 0x2c78, 0x3, 0x81, 0x9, 0x89, 0xcc2, 0x788, 0xf3fd, 0xa5fe, 0x9d60, 0xe23f, 0x4, 0x5dfb4a0c, 0x9, 0x6, 0x3, 0x2, 0x4, 0xfffffffb, 0xfff, 0x8001, 0x5, 0x8001, 0x9, 0xe804, 0x8, 0x3, 0xb20, 0xe, 0xfffffffd, 0x3dc1, 0xd49, 0x5, 0x1, 0x7fffffff, 0x3, 0x6, 0x10001, 0x1, 0x9, 0xfffffff7, 0x2ffc, 0x2, 0x8, 0x6, 0xffff, 0x81, 0x5, 0x4, 0x6, 0x9, 0x9, 0x1, 0x0, 0x8, 0x401, 0x200, 0x7, 0xfffffff7, 0x0, 0x8, 0x0, 0x1, 0x34000000, 0x4, 0xfdf8, 0x3, 0x2, 0x2, 0x4, 0x6, 0xfff, 0x0, 0x8, 0x9, 0x5, 0x80000000, 0x8, 0x64, 0x0, 0x7ff, 0x6, 0xf0e8, 0x4, 0x7, 0x10, 0xe, 0x7f, 0x7, 0x5, 0x1, 0xfffffff9, 0x0, 0x6, 0x5, 0x3, 0x3, 0x7, 0x7, 0x1, 0x800, 0x10, 0x0, 0x7, 0x1, 0x0, 0xfffffffc, 0xfffffffa, 0x8, 0x37, 0x2, 0x101, 0x9, 0x6, 0x8001, 0xd, 0x0, 0xd, 0x9, 0x2, 0xa7, 0x3, 0x0, 0x1, 0x2, 0x6, 0x2, 0x6, 0xd, 0xdb90, 0x3, 0x8, 0x2fd59340, 0x9, 0x860, 0xfffffffd, 0xfff, 0x0, 0x5, 0x7fffffff, 0x7, 0x6, 0x3ff, 0x10, 0x10, 0x1, 0x2, 0x101, 0x0, 0x1, 0x6, 0x9, 0x5, 0x8, 0xffff, 0x3, 0x101, 0x6, 0x9, 0x0, 0x4, 0xbe6, 0x5, 0x0, 0x4, 0x6, 0x7, 0x9, 0xff, 0xfffffffd, 0xefb, 0x12000, 0x696, 0x95, 0xffffffff, 0x8, 0x800, 0xca, 0x0, 0x4, 0x1, 0x8, 0x8, 0x1, 0x81, 0x1, 0xd78, 0x5, 0x66, 0x7, 0x0, 0xc5b, 0xc, 0x9, 0x1, 0x9, 0xdb, 0x3, 0x55d, 0x7, 0x9, 0x5, 0x0, 0x2967, 0x6, 0xfb0a, 0x1, 0x5, 0xfffffffc, 0x2, 0x2, 0x1d7, 0x5, 0x7, 0x8, 0x2, 0x2, 0x7fff, 0x1, 0x8001, 0x9, 0x1ae, 0xffffffff, 0x7, 0x7, 0x9, 0x2, 0xfffffffb, 0x7, 0xa, 0x7357, 0x1, 0x80, 0x200, 0x7, 0x9, 0x7fffffff, 0xffffff5e, 0x0, 0x1ff, 0x9, 0x4f9c, 0xddf, 0xfffffffc, 0x3, 0x3, 0x9, 0x5, 0x7, 0x10000, 0xfffff55b, 0x3, 0xdd1, 0x0, 0xd25, 0xfffffffc, 0x0, 0xa0, 0x1, 0x6, 0x80, 0x0, 0x3, 0x3, 0xb, 0x8]})
r9 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000052000100000000000000000002000000090001"], 0x20}}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000140)="65660f38084c5d000f120f440f20c0350a000000440f22c0b90e080000b8eb000000ba000000000f30c4e259bfd7c4c10dea68003e2e670fc72b67d13c660fd48a00000080f30f5d3d00000000", 0x4d}], 0x1, 0x91, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r7, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

593.558561ms ago: executing program 5 (id=3976):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0)
read(r0, &(0x7f0000000080)=""/122, 0x7a)
read$FUSE(r0, &(0x7f0000000100)={0x2020}, 0x2020)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/binder0\x00', 0x6, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r2, 0x29, 0x37, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000000)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000240)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x32}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1, 0x2c}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1}}, &(0x7f00000004c0)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})

532.823262ms ago: executing program 5 (id=3977):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x81, 0x1ff, 0x801, 0x1}, 0x1c)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
sendmsg$tipc(r0, 0x0, 0x40)

529.925462ms ago: executing program 5 (id=3979):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0, 0x3f}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x10000000000000)

529.836772ms ago: executing program 1 (id=3980):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r0 = userfaultfd(0x1)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000040)={0xeeee8000, 0x5000, 0x1})
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180))
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, 0x0)

506.249753ms ago: executing program 1 (id=3981):
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)

505.586913ms ago: executing program 1 (id=3982):
add_key$user(0x0, 0x0, &(0x7f00000000c0)="9b216cf52304fdcaa48cf735d1ca721dd40644c7ec5769c666d220eb87111019131a78ee65c150cb128522d76ba416defce64303145495824c699361bebd074167e8b99a62e428bc25b467151701f856a7d99debd9ff0efba77b335a92ad381ac480462d47f54636c4d1eede4ac2b4f0033e35dd45e30fd9208b9acb0a3aa978244265136966d8c1", 0x88, 0xfffffffffffffffc)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x80, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, 0x0)
r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
ioctl$AUTOFS_IOC_FAIL(r1, 0x40187542, 0x200000000000)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
clock_nanosleep(0xfffffff2, 0x0, &(0x7f0000000140)={0x77359400}, 0x0)

457.671594ms ago: executing program 5 (id=3983):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x3, &(0x7f0000000000)=[{0x4, 0x6, 0x0, 0x4}, {0x64}, {0x401, 0x4}]})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00222200000096231306e53f070c0000002ad001f1"], 0x0}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.controllers\x00', 0x300, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="18000000760001"], 0x1c}], 0x1, 0x0, 0x0, 0x4004000}, 0x0)

457.394724ms ago: executing program 1 (id=3984):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setsig(0x4203, r0, 0x6, &(0x7f0000000000)={0xd, 0x8, 0x8})
r1 = syz_open_procfs(r0, &(0x7f0000000000)='net/icmp6\x00')
write$binfmt_script(r1, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000280)={0x2020, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x2020)
syz_clone3(&(0x7f0000002300)={0x800000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), {0x31}, &(0x7f0000000140)=""/78, 0x4e, &(0x7f00000001c0)=""/160, &(0x7f00000022c0)=[r0, r0, r2, r0], 0x4, {r1}}, 0x58)

456.971104ms ago: executing program 1 (id=3985):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x142, 0x0)
r2 = dup(r0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000440)={0x1f4, 0x2, 0x1, 0x301, 0x0, 0x0, {0x3, 0x0, 0x7}, [@CTA_TIMEOUT={0x8}, @CTA_TUPLE_MASTER={0xc, 0xe, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}, @CTA_TUPLE_ORIG={0x48, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x95}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x3b}}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}]}, @CTA_SYNPROXY={0x44, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0xa}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x3}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x5}, @CTA_SYNPROXY_ISN={0x8}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x7}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x800}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x10000}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0xff}]}, @CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0xfff}, @CTA_TUPLE_REPLY={0xb8, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x40}}, {0x14, 0x4, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010100}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}]}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x2}, @CTA_TUPLE_ORIG={0x70, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}]}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x4}]}, 0x1f4}, 0x1, 0x0, 0x0, 0x50}, 0x20048004)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x64, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x64}}, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000380)={0x1, 0x0, 0x1})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_MPATH(r6, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="8c000000", @ANYRES8=r0, @ANYRESDEC=r6], 0x8c}, 0x1, 0x0, 0x0, 0x4040001}, 0x0) (async)
sendmsg$NL80211_CMD_SET_MPATH(r6, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="8c000000", @ANYRES8=r0, @ANYRESDEC=r6], 0x8c}, 0x1, 0x0, 0x0, 0x4040001}, 0x0)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0) (async)
r7 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x200000c, 0x100010, r7, 0x2000)
madvise(&(0x7f00009bc000/0x3000)=nil, 0x3000, 0x4)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x4052, r8, 0xffffd000)

435.828194ms ago: executing program 1 (id=3988):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x81, 0x1ff, 0x801, 0x1}, 0x1c)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
sendmsg$tipc(r0, 0x0, 0x40)

388.379705ms ago: executing program 6 (id=3990):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000600)={'filter\x00', 0x7, 0x4, 0x408, 0x0, 0x210, 0x0, 0x320, 0x320, 0x320, 0x4, 0x0, {[{{@uncond, 0xc0, 0x100}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "39db3a550f0420921586a79ec5b64093e6072fc889bea60bdd24beacd802"}}, {{@uncond, 0xc0, 0x110, 0x0, {0xff03000000000000}}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="d6c0105d02ce", @loopback, @empty, 0x8, 0x1}}}, {{@arp={@loopback, @rand_addr=0x64010100, 0xff000000, 0x0, 0x5, 0xd, {@mac, {[0xff, 0xff, 0xff, 0xff, 0xff]}}, {@empty, {[0x0, 0xff, 0xff, 0xff, 0xff, 0xff]}}, 0x5, 0x5, 0x0, 0x6, 0x40, 0x12, 'veth1_to_bridge\x00', 'ip6_vti0\x00', {0xff}, {0xff}, 0x0, 0x40}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @empty, @broadcast, @rand_addr=0x64010100, 0x8, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x458)

388.249135ms ago: executing program 6 (id=3991):
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x3, 0x3, 0x0, 0x4, 0x5})
setrlimit(0x40000000000008, &(0x7f0000000000)={0x20, 0x200000})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)

388.148395ms ago: executing program 6 (id=3992):
r0 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000340), 0x2000011a)
sendmsg$TIPC_NL_NODE_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[], 0x1bc}, 0x1, 0x0, 0xfff5, 0x48004}, 0x4004008)

289.611306ms ago: executing program 6 (id=3993):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x8800, 0x0)
read(r0, &(0x7f00000004c0)=""/92, 0x1001)
close(r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.parent_freezing\x00', 0x275a, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xdc, 0x0, 0x4})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f00000001c0)={0xbe, 0x0, 0x1})
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x4000002a, 0x0, 0x4}]})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240})
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x1, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000002, 0xff], 0x0, 0x41845})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='coredump_filter\x00')
pread64(r6, 0x0, 0x0, 0xc2a)
sendmsg$NL80211_CMD_SET_CHANNEL(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="dd032dbd7000fddbdf254100000008000300a3ea4e890b3f2e4c0953b6122eb027eb1691129a889610764e4a6d5d54bc5e893c2f7c44149b1bfcc6bcebe8b22bef662cb86756a8fd1d86e5f654a99192133d0fce3603160a7aadd6f71bac37cf41ac320d808d81a44331a35c843224719dbd3bd492098bc92cbe1b158febba386409f228b8407b714f8b36473f859b7a85c81fdbc700f7daa27ed80fddb7e5389c7d068d6e555860b3c4d50bd956d156d61116320ee4a8b3576e4858ea927dd6a656", @ANYRES32=r5, @ANYBLOB="0c009900c60000006f000000050019010d00000005001801140000000800a100d2030000"], 0x40}}, 0x40000)

244.354747ms ago: executing program 6 (id=3994):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101a40, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x3, 0x0, 0x0, 0x0, 0x4, 0xc, 0x7, 0x0, 0xff, 0x1f, 0x0, 0x10000}, {0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x9, 0x80, 0x0, 0x4}, {0x0, 0x0, 0x3c, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x5a}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = syz_open_dev$hidraw(&(0x7f0000000080), 0x6, 0x40000)
ioctl$HIDIOCGRDESC(r6, 0x90044802, &(0x7f00000003c0)={0x53b, "268da6e4d98c6edacc1cba1dc31c4a6e041bb410758343b439a5d8106253511deb9714e63663e689db713c98bec1bc19af9a527c645d3b1159bf48ae10b61dc19a418a04d3c3c56138749c147b7743ff437dafc9262d473b57adb1850897aa4c0ab07d642af8a0415fc14b9372b09195de2342510bd9f5862c37f4ffde9068e7eae2ff159f8d90cd69971c4a60e7c48081d975f676a019dce48d4dafccc8451f944653eaf9ec19ff76ab7e5fe92cb33bc0751581a2a628e10c27c28fb8d8f4bb0e0be3293f806283ab50363125ba04ddb2a53d5c78276d15902e0514230b293ef506cc01e87913ee12b3d9e748c755e016b5a8f6ed9b90ae2093b0f7eb42c77441ce6da1cea2721eee7ea26bcb281dbe58a4dfc8db41d661fdf5858ab1073a9f2267f1076f0dba03a938b676d9e32cfa1e1d7acfd857a0a533ab7732a849ffe57e5e4c727ef6bfaf2594f8d3e05df0bd0c83ca42e584f9c3c5e6aa335f98ae9902d4d6fc449aac948e11d9025b2a33fae92050810b3a068a22c39545a99c86b3fd7e21c1f91b423fe25321b08628364919ab2d0bb050b1c64e62dce78e1bdf79ef3014fad1524a67efe131fbe24574dc44da7998fbc278e8237d5bf04248d49591470998348fc98c0ee747fc28ad693bf5726710c41216f6c57de002289b48cfe7cc3fa358067359ab370e7d502e55895367268fbe7a0c9b29022c5bea834dc348526ab7b863faec36562d7ec6855f59082aaa005c7655f99a4ab129e2bc746a59010ad4a5ba795690b2d395ea8ddb8d9e8ed905a294a7c5f228909dc3cfb71d3c96365c861b57babef70d1e0c61936993837db4ace008ad111316d53a4112174bb268a4cf545ec5df80036e4faa07b3b4b7e54b80874fe63a66223c56ac481e91fd0686e4f1c3e2fb5e5c540766b6364e50fb861e352d9cfe2a023167a3e9d08ba3af01cf76b2e93bea76575ed21b22f79ff93a28198da114a1673a938d917e8dc23fa3909b03d7a96e11cea1d3ddb3b8d49814722a16f6c303e7258c9194541ef488069d54df7f8ee2c840e9ed1bc9a95dc3b64372e358e6f9e6db45964deacfa752207bd87a8247a86115879ebe0d385ed30c5de1440613f8e6e657bb416e65eb54ea81bff9014ad17bd7e4e699260f975e83fb13d0098495c6f7a013ccd0936a90c27fb682b978cb10d96418b0cdd3e48c24f816c9784d6eeef961d4d6d43800244c561ffef72bb47ee2fe58006bbc2a7b43e6a6b55cbb650ab4758949291ba6be55583a8bf81ff0ddfb2082a7663b0cccdfde8596f78d7391049d064b34959ac2797ddee55330f6fee28e5761f55455e69585c83a78cfe51dd6f00d6b1ef7cd9c3dd5d5ae1bb3eea3c265c6877a9ede444bde9725259b3fb4bb6b2886db31d9959230b569f849e4b46e4ec3dbadff4b0038574f1a2ee26ac9565cc9660bfabe5894088ed9d23918f5c920b97392c5483f4de2f3c09d00a399a45d5c33505542f6089c276d53ee5bf40f93c0f636e0ccfc18fd97b5bf7f2ad3a4722cb681f34f3bb6896f6c7c4093131625f59c2038baf94e3d8b52acbca427fa5cb2dbf91f3d9c4588f203ffce7aedb57ec12ddeffe20181c2ac199941dddd609e72c25a6cc7fe20fe5ffc450e8ffaf5425017e8b8f4ab61e900ff7d21af8da0cbd7a0e3fc716953fb353f55ee9b919e66316fdfb8134e6f59858bf66647cc3824a06faca8bcfab5e9e48e19f8d3536d80f7c020d5dc191cc524bbe882d52bf96fade41978a565293ca2792184f793bb21215fd52c2c60b3c75d5168234c151b1237936651af4dcfaf0939551858c2282978eb5eaaf3f981ae9630ee73a1528857b138015404ecd0e8e5cb6a0c11713b773b0feb24ee566932b21d3157d680"})

239.117977ms ago: executing program 7 (id=3995):
r0 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x7, &(0x7f0000000000)=0x4800008, 0x4)
close_range(r0, r1, 0x2)
r2 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sync()
ioctl$FICLONERANGE(r2, 0x4020940d, 0x0)
sync()
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8923, &(0x7f00000000c0)={'team_slave_1\x00', @remote})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000040)={0x5})

105.764809ms ago: executing program 6 (id=3996):
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/95, 0xffffff51)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
ioctl$BLKPG(r1, 0x1269, &(0x7f00000000c0)={0x1, 0x0, 0x98, &(0x7f0000000000)={0x40000000, 0x8000, 0x13}})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r3, 0x29, 0x1e, 0x0, 0x4)
r4 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000080))
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r6 = socket$unix(0x1, 0x5, 0x0)
r7 = dup2(r6, r5)
close_range(r7, 0xffffffffffffffff, 0x0)
mount_setattr(0xffffffffffffffff, 0x0, 0x1100, &(0x7f00000000c0)={0x100008, 0x0, 0x80000, {r4}}, 0x20)
r8 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000000eeff97000040"])
r10 = socket$pptp(0x18, 0x1, 0x2)
ioctl$sock_inet_SIOCGIFNETMASK(r10, 0x891b, &(0x7f0000000000)={'geneve1\x00', {0x2, 0x0, @local}})

105.548949ms ago: executing program 7 (id=3997):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0x1, 0x2, 0x5, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x9, 0x0, 0x8000000000000, 0x2], 0x8080000, 0x1144})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CAP_VM_TYPES(r4, 0x4068aea3, &(0x7f0000000140))
ioctl$KVM_CAP_X2APIC_API(r4, 0x4068aea3, &(0x7f0000000280)={0x81, 0x0, 0x1})
ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f0000000040)={0x8000000, 0xf001, 0x9, 0x1, 0x20e})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x8000, 0x210000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

0s ago: executing program 7 (id=3998):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @local, 0x3}, 0x1c)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x0, {0x2, 0x4e21, @local}, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x12}}, {0x2, 0x4e23, @empty}, 0x294, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x9})
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
writev(r1, &(0x7f0000003e80)=[{&(0x7f0000000b00)="e17d7d078ebb15423428cac1adc4ddb2fe673df0848eda8fd7583195e04acc0e9de3214e3c37317e64a41a5f4e456de63a6fd60f62b8cf87fc6ac3fd4b6149b381d699f9d6e1903b1e38d813d8683f70d243405ff35838d23fd52a747ecc92ff475688909dbb548e6dfaea6e4788f2e0fb04ec9df48cd4d046d59bf086333ccc98f05e7941f8d6494eafa400519cd627d2c716843b0d1b605963090a6aecd18d52bc75c3c7c2431883274a77296313978f180e02e81432adf1efd7bce230716eb58b78642183441cd83dd10e46233cf20aaf99fee605ed76e32bcaf2946a74fd2a7961f238c6492c6a", 0xe9}, {&(0x7f0000000240)="2d52e91a4d80", 0x6}, {&(0x7f0000000280)="a2e621f20a8a64f93cc8f55e2268bf579274c09a6bd7cd92888dbeb80b0245fb0a77f417b0079ec81b12bd534effe1d67ac67dd486af84", 0x37}, {&(0x7f0000000c00)="282d86c7e4a80e881b5c1a69b1714ab6c6cb85fdfe66b4bb25183e1dba50f3cfab949cc4c299601e0b32620155765ed0d47056677630da37b76bf19a8c4879a5b59883bba280ec6e51fc2f31241686901f1f7ed71d26c3c4c9d6c495d1a36c2f5b163bcfb81ac800b6843bf8589e68df9611172fc75e96489c4a7befcfc94a4e051bba8b39dfa1f5626e784093b68fc70bc246f7eed622816c78eb7480011fc356c90154b6b5f45c606ce738eee242f728eadd77f3d709ace27a3ef2d2a94291ace46d6eace81f9fb3b09950eb94273726ed1e0416c12e3da2364cfa0e9922cfa9c5e64e3f149f327d539096eca45decc41fd7", 0xf3}, {&(0x7f0000000d00)="55fbb78c79fe64dab9c9207c9a8d3bcd45437d178fc765da54e06004bd0d5c64f31ae8e866fd80b050e07070445d33ab18b9bf6078fe07bbe4ddb12812a3527eafa35333fc24af195310cf3bae46ec050a6a0e109d867ad714884398bad2f8d9b16ad2f6178e7f6a836dca8ff58d39d6f54ac0339ac1e132ed1fb132b035a59aab041fee5c4fd0c0ded8b2da527722209769887275f06e9b5b4a955ca34a28f5332f625d58e6871ba86fc20fafe4ec7a", 0xb0}, {&(0x7f0000000dc0)="4214dcfab33deb5b47277b96ae8b3eab0f11e88a8bb96acaef0061b300f269054583495cbe7ad0e4685930366e2c3722dbfb107a4ea7bec73efb20ec2af3dc2f910e08dc3f0b9185343e4a6fc259bb0aba259fdd0fe050f773b9d582c39ecbdfe3576b92ce4fb7f39ade8dc6021672aeae8195f4b8c36f2ee18b7445fe4b150cf273cbf6bd78463f93d904b4c51fd9542a3746908f48a295bc2a589f5cf5a3ba043a9becca2b11641d3a8f1d66cb883e95c0211b83ca3db5ca609f7a0661ccc7ed5fc800ca214938508cf4f4ee911b63ff515411d40198b44df673cf06b9b63782f0b1c52f91b2490841c9a8fd584ed4790c0138e74111e2181845ca1564842c918e7dfc0dacc88e40e7cc0aaf3e74c98bd8e58067e299029716e0965faf42c2e7076987f26a507ce21fc8c049498fb481355312a70c80eb9ef39310d7638fa69b1b8ec60916b2800e36eaf70fab60551b068e0afb02615b8689f4ff631fb928f1f314821f07093bd4ebacad8b6f80451dd52914d560fb9b60098a76e5a1ca2247ff6c291bf0e95d4ce6a135743ced4c58ec8165198c210c25e2181953f79c2de5c024eaee7c0dc26c58e808f558ad3033029f76a6934c8effab765c62aa499fcd5c26fb70642b4272d7bc036d204ab52eeadf7850aa92ba7dadc09f0ca8507bdcfd5810f6b1b2c1c6f149f17ea90ce934a69fcb194060eef74f2eceb367665f710087d94d6f85aa9ceb101f7c7f377a43200ee8807a775784ce21a200faffa7634db9176d8793ccb2cdbc7a4163ce301e36d82a65ca1c2ace5942e857b2d1012971a3ef6ef1a2dc8fe91c894306c6ecff82a2aa6f79d8c22ff22264a10272a26af7004247e75ea982021fa38ba1cbc83ada7d9f3c8ad2f83b369eada0f574c6c96732e88ea54564f4913ff9a21dc4a51d5779bbd1d9b728596dd3cb29506b7e5a61c8c070aa11564a6f51db720f025752849e34cb3f74807b42daaba7c03790889e946dc55d87e66d8c717873d458f8216350dfbee0920dcde61dbb4e832d3c28f9e19cf196ea2693826285bfe6fc7ab3228ee85999476fec1e91a5e722641024cf936af72ba57d29866c95993ba6fb20921c0ba48b244f0a3b651781494724d90b21d809cab3c7e478c30f341b5efef9b85e8e19063be1c2269cc233f89a5020d0fc08bb1714256c98023f40a6864b0e2baa8a307fd4bbf5d5b331edc733587b7c7fb057370819a9fcfcd2a315cbfe7a4f776725e0eaf5bf63987e52cd64b2d0a3616f0a8d06b41803f6e8f62fa9f6fb1d79d9f40f90e45888a1165c32c45fc1ac1d83d1835ac55f4364e27689a58684e86bc4c3d20698df3f6eb5fa2c38f34a6707be3cd47a486b28f0651a28065565b2b369cec1f9e8f0f802571a3df7a0f78d8d6bcfa83ddff46e1c91f73bcf8529aa5efa2813a30f08ac9bb67d5c13e13bd80d7c65665bb4c7d42786fe94539713c34539fe43baa4289fe3cf40e3db7457468e8d70cfcd9727c73fd338cbfe750eb88471839b843175a418d0", 0x43c}], 0x6)

kernel console output (not intermixed with test programs):

0x81 has invalid wMaxPacketSize 0
[  282.431956][  T305] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  282.447049][  T305] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  282.456390][  T305] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.470264][  T305] usb 2-1: config 0 descriptor??
[  282.571241][   T36] audit: type=1326 audit(1750460203.025:1263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.5.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  282.626805][   T36] audit: type=1326 audit(1750460203.025:1264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.5.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  282.680197][   T36] audit: type=1326 audit(1750460203.025:1265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.5.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  282.722980][   T36] audit: type=1326 audit(1750460203.025:1266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.5.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  282.776410][   T36] audit: type=1326 audit(1750460203.025:1267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.5.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  282.797019][ T8348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  282.819194][   T36] audit: type=1326 audit(1750460203.025:1268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.5.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  282.822063][ T8348] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  282.872642][   T36] audit: type=1326 audit(1750460203.025:1269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.5.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  282.906368][  T305] microsoft 0003:045E:07DA.0016: unexpected long global item
[  282.933767][  T305] microsoft 0003:045E:07DA.0016: parse failed
[  282.945503][  T305] microsoft 0003:045E:07DA.0016: probe with driver microsoft failed with error -22
[  283.074528][ T8361] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  283.074561][ T8361] rust_binder: Error while translating object.
[  283.083611][ T8361] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  283.090295][ T8361] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1294
[  283.118531][ T8348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  283.150198][  T305] usb 2-1: USB disconnect, device number 32
[  283.150860][ T8348] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  283.191268][ T8348] fuse: Bad value for 'fd'
[  283.205146][   T31] usb 3-1: USB disconnect, device number 74
[  283.468913][ T8374] rust_binder: Write failure EINVAL in pid:1307
[  283.866367][ T8399] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3072'.
[  283.883413][   T36] audit: type=1400 audit(1750460204.260:1270): avc:  denied  { execute } for  pid=8398 comm="syz.1.3072" path="/proc/694/task/695/net/fib_trie" dev="proc" ino=4026532660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=file permissive=1
[  283.927479][ T8404] FAULT_INJECTION: forcing a failure.
[  283.927479][ T8404] name failslab, interval 1, probability 0, space 0, times 0
[  283.963085][ T8404] CPU: 1 UID: 0 PID: 8404 Comm: syz.2.3073 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  283.963124][ T8404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  283.963137][ T8404] Call Trace:
[  283.963144][ T8404]  <TASK>
[  283.963153][ T8404]  __dump_stack+0x21/0x30
[  283.963183][ T8404]  dump_stack_lvl+0x10c/0x190
[  283.963208][ T8404]  ? __cfi_dump_stack_lvl+0x10/0x10
[  283.963235][ T8404]  ? __kasan_check_write+0x18/0x20
[  283.963260][ T8404]  dump_stack+0x19/0x20
[  283.963285][ T8404]  should_fail_ex+0x3d9/0x530
[  283.963308][ T8404]  should_failslab+0xac/0x100
[  283.963336][ T8404]  __kmalloc_node_noprof+0x6c/0x450
[  283.963361][ T8404]  ? crypto_create_tfm_node+0xa5/0x4d0
[  283.963384][ T8404]  crypto_create_tfm_node+0xa5/0x4d0
[  283.963405][ T8404]  ? up_read+0x26/0x1d0
[  283.963425][ T8404]  crypto_spawn_tfm2+0x60/0x90
[  283.963452][ T8404]  crypto_authenc_init_tfm+0x4c/0x250
[  283.963477][ T8404]  ? crypto_aead_init_tfm+0x107/0x1a0
[  283.963509][ T8404]  ? __cfi_crypto_authenc_init_tfm+0x10/0x10
[  283.963534][ T8404]  crypto_aead_init_tfm+0x11e/0x1a0
[  283.963568][ T8404]  crypto_create_tfm_node+0x198/0x4d0
[  283.963590][ T8404]  ? crypto_alg_mod_lookup+0x3a2/0x5b0
[  283.963612][ T8404]  crypto_alloc_tfm_node+0x169/0x370
[  283.963636][ T8404]  crypto_alloc_aead+0x34/0x40
[  283.963666][ T8404]  esp_init_state+0x5b7/0x11c0
[  283.963736][ T8404]  ? xfrm_user_rcv_msg+0x577/0x860
[  283.963765][ T8404]  ? netlink_rcv_skb+0x22b/0x4a0
[  283.963795][ T8404]  ? ___sys_sendmsg+0x220/0x2a0
[  283.963826][ T8404]  ? __x64_sys_sendmsg+0x1eb/0x2c0
[  283.963847][ T8404]  ? __cfi_esp_init_state+0x10/0x10
[  283.963878][ T8404]  ? __xfrm_init_state+0x409/0xfe0
[  283.963908][ T8404]  ? __asan_memcpy+0x5a/0x80
[  283.963932][ T8404]  __xfrm_init_state+0xa7b/0xfe0
[  283.963966][ T8404]  xfrm_add_sa+0x2b46/0x3ea0
[  283.963993][ T8404]  ? selinux_capable+0x38/0x50
[  283.964014][ T8404]  ? __cfi_xfrm_add_sa+0x10/0x10
[  283.964055][ T8404]  xfrm_user_rcv_msg+0x577/0x860
[  283.964083][ T8404]  ? __cfi_xfrm_user_rcv_msg+0x10/0x10
[  283.964108][ T8404]  ? stack_trace_save+0x9d/0xe0
[  283.964135][ T8404]  ? __asan_memcpy+0x5a/0x80
[  283.964158][ T8404]  ? avc_has_perm_noaudit+0x286/0x360
[  283.964182][ T8404]  ? avc_has_perm+0x144/0x220
[  283.964222][ T8404]  netlink_rcv_skb+0x22b/0x4a0
[  283.964254][ T8404]  ? __cfi_xfrm_user_rcv_msg+0x10/0x10
[  283.964283][ T8404]  ? __cfi_netlink_rcv_skb+0x10/0x10
[  283.964312][ T8404]  ? __kasan_check_write+0x18/0x20
[  283.964335][ T8404]  ? mutex_lock+0x92/0x1c0
[  283.964354][ T8404]  ? __cfi_mutex_lock+0x10/0x10
[  283.964374][ T8404]  ? netlink_autobind+0x1c0/0x1c0
[  283.964406][ T8404]  xfrm_netlink_rcv+0x76/0x90
[  283.964432][ T8404]  netlink_unicast+0x8c6/0xa60
[  283.964460][ T8404]  netlink_sendmsg+0x7f0/0xaf0
[  283.964490][ T8404]  ? __cfi_netlink_sendmsg+0x10/0x10
[  283.964522][ T8404]  ? bpf_lsm_socket_sendmsg+0xd/0x20
[  283.964553][ T8404]  ? security_socket_sendmsg+0x33/0xd0
[  283.964578][ T8404]  ? __cfi_netlink_sendmsg+0x10/0x10
[  283.964609][ T8404]  ____sys_sendmsg+0xa15/0xa70
[  283.964655][ T8404]  ? __sys_sendmsg_sock+0x50/0x50
[  283.964712][ T8404]  ? import_iovec+0x81/0xb0
[  283.964744][ T8404]  ___sys_sendmsg+0x220/0x2a0
[  283.964777][ T8404]  ? __sys_sendmsg+0x280/0x280
[  283.964809][ T8404]  ? proc_fail_nth_write+0x17e/0x210
[  283.964829][ T8404]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  283.964856][ T8404]  __x64_sys_sendmsg+0x1eb/0x2c0
[  283.964879][ T8404]  ? fput+0x1a5/0x240
[  283.964914][ T8404]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  283.964936][ T8404]  ? ksys_write+0x1ef/0x250
[  283.964967][ T8404]  ? __kasan_check_read+0x15/0x20
[  283.964996][ T8404]  x64_sys_call+0x2a4c/0x2ee0
[  283.965029][ T8404]  do_syscall_64+0x58/0xf0
[  283.965061][ T8404]  ? clear_bhb_loop+0x35/0x90
[  283.965099][ T8404]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  283.965134][ T8404] RIP: 0033:0x7f17c658e929
[  283.965156][ T8404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.965177][ T8404] RSP: 002b:00007f17c63eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  283.965200][ T8404] RAX: ffffffffffffffda RBX: 00007f17c67b5fa0 RCX: 00007f17c658e929
[  283.965216][ T8404] RDX: 0000000000004008 RSI: 0000200000000040 RDI: 0000000000000003
[  283.965230][ T8404] RBP: 00007f17c63eb090 R08: 0000000000000000 R09: 0000000000000000
[  283.965243][ T8404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.965255][ T8404] R13: 0000000000000000 R14: 00007f17c67b5fa0 R15: 00007ffeb601b0b8
[  283.965272][ T8404]  </TASK>
[  284.824304][   T36] audit: type=1400 audit(1750460205.139:1271): avc:  denied  { compute_member } for  pid=8428 comm="syz.1.3083" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  284.861836][ T8431] binder: Bad value for 'stats'
[  285.278031][   T64] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  285.460887][   T64] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  285.480052][ T8415] overlayfs: statfs failed on './file0'
[  285.481161][   T64] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  285.519840][   T64] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  285.545304][   T64] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  285.560147][   T64] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  285.571770][   T64] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  285.586913][   T64] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  285.597926][   T64] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  285.612339][   T64] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  285.623260][   T64] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  285.638551][   T64] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  285.649156][   T64] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=80
[  285.665711][   T64] usb 2-1: SerialNumber: syz
[  285.769823][  T305] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[  285.862348][ T8446] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  285.872926][ T8446] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  285.894153][  T455] usb 2-1: USB disconnect, device number 33
[  285.942221][  T305] usb 3-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  285.954804][  T305] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  285.972444][  T305] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  285.994418][  T305] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  286.009072][  T305] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.023938][ T8435] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  286.495255][ T8452] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  286.616930][ T8458] rust_binder: Write failure EFAULT in pid:1351
[  286.870967][   T64] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  286.909166][ T8470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  286.909953][ T8470] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1365
[  286.963940][ T8476] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  286.985244][ T8476] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  287.042003][   T64] usb 2-1: Using ep0 maxpacket: 16
[  287.054253][   T64] usb 2-1: unable to get BOS descriptor or descriptor too short
[  287.074551][   T64] usb 2-1: config 1 has an invalid interface descriptor of length 4, skipping
[  287.083922][   T64] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  287.096492][   T64] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  287.107956][   T64] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  287.130066][   T64] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  287.144407][   T64] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.154062][   T64] usb 2-1: Product: syz
[  287.159217][   T64] usb 2-1: Manufacturer: syz
[  287.165027][   T64] usb 2-1: SerialNumber: syz
[  287.393772][ T8457] kvm: pic: non byte write
[  287.415303][   T64] usb 2-1: 0:2 : does not exist
[  287.426909][   T64] usb 2-1: USB disconnect, device number 34
[  287.555606][ T8480] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  287.608997][ T5747] udevd[5747]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  288.526755][ T8496] netlink: 260 bytes leftover after parsing attributes in process `syz.5.3109'.
[  288.923552][ T8501] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1385
[  289.030721][ T8508] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  289.051690][ T8508] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  289.068044][ T8508] kvm: pic: non byte write
[  289.484960][ T8515] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3116'.
[  289.490188][  T305] aiptek 3-1:17.0: Aiptek using 400 ms programming speed
[  289.512763][  T305] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input54
[  289.533190][ T8517] cgroup: Bad value for 'name'
[  289.533768][  T305] usb 3-1: USB disconnect, device number 75
[  289.583305][ T8519] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3118'.
[  289.912403][   T36] audit: type=1400 audit(1750460209.900:1272): avc:  denied  { mounton } for  pid=8527 comm="syz.5.3120" path="/file0" dev="ramfs" ino=74416 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  289.937667][   T36] audit: type=1326 audit(1750460209.900:1273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8527 comm="syz.5.3120" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x0
[  290.050667][ T8531] rust_binder: Write failure EFAULT in pid:309
[  290.050838][ T8532] rust_binder: Write failure EFAULT in pid:309
[  290.186520][ T8538] No source specified
[  290.452287][  T594] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[  290.497725][ T8540] @: renamed from vlan0 (while UP)
[  290.632009][  T594] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  290.644306][  T594] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  290.658590][  T594] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  290.671555][  T594] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.686905][  T594] usb 3-1: config 0 descriptor??
[  290.813061][   T36] audit: type=1326 audit(1750460210.742:1274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8548 comm="syz.1.3128" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd41eb8e929 code=0x0
[  290.891890][ T8547] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.900805][ T8547] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.909911][ T8547] bridge_slave_0: entered allmulticast mode
[  290.918970][ T8547] bridge_slave_0: entered promiscuous mode
[  290.929627][ T8547] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.940088][ T8547] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.949826][ T8547] bridge_slave_1: entered allmulticast mode
[  290.957225][ T8547] bridge_slave_1: entered promiscuous mode
[  290.972881][   T46] bridge_slave_1: left allmulticast mode
[  290.987102][   T46] bridge_slave_1: left promiscuous mode
[  290.993990][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.009049][   T46] bridge_slave_0: left allmulticast mode
[  291.016441][   T46] bridge_slave_0: left promiscuous mode
[  291.040630][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.194996][   T46] veth1_macvtap: left promiscuous mode
[  291.211876][   T46] veth0_vlan: left promiscuous mode
[  291.344526][ T8547] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.352115][ T8547] bridge0: port 2(bridge_slave_1) entered forwarding state
[  291.359655][ T8547] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.368691][ T8547] bridge0: port 1(bridge_slave_0) entered forwarding state
[  291.408022][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.415888][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.426616][  T207] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.434149][  T207] bridge0: port 1(bridge_slave_0) entered forwarding state
[  291.444451][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.451823][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  291.468884][ T8558] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1403
[  291.469500][ T8559] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  291.511122][ T8547] veth0_vlan: entered promiscuous mode
[  291.536307][ T8564] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  291.539570][ T8547] veth1_macvtap: entered promiscuous mode
[  291.546907][ T8564] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  291.833876][   T36] audit: type=1326 audit(1750460211.696:1275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8571 comm="syz.1.3135" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd41eb8e929 code=0x0
[  291.897831][ T8574] SELinux:  policydb string length 14080 does not match expected length 8
[  291.909831][ T8574] SELinux: failed to load policy
[  292.048899][ T8595] rust_binder: Write failure EINVAL in pid:17
[  292.088341][ T8601] SELinux:  policydb string length 14080 does not match expected length 8
[  292.105325][ T8601] SELinux: failed to load policy
[  292.298035][   T36] audit: type=1400 audit(1750460212.127:1276): avc:  denied  { map } for  pid=8622 comm="syz.6.3155" path="socket:[76949]" dev="sockfs" ino=76949 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  292.344876][   T36] audit: type=1400 audit(1750460212.127:1277): avc:  denied  { accept } for  pid=8622 comm="syz.6.3155" path="socket:[76949]" dev="sockfs" ino=76949 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  292.558535][  T455] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  292.741227][  T455] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  292.752488][  T455] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  292.763151][  T455] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  292.775134][  T455] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  292.784418][  T455] usb 7-1: SerialNumber: syz
[  293.021736][  T455] usb 7-1: 0:2 : does not exist
[  293.027979][ T8635] SELinux:  policydb string length 14080 does not match expected length 8
[  293.037497][ T8635] SELinux: failed to load policy
[  293.043307][  T455] usb 7-1: USB disconnect, device number 2
[  293.065909][ T8637] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  293.078674][ T8637] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.625252][  T594] uclogic 0003:256C:006D.0018: failed retrieving Huion firmware version: -71
[  293.654071][  T594] uclogic 0003:256C:006D.0018: failed probing parameters: -71
[  293.669418][  T594] uclogic 0003:256C:006D.0018: probe with driver uclogic failed with error -71
[  293.682337][  T594] usb 3-1: USB disconnect, device number 76
[  293.721828][ T8645] rust_binder: Error while translating object.
[  293.721877][ T8645] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  293.730765][ T8645] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1428
[  293.803906][ T8646] fuse: Unknown parameter '�00000000000000000000007'
[  293.827487][ T8658] overlayfs: failed to resolve './file1': -2
[  294.129945][    T9] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  294.151280][  T594] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[  294.268918][    T9] usb 2-1: device descriptor read/64, error -71
[  294.311601][  T594] usb 3-1: Using ep0 maxpacket: 16
[  294.321381][  T594] usb 3-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice=30.bb
[  294.332180][  T594] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.341279][  T594] usb 3-1: Product: syz
[  294.346553][  T594] usb 3-1: Manufacturer: syz
[  294.351299][  T594] usb 3-1: SerialNumber: syz
[  294.525463][    T9] usb 2-1: device descriptor read/64, error -71
[  294.575063][ T8646] overlayfs: missing 'lowerdir'
[  294.687679][   T36] audit: type=1326 audit(1750460214.372:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8667 comm="syz.5.3173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  294.720924][   T36] audit: type=1326 audit(1750460214.372:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8667 comm="syz.5.3173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  294.759772][   T36] audit: type=1326 audit(1750460214.400:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8667 comm="syz.5.3173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  294.791846][    T9] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  294.793022][   T36] audit: type=1326 audit(1750460214.400:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8667 comm="syz.5.3173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  294.943316][    T9] usb 2-1: device descriptor read/64, error -71
[  295.028461][ T8681] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3177'.
[  295.040431][ T8681] rust_binder: Write failure EINVAL in pid:52
[  295.209343][    T9] usb 2-1: device descriptor read/64, error -71
[  295.349549][    T9] usb usb2-port1: attempt power cycle
[  295.530058][  T339] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  295.700926][  T339] usb 7-1: Using ep0 maxpacket: 16
[  295.708399][  T339] usb 7-1: unable to get BOS descriptor or descriptor too short
[  295.717319][    T9] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  295.726895][  T339] usb 7-1: config 1 has an invalid interface descriptor of length 4, skipping
[  295.736680][  T339] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  295.748643][  T339] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  295.759780][  T339] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  295.776006][    T9] usb 2-1: device descriptor read/8, error -71
[  295.783795][  T339] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  295.794839][  T339] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.803246][  T339] usb 7-1: Product: syz
[  295.807861][  T339] usb 7-1: Manufacturer: syz
[  295.812778][  T339] usb 7-1: SerialNumber: syz
[  295.915721][    T9] usb 2-1: device descriptor read/8, error -71
[  296.045734][ T8691] kvm: pic: non byte write
[  296.055068][  T339] usb 7-1: 0:2 : does not exist
[  296.067594][  T339] usb 7-1: USB disconnect, device number 3
[  296.171095][    T9] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  296.206351][    T9] usb 2-1: device descriptor read/8, error -71
[  296.246607][ T5747] udevd[5747]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  296.354156][    T9] usb 2-1: device descriptor read/8, error -71
[  296.371980][   T36] kauditd_printk_skb: 1 callbacks suppressed
[  296.372002][   T36] audit: type=1326 audit(1750460215.944:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8703 comm="syz.5.3185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  296.409065][   T36] audit: type=1326 audit(1750460215.944:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8703 comm="syz.5.3185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  296.437345][   T36] audit: type=1326 audit(1750460215.981:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8703 comm="syz.5.3185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  296.437815][ T8706] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  296.466647][   T36] audit: type=1326 audit(1750460215.981:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8703 comm="syz.5.3185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  296.476607][    T9] usb usb2-port1: unable to enumerate USB device
[  296.504380][   T36] audit: type=1326 audit(1750460215.981:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8703 comm="syz.5.3185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  296.512651][ T8706] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  296.541122][   T36] audit: type=1326 audit(1750460215.981:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8703 comm="syz.5.3185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  296.581985][   T36] audit: type=1326 audit(1750460215.981:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8703 comm="syz.5.3185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  296.611001][   T36] audit: type=1326 audit(1750460215.981:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8703 comm="syz.5.3185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  296.640786][   T36] audit: type=1326 audit(1750460215.981:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8703 comm="syz.5.3185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b3d8e929 code=0x7ffc0000
[  296.672937][   T36] audit: type=1326 audit(1750460215.981:1292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8703 comm="syz.5.3185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc9b3d8d290 code=0x7ffc0000
[  296.855272][ T8710] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:67
[  296.924706][  T594] snd-usb-audio 3-1:222.0: probe with driver snd-usb-audio failed with error -71
[  296.951208][  T594] usb 3-1: USB disconnect, device number 77
[  296.958572][ T8712] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  297.157254][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:222.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  297.218230][ T8732] SELinux:  policydb string length 14080 does not match expected length 8
[  297.229367][ T8732] SELinux: failed to load policy
[  297.230080][ T8730] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  297.329487][ T8744] serio: Serial port ttynull
[  297.435783][ T8750] tipc: Started in network mode
[  297.441857][ T8750] tipc: Node identity ac14141d, cluster identity 4711
[  297.450721][ T8750] tipc: New replicast peer: 255.255.255.255
[  297.458202][ T8750] tipc: Enabled bearer <udp:syz1>, priority 10
[  297.549359][   T45] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  297.564442][ T8759] @: renamed from vlan0 (while UP)
[  297.590123][ T8761] SELinux:  policydb string length 14080 does not match expected length 8
[  297.600474][ T8761] SELinux: failed to load policy
[  297.607047][  T594] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  297.698958][   T45] usb 2-1: device descriptor read/64, error -71
[  297.718160][ T8776] rust_binder: Error while translating object.
[  297.718196][ T8776] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  297.725605][ T8776] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:1468
[  297.742986][ T8775] binder: Bad value for 'defcontext'
[  297.757646][ T8778] FAULT_INJECTION: forcing a failure.
[  297.757646][ T8778] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  297.777284][ T8778] CPU: 1 UID: 0 PID: 8778 Comm: syz.2.3212 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  297.777324][ T8778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  297.777340][ T8778] Call Trace:
[  297.777347][ T8778]  <TASK>
[  297.777357][ T8778]  __dump_stack+0x21/0x30
[  297.777389][ T8778]  dump_stack_lvl+0x10c/0x190
[  297.777414][ T8778]  ? __cfi_dump_stack_lvl+0x10/0x10
[  297.777442][ T8778]  dump_stack+0x19/0x20
[  297.777466][ T8778]  should_fail_ex+0x3d9/0x530
[  297.777490][ T8778]  should_fail+0xf/0x20
[  297.777512][ T8778]  should_fail_usercopy+0x1e/0x30
[  297.777537][ T8778]  _copy_to_user+0x24/0xa0
[  297.777568][ T8778]  simple_read_from_buffer+0xed/0x160
[  297.777603][ T8778]  proc_fail_nth_read+0x19e/0x210
[  297.777625][ T8778]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  297.777647][ T8778]  ? bpf_lsm_file_permission+0xd/0x20
[  297.777671][ T8778]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  297.777693][ T8778]  vfs_read+0x278/0xb60
[  297.777719][ T8778]  ? __cfi_vfs_read+0x10/0x10
[  297.777744][ T8778]  ? __kasan_check_write+0x18/0x20
[  297.777769][ T8778]  ? mutex_lock+0x92/0x1c0
[  297.777789][ T8778]  ? __cfi_mutex_lock+0x10/0x10
[  297.777817][ T8778]  ? __fget_files+0x2c5/0x340
[  297.777848][ T8778]  ksys_read+0x141/0x250
[  297.777873][ T8778]  ? __cfi_ksys_read+0x10/0x10
[  297.777899][ T8778]  ? __kasan_check_read+0x15/0x20
[  297.777923][ T8778]  __x64_sys_read+0x7f/0x90
[  297.777949][ T8778]  x64_sys_call+0x2638/0x2ee0
[  297.777977][ T8778]  do_syscall_64+0x58/0xf0
[  297.778005][ T8778]  ? clear_bhb_loop+0x35/0x90
[  297.778039][ T8778]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  297.778070][ T8778] RIP: 0033:0x7f17c658d33c
[  297.778088][ T8778] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  297.778108][ T8778] RSP: 002b:00007f17c63eb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  297.778132][ T8778] RAX: ffffffffffffffda RBX: 00007f17c67b5fa0 RCX: 00007f17c658d33c
[  297.778148][ T8778] RDX: 000000000000000f RSI: 00007f17c63eb0a0 RDI: 0000000000000004
[  297.778162][ T8778] RBP: 00007f17c63eb090 R08: 0000000000000000 R09: 0000000000000000
[  297.778176][ T8778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.778190][ T8778] R13: 0000000000000000 R14: 00007f17c67b5fa0 R15: 00007ffeb601b0b8
[  297.778208][ T8778]  </TASK>
[  298.082541][  T594] usb 7-1: unable to get BOS descriptor or descriptor too short
[  298.092846][  T594] usb 7-1: not running at top speed; connect to a high speed hub
[  298.103194][  T594] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 147, changing to 4
[  298.121733][  T594] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  298.134004][ T8784] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:359
[  298.134312][  T594] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.156690][  T594] usb 7-1: Product: syz
[  298.161101][  T594] usb 7-1: Manufacturer: syz
[  298.168202][  T594] usb 7-1: SerialNumber: syz
[  298.233195][   T45] usb 2-1: device descriptor read/64, error -71
[  298.390807][ T8746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  298.399914][ T8746] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  298.412131][  T594] usb 7-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  298.419581][  T594] usb 7-1: unit 244 not found!
[  298.428874][  T594] usb 7-1: 5:0: cannot get min/max values for control 2 (id 5)
[  298.440353][  T594] usb 7-1: 5:0: cannot get min/max values for control 3 (id 5)
[  298.454082][  T594] usb 7-1: USB disconnect, device number 4
[  298.489620][   T45] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  298.521669][  T305] tipc: Node number set to 2886997021
[  298.639323][   T45] usb 2-1: device descriptor read/64, error -71
[  298.646345][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  298.834979][ T8793] SELinux:  policydb string length 14080 does not match expected length 8
[  298.844334][ T8793] SELinux: failed to load policy
[  298.882668][ T8797] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  298.895795][   T45] usb 2-1: device descriptor read/64, error -71
[  298.964151][ T8806] rust_binder: Error while translating object.
[  298.964182][ T8806] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  298.973482][ T8806] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1492
[  299.024511][   T45] usb usb2-port1: attempt power cycle
[  299.045420][ T8811] SELinux:  policydb string length 14080 does not match expected length 8
[  299.055037][ T8811] SELinux: failed to load policy
[  299.068437][ T8814] input: syz0 as /devices/virtual/input/input63
[  299.150159][ T8822] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3230'.
[  299.164511][ T8822] binder: Unknown parameter '000000000000000000000100000000000000000000001000000000000000000000010u瀹:穾jG奈1攡磘椤t匹颇]�<rZ葊\LI7j�5>&U�t稚���6巓鮒mK濄'
[  299.191225][ T8824] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3230'.
[  299.246533][ T8832] rust_binder: Write failure EINVAL in pid:1502
[  299.269035][ T8835] FAULT_INJECTION: forcing a failure.
[  299.269035][ T8835] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.291026][ T8835] CPU: 1 UID: 0 PID: 8835 Comm: syz.5.3234 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  299.291063][ T8835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  299.291079][ T8835] Call Trace:
[  299.291087][ T8835]  <TASK>
[  299.291097][ T8835]  __dump_stack+0x21/0x30
[  299.291127][ T8835]  dump_stack_lvl+0x10c/0x190
[  299.291152][ T8835]  ? __cfi_dump_stack_lvl+0x10/0x10
[  299.291180][ T8835]  dump_stack+0x19/0x20
[  299.291204][ T8835]  should_fail_ex+0x3d9/0x530
[  299.291228][ T8835]  should_fail+0xf/0x20
[  299.291249][ T8835]  should_fail_usercopy+0x1e/0x30
[  299.291274][ T8835]  _copy_to_user+0x24/0xa0
[  299.291307][ T8835]  simple_read_from_buffer+0xed/0x160
[  299.291341][ T8835]  proc_fail_nth_read+0x19e/0x210
[  299.291363][ T8835]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  299.291384][ T8835]  ? bpf_lsm_file_permission+0xd/0x20
[  299.291408][ T8835]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  299.291430][ T8835]  vfs_read+0x278/0xb60
[  299.291457][ T8835]  ? __cfi_vfs_read+0x10/0x10
[  299.291481][ T8835]  ? __kasan_check_write+0x18/0x20
[  299.291506][ T8835]  ? mutex_lock+0x92/0x1c0
[  299.291525][ T8835]  ? __cfi_mutex_lock+0x10/0x10
[  299.291545][ T8835]  ? __fget_files+0x2c5/0x340
[  299.291577][ T8835]  ksys_read+0x141/0x250
[  299.291659][ T8835]  ? __cfi_ksys_read+0x10/0x10
[  299.291684][ T8835]  ? __kasan_check_write+0x18/0x20
[  299.291708][ T8835]  ? __kasan_check_read+0x15/0x20
[  299.291733][ T8835]  __x64_sys_read+0x7f/0x90
[  299.291761][ T8835]  x64_sys_call+0x2638/0x2ee0
[  299.291790][ T8835]  do_syscall_64+0x58/0xf0
[  299.291819][ T8835]  ? clear_bhb_loop+0x35/0x90
[  299.291851][ T8835]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  299.291883][ T8835] RIP: 0033:0x7fc9b3d8d33c
[  299.291902][ T8835] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  299.291922][ T8835] RSP: 002b:00007fc9b4b53030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  299.291948][ T8835] RAX: ffffffffffffffda RBX: 00007fc9b3fb5fa0 RCX: 00007fc9b3d8d33c
[  299.291966][ T8835] RDX: 000000000000000f RSI: 00007fc9b4b530a0 RDI: 0000000000000005
[  299.291982][ T8835] RBP: 00007fc9b4b53090 R08: 0000000000000000 R09: 0000000000000000
[  299.291995][ T8835] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.292009][ T8835] R13: 0000000000000000 R14: 00007fc9b3fb5fa0 R15: 00007ffffac1c248
[  299.292026][ T8835]  </TASK>
[  299.594859][ T8842] SELinux:  policydb string length 14080 does not match expected length 8
[  299.604825][ T8842] SELinux: failed to load policy
[  299.643599][   T45] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  299.666115][   T45] usb 2-1: device descriptor read/8, error -71
[  299.805389][   T45] usb 2-1: device descriptor read/8, error -71
[  299.900223][ T8860] input: syz0 as /devices/virtual/input/input67
[  299.936910][ T8864] SELinux:  policydb string length 14080 does not match expected length 8
[  299.948482][ T8864] SELinux: failed to load policy
[  300.071094][   T45] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  300.101884][   T45] usb 2-1: device descriptor read/8, error -71
[  300.177817][  T773] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[  300.192859][ T8880] netlink: 268 bytes leftover after parsing attributes in process `syz.5.3252'.
[  300.234640][ T8884] SELinux:  policydb string length 14080 does not match expected length 8
[  300.245310][ T8884] SELinux: failed to load policy
[  300.251808][ T8886] rust_binder: Write failure EINVAL in pid:1532
[  300.253051][ T8887] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  300.253746][   T45] usb 2-1: device descriptor read/8, error -71
[  300.274811][ T8888] rust_binder: Write failure EINVAL in pid:1532
[  300.370195][  T773] usb 3-1: Using ep0 maxpacket: 16
[  300.385161][  T773] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[  300.398506][  T773] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  300.402430][   T45] usb usb2-port1: unable to enumerate USB device
[  300.410827][  T773] usb 3-1: config 0 has no interface number 0
[  300.425610][  T773] usb 3-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  300.435676][  T773] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.445047][  T773] usb 3-1: Product: syz
[  300.449830][  T773] usb 3-1: Manufacturer: syz
[  300.460294][  T773] usb 3-1: SerialNumber: syz
[  300.468614][  T773] usb 3-1: config 0 descriptor??
[  300.475783][  T773] usb 3-1: Found UVC 0.00 device syz (046d:08f3)
[  300.484444][  T773] usb 3-1: No valid video chain found.
[  300.557046][ T8906] binder: Unknown parameter '/selinux/policy'
[  300.579656][ T8910] SELinux:  policydb string length 14080 does not match expected length 8
[  300.589047][ T8910] SELinux: failed to load policy
[  300.618374][ T8912] rust_binder: validate_parent_fixup: fixup_min_offset=29, parent_offset=27
[  300.618406][ T8912] rust_binder: Error while translating object.
[  300.629435][ T8912] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  300.636107][ T8912] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:795
[  300.751186][ T8916] tmpfs: Invalid gid '0x00000000ffffffff'
[  300.771291][ T8916] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  300.799044][  T773] usb 3-1: USB disconnect, device number 78
[  301.021713][ T8932] SELinux:  policydb string length 14080 does not match expected length 8
[  301.030824][ T8932] SELinux: failed to load policy
[  301.129297][  T339] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  301.247720][ T8938] rust_binder: Write failure EFAULT in pid:814
[  301.268210][  T339] usb 7-1: device descriptor read/64, error -71
[  301.333313][ T8947] 9pnet_fd: Insufficient options for proto=fd
[  301.546197][  T339] usb 7-1: device descriptor read/64, error -71
[  301.570074][ T8953] SELinux:  policydb string length 14080 does not match expected length 8
[  301.581930][ T8953] SELinux: failed to load policy
[  301.627861][ T8949] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.642399][ T8949] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.662350][ T8949] bridge_slave_0: entered allmulticast mode
[  301.675001][ T8949] bridge_slave_0: entered promiscuous mode
[  301.682357][ T8949] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.690442][ T8949] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.702154][ T8949] bridge_slave_1: entered allmulticast mode
[  301.710287][ T8949] bridge_slave_1: entered promiscuous mode
[  301.788715][ T8949] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.796224][ T8949] bridge0: port 2(bridge_slave_1) entered forwarding state
[  301.804174][ T8949] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.811323][ T8949] bridge0: port 1(bridge_slave_0) entered forwarding state
[  301.824174][  T339] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  301.834488][  T773] usb 6-1: USB disconnect, device number 53
[  301.849954][  T207] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.866286][  T207] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.886898][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.894552][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  301.921288][ T8964] rust_binder: Error while translating object.
[  301.921384][ T8964] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  301.928575][ T8964] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:397
[  301.940745][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.960124][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  301.972316][ T8968] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=27667 sclass=netlink_xfrm_socket pid=8968 comm=syz.2.3288
[  301.994222][ T8949] veth0_vlan: entered promiscuous mode
[  301.995246][  T339] usb 7-1: device descriptor read/64, error -71
[  302.012573][ T8949] veth1_macvtap: entered promiscuous mode
[  302.097257][ T8977] SELinux:  policydb string length 14080 does not match expected length 8
[  302.112580][ T8977] SELinux: failed to load policy
[  302.151159][ T8985] fuse: Unknown parameter '鸁*�0x0000000000000005'
[  302.184615][   T36] kauditd_printk_skb: 28 callbacks suppressed
[  302.184634][   T36] audit: type=1326 audit(1750460221.381:1321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8990 comm="syz.5.3297" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8721f8e929 code=0x0
[  302.228138][ T8993] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  302.283834][  T339] usb 7-1: device descriptor read/64, error -71
[  302.328862][ T9001] hub 6-0:1.0: USB hub found
[  302.335266][ T9001] hub 6-0:1.0: 1 port detected
[  302.358210][ T9004] rust_binder: Write failure EFAULT in pid:836
[  302.399562][ T9011] SELinux:  policydb string length 14080 does not match expected length 8
[  302.412378][  T339] usb usb7-port1: attempt power cycle
[  302.764902][  T305] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[  302.797226][  T339] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  302.820058][  T339] usb 7-1: device descriptor read/8, error -71
[  302.827373][ T9028] 9pnet_virtio: no channels available for device syz
[  302.928566][  T305] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  302.938303][  T305] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.948632][  T305] usb 3-1: Product: syz
[  302.954508][  T305] usb 3-1: Manufacturer: syz
[  302.961001][  T305] usb 3-1: SerialNumber: syz
[  302.972086][  T339] usb 7-1: device descriptor read/8, error -71
[  303.085768][   T45] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  303.129701][ T9030] FAULT_INJECTION: forcing a failure.
[  303.129701][ T9030] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.147418][ T9030] CPU: 0 UID: 0 PID: 9030 Comm: syz.5.3311 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  303.147485][ T9030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  303.147500][ T9030] Call Trace:
[  303.147507][ T9030]  <TASK>
[  303.147517][ T9030]  __dump_stack+0x21/0x30
[  303.147549][ T9030]  dump_stack_lvl+0x10c/0x190
[  303.147572][ T9030]  ? __cfi_dump_stack_lvl+0x10/0x10
[  303.147596][ T9030]  ? exc_page_fault+0x66/0xc0
[  303.147620][ T9030]  dump_stack+0x19/0x20
[  303.147642][ T9030]  should_fail_ex+0x3d9/0x530
[  303.147663][ T9030]  should_fail+0xf/0x20
[  303.147681][ T9030]  should_fail_usercopy+0x1e/0x30
[  303.147705][ T9030]  _copy_from_iter+0x1a3/0x14b0
[  303.147736][ T9030]  ? __cfi__copy_from_iter+0x10/0x10
[  303.147764][ T9030]  ? __cfi__copy_from_iter+0x10/0x10
[  303.147793][ T9030]  copy_page_from_iter+0x1e5/0x2b0
[  303.147823][ T9030]  skb_copy_datagram_from_iter+0x30c/0x700
[  303.147860][ T9030]  tun_get_user+0x1616/0x3450
[  303.147887][ T9030]  ? _parse_integer_limit+0x195/0x1e0
[  303.147910][ T9030]  ? ptr_ring_consume+0x430/0x430
[  303.147932][ T9030]  ? _parse_integer+0x2e/0x40
[  303.148100][ T9030]  ? kstrtoull+0x13b/0x1e0
[  303.148134][ T9030]  ? __kasan_check_write+0x18/0x20
[  303.148165][ T9030]  ? ref_tracker_alloc+0x308/0x540
[  303.148443][ T9030]  ? __x64_sys_openat+0x13a/0x170
[  303.148468][ T9030]  ? __cfi_ref_tracker_alloc+0x10/0x10
[  303.148487][ T9030]  ? selinux_file_permission+0x309/0xb30
[  303.148512][ T9030]  ? __kasan_check_write+0x18/0x20
[  303.148532][ T9030]  tun_chr_write_iter+0x1fc/0x310
[  303.148553][ T9030]  vfs_write+0x694/0xe80
[  303.148582][ T9030]  ? __cfi_tun_chr_write_iter+0x10/0x10
[  303.148608][ T9030]  ? __cfi_vfs_write+0x10/0x10
[  303.148630][ T9030]  ksys_write+0x141/0x250
[  303.148649][ T9030]  ? __cfi_ksys_write+0x10/0x10
[  303.148668][ T9030]  ? __kasan_check_read+0x15/0x20
[  303.148686][ T9030]  __x64_sys_write+0x7f/0x90
[  303.148704][ T9030]  x64_sys_call+0x271c/0x2ee0
[  303.148738][ T9030]  do_syscall_64+0x58/0xf0
[  303.148767][ T9030]  ? clear_bhb_loop+0x35/0x90
[  303.148792][ T9030]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  303.148815][ T9030] RIP: 0033:0x7f8721f8e929
[  303.148830][ T9030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.148844][ T9030] RSP: 002b:00007f8722d78038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  303.148869][ T9030] RAX: ffffffffffffffda RBX: 00007f87221b5fa0 RCX: 00007f8721f8e929
[  303.148887][ T9030] RDX: 000000000000ffdd RSI: 0000200000000a00 RDI: 0000000000000003
[  303.148902][ T9030] RBP: 00007f8722d78090 R08: 0000000000000000 R09: 0000000000000000
[  303.149065][ T9030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  303.149082][ T9030] R13: 0000000000000000 R14: 00007f87221b5fa0 R15: 00007ffcfaf879f8
[  303.149102][ T9030]  </TASK>
[  303.386609][   T45] usb 2-1: config 1 has an invalid interface number: 229 but max is 1
[  303.459798][  T339] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  303.469433][   T45] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  303.504253][  T339] usb 7-1: device descriptor read/8, error -71
[  303.510601][   T45] usb 2-1: config 1 has no interface number 0
[  303.523935][   T45] usb 2-1: too many endpoints for config 1 interface 229 altsetting 255: 255, using maximum allowed: 30
[  303.538161][   T45] usb 2-1: config 1 interface 229 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  303.553022][   T45] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  303.567717][   T45] usb 2-1: config 1 interface 229 has no altsetting 0
[  303.574764][   T45] usb 2-1: config 1 interface 1 has no altsetting 0
[  303.584388][   T45] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  303.594293][   T45] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.604059][   T45] usb 2-1: Product: syz
[  303.608924][   T45] usb 2-1: Manufacturer: syz
[  303.616744][   T45] usb 2-1: SerialNumber: syz
[  303.664601][  T339] usb 7-1: device descriptor read/8, error -71
[  303.671779][ T9038] SELinux:  policydb string length 14080 does not match expected length 8
[  303.682078][ T9038] sel_write_load: 1 callbacks suppressed
[  303.682099][ T9038] SELinux: failed to load policy
[  303.714611][ T9040] SELinux: security_context_str_to_sid (uoconfined_u) failed with errno=-22
[  303.780626][  T339] usb usb7-port1: unable to enumerate USB device
[  303.887775][ T9045] rust_binder: Write failure EFAULT in pid:27
[  303.900170][ T9047] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:853
[  304.079105][ T9057] rust_binder: Failed to allocate buffer. len:128, is_oneway:true
[  304.113880][ T9059] SELinux:  policydb string length 14080 does not match expected length 8
[  304.135250][ T9059] SELinux: failed to load policy
[  304.217623][  T305] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  304.241264][  T305] cdc_ncm 3-1:1.0: setting rx_max = 16384
[  304.390336][ T9075] can0: slcan on ptm0.
[  304.443684][  T305] cdc_ncm 3-1:1.0: setting tx_max = 16384
[  304.456594][ T9072] can0 (unregistered): slcan off ptm0.
[  304.594408][ T9074] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  304.616013][ T9074] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  304.638870][ T9092] SELinux:  policydb string length 14080 does not match expected length 8
[  304.656373][ T9092] SELinux: failed to load policy
[  304.677651][ T9097] binder: Bad value for 'max'
[  304.724709][ T9102] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  304.732911][ T9102] rust_binder: Failed to allocate buffer. len:64, is_oneway:false
[  305.179209][ T9132] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[  305.196013][ T9132] rust_binder: Write failure EINVAL in pid:138
[  305.378514][   T36] audit: type=1326 audit(1750460224.365:1322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9133 comm="syz.6.3340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f060dd8e929 code=0x7fc00000
[  305.693272][ T9144] SELinux:  policydb string length 14080 does not match expected length 8
[  305.702819][ T9144] SELinux: failed to load policy
[  305.739803][ T9146] rust_binder: Error while translating object.
[  305.739829][ T9146] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  305.746773][ T9146] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:61
[  305.770131][  T305] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  305.799726][  T305] usb 3-1: USB disconnect, device number 79
[  305.812190][  T339] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  305.823016][  T305] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  305.909662][ T9149] fuse: Unknown parameter ''
[  305.982783][  T339] usb 7-1: device descriptor read/64, error -71
[  306.127693][   T45] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71
[  306.138902][ T9178] SELinux:  policydb string length 14080 does not match expected length 8
[  306.162743][ T9178] SELinux: failed to load policy
[  306.172308][   T45] usb 2-1: USB disconnect, device number 43
[  306.178995][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.179027][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.196604][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.196634][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.231278][ T9193] overlayfs: conflicting options: nfs_export=on,index=off
[  306.235990][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.243718][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.251638][  T339] usb 7-1: device descriptor read/64, error -71
[  306.261405][ T9187] rust_binder: Error in use_page_slow: ESRCH
[  306.268594][ T9187] rust_binder: use_range failure ESRCH
[  306.275490][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.283432][ T9187] rust_binder: Failed to allocate buffer. len:168, is_oneway:false
[  306.290345][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.300453][ T9187] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  306.307571][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.328509][ T9187] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:856
[  306.338323][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.350441][ T9187] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  306.359316][ T9187] rust_binder: Read failure Err(EFAULT) in pid:856
[  306.374602][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.382825][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.392471][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.399833][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.407354][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.414693][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.424250][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.431115][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.438625][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.450433][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.457254][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.467868][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.475599][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.483318][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.492275][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.500664][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.509644][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.517107][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.524712][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.532663][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.541127][  T339] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  306.558713][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.558844][ T9185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.699252][  T339] usb 7-1: device descriptor read/64, error -71
[  306.891541][  T773] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  306.966482][  T339] usb 7-1: device descriptor read/64, error -71
[  307.053551][  T773] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  307.074210][  T773] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  307.086158][  T339] usb usb7-port1: attempt power cycle
[  307.093228][  T773] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  307.103317][  T773] usb 2-1: SerialNumber: syz
[  307.415339][    T9] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[  307.453794][ T9216] SELinux:  policydb version -845211227 does not match my version range 15-33
[  307.464151][ T9216] SELinux: failed to load policy
[  307.470350][  T339] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  307.502000][  T339] usb 7-1: device descriptor read/8, error -71
[  307.525646][ T9220] SELinux:  policydb string length 14080 does not match expected length 8
[  307.537455][ T9220] SELinux: failed to load policy
[  307.578939][ T9222] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  307.591116][    T9] usb 6-1: Using ep0 maxpacket: 32
[  307.601438][    T9] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[  307.617457][    T9] usb 6-1: config 0 has no interface number 0
[  307.627239][    T9] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  307.640383][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.649652][    T9] usb 6-1: Product: syz
[  307.654120][    T9] usb 6-1: Manufacturer: syz
[  307.659653][    T9] usb 6-1: SerialNumber: syz
[  307.667238][  T339] usb 7-1: device descriptor read/8, error -71
[  307.678043][    T9] usb 6-1: config 0 descriptor??
[  307.681459][ T9229] binder: Bad value for 'max'
[  307.685796][    T9] smsc95xx v2.0.0
[  307.760046][  T773] cdc_ether 2-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.1-1, CDC Ethernet Device, 42:42:42:42:42:42
[  307.916496][    T9] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  307.937800][  T339] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  307.957409][    T9] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  307.967353][    T9] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  307.972161][   T36] audit: type=1400 audit(1750460226.797:1323): avc:  denied  { attach_queue } for  pid=9247 comm="syz.5.3368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  307.981196][    T9] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71
[  308.034222][  T339] usb 7-1: device descriptor read/8, error -71
[  308.054981][    T9] usb 6-1: USB disconnect, device number 54
[  308.078358][ T9258] SELinux:  policydb string length 14080 does not match expected length 8
[  308.087329][ T9258] SELinux: failed to load policy
[  308.197139][  T339] usb 7-1: device descriptor read/8, error -71
[  308.313582][  T339] usb usb7-port1: unable to enumerate USB device
[  308.377778][   T64] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[  308.387019][    T9] usb 6-1: new full-speed USB device number 55 using dummy_hcd
[  308.548606][   T64] usb 3-1: Using ep0 maxpacket: 16
[  308.557631][    T9] usb 6-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  308.571112][   T64] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  308.584163][    T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  308.596187][   T64] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  308.607381][    T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  308.621516][   T64] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  308.638144][    T9] usb 6-1: too many endpoints for config 1 interface 1 altsetting 13: 48, using maximum allowed: 30
[  308.655432][   T64] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  308.671982][    T9] usb 6-1: config 1 interface 1 altsetting 13 has 0 endpoint descriptors, different from the interface descriptor's value: 48
[  308.698249][   T64] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.708740][   T64] usb 3-1: config 0 descriptor??
[  308.715895][    T9] usb 6-1: config 1 interface 1 has no altsetting 1
[  308.729498][    T9] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  308.740372][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.749838][    T9] usb 6-1: Product: syz
[  308.761080][    T9] usb 6-1: Manufacturer: syz
[  308.766310][    T9] usb 6-1: SerialNumber: syz
[  308.774977][ T9249] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  308.787046][    T9] cdc_ncm 6-1:1.0: skipping garbage
[  308.792622][    T9] usb 6-1: selecting invalid altsetting 1
[  309.006279][    T9] cdc_ncm 6-1:1.0: bind() failure
[  309.018260][    T9] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  309.040284][    T9] cdc_ncm 6-1:1.1: bind() failure
[  309.060629][    T9] usb 6-1: USB disconnect, device number 55
[  309.079806][ T9273] rust_binder: Error while translating object.
[  309.079871][ T9273] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  309.089199][ T9273] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:156
[  309.166536][ T9264] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  309.189594][ T9264] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  309.235081][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.242986][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.253289][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.263359][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.279482][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.288423][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.297903][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.305427][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.314417][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.323400][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.332585][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.341191][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.355660][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.363533][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.373621][   T64] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  309.391162][   T64] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0019/input/input80
[  309.406469][   T64] microsoft 0003:045E:07DA.0019: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  309.484655][ T9264] kvm: vcpu 512: requested lapic timer restore with starting count register 0x390=1531215282 (3062430564 ns) > initial count (1473793136 ns). Using initial count to start timer.
[  309.567539][ T9283] fuse: Bad value for 'group_id'
[  309.573968][ T9283] fuse: Bad value for 'group_id'
[  309.584152][   T64] usb 3-1: USB disconnect, device number 80
[  309.617070][ T9287] SELinux:  policydb string length 14080 does not match expected length 8
[  309.626354][ T9287] SELinux: failed to load policy
[  309.797004][   T64] usb 2-1: USB disconnect, device number 44
[  309.811371][   T64] cdc_ether 2-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.1-1, CDC Ethernet Device
[  309.898225][ T9313] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:865
[  309.916767][ T9317] SELinux: security_context_str_to_sid () failed with errno=-22
[  309.975056][ T9322] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3389'.
[  309.989962][ T9322] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:869
[  310.035565][ T9332] netlink: 324 bytes leftover after parsing attributes in process `syz.5.3392'.
[  310.152866][ T9351] usb usb8: usbfs: process 9351 (syz.2.3397) did not claim interface 0 before use
[  310.225664][ T9362] FAULT_INJECTION: forcing a failure.
[  310.225664][ T9362] name failslab, interval 1, probability 0, space 0, times 0
[  310.238931][ T9362] CPU: 1 UID: 0 PID: 9362 Comm: syz.5.3400 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  310.238967][ T9362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  310.238982][ T9362] Call Trace:
[  310.238989][ T9362]  <TASK>
[  310.238997][ T9362]  __dump_stack+0x21/0x30
[  310.239021][ T9362]  dump_stack_lvl+0x10c/0x190
[  310.239039][ T9362]  ? __cfi_dump_stack_lvl+0x10/0x10
[  310.239058][ T9362]  ? genl_family_rcv_msg_doit+0x294/0x330
[  310.239078][ T9362]  dump_stack+0x19/0x20
[  310.239095][ T9362]  should_fail_ex+0x3d9/0x530
[  310.239114][ T9362]  should_failslab+0xac/0x100
[  310.239135][ T9362]  kmem_cache_alloc_node_noprof+0x45/0x3b0
[  310.239155][ T9362]  ? __alloc_skb+0x10c/0x370
[  310.239175][ T9362]  __alloc_skb+0x10c/0x370
[  310.239194][ T9362]  ? __kasan_check_read+0x15/0x20
[  310.239211][ T9362]  netlink_ack+0x155/0xa50
[  310.239235][ T9362]  netlink_rcv_skb+0x2b2/0x4a0
[  310.239257][ T9362]  ? __cfi_genl_rcv_msg+0x10/0x10
[  310.239273][ T9362]  ? __cfi_netlink_rcv_skb+0x10/0x10
[  310.239295][ T9362]  ? rwsem_read_trylock+0x2b1/0x660
[  310.239313][ T9362]  ? down_read+0x79/0xe0
[  310.239331][ T9362]  ? __cfi_down_read+0x10/0x10
[  310.239347][ T9362]  ? is_vmalloc_addr+0x11/0x40
[  310.239369][ T9362]  genl_rcv+0x2c/0x40
[  310.239384][ T9362]  netlink_unicast+0x8c6/0xa60
[  310.239406][ T9362]  netlink_sendmsg+0x7f0/0xaf0
[  310.239431][ T9362]  ? __cfi_netlink_sendmsg+0x10/0x10
[  310.239455][ T9362]  ? bpf_lsm_socket_sendmsg+0xd/0x20
[  310.239479][ T9362]  ? security_socket_sendmsg+0x33/0xd0
[  310.239499][ T9362]  ? __cfi_netlink_sendmsg+0x10/0x10
[  310.239522][ T9362]  ____sys_sendmsg+0xa15/0xa70
[  310.239547][ T9362]  ? __sys_sendmsg_sock+0x50/0x50
[  310.239571][ T9362]  ? import_iovec+0x81/0xb0
[  310.239594][ T9362]  ___sys_sendmsg+0x220/0x2a0
[  310.239618][ T9362]  ? __sys_sendmsg+0x280/0x280
[  310.239642][ T9362]  ? proc_fail_nth_write+0x17e/0x210
[  310.239657][ T9362]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  310.239686][ T9362]  __x64_sys_sendmsg+0x1eb/0x2c0
[  310.239700][ T9362]  ? fput+0x1a5/0x240
[  310.239722][ T9362]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  310.239736][ T9362]  ? ksys_write+0x1ef/0x250
[  310.239755][ T9362]  ? __kasan_check_read+0x15/0x20
[  310.239773][ T9362]  x64_sys_call+0x2a4c/0x2ee0
[  310.239794][ T9362]  do_syscall_64+0x58/0xf0
[  310.239814][ T9362]  ? clear_bhb_loop+0x35/0x90
[  310.239847][ T9362]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  310.239886][ T9362] RIP: 0033:0x7f8721f8e929
[  310.239901][ T9362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.239915][ T9362] RSP: 002b:00007f8722d78038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  310.239933][ T9362] RAX: ffffffffffffffda RBX: 00007f87221b5fa0 RCX: 00007f8721f8e929
[  310.239945][ T9362] RDX: 0000000000050040 RSI: 0000200000000300 RDI: 0000000000000003
[  310.239956][ T9362] RBP: 00007f8722d78090 R08: 0000000000000000 R09: 0000000000000000
[  310.239965][ T9362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  310.239976][ T9362] R13: 0000000000000000 R14: 00007f87221b5fa0 R15: 00007ffcfaf879f8
[  310.239989][ T9362]  </TASK>
[  310.713290][ T9376] FAULT_INJECTION: forcing a failure.
[  310.713290][ T9376] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  310.727530][ T9376] CPU: 0 UID: 0 PID: 9376 Comm: syz.2.3406 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  310.727569][ T9376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  310.727584][ T9376] Call Trace:
[  310.727593][ T9376]  <TASK>
[  310.727602][ T9376]  __dump_stack+0x21/0x30
[  310.727643][ T9376]  dump_stack_lvl+0x10c/0x190
[  310.727807][ T9376]  ? __cfi_dump_stack_lvl+0x10/0x10
[  310.727829][ T9376]  dump_stack+0x19/0x20
[  310.727847][ T9376]  should_fail_ex+0x3d9/0x530
[  310.727865][ T9376]  should_fail+0xf/0x20
[  310.727881][ T9376]  should_fail_usercopy+0x1e/0x30
[  310.727900][ T9376]  _copy_from_user+0x22/0xb0
[  310.727922][ T9376]  sk_setsockopt+0x277/0x2970
[  310.727944][ T9376]  ? __cfi_sk_setsockopt+0x10/0x10
[  310.727967][ T9376]  ? selinux_socket_setsockopt+0x2ea/0x390
[  310.727988][ T9376]  ? __cfi_vfs_write+0x10/0x10
[  310.728008][ T9376]  ? __kasan_check_write+0x18/0x20
[  310.728027][ T9376]  sock_setsockopt+0x5e/0x70
[  310.728049][ T9376]  do_sock_setsockopt+0x202/0x400
[  310.728074][ T9376]  ? __cfi_do_sock_setsockopt+0x10/0x10
[  310.728100][ T9376]  __x64_sys_setsockopt+0x1b8/0x250
[  310.728124][ T9376]  x64_sys_call+0x2adc/0x2ee0
[  310.728146][ T9376]  do_syscall_64+0x58/0xf0
[  310.728168][ T9376]  ? clear_bhb_loop+0x35/0x90
[  310.728192][ T9376]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  310.728216][ T9376] RIP: 0033:0x7f17c658e929
[  310.728231][ T9376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.728247][ T9376] RSP: 002b:00007f17c63eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  310.728264][ T9376] RAX: ffffffffffffffda RBX: 00007f17c67b5fa0 RCX: 00007f17c658e929
[  310.728277][ T9376] RDX: 0000000000000035 RSI: 0000000000000001 RDI: 0000000000000003
[  310.728287][ T9376] RBP: 00007f17c63eb090 R08: 0000000000000004 R09: 0000000000000000
[  310.728298][ T9376] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  310.728310][ T9376] R13: 0000000000000000 R14: 00007f17c67b5fa0 R15: 00007ffeb601b0b8
[  310.728323][ T9376]  </TASK>
[  311.070190][ T9388] 9pnet: Could not find request transport: v
[  311.078501][   T36] audit: type=1400 audit(1750460229.696:1324): avc:  denied  { execute } for  pid=9387 comm="syz.5.3411" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  311.353465][   T36] audit: type=1400 audit(1750460229.958:1325): avc:  denied  { setattr } for  pid=9396 comm="syz.2.3414" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  311.460973][ T9402] FAULT_INJECTION: forcing a failure.
[  311.460973][ T9402] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  311.475243][ T9402] CPU: 0 UID: 0 PID: 9402 Comm: syz.2.3416 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  311.475274][ T9402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  311.475285][ T9402] Call Trace:
[  311.475291][ T9402]  <TASK>
[  311.475297][ T9402]  __dump_stack+0x21/0x30
[  311.475322][ T9402]  dump_stack_lvl+0x10c/0x190
[  311.475340][ T9402]  ? __cfi_dump_stack_lvl+0x10/0x10
[  311.475360][ T9402]  dump_stack+0x19/0x20
[  311.475382][ T9402]  should_fail_ex+0x3d9/0x530
[  311.475400][ T9402]  should_fail+0xf/0x20
[  311.475418][ T9402]  should_fail_usercopy+0x1e/0x30
[  311.475437][ T9402]  _copy_to_user+0x24/0xa0
[  311.475458][ T9402]  simple_read_from_buffer+0xed/0x160
[  311.475496][ T9402]  proc_fail_nth_read+0x19e/0x210
[  311.475512][ T9402]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  311.475528][ T9402]  ? bpf_lsm_file_permission+0xd/0x20
[  311.475545][ T9402]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  311.475560][ T9402]  vfs_read+0x278/0xb60
[  311.475579][ T9402]  ? __cfi_lru_add_drain_cpu+0x10/0x10
[  311.475604][ T9402]  ? __cfi_vfs_read+0x10/0x10
[  311.475622][ T9402]  ? __kasan_check_write+0x18/0x20
[  311.475641][ T9402]  ? mutex_lock+0x92/0x1c0
[  311.475657][ T9402]  ? __cfi_mutex_lock+0x10/0x10
[  311.475671][ T9402]  ? __fget_files+0x2c5/0x340
[  311.475695][ T9402]  ksys_read+0x141/0x250
[  311.475712][ T9402]  ? __fget_files+0x2c5/0x340
[  311.475733][ T9402]  ? __cfi_ksys_read+0x10/0x10
[  311.475752][ T9402]  ? __kasan_check_read+0x15/0x20
[  311.475770][ T9402]  __x64_sys_read+0x7f/0x90
[  311.475788][ T9402]  x64_sys_call+0x2638/0x2ee0
[  311.475809][ T9402]  do_syscall_64+0x58/0xf0
[  311.475830][ T9402]  ? clear_bhb_loop+0x35/0x90
[  311.475854][ T9402]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  311.475878][ T9402] RIP: 0033:0x7f17c658d33c
[  311.475892][ T9402] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  311.475906][ T9402] RSP: 002b:00007f17c63eb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  311.475924][ T9402] RAX: ffffffffffffffda RBX: 00007f17c67b5fa0 RCX: 00007f17c658d33c
[  311.475936][ T9402] RDX: 000000000000000f RSI: 00007f17c63eb0a0 RDI: 0000000000000004
[  311.475947][ T9402] RBP: 00007f17c63eb090 R08: 0000000000000000 R09: 0000000000000000
[  311.475957][ T9402] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  311.475967][ T9402] R13: 0000000000000000 R14: 00007f17c67b5fa0 R15: 00007ffeb601b0b8
[  311.475981][ T9402]  </TASK>
[  311.798239][ T9404] fuse: Bad value for 'user_id'
[  311.803960][   T64] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[  311.814594][ T9404] fuse: Bad value for 'user_id'
[  311.971083][   T64] usb 6-1: Using ep0 maxpacket: 16
[  311.980497][   T64] usb 6-1: unable to get BOS descriptor or descriptor too short
[  311.989078][   T64] usb 6-1: config 1 has an invalid interface descriptor of length 4, skipping
[  311.998487][   T64] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  312.008898][   T64] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  312.017937][   T64] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  312.034193][   T64] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  312.043983][   T64] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  312.052670][   T64] usb 6-1: Product: syz
[  312.057177][   T64] usb 6-1: Manufacturer: syz
[  312.061979][   T64] usb 6-1: SerialNumber: syz
[  312.172753][   T31] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  312.307584][   T64] usb 6-1: 0:2 : does not exist
[  312.317351][   T64] usb 6-1: USB disconnect, device number 56
[  312.335962][   T31] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  312.348350][   T31] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  312.359003][   T31] usb 2-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[  312.372043][   T31] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.381688][   T31] usb 2-1: config 0 descriptor??
[  312.410724][ T9431] rust_binder: Error while translating object.
[  312.410761][ T9431] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  312.417377][ T9431] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:518
[  312.442824][ T9433] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:520
[  312.494341][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  312.587153][ T9444] SELinux: security_context_str_to_sid (sytem_u軬泄�:��) failed with errno=-22
[  312.649704][ T9446] FAULT_INJECTION: forcing a failure.
[  312.649704][ T9446] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  312.672636][ T9446] CPU: 1 UID: 0 PID: 9446 Comm: syz.2.3434 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  312.672676][ T9446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  312.672692][ T9446] Call Trace:
[  312.672700][ T9446]  <TASK>
[  312.672709][ T9446]  __dump_stack+0x21/0x30
[  312.672742][ T9446]  dump_stack_lvl+0x10c/0x190
[  312.672766][ T9446]  ? __cfi_dump_stack_lvl+0x10/0x10
[  312.672794][ T9446]  dump_stack+0x19/0x20
[  312.672819][ T9446]  should_fail_ex+0x3d9/0x530
[  312.672844][ T9446]  should_fail+0xf/0x20
[  312.672868][ T9446]  should_fail_usercopy+0x1e/0x30
[  312.672894][ T9446]  _copy_from_user+0x22/0xb0
[  312.672927][ T9446]  ___sys_sendmsg+0x159/0x2a0
[  312.672963][ T9446]  ? __sys_sendmsg+0x280/0x280
[  312.672995][ T9446]  ? proc_fail_nth_write+0x17e/0x210
[  312.673024][ T9446]  __x64_sys_sendmsg+0x1eb/0x2c0
[  312.673044][ T9446]  ? fput+0x1a5/0x240
[  312.673076][ T9446]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  312.673096][ T9446]  ? ksys_write+0x1ef/0x250
[  312.673125][ T9446]  ? __kasan_check_write+0x18/0x20
[  312.673150][ T9446]  ? fpregs_restore_userregs+0x11d/0x260
[  312.673186][ T9446]  ? switch_fpu_return+0x12/0x20
[  312.673207][ T9446]  x64_sys_call+0x2a4c/0x2ee0
[  312.673236][ T9446]  do_syscall_64+0x58/0xf0
[  312.673268][ T9446]  ? clear_bhb_loop+0x35/0x90
[  312.673301][ T9446]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  312.673336][ T9446] RIP: 0033:0x7f17c658e929
[  312.673357][ T9446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.673378][ T9446] RSP: 002b:00007f17c63eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  312.673403][ T9446] RAX: ffffffffffffffda RBX: 00007f17c67b5fa0 RCX: 00007f17c658e929
[  312.673421][ T9446] RDX: 000000000000c804 RSI: 0000200000000380 RDI: 0000000000000003
[  312.673438][ T9446] RBP: 00007f17c63eb090 R08: 0000000000000000 R09: 0000000000000000
[  312.673453][ T9446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.673467][ T9446] R13: 0000000000000000 R14: 00007f17c67b5fa0 R15: 00007ffeb601b0b8
[  312.673487][ T9446]  </TASK>
[  312.871244][ T9451] SELinux: security_context_str_to_sid () failed with errno=-22
[  312.980778][   T36] audit: type=1326 audit(1750460231.483:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9452 comm="syz.6.3435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f060dd8e929 code=0x7ffc0000
[  312.982269][ T9453] binder: Unknown parameter 'context'
[  313.007286][   T36] audit: type=1326 audit(1750460231.483:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9452 comm="syz.6.3435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f060dd8e929 code=0x7ffc0000
[  313.043499][   T36] audit: type=1326 audit(1750460231.483:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9452 comm="syz.6.3435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f060dd8e929 code=0x7ffc0000
[  313.070539][   T36] audit: type=1326 audit(1750460231.483:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9452 comm="syz.6.3435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f060dd8e929 code=0x7ffc0000
[  313.100224][   T36] audit: type=1326 audit(1750460231.483:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9452 comm="syz.6.3435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f060dd8e929 code=0x7ffc0000
[  313.130031][   T36] audit: type=1326 audit(1750460231.483:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9452 comm="syz.6.3435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f060dd8e929 code=0x7ffc0000
[  313.159274][   T36] audit: type=1326 audit(1750460231.483:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9452 comm="syz.6.3435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f060dd8e929 code=0x7ffc0000
[  313.365691][ T9469] binder: Bad value for 'max'
[  313.369056][ T9466] tun0: tun_chr_ioctl cmd 1074025675
[  313.380707][  T455] usb 2-1: USB disconnect, device number 45
[  313.388361][ T9466] tun0: persist enabled
[  313.404775][ T9464] tun0: tun_chr_ioctl cmd 1074025675
[  313.410776][ T9464] tun0: persist enabled
[  313.419079][ T9464] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3442'.
[  313.434324][ T9472] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  313.434364][ T9472] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:545
[  313.648021][  T773] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  313.733511][   T64] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[  313.744189][   T31] usb 6-1: new high-speed USB device number 57 using dummy_hcd
[  313.831233][  T773] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  313.847586][  T773] usb 7-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[  313.861619][  T773] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.871006][  T773] usb 7-1: Product: syz
[  313.876029][  T773] usb 7-1: Manufacturer: syz
[  313.881861][  T773] usb 7-1: SerialNumber: syz
[  313.887917][  T773] usb 7-1: config 0 descriptor??
[  313.895334][   T64] usb 3-1: device descriptor read/64, error -71
[  313.907209][  T773] cdc_acm 7-1:0.0: skipping garbage
[  313.940278][   T31] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  313.951403][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.962647][   T31] usb 6-1: Product: syz
[  313.969200][   T31] usb 6-1: Manufacturer: syz
[  313.975342][   T31] usb 6-1: SerialNumber: syz
[  314.113609][   T31] usb 7-1: USB disconnect, device number 13
[  314.171847][   T64] usb 3-1: device descriptor read/64, error -71
[  314.417693][  T455] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  314.439186][   T64] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[  314.578038][  T455] usb 2-1: Using ep0 maxpacket: 16
[  314.578066][   T64] usb 3-1: device descriptor read/64, error -71
[  314.586724][  T455] usb 2-1: unable to get BOS descriptor or descriptor too short
[  314.601457][  T455] usb 2-1: config 1 has an invalid interface descriptor of length 4, skipping
[  314.612111][  T455] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  314.623039][  T455] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  314.632676][  T455] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  314.653254][  T455] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  314.665782][  T455] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.675269][  T455] usb 2-1: Product: syz
[  314.680997][  T455] usb 2-1: Manufacturer: syz
[  314.687324][  T455] usb 2-1: SerialNumber: syz
[  314.705505][ T9486] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:178
[  314.739419][ T9488] input: syz1 as /devices/virtual/input/input87
[  314.758238][ T9488] input: failed to attach handler leds to device input87, error: -6
[  314.845439][   T64] usb 3-1: device descriptor read/64, error -71
[  314.918939][  T455] usb 2-1: 0:2 : does not exist
[  314.932691][  T455] usb 2-1: USB disconnect, device number 46
[  314.942643][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  314.963747][   T64] usb usb3-port1: attempt power cycle
[  315.326393][   T64] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[  315.349136][   T64] usb 3-1: device descriptor read/8, error -71
[  315.487985][   T64] usb 3-1: device descriptor read/8, error -71
[  315.701153][   T36] kauditd_printk_skb: 4 callbacks suppressed
[  315.701171][   T36] audit: type=1326 audit(1750460234.027:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9498 comm="syz.6.3456" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f060dd8e929 code=0x0
[  315.743316][   T64] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[  315.760773][   T36] audit: type=1400 audit(1750460234.083:1338): avc:  denied  { audit_write } for  pid=9503 comm="syz.6.3457" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  315.785680][   T64] usb 3-1: device descriptor read/8, error -71
[  315.871677][    T9] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  315.926461][   T64] usb 3-1: device descriptor read/8, error -71
[  316.021263][    T9] usb 2-1: device descriptor read/64, error -71
[  316.042861][   T64] usb usb3-port1: unable to enumerate USB device
[  316.277847][    T9] usb 2-1: device descriptor read/64, error -71
[  316.534473][    T9] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  316.695478][    T9] usb 2-1: device descriptor read/64, error -71
[  316.703587][  T455] usb 6-1: USB disconnect, device number 57
[  316.741224][ T9523] syz.2.3462: vmalloc error: size 16105472, failed to allocated page array size 31456, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0
[  316.762509][ T9531] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:141
[  316.781963][ T9523] CPU: 0 UID: 0 PID: 9523 Comm: syz.2.3462 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  316.782002][ T9523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  316.782018][ T9523] Call Trace:
[  316.782027][ T9523]  <TASK>
[  316.782038][ T9523]  __dump_stack+0x21/0x30
[  316.782066][ T9523]  dump_stack_lvl+0x10c/0x190
[  316.782091][ T9523]  ? __cfi_dump_stack_lvl+0x10/0x10
[  316.782118][ T9523]  ? _raw_spin_unlock_irqrestore+0x4a/0x70
[  316.782150][ T9523]  dump_stack+0x19/0x20
[  316.782183][ T9523]  warn_alloc+0x1bc/0x2a0
[  316.782204][ T9523]  ? kasan_save_free_info+0x4a/0x60
[  316.782226][ T9523]  ? __cfi_warn_alloc+0x10/0x10
[  316.782247][ T9523]  ? __get_vm_area_node+0x1dc/0x3a0
[  316.782268][ T9523]  ? __vcalloc_noprof+0x3a/0x50
[  316.782294][ T9523]  __vmalloc_node_range_noprof+0x68e/0x1420
[  316.782321][ T9523]  ? __se_sys_ioctl+0x132/0x1b0
[  316.782350][ T9523]  ? __x64_sys_ioctl+0x7f/0xa0
[  316.782377][ T9523]  ? x64_sys_call+0x1878/0x2ee0
[  316.782405][ T9523]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[  316.782430][ T9523]  ? __vcalloc_noprof+0x3a/0x50
[  316.782456][ T9523]  __vmalloc_noprof+0xfe/0x1d0
[  316.782477][ T9523]  ? __vcalloc_noprof+0x3a/0x50
[  316.782503][ T9523]  ? __cfi___vmalloc_noprof+0x10/0x10
[  316.782524][ T9523]  ? mutex_lock+0x92/0x1c0
[  316.782543][ T9523]  ? __cfi_mutex_lock+0x10/0x10
[  316.782564][ T9523]  __vcalloc_noprof+0x3a/0x50
[  316.782588][ T9523]  kvm_set_memslot+0x4c6/0x13f0
[  316.782614][ T9523]  ? __kasan_kmalloc+0x96/0xb0
[  316.782644][ T9523]  __kvm_set_memory_region+0x87c/0xb80
[  316.782673][ T9523]  kvm_set_memory_region+0x2f/0x50
[  316.782701][ T9523]  kvm_vm_ioctl+0x9ad/0xb80
[  316.782726][ T9523]  ? should_fail+0xf/0x20
[  316.782749][ T9523]  ? __cfi_kvm_vm_ioctl+0x10/0x10
[  316.782773][ T9523]  ? ioctl_has_perm+0x1aa/0x4d0
[  316.782805][ T9523]  ? __asan_memcpy+0x5a/0x80
[  316.782828][ T9523]  ? ioctl_has_perm+0x3e0/0x4d0
[  316.782859][ T9523]  ? __cfi_futex_wait+0x10/0x10
[  316.782878][ T9523]  ? __kasan_slab_alloc+0x73/0x90
[  316.782907][ T9523]  ? selinux_file_ioctl+0x6e0/0x1360
[  316.782937][ T9523]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  316.782966][ T9523]  ? file_init_path+0x3b/0x5a0
[  316.782998][ T9523]  ? do_futex+0x309/0x500
[  316.783026][ T9523]  ? __cfi_do_futex+0x10/0x10
[  316.783053][ T9523]  ? alloc_file_pseudo+0x18b/0x1e0
[  316.783085][ T9523]  ? __fget_files+0x2c5/0x340
[  316.783115][ T9523]  ? bpf_lsm_file_ioctl+0xd/0x20
[  316.783138][ T9523]  ? security_file_ioctl+0x34/0xd0
[  316.783173][ T9523]  ? __cfi_kvm_vm_ioctl+0x10/0x10
[  316.783197][ T9523]  __se_sys_ioctl+0x132/0x1b0
[  316.783226][ T9523]  __x64_sys_ioctl+0x7f/0xa0
[  316.783254][ T9523]  x64_sys_call+0x1878/0x2ee0
[  316.783287][ T9523]  do_syscall_64+0x58/0xf0
[  316.783314][ T9523]  ? clear_bhb_loop+0x35/0x90
[  316.783345][ T9523]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  316.783376][ T9523] RIP: 0033:0x7f17c658e929
[  316.783395][ T9523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.783413][ T9523] RSP: 002b:00007f17c63ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  316.783437][ T9523] RAX: ffffffffffffffda RBX: 00007f17c67b6080 RCX: 00007f17c658e929
[  316.783455][ T9523] RDX: 0000200000000080 RSI: 000000004020ae46 RDI: 0000000000000006
[  316.783469][ T9523] RBP: 00007f17c6610b39 R08: 0000000000000000 R09: 0000000000000000
[  316.783484][ T9523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  316.783497][ T9523] R13: 0000000000000000 R14: 00007f17c67b6080 R15: 00007ffeb601b0b8
[  316.783515][ T9523]  </TASK>
[  316.783537][ T9523] Mem-Info:
[  317.111740][   T31] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[  317.145277][ T9523] active_anon:9729 inactive_anon:9 isolated_anon:0
[  317.145277][ T9523]  active_file:22500 inactive_file:2308 isolated_file:0
[  317.145277][ T9523]  unevictable:0 dirty:97 writeback:0
[  317.145277][ T9523]  slab_reclaimable:5926 slab_unreclaimable:75403
[  317.145277][ T9523]  mapped:24941 shmem:164 pagetables:1291
[  317.145277][ T9523]  sec_pagetables:0 bounce:0
[  317.145277][ T9523]  kernel_misc_reclaimable:0
[  317.145277][ T9523]  free:1513966 free_pcp:2662 free_cma:0
[  317.153548][   T45] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  317.163070][ T9523] Node 0 active_anon:38916kB inactive_anon:36kB active_file:90000kB inactive_file:9232kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:99764kB dirty:388kB writeback:0kB shmem:656kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5376kB pagetables:5164kB sec_pagetables:0kB all_unreclaimable? no
[  317.301576][ T9523] DMA32 free:2960212kB boost:0kB min:19088kB low:23860kB high:28632kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2966004kB mlocked:0kB bounce:0kB free_pcp:5792kB local_pcp:0kB free_cma:0kB
[  317.336050][ T9523] lowmem_reserve[]: 0 3921 3921
[  317.347144][   T45] usb 7-1: Using ep0 maxpacket: 16
[  317.353607][ T9523] Normal free:3098460kB boost:0kB min:25964kB low:32452kB high:38940kB reserved_highatomic:0KB free_highatomic:0KB active_anon:38996kB inactive_anon:36kB active_file:90000kB inactive_file:9232kB unevictable:0kB writepending:388kB present:5242880kB managed:4016120kB mlocked:0kB bounce:0kB free_pcp:2436kB local_pcp:1628kB free_cma:0kB
[  317.388981][ T9523] lowmem_reserve[]: 0 0 0
[  317.394043][   T45] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  317.406146][ T9523] DMA32: 7*4kB (M) 3*8kB (M) 4*16kB (M) 5*32kB (M) 5*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 5*1024kB (UM) 5*2048kB (M) 718*4096kB (M) = 2960212kB
[  317.423739][   T45] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  317.439125][   T45] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  317.449068][ T9523] Normal: 75*4kB (UE) 413*8kB (UME) 881*16kB (UME) 683*32kB (UME) 607*64kB (UME) 162*128kB (UME) 133*256kB (UME) 82*512kB (UME) 34*1024kB (UME) 22*2048kB (UME) 694*4096kB (UM) = 3097668kB
[  317.453847][    T9] usb 2-1: device descriptor read/64, error -71
[  317.471281][   T45] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.489424][ T9523] 24975 total pagecache pages
[  317.494700][ T9523] 9 pages in swap cache
[  317.500269][ T9523] Free swap  = 124528kB
[  317.505026][   T45] usb 7-1: config 0 descriptor??
[  317.510535][ T9523] Total swap = 124996kB
[  317.514749][ T9523] 2097051 pages RAM
[  317.519825][ T9523] 0 pages HighMem/MovableOnly
[  317.525143][ T9523] 351520 pages reserved
[  317.531306][ T9523] 0 pages cma reserved
[  317.539224][ T9523] Memory allocations:
[  317.543687][ T9523]          0 B        0 init/main.c:1370 func:do_initcalls
[  317.551064][ T9523]          0 B        0 init/do_mounts.c:186 func:mount_root_generic
[  317.560712][ T9523]          0 B        0 init/do_mounts.c:158 func:do_mount_root
[  317.568922][ T9523]          0 B        0 init/do_mounts.c:352 func:mount_nodev_root
[  317.577863][ T9523]          0 B        0 init/do_mounts_rd.c:241 func:rd_load_image
[  317.589380][ T9523]          0 B        0 init/do_mounts_rd.c:72 func:identify_ramdisk_image
[  317.598811][ T9523]          0 B        0 init/initramfs.c:507 func:unpack_to_rootfs
[  317.603695][    T9] usb usb2-port1: attempt power cycle
[  317.607231][ T9523]          0 B        0 init/initramfs.c:508 func:unpack_to_rootfs
[  317.620654][ T9523]          0 B        0 init/initramfs.c:509 func:unpack_to_rootfs
[  317.628711][ T9523]          0 B        0 init/initramfs.c:101 func:find_link
[  317.710385][  T773] usb 6-1: new full-speed USB device number 58 using dummy_hcd
[  317.775021][   T36] audit: type=1400 audit(1750460235.973:1339): avc:  denied  { create } for  pid=9545 comm="syz.2.3473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  317.801379][ T9546] macsec0: entered promiscuous mode
[  317.807220][ T9546] macsec0: entered allmulticast mode
[  317.813044][ T9546] veth1_macvtap: entered allmulticast mode
[  317.882820][  T773] usb 6-1: config 0 has an invalid interface number: 230 but max is 0
[  317.891822][  T773] usb 6-1: config 0 has no interface number 0
[  317.899160][  T773] usb 6-1: config 0 interface 230 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  317.913515][  T773] usb 6-1: config 0 interface 230 altsetting 2 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  317.925424][  T773] usb 6-1: config 0 interface 230 has no altsetting 0
[  317.936669][  T773] usb 6-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[  317.941608][ T9563] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  317.946050][  T773] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.946805][ T9563] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:573
[  317.955865][  T773] usb 6-1: Product: syz
[  317.978794][    T9] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  317.986872][  T773] usb 6-1: Manufacturer: syz
[  317.987835][ T9524] fuse: Bad value for 'fd'
[  317.991594][  T773] usb 6-1: SerialNumber: syz
[  317.992499][  T773] usb 6-1: config 0 descriptor??
[  318.006681][   T45] usbhid 7-1:0.0: can't add hid device: -71
[  318.016406][   T45] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  318.020881][ T9542] raw-gadget.3 gadget.5: fail, usb_ep_enable returned -22
[  318.032154][    T9] usb 2-1: device descriptor read/8, error -71
[  318.034323][   T45] usb 7-1: USB disconnect, device number 14
[  318.041502][ T9542] raw-gadget.3 gadget.5: fail, usb_ep_enable returned -22
[  318.063732][  T773] ums-usbat 6-1:0.230: USB Mass Storage device detected
[  318.080381][  T773] ums-usbat 6-1:0.230: Quirks match for vid 0781 pid 0005: 1
[  318.171072][    T9] usb 2-1: device descriptor read/8, error -71
[  318.426663][    T9] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  318.449490][    T9] usb 2-1: device descriptor read/8, error -71
[  318.588258][    T9] usb 2-1: device descriptor read/8, error -71
[  318.629171][ T9582] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  318.704709][    T9] usb usb2-port1: unable to enumerate USB device
[  319.057393][   T64] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  319.175008][    T9] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  319.217753][   T64] usb 7-1: Using ep0 maxpacket: 8
[  319.224848][   T64] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  319.236243][   T64] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  319.250309][   T64] usb 7-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b
[  319.261773][   T64] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  319.270958][   T64] usb 7-1: Manufacturer: syz
[  319.277591][   T64] usb 7-1: config 0 descriptor??
[  319.346071][    T9] usb 2-1: Using ep0 maxpacket: 16
[  319.354097][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  319.364265][    T9] usb 2-1: config 1 has an invalid interface descriptor of length 4, skipping
[  319.378079][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  319.391419][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  319.402625][    T9] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  319.426282][    T9] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  319.438186][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  319.448535][    T9] usb 2-1: Product: syz
[  319.453212][    T9] usb 2-1: Manufacturer: syz
[  319.459674][    T9] usb 2-1: SerialNumber: syz
[  319.501040][  T305] usb 7-1: USB disconnect, device number 15
[  319.685512][    T9] usb 2-1: 0:2 : does not exist
[  319.693736][    T9] usb 2-1: USB disconnect, device number 51
[  319.870610][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  320.101490][ T9611] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  320.172598][ T9619] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3496'.
[  320.397785][ T9633] input: syz0 as /devices/virtual/input/input92
[  320.522028][   T31] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  320.682359][   T31] usb 7-1: Using ep0 maxpacket: 16
[  320.689282][   T31] usb 7-1: config 0 has an invalid interface number: 105 but max is 0
[  320.698826][   T31] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  320.709413][   T31] usb 7-1: config 0 has no interface number 0
[  320.718671][   T31] usb 7-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  320.729220][   T31] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.738439][   T31] usb 7-1: Product: syz
[  320.742765][   T31] usb 7-1: Manufacturer: syz
[  320.742872][  T773] ums-usbat 6-1:0.230: probe with driver ums-usbat failed with error -5
[  320.748527][   T31] usb 7-1: SerialNumber: syz
[  320.749815][   T31] usb 7-1: config 0 descriptor??
[  320.769590][   T31] usb 7-1: Found UVC 0.00 device syz (046d:08f3)
[  320.772201][  T773] usb 6-1: USB disconnect, device number 58
[  320.778870][   T31] usb 7-1: No valid video chain found.
[  320.800046][  T305] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  320.972808][  T305] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  320.985379][  T305] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  320.997230][  T305] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  321.007306][  T305] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  321.009538][  T773] usb 7-1: USB disconnect, device number 16
[  321.016982][  T305] usb 2-1: SerialNumber: syz
[  321.234759][ T9638] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  321.244866][ T9638] rust_binder: Write failure EINVAL in pid:917
[  321.248368][  T305] usb 2-1: 0:2 : does not exist
[  321.266068][  T305] usb 2-1: USB disconnect, device number 52
[  321.453772][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  321.636575][   T46] bridge_slave_1: left allmulticast mode
[  321.642939][   T46] bridge_slave_1: left promiscuous mode
[  321.660340][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.671246][   T46] bridge_slave_0: left allmulticast mode
[  321.678437][   T46] bridge_slave_0: left promiscuous mode
[  321.685467][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.762110][  T305] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[  321.818653][ T9654] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3512'.
[  321.865187][   T46] veth1_macvtap: left allmulticast mode
[  321.871345][   T46] veth1_macvtap: left promiscuous mode
[  321.878383][   T46] veth0_vlan: left promiscuous mode
[  321.922510][  T305] usb 6-1: Using ep0 maxpacket: 16
[  321.930703][  T305] usb 6-1: unable to get BOS descriptor or descriptor too short
[  321.956253][  T305] usb 6-1: config 1 has an invalid interface descriptor of length 4, skipping
[  321.967291][  T305] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  321.978948][  T305] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  321.989285][  T305] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  322.006059][ T9655] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.008083][  T305] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  322.013583][ T9655] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.029742][  T305] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.032243][ T9655] bridge_slave_0: entered allmulticast mode
[  322.041142][  T305] usb 6-1: Product: syz
[  322.048574][ T9655] bridge_slave_0: entered promiscuous mode
[  322.052360][  T305] usb 6-1: Manufacturer: syz
[  322.058360][    T9] usb 2-1: new low-speed USB device number 53 using dummy_hcd
[  322.063313][  T305] usb 6-1: SerialNumber: syz
[  322.074302][ T9655] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.086989][ T9655] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.095093][ T9655] bridge_slave_1: entered allmulticast mode
[  322.103723][ T9655] bridge_slave_1: entered promiscuous mode
[  322.181890][ T9655] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.190437][ T9655] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.202477][ T9655] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.210603][ T9655] bridge0: port 1(bridge_slave_0) entered forwarding state
[  322.233825][  T773] usb 7-1: new full-speed USB device number 17 using dummy_hcd
[  322.258076][  T207] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.271426][  T207] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.282859][    T9] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[  322.298570][    T9] usb 2-1: config 0 has no interface number 0
[  322.307946][    T9] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  322.312167][  T305] usb 6-1: 0:2 : does not exist
[  322.322235][    T9] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  322.342188][  T591] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.347144][  T305] usb 6-1: USB disconnect, device number 59
[  322.350808][  T591] bridge0: port 1(bridge_slave_0) entered forwarding state
[  322.369763][    T9] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  322.373078][  T591] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.385235][    T9] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  322.392971][  T591] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.418194][    T9] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  322.434735][    T9] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  322.440936][ T9655] veth0_vlan: entered promiscuous mode
[  322.464793][    T9] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  322.464887][  T773] usb 7-1: config 0 has an invalid interface number: 230 but max is 0
[  322.473206][ T9655] veth1_macvtap: entered promiscuous mode
[  322.488064][  T773] usb 7-1: config 0 has no interface number 0
[  322.503189][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.513063][  T773] usb 7-1: config 0 interface 230 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  322.531634][  T773] usb 7-1: config 0 interface 230 altsetting 2 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  322.546659][    T9] usb 2-1: config 0 descriptor??
[  322.553397][ T9657] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  322.561808][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  322.564517][  T773] usb 7-1: config 0 interface 230 has no altsetting 0
[  322.594454][  T773] usb 7-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[  322.605562][  T773] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.616155][  T773] usb 7-1: Product: syz
[  322.621259][  T773] usb 7-1: Manufacturer: syz
[  322.626095][  T773] usb 7-1: SerialNumber: syz
[  322.636404][  T773] usb 7-1: config 0 descriptor??
[  322.644172][ T9662] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  322.657345][ T9662] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  322.662160][ T9664] binder: Bad value for 'stats'
[  322.666797][  T773] ums-usbat 7-1:0.230: USB Mass Storage device detected
[  322.681753][  T773] ums-usbat 7-1:0.230: Quirks match for vid 0781 pid 0005: 1
[  322.727934][ T9673] FAULT_INJECTION: forcing a failure.
[  322.727934][ T9673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.743906][ T9673] CPU: 1 UID: 0 PID: 9673 Comm: syz.7.3517 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  322.743935][ T9673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  322.743947][ T9673] Call Trace:
[  322.743953][ T9673]  <TASK>
[  322.743960][ T9673]  __dump_stack+0x21/0x30
[  322.743997][ T9673]  dump_stack_lvl+0x10c/0x190
[  322.744108][ T9673]  ? __cfi_dump_stack_lvl+0x10/0x10
[  322.744155][ T9673]  ? _parse_integer_limit+0x195/0x1e0
[  322.744182][ T9673]  ? lock_sock_nested+0x1f5/0x290
[  322.744315][ T9673]  dump_stack+0x19/0x20
[  322.744344][ T9673]  should_fail_ex+0x3d9/0x530
[  322.744369][ T9673]  should_fail+0xf/0x20
[  322.744391][ T9673]  should_fail_usercopy+0x1e/0x30
[  322.744412][ T9673]  _copy_from_user+0x22/0xb0
[  322.744492][ T9673]  copy_from_sockptr+0x6f/0xa0
[  322.744525][ T9673]  do_ip_setsockopt+0x1b44/0x29e0
[  322.744554][ T9673]  ? __cfi_do_ip_setsockopt+0x10/0x10
[  322.744580][ T9673]  ? selinux_socket_setsockopt+0x2ea/0x390
[  322.744603][ T9673]  ? __cfi_selinux_socket_setsockopt+0x10/0x10
[  322.744633][ T9673]  ip_setsockopt+0x63/0x100
[  322.744797][ T9673]  raw_setsockopt+0xf4/0x1a0
[  322.744824][ T9673]  sock_common_setsockopt+0xb5/0xd0
[  322.744848][ T9673]  ? __cfi_sock_common_setsockopt+0x10/0x10
[  322.745949][ T9673]  do_sock_setsockopt+0x26a/0x400
[  322.745999][ T9673]  ? __cfi_do_sock_setsockopt+0x10/0x10
[  322.746033][ T9673]  __x64_sys_setsockopt+0x1b8/0x250
[  322.746441][ T9673]  x64_sys_call+0x2adc/0x2ee0
[  322.746471][ T9673]  do_syscall_64+0x58/0xf0
[  322.746615][ T9673]  ? clear_bhb_loop+0x35/0x90
[  322.746728][ T9673]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  322.746757][ T9673] RIP: 0033:0x7fc431b8e929
[  322.746778][ T9673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.746799][ T9673] RSP: 002b:00007fc432a48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  322.746820][ T9673] RAX: ffffffffffffffda RBX: 00007fc431db5fa0 RCX: 00007fc431b8e929
[  322.746833][ T9673] RDX: 0000000000000024 RSI: 0000000000000000 RDI: 0000000000000003
[  322.746844][ T9673] RBP: 00007fc432a48090 R08: 000000000000000c R09: 0000000000000000
[  322.746855][ T9673] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  322.746866][ T9673] R13: 0000000000000000 R14: 00007fc431db5fa0 R15: 00007ffe8b937318
[  322.746880][ T9673]  </TASK>
[  322.784628][ T9657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  323.035399][ T9679] rust_binder: Write failure EINVAL in pid:166
[  323.043419][ T9657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  323.069974][ T9657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  323.082529][ T9657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  323.713507][  T774] usb 2-1: USB disconnect, device number 53
[  323.817794][   T31] usb 6-1: new high-speed USB device number 60 using dummy_hcd
[  323.926792][ T9702] syz.1.3528 (9702): /proc/9698/oom_adj is deprecated, please use /proc/9698/oom_score_adj instead.
[  323.994454][   T31] usb 6-1: Using ep0 maxpacket: 16
[  324.004530][   T31] usb 6-1: unable to get BOS descriptor or descriptor too short
[  324.014621][   T31] usb 6-1: config 1 has an invalid interface descriptor of length 4, skipping
[  324.024597][   T31] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  324.036043][   T31] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  324.048329][   T31] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  324.068954][   T31] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  324.079438][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.089506][   T31] usb 6-1: Product: syz
[  324.097860][   T31] usb 6-1: Manufacturer: syz
[  324.103763][   T31] usb 6-1: SerialNumber: syz
[  324.329516][   T31] usb 6-1: 0:2 : does not exist
[  324.341379][   T31] usb 6-1: USB disconnect, device number 60
[  324.532258][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  324.789378][ T9743] __vm_enough_memory: pid: 9743, comm: syz.1.3538, bytes: 281474976845824 not enough memory for the allocation
[  324.876916][ T9751] rust_binder: inc_ref_done called when no active inc_refs
[  324.894744][   T36] audit: type=1400 audit(1750460242.633:1340): avc:  denied  { create } for  pid=9753 comm="syz.5.3543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  324.947646][ T9756] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  324.987472][ T9763] FAULT_INJECTION: forcing a failure.
[  324.987472][ T9763] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  325.013544][ T9763] CPU: 0 UID: 0 PID: 9763 Comm: syz.1.3546 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  325.013585][ T9763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  325.013601][ T9763] Call Trace:
[  325.013609][ T9763]  <TASK>
[  325.013617][ T9763]  __dump_stack+0x21/0x30
[  325.013658][ T9763]  dump_stack_lvl+0x10c/0x190
[  325.013686][ T9763]  ? __cfi_dump_stack_lvl+0x10/0x10
[  325.013713][ T9763]  ? kstrtoull+0x13b/0x1e0
[  325.013735][ T9763]  dump_stack+0x19/0x20
[  325.013759][ T9763]  should_fail_ex+0x3d9/0x530
[  325.013784][ T9763]  should_fail+0xf/0x20
[  325.013806][ T9763]  should_fail_usercopy+0x1e/0x30
[  325.013831][ T9763]  _copy_from_user+0x22/0xb0
[  325.013859][ T9763]  ___sys_sendmsg+0x159/0x2a0
[  325.013893][ T9763]  ? __sys_sendmsg+0x280/0x280
[  325.013927][ T9763]  ? proc_fail_nth_write+0x17e/0x210
[  325.013951][ T9763]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  325.013980][ T9763]  __x64_sys_sendmsg+0x1eb/0x2c0
[  325.014002][ T9763]  ? fput+0x1a5/0x240
[  325.014033][ T9763]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  325.014054][ T9763]  ? ksys_write+0x1ef/0x250
[  325.014081][ T9763]  ? __kasan_check_read+0x15/0x20
[  325.014106][ T9763]  x64_sys_call+0x2a4c/0x2ee0
[  325.014137][ T9763]  do_syscall_64+0x58/0xf0
[  325.014165][ T9763]  ? clear_bhb_loop+0x35/0x90
[  325.014199][ T9763]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  325.014231][ T9763] RIP: 0033:0x7fd41eb8e929
[  325.014251][ T9763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  325.014272][ T9763] RSP: 002b:00007fd41fab5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  325.014309][ T9763] RAX: ffffffffffffffda RBX: 00007fd41edb5fa0 RCX: 00007fd41eb8e929
[  325.014328][ T9763] RDX: 0000000000008004 RSI: 0000200000000080 RDI: 0000000000000003
[  325.014344][ T9763] RBP: 00007fd41fab5090 R08: 0000000000000000 R09: 0000000000000000
[  325.014359][ T9763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  325.014373][ T9763] R13: 0000000000000000 R14: 00007fd41edb5fa0 R15: 00007ffdac6bed08
[  325.014393][ T9763]  </TASK>
[  325.326989][ T9767] rust_binder: Write failure EFAULT in pid:958
[  325.547759][ T9781] FAULT_INJECTION: forcing a failure.
[  325.547759][ T9781] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  325.572097][ T9781] CPU: 1 UID: 0 PID: 9781 Comm: syz.7.3555 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  325.572138][ T9781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  325.572153][ T9781] Call Trace:
[  325.572161][ T9781]  <TASK>
[  325.572171][ T9781]  __dump_stack+0x21/0x30
[  325.572205][ T9781]  dump_stack_lvl+0x10c/0x190
[  325.572237][ T9781]  ? __cfi_dump_stack_lvl+0x10/0x10
[  325.572282][ T9781]  dump_stack+0x19/0x20
[  325.572307][ T9781]  should_fail_ex+0x3d9/0x530
[  325.572333][ T9781]  should_fail+0xf/0x20
[  325.572356][ T9781]  should_fail_usercopy+0x1e/0x30
[  325.572382][ T9781]  _copy_to_user+0x24/0xa0
[  325.572412][ T9781]  simple_read_from_buffer+0xed/0x160
[  325.572448][ T9781]  proc_fail_nth_read+0x19e/0x210
[  325.572470][ T9781]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  325.572491][ T9781]  ? bpf_lsm_file_permission+0xd/0x20
[  325.572517][ T9781]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  325.572537][ T9781]  vfs_read+0x278/0xb60
[  325.572563][ T9781]  ? __cfi_inet6_bind_sk+0x10/0x10
[  325.572594][ T9781]  ? __cfi_vfs_read+0x10/0x10
[  325.572618][ T9781]  ? __kasan_check_write+0x18/0x20
[  325.572642][ T9781]  ? mutex_lock+0x92/0x1c0
[  325.572662][ T9781]  ? __cfi_mutex_lock+0x10/0x10
[  325.572683][ T9781]  ? __fget_files+0x2c5/0x340
[  325.572713][ T9781]  ksys_read+0x141/0x250
[  325.572737][ T9781]  ? __cfi_ksys_read+0x10/0x10
[  325.572764][ T9781]  ? __kasan_check_read+0x15/0x20
[  325.572788][ T9781]  __x64_sys_read+0x7f/0x90
[  325.572814][ T9781]  x64_sys_call+0x2638/0x2ee0
[  325.572842][ T9781]  do_syscall_64+0x58/0xf0
[  325.572869][ T9781]  ? clear_bhb_loop+0x35/0x90
[  325.572903][ T9781]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  325.572935][ T9781] RIP: 0033:0x7fc431b8d33c
[  325.572953][ T9781] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  325.572972][ T9781] RSP: 002b:00007fc432a48030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  325.572997][ T9781] RAX: ffffffffffffffda RBX: 00007fc431db5fa0 RCX: 00007fc431b8d33c
[  325.573014][ T9781] RDX: 000000000000000f RSI: 00007fc432a480a0 RDI: 0000000000000004
[  325.573029][ T9781] RBP: 00007fc432a48090 R08: 0000000000000000 R09: 0000000000000000
[  325.573042][ T9781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  325.573056][ T9781] R13: 0000000000000000 R14: 00007fc431db5fa0 R15: 00007ffe8b937318
[  325.573074][ T9781]  </TASK>
[  325.879328][  T773] ums-usbat 7-1:0.230: probe with driver ums-usbat failed with error -5
[  325.898011][  T773] usb 7-1: USB disconnect, device number 17
[  326.000715][ T9804] FAULT_INJECTION: forcing a failure.
[  326.000715][ T9804] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.000817][ T9800] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3562'.
[  326.016756][ T9804] CPU: 1 UID: 0 PID: 9804 Comm: syz.7.3564 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  326.016803][ T9804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  326.016821][ T9804] Call Trace:
[  326.016830][ T9804]  <TASK>
[  326.016840][ T9804]  __dump_stack+0x21/0x30
[  326.016884][ T9804]  dump_stack_lvl+0x10c/0x190
[  326.016913][ T9804]  ? __cfi_dump_stack_lvl+0x10/0x10
[  326.016947][ T9804]  dump_stack+0x19/0x20
[  326.016974][ T9804]  should_fail_ex+0x3d9/0x530
[  326.017003][ T9804]  should_fail+0xf/0x20
[  326.017029][ T9804]  should_fail_usercopy+0x1e/0x30
[  326.017058][ T9804]  _copy_to_user+0x24/0xa0
[  326.017093][ T9804]  simple_read_from_buffer+0xed/0x160
[  326.017133][ T9804]  proc_fail_nth_read+0x19e/0x210
[  326.017159][ T9804]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  326.017183][ T9804]  ? bpf_lsm_file_permission+0xd/0x20
[  326.017212][ T9804]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  326.017337][ T9804]  vfs_read+0x278/0xb60
[  326.017368][ T9804]  ? lookup_ioctx+0x360/0x360
[  326.017407][ T9804]  ? asm_exc_page_fault+0x2b/0x30
[  326.017444][ T9804]  ? __cfi_vfs_read+0x10/0x10
[  326.017529][ T9804]  ? __kasan_check_write+0x18/0x20
[  326.017558][ T9804]  ? mutex_lock+0x92/0x1c0
[  326.017582][ T9804]  ? __cfi_mutex_lock+0x10/0x10
[  326.017606][ T9804]  ? __fget_files+0x2c5/0x340
[  326.017643][ T9804]  ksys_read+0x141/0x250
[  326.017673][ T9804]  ? __cfi_ksys_read+0x10/0x10
[  326.017704][ T9804]  ? __kasan_check_read+0x15/0x20
[  326.017734][ T9804]  __x64_sys_read+0x7f/0x90
[  326.017766][ T9804]  x64_sys_call+0x2638/0x2ee0
[  326.017799][ T9804]  do_syscall_64+0x58/0xf0
[  326.017834][ T9804]  ? clear_bhb_loop+0x35/0x90
[  326.017871][ T9804]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  326.017906][ T9804] RIP: 0033:0x7fc431b8d33c
[  326.017931][ T9804] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  326.017953][ T9804] RSP: 002b:00007fc432a48030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  326.017983][ T9804] RAX: ffffffffffffffda RBX: 00007fc431db5fa0 RCX: 00007fc431b8d33c
[  326.018004][ T9804] RDX: 000000000000000f RSI: 00007fc432a480a0 RDI: 0000000000000005
[  326.018021][ T9804] RBP: 00007fc432a48090 R08: 0000000000000000 R09: 0000000000000000
[  326.018039][ T9804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.018057][ T9804] R13: 0000000000000000 R14: 00007fc431db5fa0 R15: 00007ffe8b937318
[  326.018080][ T9804]  </TASK>
[  326.429820][ T9820] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  326.429864][ T9820] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:196
[  326.445069][ T9819] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  326.460585][ T9819] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:196
[  326.504784][ T9826] fuse: Unknown parameter ' 8%觫�熚�"�)Go嶠'
[  326.583832][ T9835] incfs: Can't find or create .index dir in ./cgroup
[  326.591785][ T9835] incfs: mount failed -22
[  326.599879][ T9835] netlink: 64 bytes leftover after parsing attributes in process `syz.7.3575'.
[  326.621630][ T9835] kvm: kvm [9834]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010007) = 0x7
[  326.722168][ T9841] rust_binder: Write failure EINVAL in pid:207
[  326.723093][   T36] audit: type=1400 audit(1750460244.335:1341): avc:  denied  { getopt } for  pid=9840 comm="syz.5.3579" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  326.761258][ T9846] FAULT_INJECTION: forcing a failure.
[  326.761258][ T9846] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.776841][ T9846] CPU: 1 UID: 0 PID: 9846 Comm: syz.5.3580 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  326.776871][ T9846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  326.776882][ T9846] Call Trace:
[  326.776888][ T9846]  <TASK>
[  326.776896][ T9846]  __dump_stack+0x21/0x30
[  326.776920][ T9846]  dump_stack_lvl+0x10c/0x190
[  326.776939][ T9846]  ? __cfi_dump_stack_lvl+0x10/0x10
[  326.776959][ T9846]  dump_stack+0x19/0x20
[  326.776976][ T9846]  should_fail_ex+0x3d9/0x530
[  326.776994][ T9846]  should_fail+0xf/0x20
[  326.777010][ T9846]  should_fail_usercopy+0x1e/0x30
[  326.777028][ T9846]  _copy_from_iter+0x1a3/0x14b0
[  326.777051][ T9846]  ? __kasan_check_write+0x18/0x20
[  326.777069][ T9846]  ? __build_skb_around+0x2a4/0x5a0
[  326.777090][ T9846]  ? __cfi__copy_from_iter+0x10/0x10
[  326.777111][ T9846]  ? check_stack_object+0x82/0x140
[  326.777130][ T9846]  ? __virt_addr_valid+0x2a6/0x380
[  326.777163][ T9846]  ? __check_object_size+0x455/0x620
[  326.777182][ T9846]  netlink_sendmsg+0x680/0xaf0
[  326.777208][ T9846]  ? __cfi_netlink_sendmsg+0x10/0x10
[  326.777232][ T9846]  ? bpf_lsm_socket_sendmsg+0xd/0x20
[  326.777257][ T9846]  ? security_socket_sendmsg+0x33/0xd0
[  326.777277][ T9846]  ? __cfi_netlink_sendmsg+0x10/0x10
[  326.777312][ T9846]  ____sys_sendmsg+0xa15/0xa70
[  326.777351][ T9846]  ? __sys_sendmsg_sock+0x50/0x50
[  326.777385][ T9846]  ? import_iovec+0x81/0xb0
[  326.777416][ T9846]  ___sys_sendmsg+0x220/0x2a0
[  326.777447][ T9846]  ? __sys_sendmsg+0x280/0x280
[  326.777478][ T9846]  ? proc_fail_nth_write+0x17e/0x210
[  326.777494][ T9846]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  326.777515][ T9846]  __x64_sys_sendmsg+0x1eb/0x2c0
[  326.777530][ T9846]  ? fput+0x1a5/0x240
[  326.777554][ T9846]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  326.777569][ T9846]  ? ksys_write+0x1ef/0x250
[  326.777589][ T9846]  ? __kasan_check_read+0x15/0x20
[  326.777608][ T9846]  x64_sys_call+0x2a4c/0x2ee0
[  326.777630][ T9846]  do_syscall_64+0x58/0xf0
[  326.777651][ T9846]  ? clear_bhb_loop+0x35/0x90
[  326.777676][ T9846]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  326.777700][ T9846] RIP: 0033:0x7f8721f8e929
[  326.777715][ T9846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.777730][ T9846] RSP: 002b:00007f8722d78038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  326.777748][ T9846] RAX: ffffffffffffffda RBX: 00007f87221b5fa0 RCX: 00007f8721f8e929
[  326.777761][ T9846] RDX: 000000000401c088 RSI: 00002000000001c0 RDI: 0000000000000003
[  326.777772][ T9846] RBP: 00007f8722d78090 R08: 0000000000000000 R09: 0000000000000000
[  326.777784][ T9846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.777794][ T9846] R13: 0000000000000000 R14: 00007f87221b5fa0 R15: 00007ffcfaf879f8
[  326.777808][ T9846]  </TASK>
[  327.102012][   T31] usb 7-1: new full-speed USB device number 18 using dummy_hcd
[  327.141185][ T9854] FAULT_INJECTION: forcing a failure.
[  327.141185][ T9854] name failslab, interval 1, probability 0, space 0, times 0
[  327.155608][ T9854] CPU: 0 UID: 0 PID: 9854 Comm: syz.7.3584 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  327.155646][ T9854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  327.155660][ T9854] Call Trace:
[  327.155669][ T9854]  <TASK>
[  327.155678][ T9854]  __dump_stack+0x21/0x30
[  327.155710][ T9854]  dump_stack_lvl+0x10c/0x190
[  327.155735][ T9854]  ? __cfi_dump_stack_lvl+0x10/0x10
[  327.155764][ T9854]  dump_stack+0x19/0x20
[  327.155787][ T9854]  should_fail_ex+0x3d9/0x530
[  327.155812][ T9854]  should_failslab+0xac/0x100
[  327.155842][ T9854]  kmem_cache_alloc_node_noprof+0x45/0x3b0
[  327.155869][ T9854]  ? __alloc_skb+0x10c/0x370
[  327.155897][ T9854]  __alloc_skb+0x10c/0x370
[  327.155924][ T9854]  create_monitor_ctrl_open+0x157/0x890
[  327.155951][ T9854]  ? hci_sock_gen_cookie+0x120/0x120
[  327.155974][ T9854]  ? ns_capable+0x8a/0xf0
[  327.156000][ T9854]  hci_sock_ioctl+0x3b9/0x9e0
[  327.156024][ T9854]  sock_do_ioctl+0x102/0x330
[  327.156048][ T9854]  ? sock_show_fdinfo+0xd0/0xd0
[  327.156073][ T9854]  ? __cfi_vfs_write+0x10/0x10
[  327.156098][ T9854]  ? __kasan_check_write+0x18/0x20
[  327.156121][ T9854]  ? mutex_unlock+0x8b/0x240
[  327.156143][ T9854]  sock_ioctl+0x634/0x7b0
[  327.156178][ T9854]  ? __cfi_sock_ioctl+0x10/0x10
[  327.156199][ T9854]  ? __fget_files+0x2c5/0x340
[  327.156227][ T9854]  ? bpf_lsm_file_ioctl+0xd/0x20
[  327.156249][ T9854]  ? security_file_ioctl+0x34/0xd0
[  327.156277][ T9854]  ? __cfi_sock_ioctl+0x10/0x10
[  327.156298][ T9854]  __se_sys_ioctl+0x132/0x1b0
[  327.156325][ T9854]  __x64_sys_ioctl+0x7f/0xa0
[  327.156468][ T9854]  x64_sys_call+0x1878/0x2ee0
[  327.156500][ T9854]  do_syscall_64+0x58/0xf0
[  327.156527][ T9854]  ? clear_bhb_loop+0x35/0x90
[  327.156559][ T9854]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  327.156589][ T9854] RIP: 0033:0x7fc431b8e929
[  327.156607][ T9854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.156627][ T9854] RSP: 002b:00007fc432a48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  327.156651][ T9854] RAX: ffffffffffffffda RBX: 00007fc431db5fa0 RCX: 00007fc431b8e929
[  327.156668][ T9854] RDX: 0000000000000000 RSI: 00000000400448ca RDI: 0000000000000004
[  327.156683][ T9854] RBP: 00007fc432a48090 R08: 0000000000000000 R09: 0000000000000000
[  327.156697][ T9854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.156711][ T9854] R13: 0000000000000000 R14: 00007fc431db5fa0 R15: 00007ffe8b937318
[  327.156728][ T9854]  </TASK>
[  327.160668][ T9857] input: syz1 as /devices/virtual/input/input100
[  327.653771][   T31] usb 7-1: config 0 has an invalid interface number: 230 but max is 0
[  327.673508][   T31] usb 7-1: config 0 has no interface number 0
[  327.684441][   T31] usb 7-1: config 0 interface 230 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  327.697780][   T31] usb 7-1: config 0 interface 230 altsetting 2 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  327.714680][   T31] usb 7-1: config 0 interface 230 has no altsetting 0
[  327.724496][   T31] usb 7-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[  327.735839][   T31] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  327.745008][   T31] usb 7-1: Product: syz
[  327.750566][   T31] usb 7-1: Manufacturer: syz
[  327.756868][   T31] usb 7-1: SerialNumber: syz
[  327.770775][   T31] usb 7-1: config 0 descriptor??
[  327.777515][ T9831] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  327.786947][ T9831] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  327.797176][   T31] ums-usbat 7-1:0.230: USB Mass Storage device detected
[  327.809131][   T31] ums-usbat 7-1:0.230: Quirks match for vid 0781 pid 0005: 1
[  327.819758][ T9872] FAULT_INJECTION: forcing a failure.
[  327.819758][ T9872] name failslab, interval 1, probability 0, space 0, times 0
[  327.834443][ T9872] CPU: 1 UID: 0 PID: 9872 Comm: syz.1.3591 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  327.834490][ T9872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  327.834506][ T9872] Call Trace:
[  327.834514][ T9872]  <TASK>
[  327.834524][ T9872]  __dump_stack+0x21/0x30
[  327.834557][ T9872]  dump_stack_lvl+0x10c/0x190
[  327.834582][ T9872]  ? __cfi_dump_stack_lvl+0x10/0x10
[  327.834608][ T9872]  ? ida_alloc_range+0xa12/0xa50
[  327.834636][ T9872]  dump_stack+0x19/0x20
[  327.834660][ T9872]  should_fail_ex+0x3d9/0x530
[  327.834686][ T9872]  should_failslab+0xac/0x100
[  327.834717][ T9872]  __kmalloc_cache_noprof+0x41/0x3c0
[  327.834743][ T9872]  ? binderfs_binder_device_create+0x15f/0xaf0
[  327.834769][ T9872]  binderfs_binder_device_create+0x15f/0xaf0
[  327.834791][ T9872]  ? __kasan_check_read+0x15/0x20
[  327.834815][ T9872]  ? sized_strscpy+0x9f/0x2a0
[  327.834839][ T9872]  binderfs_fill_super+0x886/0xef0
[  327.834862][ T9872]  ? __cfi_binderfs_fill_super+0x10/0x10
[  327.834890][ T9872]  ? sget_fc+0x9ce/0xad0
[  327.834909][ T9872]  ? __cfi_set_anon_super_fc+0x10/0x10
[  327.834933][ T9872]  get_tree_nodev+0xcb/0x170
[  327.834954][ T9872]  ? __cfi_binderfs_fill_super+0x10/0x10
[  327.834975][ T9872]  binderfs_fs_context_get_tree+0x20/0x30
[  327.834998][ T9872]  vfs_get_tree+0x9e/0x290
[  327.835024][ T9872]  do_new_mount+0x251/0xb40
[  327.835050][ T9872]  path_mount+0x688/0x1050
[  327.835076][ T9872]  ? putname+0x113/0x150
[  327.835103][ T9872]  __se_sys_mount+0x2bd/0x480
[  327.835130][ T9872]  ? ksys_write+0x1ef/0x250
[  327.835156][ T9872]  ? __x64_sys_mount+0xf0/0xf0
[  327.835183][ T9872]  __x64_sys_mount+0xc3/0xf0
[  327.835210][ T9872]  x64_sys_call+0x2021/0x2ee0
[  327.835238][ T9872]  do_syscall_64+0x58/0xf0
[  327.835267][ T9872]  ? clear_bhb_loop+0x35/0x90
[  327.835307][ T9872]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  327.835339][ T9872] RIP: 0033:0x7fd41eb8e929
[  327.835358][ T9872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.835378][ T9872] RSP: 002b:00007fd41fab5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  327.835403][ T9872] RAX: ffffffffffffffda RBX: 00007fd41edb5fa0 RCX: 00007fd41eb8e929
[  327.835421][ T9872] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 0000000000000000
[  327.835503][ T9872] RBP: 00007fd41fab5090 R08: 0000200000000180 R09: 0000000000000000
[  327.835528][ T9872] R10: 0000000000004800 R11: 0000000000000246 R12: 0000000000000002
[  327.835543][ T9872] R13: 0000000000000000 R14: 00007fd41edb5fa0 R15: 00007ffdac6bed08
[  327.835564][ T9872]  </TASK>
[  328.237067][   T36] audit: type=1400 audit(1750460245.748:1342): avc:  denied  { append } for  pid=9886 comm="syz.5.3595" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  328.283566][ T9887] rust_binder: Error in use_page_slow: ESRCH
[  328.283597][ T9887] rust_binder: use_range failure ESRCH
[  328.291549][ T9887] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  328.298980][ T9887] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  328.308961][ T9887] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:222
[  328.385783][ T9897] random: crng reseeded on system resumption
[  328.488625][ T9910] rust_binder: Error while translating object.
[  328.488661][ T9910] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  328.496455][ T9910] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1002
[  328.543017][ T9912] FAULT_INJECTION: forcing a failure.
[  328.543017][ T9912] name failslab, interval 1, probability 0, space 0, times 0
[  328.567384][ T9912] CPU: 1 UID: 0 PID: 9912 Comm: syz.1.3605 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  328.567421][ T9912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  328.567434][ T9912] Call Trace:
[  328.567443][ T9912]  <TASK>
[  328.567453][ T9912]  __dump_stack+0x21/0x30
[  328.567485][ T9912]  dump_stack_lvl+0x10c/0x190
[  328.567508][ T9912]  ? __cfi_dump_stack_lvl+0x10/0x10
[  328.567529][ T9912]  dump_stack+0x19/0x20
[  328.567546][ T9912]  should_fail_ex+0x3d9/0x530
[  328.567565][ T9912]  should_failslab+0xac/0x100
[  328.567588][ T9912]  __kmalloc_cache_noprof+0x41/0x3c0
[  328.567607][ T9912]  ? cryptomgr_notify+0x92/0xa90
[  328.567631][ T9912]  cryptomgr_notify+0x92/0xa90
[  328.567654][ T9912]  ? kasan_save_alloc_info+0x40/0x50
[  328.567671][ T9912]  ? __cfi_cryptomgr_notify+0x10/0x10
[  328.567694][ T9912]  notifier_call_chain+0x10b/0x2c0
[  328.567716][ T9912]  blocking_notifier_call_chain+0x6a/0x90
[  328.567737][ T9912]  crypto_alg_mod_lookup+0x3b8/0x5b0
[  328.567755][ T9912]  crypto_find_alg+0x9a/0x100
[  328.567772][ T9912]  crypto_type_has_alg+0x2f/0x70
[  328.567795][ T9912]  crypto_has_ahash+0x2e/0x40
[  328.567817][ T9912]  xfrm_probe_algs+0x9f/0x380
[  328.567838][ T9912]  pfkey_register+0x113/0x870
[  328.567854][ T9912]  pfkey_sendmsg+0xbf4/0x1030
[  328.567869][ T9912]  ? __cfi_avc_has_perm+0x10/0x10
[  328.567888][ T9912]  ? __cfi_pfkey_sendmsg+0x10/0x10
[  328.567902][ T9912]  ? selinux_socket_sendmsg+0x284/0x380
[  328.567925][ T9912]  ? bpf_lsm_socket_sendmsg+0xd/0x20
[  328.567951][ T9912]  ? security_socket_sendmsg+0x33/0xd0
[  328.567970][ T9912]  ? __cfi_pfkey_sendmsg+0x10/0x10
[  328.567985][ T9912]  ____sys_sendmsg+0xa15/0xa70
[  328.568018][ T9912]  ? __sys_sendmsg_sock+0x50/0x50
[  328.568044][ T9912]  ? import_iovec+0x81/0xb0
[  328.568067][ T9912]  ___sys_sendmsg+0x220/0x2a0
[  328.568092][ T9912]  ? __sys_sendmsg+0x280/0x280
[  328.568116][ T9912]  ? proc_fail_nth_write+0x17e/0x210
[  328.568131][ T9912]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  328.568153][ T9912]  __x64_sys_sendmsg+0x1eb/0x2c0
[  328.568167][ T9912]  ? fput+0x1a5/0x240
[  328.568191][ T9912]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  328.568205][ T9912]  ? ksys_write+0x1ef/0x250
[  328.568226][ T9912]  ? __kasan_check_read+0x15/0x20
[  328.568244][ T9912]  x64_sys_call+0x2a4c/0x2ee0
[  328.568266][ T9912]  do_syscall_64+0x58/0xf0
[  328.568287][ T9912]  ? clear_bhb_loop+0x35/0x90
[  328.568311][ T9912]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  328.568335][ T9912] RIP: 0033:0x7fd41eb8e929
[  328.568348][ T9912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.568363][ T9912] RSP: 002b:00007fd41fab5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  328.568381][ T9912] RAX: ffffffffffffffda RBX: 00007fd41edb5fa0 RCX: 00007fd41eb8e929
[  328.568394][ T9912] RDX: 0000000000000000 RSI: 00002000000014c0 RDI: 0000000000000003
[  328.568405][ T9912] RBP: 00007fd41fab5090 R08: 0000000000000000 R09: 0000000000000000
[  328.568415][ T9912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  328.568426][ T9912] R13: 0000000000000000 R14: 00007fd41edb5fa0 R15: 00007ffdac6bed08
[  328.568439][ T9912]  </TASK>
[  328.641808][ T9919] rust_binder: Write failure EINVAL in pid:66
[  328.978875][ T9934] FAULT_INJECTION: forcing a failure.
[  328.978875][ T9934] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  328.992669][ T9936] rust_binder: Error while translating object.
[  329.001379][ T9934] CPU: 0 UID: 0 PID: 9934 Comm: syz.7.3608 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  329.001421][ T9934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  329.001437][ T9934] Call Trace:
[  329.001446][ T9934]  <TASK>
[  329.001455][ T9934]  __dump_stack+0x21/0x30
[  329.001467][ T9936] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  329.001488][ T9934]  dump_stack_lvl+0x10c/0x190
[  329.001517][ T9934]  ? __cfi_dump_stack_lvl+0x10/0x10
[  329.001550][ T9934]  dump_stack+0x19/0x20
[  329.001582][ T9934]  should_fail_ex+0x3d9/0x530
[  329.001615][ T9934]  should_fail+0xf/0x20
[  329.001644][ T9934]  should_fail_usercopy+0x1e/0x30
[  329.001674][ T9934]  _copy_from_user+0x22/0xb0
[  329.001714][ T9934]  do_ipv6_getsockopt+0x282/0x1ea0
[  329.001751][ T9934]  ? __cfi_do_ipv6_getsockopt+0x10/0x10
[  329.001787][ T9934]  ? _parse_integer_limit+0x195/0x1e0
[  329.001817][ T9934]  ? _parse_integer+0x2e/0x40
[  329.001842][ T9934]  ? avc_has_perm_noaudit+0x268/0x360
[  329.001871][ T9934]  ? __asan_memcpy+0x5a/0x80
[  329.001921][ T9934]  ? avc_has_perm_noaudit+0x286/0x360
[  329.001950][ T9934]  ? avc_has_perm+0x144/0x220
[  329.001992][ T9934]  ? __cfi_avc_has_perm+0x10/0x10
[  329.002024][ T9934]  ipv6_getsockopt+0xbe/0x280
[  329.002059][ T9934]  ? __cfi_ipv6_getsockopt+0x10/0x10
[  329.002093][ T9934]  ? vfs_write+0x8ba/0xe80
[  329.002125][ T9934]  udpv6_getsockopt+0x7e/0x90
[  329.002153][ T9934]  sock_common_getsockopt+0xaf/0xd0
[  329.002184][ T9934]  ? __cfi_sock_common_getsockopt+0x10/0x10
[  329.002216][ T9934]  do_sock_getsockopt+0x3a3/0x6d0
[  329.002258][ T9934]  ? __cfi_do_sock_getsockopt+0x10/0x10
[  329.002298][ T9934]  ? __fget_files+0x2c5/0x340
[  329.002337][ T9934]  __x64_sys_getsockopt+0x1d5/0x280
[  329.002379][ T9934]  x64_sys_call+0x10db/0x2ee0
[  329.002430][ T9934]  do_syscall_64+0x58/0xf0
[  329.002465][ T9934]  ? clear_bhb_loop+0x35/0x90
[  329.002506][ T9934]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  329.002545][ T9934] RIP: 0033:0x7fc431b8e929
[  329.002571][ T9934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.002595][ T9934] RSP: 002b:00007fc432a48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  329.002626][ T9934] RAX: ffffffffffffffda RBX: 00007fc431db5fa0 RCX: 00007fc431b8e929
[  329.002648][ T9934] RDX: 000000000000001f RSI: 0000000000000029 RDI: 0000000000000003
[  329.002667][ T9934] RBP: 00007fc432a48090 R08: 0000200000000140 R09: 0000000000000000
[  329.002686][ T9934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  329.002705][ T9934] R13: 0000000000000000 R14: 00007fc431db5fa0 R15: 00007ffe8b937318
[  329.002728][ T9934]  </TASK>
[  329.314928][ T9936] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1008
[  329.372512][ T9946] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1012
[  329.395640][   T36] audit: type=1400 audit(1750460246.842:1343): avc:  denied  { watch } for  pid=9947 comm="syz.1.3614" path="/407/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  329.439250][ T9948] incfs: Can't find or create .index dir in ./file0
[  329.449224][ T9948] incfs: mount failed -22
[  329.512965][ T9952] SELinux: security_context_str_to_sid (sytem_u軬泄�:��) failed with errno=-22
[  330.348350][   T31] ums-usbat 7-1:0.230: probe with driver ums-usbat failed with error -5
[  330.360559][   T31] usb 7-1: USB disconnect, device number 18
[  330.414152][ T9968] fuse: Bad value for 'fd'
[  330.554406][ T9974] SELinux: security_context_str_to_sid (sytem_u軬泄) failed with errno=-22
[  330.688872][   T31] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  330.774384][  T774] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  330.859918][   T31] usb 7-1: Using ep0 maxpacket: 32
[  330.867733][   T31] usb 7-1: config 0 has an invalid interface number: 184 but max is 0
[  330.877538][   T31] usb 7-1: config 0 has no interface number 0
[  330.885029][   T31] usb 7-1: config 0 interface 184 has no altsetting 0
[  330.896908][   T31] usb 7-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  330.907586][   T31] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.916197][  T305] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[  330.925339][   T53] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  330.925339][  T832] Bluetooth: hci0: command 0x1003 tx timeout
[  330.925400][   T31] usb 7-1: Product: syz
[  330.945533][  T774] usb 2-1: Using ep0 maxpacket: 16
[  330.948562][   T31] usb 7-1: Manufacturer: syz
[  330.957271][   T31] usb 7-1: SerialNumber: syz
[  330.957360][  T774] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  330.964284][   T31] usb 7-1: config 0 descriptor??
[  330.982622][  T774] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  330.994430][  T774] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  330.995601][   T31] smsc75xx v1.0.0
[  331.009289][  T774] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  331.024896][  T774] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.041354][  T774] usb 2-1: config 0 descriptor??
[  331.118866][  T305] usb 8-1: config 0 has an invalid interface number: 230 but max is 0
[  331.130156][  T305] usb 8-1: config 0 has no interface number 0
[  331.143947][  T305] usb 8-1: config 0 interface 230 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  331.159878][  T305] usb 8-1: config 0 interface 230 altsetting 2 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  331.186518][  T305] usb 8-1: config 0 interface 230 has no altsetting 0
[  331.196944][  T305] usb 8-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[  331.197917][ T9980] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=320745794 (2565966352 ns) > initial count (325012024 ns). Using initial count to start timer.
[  331.209737][  T305] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.248080][  T305] usb 8-1: Product: syz
[  331.252827][  T305] usb 8-1: Manufacturer: syz
[  331.262788][  T305] usb 8-1: SerialNumber: syz
[  331.292430][  T305] usb 8-1: config 0 descriptor??
[  331.300214][ T9978] raw-gadget.2 gadget.7: fail, usb_ep_enable returned -22
[  331.312607][ T9978] raw-gadget.2 gadget.7: fail, usb_ep_enable returned -22
[  331.329589][  T305] ums-usbat 8-1:0.230: USB Mass Storage device detected
[  331.351847][  T305] ums-usbat 8-1:0.230: Quirks match for vid 0781 pid 0005: 1
[  331.485393][  T774] microsoft 0003:045E:07DA.001A: unexpected long global item
[  331.504278][  T774] microsoft 0003:045E:07DA.001A: parse failed
[  331.513294][  T774] microsoft 0003:045E:07DA.001A: probe with driver microsoft failed with error -22
[  331.551765][ T9991] FAULT_INJECTION: forcing a failure.
[  331.551765][ T9991] name failslab, interval 1, probability 0, space 0, times 0
[  331.569015][ T9991] CPU: 1 UID: 0 PID: 9991 Comm: syz.5.3630 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  331.569052][ T9991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  331.569068][ T9991] Call Trace:
[  331.569077][ T9991]  <TASK>
[  331.569087][ T9991]  __dump_stack+0x21/0x30
[  331.569121][ T9991]  dump_stack_lvl+0x10c/0x190
[  331.569141][ T9991]  ? __cfi_dump_stack_lvl+0x10/0x10
[  331.569161][ T9991]  ? __kasan_check_write+0x18/0x20
[  331.569181][ T9991]  ? copy_mm+0x2a5/0x1c20
[  331.569197][ T9991]  dump_stack+0x19/0x20
[  331.569215][ T9991]  should_fail_ex+0x3d9/0x530
[  331.569234][ T9991]  should_failslab+0xac/0x100
[  331.569256][ T9991]  kmem_cache_alloc_noprof+0x42/0x3a0
[  331.569275][ T9991]  ? alloc_pid+0xa5/0xba0
[  331.569298][ T9991]  ? __asan_memcpy+0x5a/0x80
[  331.569317][ T9991]  alloc_pid+0xa5/0xba0
[  331.569340][ T9991]  copy_process+0x13ff/0x3220
[  331.569366][ T9991]  ? __cfi_copy_process+0x10/0x10
[  331.569393][ T9991]  ? __kasan_check_write+0x18/0x20
[  331.569411][ T9991]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  331.569438][ T9991]  vhost_task_create+0x1d6/0x350
[  331.569461][ T9991]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  331.569488][ T9991]  ? __cfi_vhost_task_create+0x10/0x10
[  331.569511][ T9991]  ? __cfi_vhost_task_fn+0x10/0x10
[  331.569533][ T9991]  ? __kasan_check_write+0x18/0x20
[  331.569550][ T9991]  ? mutex_lock+0x92/0x1c0
[  331.569566][ T9991]  ? __cfi_mutex_lock+0x10/0x10
[  331.569581][ T9991]  ? kernel_text_address+0xa9/0xe0
[  331.569599][ T9991]  kvm_mmu_post_init_vm+0x1a6/0x310
[  331.569619][ T9991]  kvm_arch_vcpu_ioctl_run+0xd7/0x1aa0
[  331.569638][ T9991]  ? _parse_integer_limit+0x195/0x1e0
[  331.569656][ T9991]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  331.569708][ T9991]  ? kstrtoull+0x13b/0x1e0
[  331.569723][ T9991]  ? kstrtouint+0x78/0xf0
[  331.569739][ T9991]  ? ioctl_has_perm+0x1aa/0x4d0
[  331.569762][ T9991]  ? __asan_memcpy+0x5a/0x80
[  331.569780][ T9991]  ? ioctl_has_perm+0x3e0/0x4d0
[  331.569802][ T9991]  ? has_cap_mac_admin+0xd0/0xd0
[  331.569825][ T9991]  ? __kasan_check_write+0x18/0x20
[  331.569842][ T9991]  ? mutex_lock_killable+0x92/0x1c0
[  331.569858][ T9991]  ? __cfi_mutex_lock_killable+0x10/0x10
[  331.569874][ T9991]  ? proc_fail_nth_write+0x17e/0x210
[  331.569891][ T9991]  kvm_vcpu_ioctl+0x96f/0xee0
[  331.569913][ T9991]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  331.569937][ T9991]  ? __cfi_vfs_write+0x10/0x10
[  331.569956][ T9991]  ? __kasan_check_write+0x18/0x20
[  331.569973][ T9991]  ? mutex_unlock+0x8b/0x240
[  331.569987][ T9991]  ? __cfi_mutex_unlock+0x10/0x10
[  331.570002][ T9991]  ? __fget_files+0x2c5/0x340
[  331.570025][ T9991]  ? __fget_files+0x2c5/0x340
[  331.570046][ T9991]  ? bpf_lsm_file_ioctl+0xd/0x20
[  331.570063][ T9991]  ? security_file_ioctl+0x34/0xd0
[  331.570085][ T9991]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  331.570106][ T9991]  __se_sys_ioctl+0x132/0x1b0
[  331.570129][ T9991]  __x64_sys_ioctl+0x7f/0xa0
[  331.570150][ T9991]  x64_sys_call+0x1878/0x2ee0
[  331.570171][ T9991]  do_syscall_64+0x58/0xf0
[  331.570192][ T9991]  ? clear_bhb_loop+0x35/0x90
[  331.570216][ T9991]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  331.570240][ T9991] RIP: 0033:0x7f8721f8e929
[  331.570255][ T9991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.570269][ T9991] RSP: 002b:00007f8722d78038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  331.570287][ T9991] RAX: ffffffffffffffda RBX: 00007f87221b5fa0 RCX: 00007f8721f8e929
[  331.570299][ T9991] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  331.570310][ T9991] RBP: 00007f8722d78090 R08: 0000000000000000 R09: 0000000000000000
[  331.570320][ T9991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  331.570330][ T9991] R13: 0000000000000000 R14: 00007f87221b5fa0 R15: 00007ffcfaf879f8
[  331.570344][ T9991]  </TASK>
[  332.044178][   T31] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  332.058458][   T31] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  332.070892][  T339] usb 2-1: USB disconnect, device number 54
[  332.288016][   T31] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  332.301448][   T31] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  332.315250][   T31] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  332.329262][   T31] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  332.342670][   T31] smsc75xx 7-1:0.184: probe with driver smsc75xx failed with error -71
[  332.358129][   T31] usb 7-1: USB disconnect, device number 19
[  332.730706][  T339] usb 6-1: new high-speed USB device number 61 using dummy_hcd
[  332.767347][T10014] FAULT_INJECTION: forcing a failure.
[  332.767347][T10014] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  332.782782][T10014] CPU: 0 UID: 0 PID: 10014 Comm: syz.1.3639 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  332.782814][T10014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  332.782826][T10014] Call Trace:
[  332.782833][T10014]  <TASK>
[  332.782841][T10014]  __dump_stack+0x21/0x30
[  332.782866][T10014]  dump_stack_lvl+0x10c/0x190
[  332.782885][T10014]  ? __cfi_dump_stack_lvl+0x10/0x10
[  332.782904][T10014]  ? __kasan_check_write+0x18/0x20
[  332.782955][T10014]  ? proc_fail_nth_write+0x17e/0x210
[  332.782972][T10014]  dump_stack+0x19/0x20
[  332.782990][T10014]  should_fail_ex+0x3d9/0x530
[  332.783008][T10014]  should_fail+0xf/0x20
[  332.783024][T10014]  should_fail_usercopy+0x1e/0x30
[  332.783043][T10014]  _copy_from_user+0x22/0xb0
[  332.783065][T10014]  __sys_sendto+0x29e/0x6f0
[  332.783089][T10014]  ? __cfi___sys_sendto+0x10/0x10
[  332.783113][T10014]  ? __kasan_check_write+0x18/0x20
[  332.783132][T10014]  ? __cfi_ksys_write+0x10/0x10
[  332.783152][T10014]  __x64_sys_sendto+0xe9/0x100
[  332.783175][T10014]  x64_sys_call+0x2c2c/0x2ee0
[  332.783196][T10014]  do_syscall_64+0x58/0xf0
[  332.783217][T10014]  ? clear_bhb_loop+0x35/0x90
[  332.783242][T10014]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  332.783266][T10014] RIP: 0033:0x7fd41eb8e929
[  332.783280][T10014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.783295][T10014] RSP: 002b:00007fd41fab5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  332.783314][T10014] RAX: ffffffffffffffda RBX: 00007fd41edb5fa0 RCX: 00007fd41eb8e929
[  332.783327][T10014] RDX: 00000000000100a6 RSI: 0000200000000180 RDI: 0000000000000003
[  332.783338][T10014] RBP: 00007fd41fab5090 R08: 0000200000000140 R09: 0000000000000014
[  332.783350][T10014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.783361][T10014] R13: 0000000000000000 R14: 00007fd41edb5fa0 R15: 00007ffdac6bed08
[  332.783374][T10014]  </TASK>
[  333.127678][T10023] FAULT_INJECTION: forcing a failure.
[  333.127678][T10023] name failslab, interval 1, probability 0, space 0, times 0
[  333.136959][  T339] usb 6-1: Using ep0 maxpacket: 16
[  333.143605][T10023] CPU: 1 UID: 0 PID: 10023 Comm: syz.6.3643 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  333.143651][T10023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  333.143668][T10023] Call Trace:
[  333.143679][T10023]  <TASK>
[  333.143692][T10023]  __dump_stack+0x21/0x30
[  333.143731][T10023]  dump_stack_lvl+0x10c/0x190
[  333.143761][T10023]  ? __cfi_dump_stack_lvl+0x10/0x10
[  333.143794][T10023]  dump_stack+0x19/0x20
[  333.144023][T10023]  should_fail_ex+0x3d9/0x530
[  333.144062][T10023]  should_failslab+0xac/0x100
[  333.144096][T10023]  __kmalloc_node_noprof+0x6c/0x450
[  333.144128][T10023]  ? __kvmalloc_node_noprof+0x11d/0x300
[  333.144158][T10023]  __kvmalloc_node_noprof+0x11d/0x300
[  333.144188][T10023]  ? __cfi___kvmalloc_node_noprof+0x10/0x10
[  333.144219][T10023]  seq_read_iter+0x21f/0xfe0
[  333.144260][T10023]  seq_read+0x2e3/0x3d0
[  333.144298][T10023]  ? __cfi_seq_read+0x10/0x10
[  333.144336][T10023]  ? __cfi_selinux_file_permission+0x10/0x10
[  333.144374][T10023]  ? __kasan_check_write+0x18/0x20
[  333.144401][T10023]  ? proc_fail_nth_write+0x17e/0x210
[  333.144428][T10023]  ? __cfi_seq_read+0x10/0x10
[  333.144461][T10023]  proc_reg_read+0x1f7/0x2f0
[  333.144513][T10023]  ? __cfi_proc_reg_read+0x10/0x10
[  333.144543][T10023]  vfs_read+0x278/0xb60
[  333.144572][T10023]  ? __cfi_vfs_read+0x10/0x10
[  333.144601][T10023]  ? __kasan_check_write+0x18/0x20
[  333.144629][T10023]  ? mutex_lock+0x92/0x1c0
[  333.144701][T10023]  ? __cfi_mutex_lock+0x10/0x10
[  333.144725][T10023]  ? __fget_files+0x2c5/0x340
[  333.144764][T10023]  ksys_read+0x141/0x250
[  333.144794][T10023]  ? __cfi_ksys_read+0x10/0x10
[  333.144825][T10023]  ? __kasan_check_read+0x15/0x20
[  333.144854][T10023]  __x64_sys_read+0x7f/0x90
[  333.144886][T10023]  x64_sys_call+0x2638/0x2ee0
[  333.144921][T10023]  do_syscall_64+0x58/0xf0
[  333.144954][T10023]  ? clear_bhb_loop+0x35/0x90
[  333.144993][T10023]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  333.145028][T10023] RIP: 0033:0x7f060dd8e929
[  333.145053][T10023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.145077][T10023] RSP: 002b:00007f060ec17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  333.145106][T10023] RAX: ffffffffffffffda RBX: 00007f060dfb5fa0 RCX: 00007f060dd8e929
[  333.145126][T10023] RDX: 0000000000002040 RSI: 00002000000021c0 RDI: 0000000000000005
[  333.145144][T10023] RBP: 00007f060ec17090 R08: 0000000000000000 R09: 0000000000000000
[  333.145161][T10023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.145178][T10023] R13: 0000000000000000 R14: 00007f060dfb5fa0 R15: 00007ffdb44a7ec8
[  333.145203][T10023]  </TASK>
[  333.189092][T10026] binder: Unknown parameter 'fYcgntext'
[  333.195672][  T339] usb 6-1: unable to get BOS descriptor or descriptor too short
[  333.350822][ T2052] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  333.362471][  T339] usb 6-1: config 1 has an invalid interface descriptor of length 4, skipping
[  333.521802][   T31] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  333.530021][  T339] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  333.534648][ T2052] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 9
[  333.544057][  T339] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  333.563522][ T2052] usb 2-1: New USB device found, idVendor=18d1, idProduct=5057, bcdDevice= 0.00
[  333.570967][  T339] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  333.580581][ T2052] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.598479][  T339] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  333.607449][ T2052] usb 2-1: config 0 descriptor??
[  333.612278][  T339] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.628457][  T339] usb 6-1: Product: syz
[  333.633650][  T339] usb 6-1: Manufacturer: syz
[  333.639721][  T339] usb 6-1: SerialNumber: syz
[  333.682171][   T31] usb 7-1: Using ep0 maxpacket: 16
[  333.690705][   T31] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  333.705588][   T31] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  333.718829][   T31] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  333.733741][   T31] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  333.744847][   T31] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.757484][   T31] usb 7-1: config 0 descriptor??
[  333.872033][T10007] kvm: pic: non byte write
[  333.884632][  T339] usb 6-1: 0:2 : does not exist
[  333.898304][  T339] usb 6-1: USB disconnect, device number 61
[  334.054154][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.062282][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.070114][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.078697][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.086738][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.089164][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  334.095626][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.122332][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.129963][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.137893][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.145992][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.155101][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.163110][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.171341][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.179224][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.186911][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.195339][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.203769][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.211992][   T31] microsoft 0003:045E:07DA.001C: unexpected long global item
[  334.220177][   T31] microsoft 0003:045E:07DA.001C: parse failed
[  334.227057][   T31] microsoft 0003:045E:07DA.001C: probe with driver microsoft failed with error -22
[  334.238883][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.247645][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.257350][  T305] ums-usbat 8-1:0.230: probe with driver ums-usbat failed with error -5
[  334.269716][  T305] usb 8-1: USB disconnect, device number 2
[  334.278849][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.287241][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.297783][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.307215][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.315645][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.323331][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.331850][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.341156][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.349509][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.357972][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.366313][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.375661][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.383860][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.392401][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.400485][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.408791][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.411325][  T339] usb 7-1: USB disconnect, device number 20
[  334.417631][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.433660][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.442362][ T2052] hid-generic 0003:18D1:5057.001B: unknown main item tag 0x0
[  334.456821][ T2052] hid-generic 0003:18D1:5057.001B: hidraw0: USB HID v0.00 Device [HID 18d1:5057] on usb-dummy_hcd.1-1/input0
[  334.500808][T10035] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  334.500846][T10035] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:256
[  334.512249][T10035] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:256
[  334.604372][T10039] binfmt_misc: register: failed to install interpreter file ./file0
[  334.882148][ T2052] usb 2-1: USB disconnect, device number 55
[  335.006001][T10052] rust_binder: Error while translating object.
[  335.006042][T10052] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  335.018647][T10052] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:99
[  335.097754][T10059] FAULT_INJECTION: forcing a failure.
[  335.097754][T10059] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.122066][T10059] CPU: 1 UID: 0 PID: 10059 Comm: syz.6.3656 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  335.122107][T10059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  335.122122][T10059] Call Trace:
[  335.122131][T10059]  <TASK>
[  335.122140][T10059]  __dump_stack+0x21/0x30
[  335.122171][T10059]  dump_stack_lvl+0x10c/0x190
[  335.122197][T10059]  ? __cfi_dump_stack_lvl+0x10/0x10
[  335.122224][T10059]  ? kernel_text_address+0xa9/0xe0
[  335.122248][T10059]  dump_stack+0x19/0x20
[  335.122270][T10059]  should_fail_ex+0x3d9/0x530
[  335.122296][T10059]  should_fail+0xf/0x20
[  335.122318][T10059]  should_fail_usercopy+0x1e/0x30
[  335.122343][T10059]  _copy_from_user+0x22/0xb0
[  335.122372][T10059]  ___sys_sendmsg+0x159/0x2a0
[  335.122405][T10059]  ? __sys_sendmsg+0x280/0x280
[  335.122437][T10059]  ? kstrtouint+0x78/0xf0
[  335.122466][T10059]  __sys_sendmmsg+0x271/0x470
[  335.122488][T10059]  ? __cfi___sys_sendmmsg+0x10/0x10
[  335.122513][T10059]  ? __cfi_ksys_write+0x10/0x10
[  335.122541][T10059]  __x64_sys_sendmmsg+0xa4/0xc0
[  335.122561][T10059]  x64_sys_call+0xfec/0x2ee0
[  335.122590][T10059]  do_syscall_64+0x58/0xf0
[  335.122617][T10059]  ? clear_bhb_loop+0x35/0x90
[  335.122649][T10059]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  335.122688][T10059] RIP: 0033:0x7f060dd8e929
[  335.122706][T10059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.122727][T10059] RSP: 002b:00007f060ec17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  335.122751][T10059] RAX: ffffffffffffffda RBX: 00007f060dfb5fa0 RCX: 00007f060dd8e929
[  335.122768][T10059] RDX: 000000000000003f RSI: 00002000000000c0 RDI: 0000000000000003
[  335.122783][T10059] RBP: 00007f060ec17090 R08: 0000000000000000 R09: 0000000000000000
[  335.122797][T10059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  335.122811][T10059] R13: 0000000000000000 R14: 00007f060dfb5fa0 R15: 00007ffdb44a7ec8
[  335.122829][T10059]  </TASK>
[  335.434951][T10068] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3660'.
[  335.489123][  T305] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  335.649187][  T305] usb 8-1: Using ep0 maxpacket: 16
[  335.657521][  T305] usb 8-1: unable to get BOS descriptor or descriptor too short
[  335.668018][  T305] usb 8-1: config 1 has an invalid interface descriptor of length 4, skipping
[  335.679111][  T305] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  335.689803][  T305] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  335.698845][  T305] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  335.702668][  T339] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  335.714249][  T305] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  335.729925][  T305] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.739035][  T305] usb 8-1: Product: syz
[  335.743326][  T305] usb 8-1: Manufacturer: syz
[  335.748874][  T305] usb 8-1: SerialNumber: syz
[  335.878275][  T339] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  335.889285][  T339] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.897932][  T339] usb 2-1: Product: syz
[  335.902422][  T339] usb 2-1: Manufacturer: syz
[  335.907193][  T339] usb 2-1: SerialNumber: syz
[  335.980991][T10071] tipc: Started in network mode
[  335.988957][T10071] tipc: Node identity 1a879a63e284, cluster identity 4711
[  335.999588][T10071] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  336.010248][  T305] usb 8-1: 0:2 : does not exist
[  336.020516][T10071] syzkaller0: MTU too low for tipc bearer
[  336.027913][T10071] tipc: Disabling bearer <eth:syzkaller0>
[  336.050419][  T305] usb 8-1: USB disconnect, device number 3
[  336.228592][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  336.566261][T10091] rust_binder: Failed to allocate buffer. len:64, is_oneway:false
[  336.611369][  T774] usb 6-1: new high-speed USB device number 62 using dummy_hcd
[  336.793169][  T774] usb 6-1: Using ep0 maxpacket: 16
[  336.802301][  T774] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  336.813843][  T774] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  336.824698][  T774] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  336.839009][  T774] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  336.848437][  T774] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.862415][  T774] usb 6-1: config 0 descriptor??
[  336.989409][  T339] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  336.997503][  T339] cdc_ncm 2-1:1.0: setting rx_max = 16384
[  337.210051][   T64] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  337.220395][  T339] cdc_ncm 2-1:1.0: setting tx_max = 16384
[  337.298154][  T774] microsoft 0003:045E:07DA.001D: unexpected long global item
[  337.306916][  T774] microsoft 0003:045E:07DA.001D: parse failed
[  337.313934][  T774] microsoft 0003:045E:07DA.001D: probe with driver microsoft failed with error -22
[  337.381135][   T64] usb 8-1: Using ep0 maxpacket: 16
[  337.389251][   T64] usb 8-1: unable to get BOS descriptor or descriptor too short
[  337.400649][   T64] usb 8-1: config 1 has an invalid interface descriptor of length 4, skipping
[  337.414013][   T64] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  337.433557][   T64] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  337.450407][   T64] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  337.450922][T10068] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  337.477820][   T64] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  337.488075][T10068] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  337.495874][   T64] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.518983][  T339] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  337.523830][  T305] usb 6-1: USB disconnect, device number 62
[  337.534687][   T64] usb 8-1: Product: syz
[  337.549537][  T339] usb 2-1: USB disconnect, device number 56
[  337.557182][   T64] usb 8-1: Manufacturer: syz
[  337.565796][   T64] usb 8-1: SerialNumber: syz
[  337.571492][  T339] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP)
[  337.806083][   T64] usb 8-1: 0:2 : does not exist
[  337.813431][   T64] usb 8-1: USB disconnect, device number 4
[  337.991161][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  338.249670][T10123] binder: Bad value for 'stats'
[  338.384225][T10129] rust_binder: Error in use_page_slow: ESRCH
[  338.384245][T10129] rust_binder: use_range failure ESRCH
[  338.391483][T10129] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  338.397217][T10129] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  338.405449][T10129] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:126
[  338.623231][   T36] audit: type=1326 audit(1750460256.473:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10132 comm="syz.7.3689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431b8e929 code=0x7fc00000
[  338.749517][   T64] usb 6-1: new high-speed USB device number 63 using dummy_hcd
[  338.909811][   T64] usb 6-1: Using ep0 maxpacket: 16
[  338.917066][   T64] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  338.928756][   T64] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  338.944654][   T64] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  338.962780][   T64] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  338.984658][   T64] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.995607][   T64] usb 6-1: config 0 descriptor??
[  339.007647][T10142] binder: Unknown parameter 'dirXCh'
[  339.031054][T10142] syz.1.3692: vmalloc error: size 16105472, failed to allocated page array size 31456, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0
[  339.053632][T10142] CPU: 0 UID: 0 PID: 10142 Comm: syz.1.3692 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  339.053678][T10142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  339.053693][T10142] Call Trace:
[  339.053701][T10142]  <TASK>
[  339.053710][T10142]  __dump_stack+0x21/0x30
[  339.053750][T10142]  dump_stack_lvl+0x10c/0x190
[  339.053776][T10142]  ? __cfi_dump_stack_lvl+0x10/0x10
[  339.053805][T10142]  ? _raw_spin_unlock_irqrestore+0x4a/0x70
[  339.053839][T10142]  dump_stack+0x19/0x20
[  339.053864][T10142]  warn_alloc+0x1bc/0x2a0
[  339.053887][T10142]  ? __cfi_warn_alloc+0x10/0x10
[  339.053909][T10142]  ? __get_vm_area_node+0x1dc/0x3a0
[  339.053965][T10142]  ? __vcalloc_noprof+0x3a/0x50
[  339.053993][T10142]  __vmalloc_node_range_noprof+0x68e/0x1420
[  339.054023][T10142]  ? __se_sys_ioctl+0x132/0x1b0
[  339.054055][T10142]  ? __x64_sys_ioctl+0x7f/0xa0
[  339.054085][T10142]  ? x64_sys_call+0x1878/0x2ee0
[  339.054116][T10142]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[  339.054144][T10142]  ? __vcalloc_noprof+0x3a/0x50
[  339.054170][T10142]  __vmalloc_noprof+0xfe/0x1d0
[  339.054193][T10142]  ? __vcalloc_noprof+0x3a/0x50
[  339.054220][T10142]  ? __cfi___vmalloc_noprof+0x10/0x10
[  339.054243][T10142]  ? mutex_lock+0x92/0x1c0
[  339.054263][T10142]  ? __cfi_mutex_lock+0x10/0x10
[  339.054286][T10142]  __vcalloc_noprof+0x3a/0x50
[  339.054314][T10142]  kvm_set_memslot+0x4c6/0x13f0
[  339.054343][T10142]  ? __kasan_kmalloc+0x96/0xb0
[  339.054384][T10142]  __kvm_set_memory_region+0x87c/0xb80
[  339.054416][T10142]  kvm_set_memory_region+0x2f/0x50
[  339.054447][T10142]  kvm_vm_ioctl+0x9ad/0xb80
[  339.054474][T10142]  ? should_fail+0xf/0x20
[  339.054499][T10142]  ? __cfi_kvm_vm_ioctl+0x10/0x10
[  339.054526][T10142]  ? ioctl_has_perm+0x1aa/0x4d0
[  339.054559][T10142]  ? __asan_memcpy+0x5a/0x80
[  339.054586][T10142]  ? ioctl_has_perm+0x3e0/0x4d0
[  339.054621][T10142]  ? __cfi_futex_wait+0x10/0x10
[  339.054644][T10142]  ? selinux_file_ioctl+0x6e0/0x1360
[  339.054692][T10142]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  339.054724][T10142]  ? hci_sock_bind+0x1a3/0xf90
[  339.054749][T10142]  ? do_futex+0x309/0x500
[  339.054779][T10142]  ? __cfi_do_futex+0x10/0x10
[  339.054812][T10142]  ? __fget_files+0x2c5/0x340
[  339.054844][T10142]  ? bpf_lsm_file_ioctl+0xd/0x20
[  339.054869][T10142]  ? security_file_ioctl+0x34/0xd0
[  339.054901][T10142]  ? __cfi_kvm_vm_ioctl+0x10/0x10
[  339.054927][T10142]  __se_sys_ioctl+0x132/0x1b0
[  339.054959][T10142]  __x64_sys_ioctl+0x7f/0xa0
[  339.054991][T10142]  x64_sys_call+0x1878/0x2ee0
[  339.055022][T10142]  do_syscall_64+0x58/0xf0
[  339.055051][T10142]  ? clear_bhb_loop+0x35/0x90
[  339.055086][T10142]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  339.055117][T10142] RIP: 0033:0x7fd41eb8e929
[  339.055137][T10142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.055157][T10142] RSP: 002b:00007fd41fab5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  339.055182][T10142] RAX: ffffffffffffffda RBX: 00007fd41edb5fa0 RCX: 00007fd41eb8e929
[  339.055201][T10142] RDX: 0000200000000080 RSI: 000000004020ae46 RDI: 0000000000000006
[  339.055217][T10142] RBP: 00007fd41ec10b39 R08: 0000000000000000 R09: 0000000000000000
[  339.055233][T10142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  339.055248][T10142] R13: 0000000000000000 R14: 00007fd41edb5fa0 R15: 00007ffdac6bed08
[  339.055267][T10142]  </TASK>
[  339.055296][T10142] Mem-Info:
[  339.432541][T10142] active_anon:21718 inactive_anon:9 isolated_anon:0
[  339.432541][T10142]  active_file:22631 inactive_file:2318 isolated_file:0
[  339.432541][T10142]  unevictable:3 dirty:231 writeback:0
[  339.432541][T10142]  slab_reclaimable:5537 slab_unreclaimable:78359
[  339.432541][T10142]  mapped:33981 shmem:13224 pagetables:1327
[  339.432541][T10142]  sec_pagetables:0 bounce:0
[  339.432541][T10142]  kernel_misc_reclaimable:0
[  339.432541][T10142]  free:1496560 free_pcp:4039 free_cma:0
[  339.482375][T10142] Node 0 active_anon:88472kB inactive_anon:36kB active_file:90524kB inactive_file:9272kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:135924kB dirty:924kB writeback:0kB shmem:54496kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5468kB pagetables:5308kB sec_pagetables:0kB all_unreclaimable? no
[  339.517254][   T64] microsoft 0003:045E:07DA.001E: unexpected long global item
[  339.525143][   T64] microsoft 0003:045E:07DA.001E: parse failed
[  339.531541][   T64] microsoft 0003:045E:07DA.001E: probe with driver microsoft failed with error -22
[  339.544055][T10142] DMA32 free:2960212kB boost:0kB min:19088kB low:23860kB high:28632kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2966004kB mlocked:0kB bounce:0kB free_pcp:5792kB local_pcp:5792kB free_cma:0kB
[  339.579221][T10142] lowmem_reserve[]: 0 3921 3921
[  339.584613][T10142] Normal free:3021428kB boost:0kB min:25964kB low:32452kB high:38940kB reserved_highatomic:0KB free_highatomic:0KB active_anon:91972kB inactive_anon:36kB active_file:90524kB inactive_file:9272kB unevictable:12kB writepending:924kB present:5242880kB managed:4016120kB mlocked:12kB bounce:0kB free_pcp:9544kB local_pcp:7684kB free_cma:0kB
[  339.618510][T10142] lowmem_reserve[]: 0 0 0
[  339.623444][T10142] DMA32: 7*4kB (M) 3*8kB (M) 4*16kB (M) 5*32kB (M) 5*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 5*1024kB (UM) 5*2048kB (M) 718*4096kB (M) = 2960212kB
[  339.640543][T10142] Normal: 123*4kB (UME) 196*8kB (UME) 111*16kB (UME) 25*32kB (UME) 21*64kB (UME) 22*128kB (UME) 98*256kB (UME) 96*512kB (UME) 46*1024kB (UME) 22*2048kB (UME) 694*4096kB (UM) = 3017820kB
[  339.660972][T10142] 40128 total pagecache pages
[  339.665860][T10142] 9 pages in swap cache
[  339.670487][T10142] Free swap  = 124528kB
[  339.674724][T10142] Total swap = 124996kB
[  339.690254][T10142] 2097051 pages RAM
[  339.694140][T10142] 0 pages HighMem/MovableOnly
[  339.698934][T10142] 351520 pages reserved
[  339.707203][T10142] 0 pages cma reserved
[  339.719915][T10142] Memory allocations:
[  339.736969][  T594] usb 6-1: USB disconnect, device number 63
[  339.737159][T10142]          0 B        0 init/main.c:1370 func:do_initcalls
[  339.753706][T10142]          0 B        0 init/do_mounts.c:186 func:mount_root_generic
[  339.783476][T10142]          0 B        0 init/do_mounts.c:158 func:do_mount_root
[  339.807833][T10142]          0 B        0 init/do_mounts.c:352 func:mount_nodev_root
[  339.816085][T10142]          0 B        0 init/do_mounts_rd.c:241 func:rd_load_image
[  339.828830][   T36] audit: type=1326 audit(1750460257.586:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10132 comm="syz.7.3689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc431b2ab19 code=0x7fc00000
[  339.862424][T10142]          0 B        0 init/do_mounts_rd.c:72 func:identify_ramdisk_image
[  339.872961][T10142]          0 B        0 init/initramfs.c:507 func:unpack_to_rootfs
[  339.890885][T10142]          0 B        0 init/initramfs.c:508 func:unpack_to_rootfs
[  339.900638][T10142]          0 B        0 init/initramfs.c:509 func:unpack_to_rootfs
[  339.909814][T10142]          0 B        0 init/initramfs.c:101 func:find_link
[  340.139377][   T31] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  340.299613][   T31] usb 8-1: Using ep0 maxpacket: 16
[  340.306422][   T31] usb 8-1: unable to get BOS descriptor or descriptor too short
[  340.315343][   T31] usb 8-1: config 1 has an invalid interface descriptor of length 4, skipping
[  340.325061][   T31] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  340.335644][   T31] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  340.346021][   T31] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  340.361291][   T31] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  340.370632][   T31] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.379298][   T31] usb 8-1: Product: syz
[  340.383678][   T31] usb 8-1: Manufacturer: syz
[  340.388415][   T31] usb 8-1: SerialNumber: syz
[  340.488338][T10167] 9pnet_fd: Insufficient options for proto=fd
[  340.512522][T10169] tipc: Can't bind to reserved service type 1
[  340.613746][   T31] usb 8-1: 0:2 : does not exist
[  340.622970][   T31] usb 8-1: USB disconnect, device number 5
[  341.098380][T10198] fuse: Bad value for 'user_id'
[  341.103488][T10198] fuse: Bad value for 'user_id'
[  341.109002][T10198] overlayfs: failed to resolve './file1': -2
[  341.192499][T10208] __vm_enough_memory: pid: 10208, comm: syz.7.3721, bytes: 281474976845824 not enough memory for the allocation
[  341.229699][   T31] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  341.390065][   T31] usb 7-1: Using ep0 maxpacket: 16
[  341.396734][   T31] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  341.408214][   T31] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  341.418643][   T31] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  341.432442][   T31] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  341.442997][   T31] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.452813][   T31] usb 7-1: config 0 descriptor??
[  341.889093][   T31] usbhid 7-1:0.0: can't add hid device: -71
[  341.897084][   T31] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  341.910402][   T31] usb 7-1: USB disconnect, device number 21
[  342.091571][   T36] audit: type=1326 audit(1750460259.710:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10222 comm="syz.1.3726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fd41eb8e929 code=0x7ffc0000
[  342.117322][T10212] 9pnet_fd: p9_fd_create_tcp (10212): problem connecting socket to 127.0.0.1
[  342.843981][  T339] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  343.004334][  T339] usb 7-1: Using ep0 maxpacket: 16
[  343.011484][  T339] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  343.021096][  T339] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  343.032188][  T339] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  343.044407][  T339] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  343.054140][  T339] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  343.062830][  T339] usb 7-1: Product: syz
[  343.067364][  T339] usb 7-1: Manufacturer: syz
[  343.073717][  T339] usb 7-1: SerialNumber: syz
[  343.246088][T10275] fuse: Unknown parameter 'syzkaller0'
[  343.395395][T10288] 9pnet_virtio: no channels available for device syz
[  343.522737][  T339] usb 7-1: 0:2 : does not exist
[  343.548335][T10305] overlayfs: failed to clone upperpath
[  344.260747][T10318] 9pnet_virtio: no channels available for device syz
[  344.331177][T10329] rust_binder: Error while translating object.
[  344.331213][T10329] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  344.339021][T10329] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:314
[  344.682869][   T64] usb 6-1: new high-speed USB device number 64 using dummy_hcd
[  344.864642][   T64] usb 6-1: Using ep0 maxpacket: 16
[  344.872167][   T64] usb 6-1: unable to get BOS descriptor or descriptor too short
[  344.881409][   T64] usb 6-1: config 1 has an invalid interface descriptor of length 4, skipping
[  344.890759][   T64] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  344.901600][   T64] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  344.912051][   T64] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  344.928342][   T64] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  344.939461][   T64] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  344.947867][   T64] usb 6-1: Product: syz
[  344.952698][   T64] usb 6-1: Manufacturer: syz
[  344.957832][   T64] usb 6-1: SerialNumber: syz
[  345.175692][  T339] usb 7-1: 1:0: failed to get current value for ch 0 (-22)
[  345.206713][  T339] usb 7-1: USB disconnect, device number 22
[  345.236793][T10344] FAULT_INJECTION: forcing a failure.
[  345.236793][T10344] name failslab, interval 1, probability 0, space 0, times 0
[  345.250771][T10344] CPU: 1 UID: 0 PID: 10344 Comm: syz.6.3775 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  345.250817][T10344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  345.250833][T10344] Call Trace:
[  345.250844][T10344]  <TASK>
[  345.250857][T10344]  __dump_stack+0x21/0x30
[  345.250890][T10344]  dump_stack_lvl+0x10c/0x190
[  345.250914][T10344]  ? __cfi_dump_stack_lvl+0x10/0x10
[  345.250939][T10344]  ? __x64_sys_sendmmsg+0xa4/0xc0
[  345.250960][T10344]  ? do_syscall_64+0x58/0xf0
[  345.250990][T10344]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  345.251023][T10344]  dump_stack+0x19/0x20
[  345.251046][T10344]  should_fail_ex+0x3d9/0x530
[  345.251072][T10344]  should_failslab+0xac/0x100
[  345.251103][T10344]  kmem_cache_alloc_noprof+0x42/0x3a0
[  345.251132][T10344]  ? skb_clone+0x229/0x460
[  345.251162][T10344]  ? ip_check_defrag+0x1ff/0x550
[  345.251188][T10344]  skb_clone+0x229/0x460
[  345.251218][T10344]  packet_rcv+0x705/0x1670
[  345.251247][T10344]  packet_rcv_fanout+0x412/0x4f0
[  345.251280][T10344]  ? __cfi_packet_rcv_fanout+0x10/0x10
[  345.251309][T10344]  dev_queue_xmit_nit+0x5b7/0xae0
[  345.251334][T10344]  dev_hard_start_xmit+0x187/0x770
[  345.251360][T10344]  __dev_queue_xmit+0x19cc/0x3790
[  345.251387][T10344]  ? __dev_queue_xmit+0x24c/0x3790
[  345.251417][T10344]  ? kasan_save_alloc_info+0x40/0x50
[  345.251438][T10344]  ? __kasan_slab_alloc+0x73/0x90
[  345.251464][T10344]  ? __cfi___dev_queue_xmit+0x10/0x10
[  345.251489][T10344]  ? __asan_memset+0x39/0x50
[  345.251511][T10344]  ? ip6t_do_table+0x1305/0x14d0
[  345.251562][T10344]  ? __build_skb_around+0x2a4/0x5a0
[  345.251593][T10344]  ? __kasan_check_read+0x15/0x20
[  345.251617][T10344]  ? selinux_ip_postroute+0x250/0xf40
[  345.251744][T10344]  ? __asan_memcpy+0x5a/0x80
[  345.251771][T10344]  ip6_finish_output2+0x116e/0x1990
[  345.251969][T10344]  ? __cfi_ip6_finish_output2+0x10/0x10
[  345.251995][T10344]  ? __cfi_ip6table_mangle_hook+0x10/0x10
[  345.252026][T10344]  ip6_finish_output+0x54f/0xb10
[  345.252048][T10344]  ip6_output+0x1d5/0x3c0
[  345.252068][T10344]  ? __cfi_ip6_output+0x10/0x10
[  345.252090][T10344]  ? __cfi_ip6_finish_output+0x10/0x10
[  345.252111][T10344]  ? __cfi_ip6t_do_table+0x10/0x10
[  345.252140][T10344]  ? __cfi_ip6_output+0x10/0x10
[  345.252267][T10344]  ip6_local_out+0x22f/0x440
[  345.252380][T10344]  ? __cfi_ip6_local_out+0x10/0x10
[  345.252403][T10344]  ? __cfi_dst_output+0x10/0x10
[  345.252484][T10344]  ip6_send_skb+0xba/0x1d0
[  345.252520][T10344]  udp_v6_send_skb+0xbc3/0x1740
[  345.252549][T10344]  udpv6_sendmsg+0x1c8f/0x26c0
[  345.252569][T10344]  ? avc_has_perm_noaudit+0x268/0x360
[  345.252593][T10344]  ? __cfi_ip_generic_getfrag+0x10/0x10
[  345.252628][T10344]  ? __cfi_udpv6_sendmsg+0x10/0x10
[  345.252704][T10344]  ? avc_has_perm+0x144/0x220
[  345.252729][T10344]  ? __cfi_selinux_socket_sendmsg+0x10/0x10
[  345.252758][T10344]  ? inet_send_prepare+0x64/0x4f0
[  345.252780][T10344]  ? __cfi_udpv6_sendmsg+0x10/0x10
[  345.252800][T10344]  inet6_sendmsg+0xef/0x120
[  345.252949][T10344]  ____sys_sendmsg+0x5db/0xa70
[  345.253043][T10344]  ? __sys_sendmsg_sock+0x50/0x50
[  345.253072][T10344]  ? import_iovec+0x81/0xb0
[  345.253111][T10344]  ___sys_sendmsg+0x220/0x2a0
[  345.253143][T10344]  ? __sys_sendmsg+0x280/0x280
[  345.253174][T10344]  ? kstrtouint+0x78/0xf0
[  345.253201][T10344]  __sys_sendmmsg+0x271/0x470
[  345.253220][T10344]  ? __cfi___sys_sendmmsg+0x10/0x10
[  345.253244][T10344]  ? __cfi_ksys_write+0x10/0x10
[  345.253270][T10344]  __x64_sys_sendmmsg+0xa4/0xc0
[  345.253292][T10344]  x64_sys_call+0xfec/0x2ee0
[  345.253323][T10344]  do_syscall_64+0x58/0xf0
[  345.253352][T10344]  ? clear_bhb_loop+0x35/0x90
[  345.253384][T10344]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  345.253409][T10344] RIP: 0033:0x7f060dd8e929
[  345.253425][T10344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.253448][T10344] RSP: 002b:00007f060ec17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  345.253473][T10344] RAX: ffffffffffffffda RBX: 00007f060dfb5fa0 RCX: 00007f060dd8e929
[  345.253490][T10344] RDX: 00000000000004ff RSI: 00002000000092c0 RDI: 0000000000000008
[  345.253504][T10344] RBP: 00007f060ec17090 R08: 0000000000000000 R09: 0000000000000000
[  345.253519][T10344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  345.253530][T10344] R13: 0000000000000000 R14: 00007f060dfb5fa0 R15: 00007ffdb44a7ec8
[  345.253544][T10344]  </TASK>
[  345.860654][T10355] fuse: Unknown parameter 'gro攳󨓒虘豼p_id'
[  345.876063][T10355] random: crng reseeded on system resumption
[  347.591307][   T64] usb 6-1: 0:2 : does not exist
[  347.599729][T10362] Restarting kernel threads ... done.
[  347.607769][   T64] usb 6-1: USB disconnect, device number 64
[  347.786940][T10401] 9p: Unknown Cache mode or invalid value ;j几~.r鱉尠�0�9鬩迊烇a珠Ω螊�!B燋絥z廫A
/�	
[  348.118790][T10421] SELinux: security_context_str_to_sid (sytem_u軬泄�:��) failed with errno=-22
[  348.178722][   T64] usb 6-1: new high-speed USB device number 65 using dummy_hcd
[  348.338988][   T64] usb 6-1: Using ep0 maxpacket: 16
[  348.350505][   T64] usb 6-1: unable to get BOS descriptor or descriptor too short
[  348.360402][   T64] usb 6-1: config 1 has an invalid interface descriptor of length 4, skipping
[  348.371375][   T64] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  348.384682][   T64] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  348.394618][   T64] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  348.411548][   T64] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  348.421341][   T64] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.429644][   T64] usb 6-1: Product: syz
[  348.434346][   T64] usb 6-1: Manufacturer: syz
[  348.439795][   T64] usb 6-1: SerialNumber: syz
[  348.724512][T10432] kvm: apic: phys broadcast and lowest prio
[  348.774052][T10434] FAULT_INJECTION: forcing a failure.
[  348.774052][T10434] name failslab, interval 1, probability 0, space 0, times 0
[  348.788676][T10434] CPU: 0 UID: 0 PID: 10434 Comm: syz.7.3812 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  348.788714][T10434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  348.788727][T10434] Call Trace:
[  348.788748][T10434]  <TASK>
[  348.788757][T10434]  __dump_stack+0x21/0x30
[  348.788789][T10434]  dump_stack_lvl+0x10c/0x190
[  348.788811][T10434]  ? __cfi_dump_stack_lvl+0x10/0x10
[  348.788833][T10434]  ? avc_has_perm_noaudit+0x286/0x360
[  348.788855][T10434]  dump_stack+0x19/0x20
[  348.788875][T10434]  should_fail_ex+0x3d9/0x530
[  348.788897][T10434]  should_failslab+0xac/0x100
[  348.788923][T10434]  kmem_cache_alloc_node_noprof+0x45/0x3b0
[  348.788949][T10434]  ? __alloc_skb+0x10c/0x370
[  348.788994][T10434]  __alloc_skb+0x10c/0x370
[  348.789018][T10434]  pfkey_sendmsg+0x185/0x1030
[  348.789037][T10434]  ? __cfi_avc_has_perm+0x10/0x10
[  348.789057][T10434]  ? __cfi_pfkey_sendmsg+0x10/0x10
[  348.789074][T10434]  ? selinux_socket_sendmsg+0x284/0x380
[  348.789097][T10434]  ? __cfi_selinux_socket_sendmsg+0x10/0x10
[  348.789120][T10434]  ? arch_stack_walk+0x10b/0x170
[  348.789146][T10434]  ? bpf_lsm_socket_sendmsg+0xd/0x20
[  348.789174][T10434]  ? security_socket_sendmsg+0x33/0xd0
[  348.789196][T10434]  ? __cfi_pfkey_sendmsg+0x10/0x10
[  348.789214][T10434]  ____sys_sendmsg+0xa15/0xa70
[  348.789244][T10434]  ? __sys_sendmsg_sock+0x50/0x50
[  348.789281][T10434]  ? import_iovec+0x81/0xb0
[  348.789308][T10434]  ___sys_sendmsg+0x220/0x2a0
[  348.789336][T10434]  ? __sys_sendmsg+0x280/0x280
[  348.789366][T10434]  ? proc_fail_nth_write+0x17e/0x210
[  348.789387][T10434]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  348.789411][T10434]  __x64_sys_sendmsg+0x1eb/0x2c0
[  348.789429][T10434]  ? fput+0x1a5/0x240
[  348.789457][T10434]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  348.789474][T10434]  ? ksys_write+0x1ef/0x250
[  348.789498][T10434]  ? __kasan_check_read+0x15/0x20
[  348.789521][T10434]  x64_sys_call+0x2a4c/0x2ee0
[  348.789546][T10434]  do_syscall_64+0x58/0xf0
[  348.789570][T10434]  ? clear_bhb_loop+0x35/0x90
[  348.789599][T10434]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  348.789626][T10434] RIP: 0033:0x7fc431b8e929
[  348.789642][T10434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.789660][T10434] RSP: 002b:00007fc432a48038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  348.789681][T10434] RAX: ffffffffffffffda RBX: 00007fc431db5fa0 RCX: 00007fc431b8e929
[  348.789696][T10434] RDX: 0000000000000000 RSI: 00002000000014c0 RDI: 0000000000000003
[  348.789710][T10434] RBP: 00007fc432a48090 R08: 0000000000000000 R09: 0000000000000000
[  348.789723][T10434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.789739][T10434] R13: 0000000000000000 R14: 00007fc431db5fa0 R15: 00007ffe8b937318
[  348.789756][T10434]  </TASK>
[  350.524169][   T36] audit: type=1400 audit(1750460267.595:1347): avc:  denied  { lock } for  pid=10466 comm="syz.1.3825" path="socket:[90705]" dev="sockfs" ino=90705 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  351.144250][   T64] usb 6-1: 0:2 : does not exist
[  351.153214][   T64] usb 6-1: USB disconnect, device number 65
[  351.192231][T10479] SELinux: security_context_str_to_sid (sytem_u軬泄�:��) failed with errno=-22
[  351.343890][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  352.104529][T10499] tipc: Started in network mode
[  352.109538][T10499] tipc: Node identity 40120000000000000000000000000001, cluster identity 4711
[  352.119284][T10499] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  352.360246][T10513] rust_binder: Error while translating object.
[  352.360287][T10513] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  352.384595][T10513] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:346
[  352.396172][T10515] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  352.615362][   T64] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  352.786353][   T64] usb 7-1: Using ep0 maxpacket: 16
[  352.793591][   T64] usb 7-1: unable to get BOS descriptor or descriptor too short
[  352.802558][   T64] usb 7-1: config 1 has an invalid interface descriptor of length 4, skipping
[  352.811665][   T64] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  352.822080][   T64] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  352.831324][   T64] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  352.846560][   T64] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  352.856571][   T64] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.864999][   T64] usb 7-1: Product: syz
[  352.869321][   T64] usb 7-1: Manufacturer: syz
[  352.871794][  T305] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  352.874008][   T64] usb 7-1: SerialNumber: syz
[  353.032254][  T305] usb 8-1: Using ep0 maxpacket: 32
[  353.039715][  T305] usb 8-1: config 0 has an invalid interface number: 67 but max is 0
[  353.048565][  T305] usb 8-1: config 0 has no interface number 0
[  353.058201][  T305] usb 8-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  353.067753][  T305] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  353.076165][  T305] usb 8-1: Product: syz
[  353.081061][  T305] usb 8-1: Manufacturer: syz
[  353.085874][  T305] usb 8-1: SerialNumber: syz
[  353.091837][  T305] usb 8-1: config 0 descriptor??
[  353.098764][  T305] smsc95xx v2.0.0
[  353.533033][  T305] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  353.544314][  T305] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  353.731418][T10561] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  353.742013][T10561] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  354.445638][  T305] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  354.449548][T10574] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3866'.
[  354.461789][  T305] smsc95xx 8-1:0.67: probe with driver smsc95xx failed with error -71
[  354.481888][  T305] usb 8-1: USB disconnect, device number 6
[  354.537810][T10585] netlink: 'syz.1.3871': attribute type 4 has an invalid length.
[  354.604933][T10591] netlink: 'syz.1.3874': attribute type 4 has an invalid length.
[  354.619638][T10591] netlink: 'syz.1.3874': attribute type 4 has an invalid length.
[  355.110946][T10601] fuse: Unknown parameter '����0x0000000000000008'
[  355.173943][T10605] 9pnet_virtio: no channels available for device syz
[  355.495963][   T64] usb 7-1: 0:2 : does not exist
[  355.512305][   T64] usb 7-1: USB disconnect, device number 23
[  355.596216][T10625] binder: Unknown parameter 'd�	"�'
[  355.716311][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  355.742881][  T207] Bluetooth: hci0: Frame reassembly failed (-84)
[  355.875870][  T305] usb 6-1: new high-speed USB device number 66 using dummy_hcd
[  356.036179][  T305] usb 6-1: Using ep0 maxpacket: 16
[  356.044110][  T305] usb 6-1: config 1 interface 0 altsetting 93 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  356.057462][  T305] usb 6-1: config 1 interface 0 altsetting 93 bulk endpoint 0x82 has invalid maxpacket 96
[  356.071711][  T305] usb 6-1: config 1 interface 0 altsetting 93 bulk endpoint 0x3 has invalid maxpacket 8
[  356.084951][  T305] usb 6-1: config 1 interface 0 altsetting 93 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  356.101505][  T305] usb 6-1: config 1 interface 0 has no altsetting 0
[  356.112681][  T305] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  356.126759][  T305] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  356.139374][  T305] usb 6-1: SerialNumber: syz
[  356.158748][T10621] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  356.168718][T10621] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  356.451889][T10646] rust_binder: validate_parent_fixup: fixup_min_offset=29, parent_offset=27
[  356.451921][T10646] rust_binder: Error while translating object.
[  356.461822][T10646] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  356.468961][T10646] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:224
[  356.757416][T10656] 9pnet_virtio: no channels available for device syz
[  357.771788][T10678] 9pnet_virtio: no channels available for device syz
[  357.949909][   T53] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  357.950228][  T832] Bluetooth: hci0: command 0x1003 tx timeout
[  358.412024][T10699] fuse: Bad value for 'fd'
[  358.434469][T10701] 9pnet_virtio: no channels available for device syz
[  358.518634][T10707] SELinux: security_context_str_to_sid (sytem_u軬泄�:��) failed with errno=-22
[  358.780981][  T305] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71
[  358.793358][  T305] usb 6-1: USB disconnect, device number 66
[  359.018972][   T31] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  359.179238][   T31] usb 8-1: Using ep0 maxpacket: 16
[  359.186767][   T31] usb 8-1: unable to get BOS descriptor or descriptor too short
[  359.196540][   T31] usb 8-1: config 1 has an invalid interface descriptor of length 4, skipping
[  359.205997][   T31] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  359.216311][   T31] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  359.226210][   T31] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  359.243028][   T31] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  359.253914][   T31] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  359.263260][   T31] usb 8-1: Product: syz
[  359.268034][   T31] usb 8-1: Manufacturer: syz
[  359.273217][   T31] usb 8-1: SerialNumber: syz
[  359.484460][T10735] binder: Unknown parameter 'pcr'
[  359.502770][T10718] kvm: pic: non byte write
[  359.524978][   T31] usb 8-1: 0:2 : does not exist
[  359.550833][   T31] usb 8-1: USB disconnect, device number 7
[  359.681748][   T36] audit: type=1326 audit(1750460276.156:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.3937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd41eb8e929 code=0x7ffc0000
[  359.713736][   T36] audit: type=1326 audit(1750460276.156:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.3937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd41eb8e929 code=0x7ffc0000
[  359.739565][   T36] audit: type=1326 audit(1750460276.193:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.3937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd41eb2ab19 code=0x7ffc0000
[  359.767078][   T36] audit: type=1326 audit(1750460276.193:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.3937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd41eb8e929 code=0x7ffc0000
[  359.767196][  T305] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  359.791896][   T36] audit: type=1326 audit(1750460276.193:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.3937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd41eb8e929 code=0x7ffc0000
[  359.824570][   T36] audit: type=1326 audit(1750460276.193:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.3937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd41eb8e929 code=0x7ffc0000
[  359.849953][   T36] audit: type=1326 audit(1750460276.193:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.3937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd41eb2ab19 code=0x7ffc0000
[  359.874986][   T36] audit: type=1326 audit(1750460276.193:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.3937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd41eb8e929 code=0x7ffc0000
[  359.899411][   T36] audit: type=1326 audit(1750460276.193:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.3937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd41eb2ab19 code=0x7ffc0000
[  359.923381][   T36] audit: type=1326 audit(1750460276.193:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.3937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd41eb2ab19 code=0x7ffc0000
[  359.981032][  T305] usb 7-1: Using ep0 maxpacket: 8
[  359.993346][  T305] usb 7-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  360.010640][  T305] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  360.028616][  T305] usb 7-1: config 0 descriptor??
[  360.460280][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.460313][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.467432][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.474427][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.481183][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.488002][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.494778][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.501507][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.508325][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.514975][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.522259][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.528860][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.535966][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.544308][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.551491][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.559310][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.566115][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.573201][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.580101][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.587079][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.594179][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.601750][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.608489][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.615914][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.622940][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.630685][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.637573][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.644276][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.651649][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.658444][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.665802][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.674043][T10772] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  360.675912][T10029] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  360.857921][T10029] usb 8-1: Using ep0 maxpacket: 16
[  360.865431][T10029] usb 8-1: unable to get BOS descriptor or descriptor too short
[  360.877520][T10029] usb 8-1: config 9 has an invalid interface number: 63 but max is 1
[  360.877764][T10790] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  360.889804][T10029] usb 8-1: config 9 has an invalid interface number: 159 but max is 1
[  360.901688][T10790] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:413
[  360.913216][T10029] usb 8-1: config 9 has no interface number 0
[  360.932099][T10029] usb 8-1: config 9 has no interface number 1
[  360.940178][T10029] usb 8-1: config 9 interface 63 has no altsetting 0
[  360.950458][T10029] usb 8-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice=5c.87
[  360.962115][T10029] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.971563][T10029] usb 8-1: Product: syz
[  360.977475][T10029] usb 8-1: Manufacturer: syz
[  360.983675][T10029] usb 8-1: SerialNumber: syz
Stopping sshd: stopped /usr/sbin/sshd (pid 201)
OK
[  361.229462][T10029] usb 8-1: USB disconnect, device number 8
Stopping crond: stopped /usr/sbin/crond (pid 193)
OK
Stopping dhcpcd...
stopped /sbin/dhcpcd (pid 147)
Stopping network: [  361.422619][ T4309] udevd[4309]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:9.63/sound/card0/controlC0/../uevent} for writing: No such file or directory
OK
Stopping iptables: OK
Stopping system message bus: done
Stopping klogd: OK
Stopping acpid: [  362.058585][   T46] bridge_slave_1: left allmulticast mode
[  362.065712][   T46] bridge_slave_1: left promiscuous mode
[  362.071507][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.079825][   T46] bridge_slave_0: left allmulticast mode
[  362.082732][T10854] rust_binder: Got transaction with invalid offset.
[  362.085537][T10854] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  362.085603][   T46] bridge_slave_0: left promiscuous mode
[  362.092552][T10854] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:282
[  362.102273][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  362.236975][  T305] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x8001: -71
[  362.247318][  T305] asix 7-1:0.0: probe with driver asix failed with error -71
[  362.256270][  T305] usb 7-1: USB disconnect, device number 24
[  362.264912][   T46] tipc: Disabling bearer <udp:syz1>
[  362.270426][   T46] tipc: Left network mode
[  362.275864][   T46] veth1_macvtap: left promiscuous mode
[  362.281492][   T46] veth0_vlan: left promiscuous mode
[  362.729252][T10869] rust_binder: Error while translating object.
[  362.729284][T10869] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
OK
Stopping syslogd: stopped /sbin/syslogd (pid 91)
OK
[  362.735735][T10869] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:429
[  363.151616][T10911] : renamed from team_slave_1
umount: can't remount debugfs read-only
Connection to 10.128.1.135 closed by remote host.
umount: sysfs busy - remounted read-only
umount: devtmpfs busy - remounted read-only
umount: can't remount /dev/root read-only
The system is going down NOW!
Sent SIGTERM to all processes
[  363.702633][   T46] bridge_slave_1: left allmulticast mode
[  363.708699][   T46] bridge_slave_1: left promiscuous mode
[  363.716780][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.726552][   T46] bridge_slave_0: left allmulticast mode
[  363.732619][   T46] bridge_slave_0: left promiscuous mode
[  363.740244][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.970091][   T46] veth0_vlan: left promiscuous mode
Sent SIGKILL to all processes
Requesting system poweroff
[  364.526449][   T46] bridge_slave_1: left allmulticast mode
[  364.532368][   T46] bridge_slave_1: left promiscuous mode
[  364.538353][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.546932][   T46] bridge_slave_0: left allmulticast mode
[  364.554409][   T46] bridge_slave_0: left promiscuous mode
[  364.560753][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.687294][   T46] tipc: Left network mode
[  364.693823][   T46] veth1_macvtap: left promiscuous mode
[  364.699670][   T46] veth0_vlan: left promiscuous mode
[  365.563095][T10927] sd 0:0:1:0: [sda] Synchronizing SCSI cache
[  365.571655][T10927] ACPI: PM: Preparing to enter system sleep state S5
[  365.579349][T10927] kvm: exiting hardware virtualization
[  365.593607][T10927] reboot: Power down
serialport: VM disconnected.