last executing test programs:

20m18.018764226s ago: executing program 32 (id=920):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$incfs(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r0 = socket(0x10, 0x803, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f0000000440)='msdos\x00', 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x4)
r1 = open$dir(&(0x7f0000000040)='\x00', 0x0, 0x44)
faccessat2(r1, &(0x7f0000000080)='./file0/../file0/../file0\x00', 0x9, 0x100)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100))
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000000)={0x0, <r3=>0x0}, &(0x7f0000000040)=0xc)
setfsuid(r3)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000140)={{{@in6, @in=@private}}, {{@in6=@local}, 0x0, @in6=@private1}}, &(0x7f0000000240)=0xe8)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'tunl0\x00'})
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000480))
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000003480)=[{{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000004c0)=""/165, 0xa5}, {&(0x7f0000000600)=""/238, 0xee}, {&(0x7f0000000780)=""/239, 0x137}, {&(0x7f0000000880)=""/4092, 0xffc}, {&(0x7f0000001880)=""/178, 0xb2}, {&(0x7f00000002c0)=""/43, 0x37}, {&(0x7f0000001940)=""/197, 0xc5}, {&(0x7f0000001a40)=""/124, 0x7c}], 0x8}, 0xa}, {{0x0, 0x0, 0x0}, 0x8}], 0x2, 0x40002100, 0x0)

18m44.329368896s ago: executing program 33 (id=2634):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000440)={{0x4000, 0x0, 0x43cb, 0x8}, 'syz0\x00', 0x22})
ioctl$UI_DEV_CREATE(r0, 0x5501)
write$uinput_user_dev(r0, &(0x7f0000001940)={'syz0\x00', {0x7, 0x5, 0x7, 0x4}, 0x15, [0x2, 0x4, 0x7, 0x80, 0x9, 0x7, 0x1, 0x9, 0x8, 0x8, 0x80, 0x2, 0x0, 0x3, 0x9, 0x6, 0xa1, 0x1, 0x3, 0x8, 0x40, 0x3, 0xffff, 0xf, 0x101, 0x805, 0x6, 0x0, 0x1, 0x4, 0x40000006, 0x0, 0x6, 0x5, 0x9, 0x877, 0x5, 0x7, 0xf17, 0x870b, 0x10, 0xae, 0x1, 0x8, 0x4, 0xffffffee, 0x7fe0000, 0x200, 0x9, 0xc, 0x80000000, 0x54, 0x7, 0x2, 0x54c2, 0x7, 0x643e1dbc, 0x3d3, 0xeb2, 0xc, 0x10000, 0x1, 0x9f8b, 0x8], [0x4, 0x6, 0x7fffffff, 0xffffffff, 0x4, 0x1, 0x1, 0x6, 0x1, 0x6, 0x80000000, 0x3, 0x0, 0x4033, 0x6, 0x0, 0x8, 0x1, 0x0, 0x4, 0x2, 0x7, 0x1, 0x9, 0x2, 0x10, 0x100, 0x5, 0x8, 0xc, 0x1, 0x41, 0x6, 0x3, 0xfffffffe, 0x6, 0xf23, 0xe, 0x69, 0x9, 0x0, 0xfffffffb, 0x5, 0x4e5, 0x8, 0x401, 0x7ff, 0x7d, 0x1, 0x4, 0x2, 0xd218, 0xce, 0x6a8, 0x5d52cbeb, 0x5, 0x4, 0xfffffffd, 0x80, 0xc0, 0x7, 0x5, 0x2, 0x6], [0x10001, 0x4, 0x3, 0x7, 0x3, 0x6, 0x5, 0x2, 0x7ff, 0x7, 0x7, 0x9, 0xffff, 0x3, 0x0, 0x3, 0x5, 0x1, 0x7, 0x1, 0x4, 0x1, 0x0, 0x7, 0xb, 0x6, 0x6, 0x66c2, 0x200008, 0x81, 0x1, 0xe4b6, 0x0, 0x0, 0x3, 0x8aa541a, 0x0, 0x16, 0x5, 0x20, 0x10, 0x6, 0x8001, 0x400, 0x7, 0x8, 0x7, 0xf68, 0x8000, 0x1f, 0x2, 0x2, 0x8000, 0x7f, 0x7, 0x80, 0x2685, 0x9, 0x6, 0x7fffffff, 0x8000, 0x7a, 0x3ff, 0xc], [0x9, 0x3, 0x7ff, 0xe, 0x4000007f, 0x10, 0x6, 0x10000cd9, 0x2, 0x5, 0x10001, 0x3, 0x4, 0x8001, 0x1000, 0x40, 0x0, 0x5, 0x3ff, 0xa13, 0x1ff, 0x0, 0x2, 0x0, 0x2, 0xa9, 0x6, 0x0, 0x1, 0x7, 0x2, 0x1, 0x7, 0xb735, 0x0, 0xc78, 0x1, 0x888, 0x1, 0xdd9, 0x1ff, 0x0, 0x7f, 0x0, 0x9, 0x9, 0x3, 0x8, 0x9, 0xfffffff1, 0xfffffffa, 0x6, 0xffffff86, 0x7, 0x1, 0xffffffff, 0x6, 0x7f, 0x6, 0x2, 0x1000, 0x1, 0x7fff, 0x81]}, 0x45c)

16m40.376569023s ago: executing program 34 (id=4602):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[], 0x48}}, 0x0)

15m4.54258466s ago: executing program 35 (id=5579):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000058c0)=ANY=[@ANYBLOB="fc01000013000100000000000000000000000000000000000700000000000001fc020000000000000000000000000001", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="020000010000000000000000000000000000000000000000ffffffffffffffff00000000000000000300000000000000090000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000feffffff00000000000000000000000044010500e0000002000000000000000000000000000004d632"], 0x1fc}, 0x1, 0x0, 0x0, 0x11}, 0x0)

14m32.736532443s ago: executing program 7 (id=5848):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
setitimer(0x0, &(0x7f00000000c0)={{0xffffffff}, {0xffffffff}}, 0x0)
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000000580)={0x0, "431f7947443ad84244f3ad4c3246d993"})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x0, 0x0)
r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000180)='blkio.bfq.time\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x31}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x4c, 0x0, &(0x7f0000000300)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x50, 0x0, &(0x7f0000000380)="ec5879bcae4ebf1dcf85134d8b5e05505209abff506d2f73957fa39fbdbc84a722e85b7aa2dd37976eaa5b831df72f213796242fbd571621cc5d7cdf0257b01ea7a5119e8f9d6ed2b82920a14886fc0c"})

14m32.606720735s ago: executing program 7 (id=5850):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x74, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x74}, 0x1, 0x0, 0x0, 0x40000000}, 0x0)

14m32.590725746s ago: executing program 7 (id=5852):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_CAP_ACK(r2, 0x10e, 0xa, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(0xffffffffffffffff, 0x4068aea3, &(0x7f00000000c0)={0x80, 0x0, 0x8c8ddd2})
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x12fe)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000140)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300090a00000000000000000000000300060000000e0002000000e000000900000000000000000200010000000000000604fdec19ecd9030005000000000002"], 0x50}}, 0x0)

14m32.430631788s ago: executing program 7 (id=5855):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f00000000c0)=0x3, 0x4)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000500)={0x44, 0x0, &(0x7f0000000400)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

14m32.397168969s ago: executing program 7 (id=5857):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000001c0)={'ip6gre0\x00', 0x0}) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x4000010, r1, 0x2000) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x45809000)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0)

14m32.2821354s ago: executing program 7 (id=5860):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) (async)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x20000023896) (async)
io_setup(0xe4, &(0x7f0000000000)=<r2=>0x0)
io_pgetevents(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
io_cancel(r2, &(0x7f0000001240)={0x0, 0x0, 0x0, 0x8, 0x4, r1, &(0x7f0000000240)="141b0d2c871bd9467c840f1236baf72c6413eb89700574056c571e78a8ff8194581ddc1dca3a14ba6711ed93b3b6710d7b810d8c2f609a08968685fed0fa8ef4c08b6ba7c87d218f97301ca0de9a7a99aa14920ec15fb38f52b59657555f9bbfdd5e60a1034994eb7d7bf7c090ba72aaf96c98b9d9a60e6f45743c664d9651c7e825417c5361f20917b39bf1c8aa44820157c4936ee1318d4d91dae2a212c7015878effac163dd40bfa13f18ce2d2053f5771588d73c613662f903ba182463ebeaad67111f4350ad05f1c55f0d0b95007ea434d889f5bc8866bdfe0ebe281ffe70c28cfd251317c906897fc7a2a210c4806553e3dace5c3390ee324870efb65632ff4e6771ba37f4740eaaf4693d20ec611ac76095a6d92f7528ae357ce2a5e7a6b46a32115d36d6fd8692a99c65a77bc43c5667dd0e67801572a4591977045d29ccd5471228e80f65d15e5efed087d3df3233d2d848d38e443b041b2307ac65acad683e1938124cf71b65f18161e81b5f6484518134054bb9260db3c7df3388564278cd25b6f2ffe08cd2a560fe566cf9556b10fad75099b033167489aa8d0f986184c39f951be664686deeab14b76c145b795071b275ee29b6356b468843e7e4783fc5bb4a5700ac314b4b6f471b60d507800a787338b5d182bb3e5b0cdfff46dae1ee371d20f67b2c0b784a744b48fed1091feb7752dc07dc7507f01268507dd10119248eff7c9a3ca2e39c646e37f8c8571cb6ac95716c6ea5d9728359579bdcfa0678e794f13d7365054465c21bd3b85d08939f0b29a0babbb3ecc09d63eca6c3a9e90ccb4bdb1be5ca6e4f21070fa3eb3b4d9a93ff41b45255e2654f9ceeed5fbbedb18e4f12544e3ad51a3411789837d9438e3d7fa415940ef002f640393b824f8b95ee6d5da6b9c06a39ecae0963cea72dbfbf8885668ba29feff317f864fd348d1b66e7c9cdd3f50e044438242b70462253246d9cfbc0c24e46d395cb75fd7d9a059ef36a2176c526b9333d537d31186ccab99d75e99898e2c10e03861683d46b6a7d50686d7484e89f8fe0560b6e50cf68ab6d87560fae8b1175a4c1edcbcb83c8b7127e46f5433411665ec7925ad85585c561769ef6ba08004f58e55fd9765f07599b6332cdb2e40784d8fbcfb584fb346ffbae3c81232d636333de60b5821bab6812b220815e56fc851dc840899e7846405b3a0e6455ba25a654075d0a5df6848e080deba8bb920352b1b6b54df561c7e00377c18aca1c7b02dbc5e2ca49377a643b0637be3073987dba7d8fa35f5df31604df0200d3376e96157bdfaae0d016ce245ae4c4897326c2d24a2c36d57c60a9ab22cee8f6fcba69f1e68d69897e35a01b8902ec4124366232f94fc67fb19f51581977d43ea55941897fcc4a56ce5fc99929488ef997382d0859f2267dacbb042d837ee1fe2e75af2742dbce0de5ea4f10d6f545bac2427e8a003b3e3d7ef9b7e1c8b3b13bcc78f94bd606581622ad867293c1ea65022361245f666951ea98bc2b1e1e7029bfc406cbb2ddbdeda21c2bea27bab4cb9879ac6104e780a0f96e886fef27277270be4d02efc959ad2d77c3db97dcf201b9285d9e1c5f7ac0098cf6fb76b2c51a3fec5bed8eb1bcc5dcf5b81e77ddc7ce2fdf96d59322ea5ee843a305f5c1eaaaf111fb6a6041398d6c283ef220c5cd6f225976a6b8661bf87b64150fd9ac39a7efc3c3b1bfa9e724870bb0bcff7008bd1131cce18a1d66ad18bcb444301e10dd441a779b6e7c9f5215a00dafffd3373e7791084bec4d7478168de84fffb5ea2ee88a4f266c5626b49812a3cefb5673ef0273aed353b221f1600958eb0b97b8930196d74afffdb8d8431cec22023f79d7f4ffb54dc9081ec4e1db4afb5c2c5acc261027e73be33ad4bc67e8259993a259c84ea45dd6202d8d564d89b34037683fdd0e1d6e4ecfb30369b18006b6e56b5c83d61d14954aa2af33f2d939798e97fa01098143fdf6d6dac862275a2e4465aa22c3c457bd4335b8fa4cf1665af900f4329212743649a4060951565626761f41a7762ec3aaeadfb1d3ac837800841a8794c8ad7d03c3c3117c0a6c22fb8168ccaa417479660d9f48eb680f277e893b2539130c91c454679d277df7ba7bef4e8375c2d4f42a11dcfc462ba4edb1ffa66fad0ea7832a972e448fe5b24234c43e5e55ab5d9a52a32ca31542bec59ce34c70aa6b659460bc3ca0260025e1eef8d9dcca63c9d19ac67d6a789474069ad77d1e313688341a145eed23aa757443eb25f105541980d96260e690c1956ca37a91d1ce7776e739a52d1277a55d60a885f12b815c981da98c0c31fc219249b9682038d57d22f31bed60c45db9656cfb63f3991e632ee1a96748c072858e46789f6d246e298e76347a31d7d4253618200fc5996ddef3165cb7ea9e7591c1457e4de99000f4791e8d04970c2997871b55f285d4aff267cadc7d84cc9d7306e3d5c09ca7b8062f032b23d27b3ea486870545586b04cfe9a0b3afb24fe1cb82ec7c669a4094702c3535639f4825851ec5b27f6ec9c923b460ea458faaa9a5f48bef6d6b2e21185c1d4339c7b3afc5ffbd36a5a15da2764defb2c76a545cdb4456fffed51df741fe384d3919920a854373d9d216f5b0398174828e8c757a0bfa75292e190e7c557a85d70016f9f9338f90c3176a93457d4bc99a5b968e1ccf9169f86019f2c158a7981b61644f4ee8439588334015378acaebfb3ab241a0a8b5c19955301aaa454b69c4e43b04285baa27d91bf8367213866597620887255ed87750894ea2a78b4d41e60fba534ff698772aeaaa6c671d090f682fb4caff02d001a9eced87de313564c0b2574c2fc5cd34273a6abe6b7d5dec4661dbccc7300ae180053a8afd17441fea58b6bca03722a8639ca742b6c334d71f141572f5a9fd1e49cd06039276a0b723ae570cb415c8f00d573a16709692c32ae282b31bbeed7d4772cada70af081243196592d25395c0454e824bdfcc35294a29365fbeaf72f5738041c30357bdac0cb1d31c5a2d4e2e39688c6eb9d9efcd2803a42b3bb8f92c740f8815ffaa11ab86d6fcbd8e42b18061d13de3568a29415e98ccdde4c2efdd6c0652714bc0bfe4ff5a27d6ec161df9adbe46356fc3c524cb24cbccc5bec74ea26bedc7ade9fac00ac5757f2d82bf81fd41b4cfff40a8f6cef340b775e23f52e04b227fe9891025fdc9f41184646fcb659d850cea0c12dfcb0873cad1be0b46d4945ed9e7faf491677838b0f2fe492bf0459fa769f12da0d6d4f62b4e627ca0f64c2ca73630e1c2dcb7203e0a7dc45311cfa1b6f6f9417d35a77af47fbaf89db1a9fff31c9f99bde6fd5ec157a146f2c39fddcfaa5a4fbcc1f669465d54401227df8f17bc0b016b8de9725be4dc742574e2490ae6b7b7a8f19b5b7cc14fb83d9ca596ae8715f73207f0b653f13a7630d1156d2a8c4d99c473f12b5898d398b17e37ee342454c3777b782bd6622836c8af83fb02abcd3542728ccfa2e2e68b4628c6ccc38aea489c25e21dc5ff554f8a650cff3244f9b3941ba153924fbfecb7e217347628a6d8c35832428fa0b878c88520605a0ab4750b5faf0a95ba3a26082096b82f513576d6c3070d9b257be5e461cdcad1ec6e5f8bf46fff5e0ecb7699b43ee84732b63314b091284621e6d9a78ba1b993c4403f4af190821f41da7f6d3fff5680e82b5d012f8df3aab94def20d71b686a70798be01ec2ca26f16283c6f8fd2adbe6ee793a1478b3097d7ffda4aece2245dbf0e3217fa25c6704e2fbbef27be5db81876fdb5648a70f928a3fc695d6bb064419d921158aa4d112deb8bda29cf0ded9945fddddd883fdac2e94de000182cd005a7d0da0b1d7ea86d51daa49f146fe5a687941f346a829cf3015c5afb535869d7ab771a0c90e597df882c39aee21fedc56a5396b175ee2d4013f4d881ffa8a0152e8375c241027518f96e5ced791ac1ac99874668786f7abd733d3c667cb27f3175a42fb8ed3d359edc9874f4e9478bae62f695069ef2ce1cd4c73da690ee787dbac0107f1489d296139baf3ad20a31dd5653c13e6a20684b0a6e40bc50b418cfa0a290aa357c568c493c3b435f45064650bf2585772bc253a8d730b97a593cc148f500e0ba3026cfa20f4f0da765876bcb2bfd8a0e166e4c9350d8d9432dbd5c204a482d03d27ca8b27f07094cad7a6ddd7c01e744cfb7358d07c5d7f6b9a38295021d4461ee152ed41bbbe8f183ed902c50af6120dbcc6fafa928c93fc2db511106bdc4fc26a78886eb16a4663bc9c94acbf62561dff93f32853d90819ae4c761a182a9670f7b56db3bd8577541fdec4c963af87fb734f88584568c9da3c794f0c0b01352a68de361e5b9a932b56123bb480241953d328a8782f944e80d9716d7b4b0ba4fb3feccd852e8a0fdf378e609f05344a80e856a129beda53082b5792e1c5ec1e7b5c40abb8c77ac3f45c7703d1ce30173e7d414ea9f5917f07e1bfc4f0ff6257b580879bd342b2f3ded849ff283fe13751c5e845a1ac96aa6e3b99b507a44f5bc022416437750ce4141a0733c43432767bf674b9abfe0cd8ff3b5031bef582e99b3d5ef61ec879875a5288b264659a87509b615091ef89e0d5f32fbc2345ad527a119fc2b8ed0e726e7eb525ed66b3845f54f4b84e0388254da7d675b5c24906282fdd4cb0cbefc9e6f342ac53f8f0ad941d26494bb3be0744547a5cd16915877181486d32a137afc834a5f390ff51a95ffa99f3fbcd10cf19c8d0caad54493272d0cbab6c121db64d5d2f16a7e6626a86d0402b1b0d4e8599e1897797fc294471d278ec86f8966c0022f4ef06474d72152633747f7f2f46ebe774d245cd5c04ea986a0bd6f94425f8c2c8ee2d41695184974ed40faeacc0db66b4f601303029d57a2721009559b64d8b10fff11a8bf26145d2e749423a1725a115125ccfd7893be3bb087d6034012963a05b24164df4a5c078eb6a2a601f1a2766170272703e89bc96824582ca00394bb0e27bfce68eb85edbd5cf4681414d4441b9c96f37f1ab29df1ca9bf9752fcf385ad35d43795019b88aec80e4b5b641f1c93ce273e0e8fe70a67050943d7461e573f67c77c2243387c4300be3433dd7e46b55e6d4f1414d88308a56614748cb55c7d890faa663206c4f4fe451a36649ad34a2ed17dd3613b3df3e8a084a2a478a552db468425b7c05bd032eec170a8797201fb077d78dbf45d52d019135a9dfd2328526ae6afd71341e23a6a48c5ff6930433939e665907064d30299be8cf76ac653fc357ab1122b1c50e0dae862e2a51df1c5dd38064fa2f08bafc4052f749da4e6e08de616077d3265fe0edf3be3e927915b866e03752d5b4c2e1c1e3ef864278f57e3aac2037202382edb2c383bd201b787cb58a7b0f9c2124adb2a965b557705eefce6b2e820e38b1ab698978d4d2444a3b7bdd2d35f92a7774295a6adecd180f968af8faaf0379b568ee918ca75da7b85141af634e3fa35300e30a3b192a3331c12f1ae690990d20b2d8b611c622a1240d316d296105274c0ee0f012aa74627421f7f12f0878588a7a7a8c9f71ed577bcf0cdf6a6002e8d71699e89a54d6d02014cb1dc7374e7591fe1e92d236dc7d17c9c9d5880a3bfadf5582195222f80d72a9ca36c35d19b7fe1511f576d80e25d4f257aeb838a17a2487746e984d794233813504d2d83176f0bde0af017e86feab33c91d1af7188085e4234d7fdabd855d3c5d7f39ac4016afbdbdcfaa4ac5b28c0870d7f3d2a9402cd88927ac34bd2f2d112", 0x1000, 0x0, 0x0, 0x1, r1}, &(0x7f0000001280)) (async)
r3 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0xa00, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000008009d000040"]) (async)
r7 = getpgrp(0xffffffffffffffff) (async)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696") (async)
setsockopt$inet6_IPV6_XFRM_POLICY(r8, 0x29, 0x23, &(0x7f0000000400)={{{@in6=@rand_addr=' \x01\x00', @in=@empty, 0x0, 0x4000, 0x0, 0x0, 0xa, 0x20, 0x30, 0x0, 0x0, 0xee01}, {0x2, 0xfffffffffffffffe}, {0x0, 0x0, 0x0, 0x6}, 0xffffffff, 0x0, 0x1, 0x1}, {{@in=@private=0xa010101, 0x0, 0x6c}, 0x2, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9}}, 0xe8) (async)
sendmmsg$inet6(r8, &(0x7f00000090c0)=[{{&(0x7f0000000080)={0xa, 0x4e21, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x0) (async)
fcntl$lock(r3, 0x24, &(0x7f0000000000)={0x2, 0x0, 0x23137caf, 0x7ff, r7})
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000000)={[], [{@fscontext={'fscontext', 0x3d, 'unconfined_u'}}]})
openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) (async)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r9, 0x0, 0xf, &(0x7f0000000140)=0x400030, 0x4) (async)
r10 = accept$inet(r1, &(0x7f0000001300)={0x2, 0x0, @loopback}, &(0x7f0000001340)=0x10)
bind$inet(r10, &(0x7f0000000140)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
io_setup(0x6, &(0x7f00000012c0)=<r11=>0x0)
io_destroy(r11)
r12 = fsopen(&(0x7f0000000140)='tracefs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r12, 0x6, 0x0, 0x0, 0x0) (async)
fsmount(r12, 0x0, 0x5)
fsconfig$FSCONFIG_SET_STRING(r12, 0x1, &(0x7f0000000180)='\x00', &(0x7f0000000200)='/dev/cpu/#/msr\x00', 0x0) (async)
fcntl$addseals(r0, 0x409, 0x4)

14m16.19765105s ago: executing program 36 (id=5860):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) (async)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x20000023896) (async)
io_setup(0xe4, &(0x7f0000000000)=<r2=>0x0)
io_pgetevents(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
io_cancel(r2, &(0x7f0000001240)={0x0, 0x0, 0x0, 0x8, 0x4, r1, &(0x7f0000000240)="141b0d2c871bd9467c840f1236baf72c6413eb89700574056c571e78a8ff8194581ddc1dca3a14ba6711ed93b3b6710d7b810d8c2f609a08968685fed0fa8ef4c08b6ba7c87d218f97301ca0de9a7a99aa14920ec15fb38f52b59657555f9bbfdd5e60a1034994eb7d7bf7c090ba72aaf96c98b9d9a60e6f45743c664d9651c7e825417c5361f20917b39bf1c8aa44820157c4936ee1318d4d91dae2a212c7015878effac163dd40bfa13f18ce2d2053f5771588d73c613662f903ba182463ebeaad67111f4350ad05f1c55f0d0b95007ea434d889f5bc8866bdfe0ebe281ffe70c28cfd251317c906897fc7a2a210c4806553e3dace5c3390ee324870efb65632ff4e6771ba37f4740eaaf4693d20ec611ac76095a6d92f7528ae357ce2a5e7a6b46a32115d36d6fd8692a99c65a77bc43c5667dd0e67801572a4591977045d29ccd5471228e80f65d15e5efed087d3df3233d2d848d38e443b041b2307ac65acad683e1938124cf71b65f18161e81b5f6484518134054bb9260db3c7df3388564278cd25b6f2ffe08cd2a560fe566cf9556b10fad75099b033167489aa8d0f986184c39f951be664686deeab14b76c145b795071b275ee29b6356b468843e7e4783fc5bb4a5700ac314b4b6f471b60d507800a787338b5d182bb3e5b0cdfff46dae1ee371d20f67b2c0b784a744b48fed1091feb7752dc07dc7507f01268507dd10119248eff7c9a3ca2e39c646e37f8c8571cb6ac95716c6ea5d9728359579bdcfa0678e794f13d7365054465c21bd3b85d08939f0b29a0babbb3ecc09d63eca6c3a9e90ccb4bdb1be5ca6e4f21070fa3eb3b4d9a93ff41b45255e2654f9ceeed5fbbedb18e4f12544e3ad51a3411789837d9438e3d7fa415940ef002f640393b824f8b95ee6d5da6b9c06a39ecae0963cea72dbfbf8885668ba29feff317f864fd348d1b66e7c9cdd3f50e044438242b70462253246d9cfbc0c24e46d395cb75fd7d9a059ef36a2176c526b9333d537d31186ccab99d75e99898e2c10e03861683d46b6a7d50686d7484e89f8fe0560b6e50cf68ab6d87560fae8b1175a4c1edcbcb83c8b7127e46f5433411665ec7925ad85585c561769ef6ba08004f58e55fd9765f07599b6332cdb2e40784d8fbcfb584fb346ffbae3c81232d636333de60b5821bab6812b220815e56fc851dc840899e7846405b3a0e6455ba25a654075d0a5df6848e080deba8bb920352b1b6b54df561c7e00377c18aca1c7b02dbc5e2ca49377a643b0637be3073987dba7d8fa35f5df31604df0200d3376e96157bdfaae0d016ce245ae4c4897326c2d24a2c36d57c60a9ab22cee8f6fcba69f1e68d69897e35a01b8902ec4124366232f94fc67fb19f51581977d43ea55941897fcc4a56ce5fc99929488ef997382d0859f2267dacbb042d837ee1fe2e75af2742dbce0de5ea4f10d6f545bac2427e8a003b3e3d7ef9b7e1c8b3b13bcc78f94bd606581622ad867293c1ea65022361245f666951ea98bc2b1e1e7029bfc406cbb2ddbdeda21c2bea27bab4cb9879ac6104e780a0f96e886fef27277270be4d02efc959ad2d77c3db97dcf201b9285d9e1c5f7ac0098cf6fb76b2c51a3fec5bed8eb1bcc5dcf5b81e77ddc7ce2fdf96d59322ea5ee843a305f5c1eaaaf111fb6a6041398d6c283ef220c5cd6f225976a6b8661bf87b64150fd9ac39a7efc3c3b1bfa9e724870bb0bcff7008bd1131cce18a1d66ad18bcb444301e10dd441a779b6e7c9f5215a00dafffd3373e7791084bec4d7478168de84fffb5ea2ee88a4f266c5626b49812a3cefb5673ef0273aed353b221f1600958eb0b97b8930196d74afffdb8d8431cec22023f79d7f4ffb54dc9081ec4e1db4afb5c2c5acc261027e73be33ad4bc67e8259993a259c84ea45dd6202d8d564d89b34037683fdd0e1d6e4ecfb30369b18006b6e56b5c83d61d14954aa2af33f2d939798e97fa01098143fdf6d6dac862275a2e4465aa22c3c457bd4335b8fa4cf1665af900f4329212743649a4060951565626761f41a7762ec3aaeadfb1d3ac837800841a8794c8ad7d03c3c3117c0a6c22fb8168ccaa417479660d9f48eb680f277e893b2539130c91c454679d277df7ba7bef4e8375c2d4f42a11dcfc462ba4edb1ffa66fad0ea7832a972e448fe5b24234c43e5e55ab5d9a52a32ca31542bec59ce34c70aa6b659460bc3ca0260025e1eef8d9dcca63c9d19ac67d6a789474069ad77d1e313688341a145eed23aa757443eb25f105541980d96260e690c1956ca37a91d1ce7776e739a52d1277a55d60a885f12b815c981da98c0c31fc219249b9682038d57d22f31bed60c45db9656cfb63f3991e632ee1a96748c072858e46789f6d246e298e76347a31d7d4253618200fc5996ddef3165cb7ea9e7591c1457e4de99000f4791e8d04970c2997871b55f285d4aff267cadc7d84cc9d7306e3d5c09ca7b8062f032b23d27b3ea486870545586b04cfe9a0b3afb24fe1cb82ec7c669a4094702c3535639f4825851ec5b27f6ec9c923b460ea458faaa9a5f48bef6d6b2e21185c1d4339c7b3afc5ffbd36a5a15da2764defb2c76a545cdb4456fffed51df741fe384d3919920a854373d9d216f5b0398174828e8c757a0bfa75292e190e7c557a85d70016f9f9338f90c3176a93457d4bc99a5b968e1ccf9169f86019f2c158a7981b61644f4ee8439588334015378acaebfb3ab241a0a8b5c19955301aaa454b69c4e43b04285baa27d91bf8367213866597620887255ed87750894ea2a78b4d41e60fba534ff698772aeaaa6c671d090f682fb4caff02d001a9eced87de313564c0b2574c2fc5cd34273a6abe6b7d5dec4661dbccc7300ae180053a8afd17441fea58b6bca03722a8639ca742b6c334d71f141572f5a9fd1e49cd06039276a0b723ae570cb415c8f00d573a16709692c32ae282b31bbeed7d4772cada70af081243196592d25395c0454e824bdfcc35294a29365fbeaf72f5738041c30357bdac0cb1d31c5a2d4e2e39688c6eb9d9efcd2803a42b3bb8f92c740f8815ffaa11ab86d6fcbd8e42b18061d13de3568a29415e98ccdde4c2efdd6c0652714bc0bfe4ff5a27d6ec161df9adbe46356fc3c524cb24cbccc5bec74ea26bedc7ade9fac00ac5757f2d82bf81fd41b4cfff40a8f6cef340b775e23f52e04b227fe9891025fdc9f41184646fcb659d850cea0c12dfcb0873cad1be0b46d4945ed9e7faf491677838b0f2fe492bf0459fa769f12da0d6d4f62b4e627ca0f64c2ca73630e1c2dcb7203e0a7dc45311cfa1b6f6f9417d35a77af47fbaf89db1a9fff31c9f99bde6fd5ec157a146f2c39fddcfaa5a4fbcc1f669465d54401227df8f17bc0b016b8de9725be4dc742574e2490ae6b7b7a8f19b5b7cc14fb83d9ca596ae8715f73207f0b653f13a7630d1156d2a8c4d99c473f12b5898d398b17e37ee342454c3777b782bd6622836c8af83fb02abcd3542728ccfa2e2e68b4628c6ccc38aea489c25e21dc5ff554f8a650cff3244f9b3941ba153924fbfecb7e217347628a6d8c35832428fa0b878c88520605a0ab4750b5faf0a95ba3a26082096b82f513576d6c3070d9b257be5e461cdcad1ec6e5f8bf46fff5e0ecb7699b43ee84732b63314b091284621e6d9a78ba1b993c4403f4af190821f41da7f6d3fff5680e82b5d012f8df3aab94def20d71b686a70798be01ec2ca26f16283c6f8fd2adbe6ee793a1478b3097d7ffda4aece2245dbf0e3217fa25c6704e2fbbef27be5db81876fdb5648a70f928a3fc695d6bb064419d921158aa4d112deb8bda29cf0ded9945fddddd883fdac2e94de000182cd005a7d0da0b1d7ea86d51daa49f146fe5a687941f346a829cf3015c5afb535869d7ab771a0c90e597df882c39aee21fedc56a5396b175ee2d4013f4d881ffa8a0152e8375c241027518f96e5ced791ac1ac99874668786f7abd733d3c667cb27f3175a42fb8ed3d359edc9874f4e9478bae62f695069ef2ce1cd4c73da690ee787dbac0107f1489d296139baf3ad20a31dd5653c13e6a20684b0a6e40bc50b418cfa0a290aa357c568c493c3b435f45064650bf2585772bc253a8d730b97a593cc148f500e0ba3026cfa20f4f0da765876bcb2bfd8a0e166e4c9350d8d9432dbd5c204a482d03d27ca8b27f07094cad7a6ddd7c01e744cfb7358d07c5d7f6b9a38295021d4461ee152ed41bbbe8f183ed902c50af6120dbcc6fafa928c93fc2db511106bdc4fc26a78886eb16a4663bc9c94acbf62561dff93f32853d90819ae4c761a182a9670f7b56db3bd8577541fdec4c963af87fb734f88584568c9da3c794f0c0b01352a68de361e5b9a932b56123bb480241953d328a8782f944e80d9716d7b4b0ba4fb3feccd852e8a0fdf378e609f05344a80e856a129beda53082b5792e1c5ec1e7b5c40abb8c77ac3f45c7703d1ce30173e7d414ea9f5917f07e1bfc4f0ff6257b580879bd342b2f3ded849ff283fe13751c5e845a1ac96aa6e3b99b507a44f5bc022416437750ce4141a0733c43432767bf674b9abfe0cd8ff3b5031bef582e99b3d5ef61ec879875a5288b264659a87509b615091ef89e0d5f32fbc2345ad527a119fc2b8ed0e726e7eb525ed66b3845f54f4b84e0388254da7d675b5c24906282fdd4cb0cbefc9e6f342ac53f8f0ad941d26494bb3be0744547a5cd16915877181486d32a137afc834a5f390ff51a95ffa99f3fbcd10cf19c8d0caad54493272d0cbab6c121db64d5d2f16a7e6626a86d0402b1b0d4e8599e1897797fc294471d278ec86f8966c0022f4ef06474d72152633747f7f2f46ebe774d245cd5c04ea986a0bd6f94425f8c2c8ee2d41695184974ed40faeacc0db66b4f601303029d57a2721009559b64d8b10fff11a8bf26145d2e749423a1725a115125ccfd7893be3bb087d6034012963a05b24164df4a5c078eb6a2a601f1a2766170272703e89bc96824582ca00394bb0e27bfce68eb85edbd5cf4681414d4441b9c96f37f1ab29df1ca9bf9752fcf385ad35d43795019b88aec80e4b5b641f1c93ce273e0e8fe70a67050943d7461e573f67c77c2243387c4300be3433dd7e46b55e6d4f1414d88308a56614748cb55c7d890faa663206c4f4fe451a36649ad34a2ed17dd3613b3df3e8a084a2a478a552db468425b7c05bd032eec170a8797201fb077d78dbf45d52d019135a9dfd2328526ae6afd71341e23a6a48c5ff6930433939e665907064d30299be8cf76ac653fc357ab1122b1c50e0dae862e2a51df1c5dd38064fa2f08bafc4052f749da4e6e08de616077d3265fe0edf3be3e927915b866e03752d5b4c2e1c1e3ef864278f57e3aac2037202382edb2c383bd201b787cb58a7b0f9c2124adb2a965b557705eefce6b2e820e38b1ab698978d4d2444a3b7bdd2d35f92a7774295a6adecd180f968af8faaf0379b568ee918ca75da7b85141af634e3fa35300e30a3b192a3331c12f1ae690990d20b2d8b611c622a1240d316d296105274c0ee0f012aa74627421f7f12f0878588a7a7a8c9f71ed577bcf0cdf6a6002e8d71699e89a54d6d02014cb1dc7374e7591fe1e92d236dc7d17c9c9d5880a3bfadf5582195222f80d72a9ca36c35d19b7fe1511f576d80e25d4f257aeb838a17a2487746e984d794233813504d2d83176f0bde0af017e86feab33c91d1af7188085e4234d7fdabd855d3c5d7f39ac4016afbdbdcfaa4ac5b28c0870d7f3d2a9402cd88927ac34bd2f2d112", 0x1000, 0x0, 0x0, 0x1, r1}, &(0x7f0000001280)) (async)
r3 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0xa00, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000008009d000040"]) (async)
r7 = getpgrp(0xffffffffffffffff) (async)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696") (async)
setsockopt$inet6_IPV6_XFRM_POLICY(r8, 0x29, 0x23, &(0x7f0000000400)={{{@in6=@rand_addr=' \x01\x00', @in=@empty, 0x0, 0x4000, 0x0, 0x0, 0xa, 0x20, 0x30, 0x0, 0x0, 0xee01}, {0x2, 0xfffffffffffffffe}, {0x0, 0x0, 0x0, 0x6}, 0xffffffff, 0x0, 0x1, 0x1}, {{@in=@private=0xa010101, 0x0, 0x6c}, 0x2, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9}}, 0xe8) (async)
sendmmsg$inet6(r8, &(0x7f00000090c0)=[{{&(0x7f0000000080)={0xa, 0x4e21, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x0) (async)
fcntl$lock(r3, 0x24, &(0x7f0000000000)={0x2, 0x0, 0x23137caf, 0x7ff, r7})
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000000)={[], [{@fscontext={'fscontext', 0x3d, 'unconfined_u'}}]})
openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) (async)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r9, 0x0, 0xf, &(0x7f0000000140)=0x400030, 0x4) (async)
r10 = accept$inet(r1, &(0x7f0000001300)={0x2, 0x0, @loopback}, &(0x7f0000001340)=0x10)
bind$inet(r10, &(0x7f0000000140)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
io_setup(0x6, &(0x7f00000012c0)=<r11=>0x0)
io_destroy(r11)
r12 = fsopen(&(0x7f0000000140)='tracefs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r12, 0x6, 0x0, 0x0, 0x0) (async)
fsmount(r12, 0x0, 0x5)
fsconfig$FSCONFIG_SET_STRING(r12, 0x1, &(0x7f0000000180)='\x00', &(0x7f0000000200)='/dev/cpu/#/msr\x00', 0x0) (async)
fcntl$addseals(r0, 0x409, 0x4)

7m49.882716831s ago: executing program 8 (id=10961):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000030000000000ac1e000100000003000000000000000000000000000000000a0040"], 0xb8}}, 0x0)

7m49.794761422s ago: executing program 8 (id=10963):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000014c0)=ANY=[@ANYBLOB="a0010000100001000000000000000000fe8000000000000000000000000000bbff01000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000320000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000af0000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017000000000000000000000000000000000000000000000000004c001400636d61632861657329"], 0x1a0}}, 0x0)

7m49.686766604s ago: executing program 8 (id=10964):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffd}]})
clock_adjtime(0x0, &(0x7f0000000000)={0x66b7, 0x11ff, 0x0, 0x7, 0x0, 0xfffffffffffffffd, 0x77, 0x0, 0x0, 0x0, 0x3, 0x248a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x6, 0x5, 0x0, 0xf439})

7m49.641045154s ago: executing program 8 (id=10965):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000002d00), 0x2000)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xb3) (async)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='nr_inodes=1']) (async)
chdir(&(0x7f0000000340)='./file0\x00') (async)
r2 = syz_clone(0x0, 0x0, 0x60, 0x0, 0x0, 0x0) (async)
r3 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r3)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) (async)
syz_open_procfs(r2, &(0x7f0000000100)='pagemap\x00')
close_range(r1, 0xffffffffffffffff, 0x0) (async)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xffffffc1) (async)
ioctl$ASHMEM_SET_NAME(r0, 0x40087708, &(0x7f0000002600)='\x00\x00\x03\x06\x00\x00\x00\x05\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80`4/\xe9\x15\x9a\x9f\xf0:\xfd$\xad\xbb\x9a|c\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\x16\\n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84\x04;\xc5[\nja\xb9\'\xc9#\xfcx\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~~\x84\\\xe4\x00B\x05\xd4\xea\xea\x7f=\xc6:\\N\xc3\xb7Vw\xc6\x9c\x96s\xaaHL\x96\xc72\n\x18Ynj\xceTS\xfbl\x0f\x9f8M\f\x89\xa1\xd2Hs`\x8bp\x8a\xc4%\xf8\x1d3\nV\x9a\xaf\x1f\xf96^\x93\xc1\xaf)\rg\x86\xd6\xea\xa9\x0f\x9a\xf1V\x1b\xbf\x8b\'-\xab\x8e\t7\xd3\xf7\xa9v\xfbY\xe6\x9b^d\x8c\xb1\xdd') (async)
ioctl$ASHMEM_SET_NAME(r0, 0x40087707, &(0x7f0000000000)='\x00\x00\x00\x06\x00\x00\xbb\x0642\x9c\x1a\xd1\xcbx\xb0\xd6\x1e\x10gQ\xca\x0e;\xf7\'\x8c\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn\x05\x00\x00\b-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \xac\xc4K\x03\xfa\x13Vz\xbf\xe3c\x8d \x8d\xc5/\x0f\xb1\xe9\xf2oci(\xcb\x82\x05\xfe[H\xaf\x01\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafd%\xf1\xdbjE\x01\xd1sD5hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\x851Y9OB\xdeB\xe1\x02-&\"1hS\x92\xe4\xcd\xe4\xfb\xcb\v\\%\xa3\xc9x\xef\x81E.r\x89\xe5\x00\x9e\x97\x96\xb8j\x81\xf0\xdca\xfb\xa6\xff\xff\xff\xff\x00\x00\x00\x00d\xf0\xf1j\x11\x12\xc0\xbb\xfdq~#\xf7\xa8\"$,\xf4\x84|\x89o\x00<\xa6-\xb0\xd3\x80\xbe\xcf\a\x00\xfc\xa6\xb1\x05\x94\x84l\xbfA\xeb\xd8\t\x00\x00\x00CvNhx461\x04N<\xedV\xcet\xaa~\xf3j\x94\xec\x92\x86uY\xf6\xb5\t?,~\xa67\\\xb9\xc9K\xf8\x9d\x96\xc0\xb5\xc7wF\x99\x12\x97T\x90.\x9c\xe3\x9a\xf1\xb9\x9c\x13\xbc\x19\xde/\xaahB\t\x97\a03\xcd\xb3\xc8\xd5l\x14!\xacP\x1f/\x91z\xba\xfaT\x0e\xd8\xef\xc8\xe9\xb4\xf3l\xc3\xf2\x988\xc8\xc2|2\xee\xb4W\x99f.\xeb\xe9\x05\xcbkz3+\xdd\xe1*8\x95@0t0\xad\xe3#\xd7\x19\xe7Q\xdfmI\xe5\x1e\xe4\x87\xc9\x8f\xa7\xe0\xd9v\xf6\x01\x9d\x8f`,\x1a8\xc6\x8a\x86l\x8f2\r:\xc1\x02\xd6Z%\xa7Ks\x8bUolS\x17\xff[\xb1\x00\xff\x7f\x00\x00\x00\x00J,\xc6\x1c\x9f)3\xf5k')

7m49.522159386s ago: executing program 8 (id=10966):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)=ANY=[@ANYBLOB="08010000160001000000000000000000fe880000000000000000000000000101ffffffff00000000000000000000000000000000000000010000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414000000000000000000000000000000000032", @ANYRES32, @ANYRESHEX, @ANYRES64=r0, @ANYBLOB="3b0d07ea773e3ed72c6bab341f42d799c925b9bb20a54b83b69d0140ef3f2b6f2745c0eccf98a24d21529850aa9be8483f38bb9542b111795ed26e08bc995588c95d6bbc0cb358d796daa1ee00ecc54d34e7e30ea8061874f2a5308baf092ebfa936e7"], 0x108}, 0x1, 0x0, 0x0, 0x1}, 0x0)

7m49.31275063s ago: executing program 8 (id=10969):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000a40)=ANY=[@ANYBLOB="44010000100001000000000000000000ffffffff000000000000000000000000ac1414bb00000000000000000000000000003b0000000000000000000080ffff", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="64010102000000000000000000000000000000006c000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000fdffffffffffffff04000000000000000000000000000000020000000000000004000000000000000000004000000000000000000000000000000002000000000000000025bd7000000000000a000301000000000000000048000300"], 0x144}, 0x1, 0x0, 0x0, 0x44}, 0x4810)

7m49.224018151s ago: executing program 37 (id=10969):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000a40)=ANY=[@ANYBLOB="44010000100001000000000000000000ffffffff000000000000000000000000ac1414bb00000000000000000000000000003b0000000000000000000080ffff", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="64010102000000000000000000000000000000006c000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000fdffffffffffffff04000000000000000000000000000000020000000000000004000000000000000000004000000000000000000000000000000002000000000000000025bd7000000000000a000301000000000000000048000300"], 0x144}, 0x1, 0x0, 0x0, 0x44}, 0x4810)

7m29.582509386s ago: executing program 1 (id=11248):
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2542, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x1, 0x0, @ioapic={0x4000, 0x0, 0x100, 0x2, 0x0, [{0x5d, 0x8, 0x2, '\x00', 0xb2}, {0x8, 0xe, 0x9, '\x00', 0x6}, {0xf8, 0xff, 0x5, '\x00', 0x8}, {0x0, 0xc, 0x8, '\x00', 0x8}, {0x5, 0x3, 0xb, '\x00', 0x86}, {0x7, 0x3, 0x0, '\x00', 0x8c}, {0x10, 0x27, 0x4, '\x00', 0xf9}, {0x7, 0x1, 0x1, '\x00', 0x58}, {0x8, 0x3, 0x1, '\x00', 0xd}, {0xf7, 0x8a, 0x8, '\x00', 0x81}, {0x4, 0xc, 0x6, '\x00', 0xd}, {0xde, 0x9, 0x7, '\x00', 0x4}, {0x8, 0xf, 0x8, '\x00', 0x9}, {0x4, 0x44, 0x82, '\x00', 0xfd}, {0x44, 0x7c, 0x7, '\x00', 0x10}, {0x7, 0x4, 0xc, '\x00', 0x5}, {0x3, 0x9, 0x5, '\x00', 0x2}, {0x6, 0x43, 0x35, '\x00', 0xc}, {0x7, 0x7, 0x18, '\x00', 0x2}, {0x9, 0x7, 0xa, '\x00', 0x40}, {0x5, 0x4, 0x18, '\x00', 0xa}, {0x7, 0x0, 0x0, '\x00', 0x4}, {0xfd, 0x9, 0xc3, '\x00', 0x4}, {0x81, 0x5b, 0x2}]}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x32, 0x6, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x81, 0x80000000000001, 0x4, 0x9, 0xfffffffffffffffd, 0x0, 0x10, 0x800008001], 0x1000, 0x3e5212})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = socket(0x10, 0x3, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
sendmsg$nl_generic(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="640100004a000102"], 0x164}}, 0x0)
userfaultfd(0x80801)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/custom1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001000010700000000e9ffffff0a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x4046014}, 0x400c0)
recvmmsg(r6, &(0x7f0000005080)=[{{0x0, 0x0, &(0x7f00000031c0)=[{&(0x7f0000000280)=""/198, 0xc6}, {&(0x7f0000000380)=""/174, 0xae}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000000)=""/15, 0xf}], 0x4}, 0x390}], 0x1, 0x12040, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
dup3(r3, r4, 0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wake_lock', 0x202, 0xc4)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$cgroup_pressure(r7, &(0x7f0000000080)={'some', 0x20, 0x56, 0x20, 0xe}, 0x19)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f00000001c0))
openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r9 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
fcntl$setlease(r9, 0x400, 0x0)

7m29.25742042s ago: executing program 1 (id=11254):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0) (async)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, 0x0) (async)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1e1243, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000080)) (async)
ioctl$BLKRRPART(r1, 0x125f, 0x0) (async)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB='lorgz;ck none\x00'], 0xa)
ioctl$BLKRRPART(r2, 0x125f, 0x0)

7m29.206697071s ago: executing program 1 (id=11255):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="84010000100013070000040000000000ac1e010000fe8000000000000000000000000000bb0000000000000000000000003c00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb80ff04d3320000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000004800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c001400636d616328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0"], 0x184}}, 0x0)

7m29.114779773s ago: executing program 1 (id=11258):
mount$bpf(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x400408, &(0x7f0000000cc0)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0xee00])
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x1f, 0x0, &(0x7f0000000000))
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xac651b13f84cb40c, 0x40010, 0xffffffffffffffff, 0x2f1ab000)
fstat(r0, &(0x7f0000000280))
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x4}, 0x4)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/wireless\x00')
read$FUSE(r4, &(0x7f0000000440)={0x2020}, 0x2020)
setsockopt$packet_fanout_data(r3, 0x107, 0x16, 0x0, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r5, 0x0, 0x3, 0x0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$FIOCLEX(r6, 0x5451)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x8, 0x10, r2, 0x2935a000)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='oom_adj\x00')
write$FUSE_INIT(r8, 0x0, 0xfdc5)
setsockopt$MRT_DEL_VIF(r2, 0x0, 0xcb, &(0x7f0000000100)={0xffffffffffffffff, 0x4, 0x7, 0x8000, @vifc_lcl_addr=@multicast1, @remote}, 0x10)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r9, 0x8914, 0x0)
write$cgroup_devices(r7, &(0x7f0000000a00)=ANY=[], 0xffdd)
socket(0x23, 0x3, 0x88)
lseek(r2, 0x10001, 0x0)

7m28.975032305s ago: executing program 1 (id=11262):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000004700)=[{{&(0x7f00000000c0)={0xa, 0x4e22, 0x2b4, @remote, 0x8}, 0x1c, &(0x7f0000000ac0)=[{&(0x7f00000005c0)="5a54d25935f1e281303beec4db878cfdf3943c9dc0c2369e44056212de6f08b36502b6779757238b99394d932b3747d9c3071a020db08bba55339aa6e1cd86701df74991c3b7f695fb5cecbccb32924feda8003f7cb7055d9341beb82db8040cfc0ff699242c7838cb47de01a46e37fc12da784062a5697bcc3529fbd12abc0dbaa83d046eb50590a326e1f7aca1e4", 0x8f}, {&(0x7f0000000500)="ebce8f4a3ad6f79b42231f8a6ae6d1795c143943bf58052d91d293163a2c070ef977e96f475ea53b479d22cc60700215c356a383d8fdb6da91ef81ab4f4d9351", 0x40}, {&(0x7f0000001640)="b42debb7bb5e0d4a9d147347af095030d170505f0c50579da4770ba44548dac35812c481acd13ae0eda0f56b02e248608fd7c6ba1815b0a169586d0c38edcac401754717a3db76925e6b440348469d96903cb7a17c3fd7d778dd8dabd8417659061eba46f8c2ef4972370c50735ac1320e277ecc1230a74b0314bfb4319495d12df0257709ada4a79b6db9dc0d4d5605f3788a84158bb484d4dc9701ed6d7f57fdd3fc1d75d1add15472a01899365793a0b6d43a8cdeb4261f844345125b24f0f6ca16270d0b2487aeaa3dd9fbc65fcdffcb39a84eae121d4f9decfa1816e32e98090ba2414aa3c1be60fc0a95a533c2e9d44f24fb28bb8ff334a4fa64293166494f15bb3be6d6b5dba7dfeb88362656178f9d8a5e5aa812ee6df95a3bf46e89fa186d6c796c1086290ca7c224f197f041ef304b65608984d1ee2f8ca6ab0bae74f88a5628efab0036e68f2aacd2575fe59a7896c81b0f26ae9809ddfc714a67f389945c4e35dd7ce91e334381dc4e4dec39137e2e672752aad296156b1cfbda2e9ca4c3ec5f46d0d2926e14868bca86b3ae216165ce892c3399604e19aa0e193c92bc90e72869238d87429ab86505d77b896c366a08fce4192e35a8329b43071f5a0c07d532c081ad8fa23b8ea31edce68cc57314cad6571afe98e6da3b4216d25c5f7a6706dbca215c99fcf0b13b0fa7d0d5528042ee12f8bb73d783d508d82c64a1854df7f9e54c01ee4c376898e66cdaf23b9c33927799ed211fd656c67190ed8739cc827a327cd53f73b74f2eb248521e9afe4cff26c05613b5bc9bdb0637a0946b93038256e542f04450fc4e8f8772ae64e8177157508479e118677f0b8dd05134f5d666ad3a22dfb9e74da21cd843e9a0ada6d281f3f5c2798c5ba0a75fb1babf4f694814f29f3e99f7b47c8bb1f556bcd99c01af29409fa7015050ccfbfac6c43ddb60e797789ca895b6419e56f43438cfbeffe2011a331bdc2ebe0cf535d064f859516f1c257fa902f4ce512e9d261f387c7ec3956d44d3cf23744ccc0c04cf21b87172c4d3dba5343041368f5de174061c8ab0a7b95e8669700939e3a3ed4a242e14438499d30c0dda69a88f009e2d64011d186a8f4600a75b598fb183010046c1ba4122d7c71de63524c53dca96d5e7de9fcacf69cf578a9a7ec6bb54f560e4a10dbd87bd61a95bef5dc4db87c490944e93768a893c556e826398de9c2dea4bbecd4cfe306f01173fbd979a2b5ab08e9de8551b347d1aae56d79c3446b0620cbd2cfc8d9ab8e76a234ce29690fc2020d8ee1903212ce4440363f1833b4b7eac859d3796b86a4c7959b0366774918fe04d020e7fa156991ae01e3428ea50826eac3ae900355eb4f72b7bab4508b3ffcc1fabfb41b23beac5fecefdedd361127f7f4d51560381ca5f9aaa27fbee6e699daae5a50b2522f450424a7dc84bedc89c70401838e95416eb6f4784c250d9575220122d72ba4206a751e289029b0873602483cba80ccad4a3c638401b76f615ca1d19d43fbabea159284cf6219c45fedcc3a8c1266865bf08c5aa259690a776a2d2b30679fa94e47f63c889287c0c12878d33df7778d673be0669cf72d1d7ca1dde36673a204f4658ddb04e852264273309cf652a5aa8346adc0820ef53e0aeae0ce4ec53a1507582452a83822bfb9023a22ed35bf4667de19292ea6431a034961dddedbb0f9983b3f8643d07b8a8866547fa3d305f5b3de6bcfcf778118bfe28412e2edfc3aeeb1097d2db5cffc8036814349d9b7f4c339f428980f2448f3baf802e7691f5ab831baf66a522c1b3ab45fd927d1ea8cdb7aa91e1a072fc84bc869c5241326b043145aa7b3cba92b5d2b1a4902f53f16344fa76a3102729bb40f0dee81838ece09af81813044c1f4518ce3c8fdda81a60f2d29a5fdc5302114b1b66734f7b84efce2f12fe8dc984dbcba4b61538a04c07a2bfe90b588ac7a97113a5a69d6fbd787dcf18951a5274d21e8bd81f583e013e367c7ca2ee181cf74b05d2d39ecefab132cfe8a2c374e5b3c550bcc96caab44aab64e00a050a46bb90deb618b95d9749d4ff442b7186911cebf3646adc1d2b11b1c2718fff68626937234e9c1572ae790993be59313d287498bc553dbcc998aa190e5c79696b591fe8db572e37bfc764903602330dbc3ec33cc14db8c52ffc4124dccbe5cd1ab45194f9480c111f7541e898c9c6098bc27ff369c18653769120fc5cc155c0456d9181f25ca0d1e28fdc2843c97390e4893c3abf3d303e1cbab73f35a23f0ef3bb89e2c3b4e29b02cb0fb1351c18272741caaebc5b7fab39cf9bdb3e7797c1dda2db2decb7e488f2e253aef3a2720ef4923b0a9597704eaa3a911c440758b090498a9c3ca4ad5f13fda2985fc873c48a5d1ad30fae94fa0733babaf7790e39541c5b569804c343673e99c90e2d6a32821758421d12968f31330b08da69149d435e5c39c929cba4fd6d716a8e73bf1421cd899c40f3b3c76f1ae2e4e69bde48841dd723a4a142915d190d2d5f39e0fc9467e9438b0a2b892b25454523c8ec973e5c7259599e3a74d5c87ff51c4108ec86c23ab6dbf3853d717ab228a494c03e1b16c1a83498ef6617257c30942e9cb2c00d70fa9626fa3b512ec27b6acc4a65d574c5ecbaeeb4c234c73ed2ef9c4762d0a666cfe055310143d082ba4317bd8a24acfe514a0f9db2173e01e186b9b4515392758dd27ce6387956274e2496b29a37afd22be97eb0a93b8ad58934570ca5d0d66158d9cb82557a73f07532bea4c6c69ba9363a82fd0f7ef702eaccf607d7bd2fe7000dae3c648f6ee158b31a85f4fa2c886ce8c4b0054daab1da206f836712157ce811e9820aa63ba3ede63161d73018198e6f149281c2214cb1cd895f532e38e327df6e0dec45a8c4710d693fea4250f7c7f9a3c4882175fa458a4e3972295b4866bdc47b589fe67a4267ac40714ff0fa5e057808f7ebea8446e6fec5fd678fae7efd7254b8fec13e8b8d0e97080be0f64c52c45eb903b5bef97d9eda06a498b0863973b3e3be76ec1a9dd46a6116213a5f17ec67507685b81a830920494da49f6712d1621343373a5da2dc7af9bfe51467e9724ec8c8557f6a179827972374e9926919bccc64f2c90a2c7466ff605ab9240dbc668520892525914be6cc08914a6591b92e37de1ad2406163b7e57a995dd4b7f1362f46e31dd5fa2528798636361e0358125a3fdfc6f6e1792014b09cb2b88dbe48950748d302b659f6eb354bec283d030e99b57cdb442bdbc2b46f898e7b2ca3b1742ade72d39f789cc1019b9315da8f33f5bc2c7ed4ae9eeb7cd085941290896878c6105009b526c1613ed88c3a52b83f7811cecf6be2c4474a1b3eb2531f3f03b1d20bee9dc56d0a2c70f42381577d4e8adf49fbe1c16935196317f10a2574e788ac3e6b085ba6c1f12451d716539d2ad8cb29ad5daf43483b5f0f4cd3ff02377938c068ce8c3e8e3b0730dfaa8de4aea0f68ad1e93762fdfc0be960a4801ddbf194a2c4b8a773d636a5c729997a3ebdaa56a343683c4fd60b7906e394742e6b4575dffb59fa15b50b78ef262f509e2aaf856e31416cadc0602959621f9cb3024ee41569fb4eed1ff1ea12f58b840f14c209f7bd06c15b20bd87de8126aa3b128d91b767a83b32b280e4568a9b29680741e20c3725ed256c96ee8a087bd98a95819f6d069f443105fe924d6da6fb12930eb36afe373a16fef17a5867fc4fe43a02995e7f9cf442177582fe6691c12c2b4959977dfc0604584d7c68bc1d251b066f00d98e852ffbdc5f74ab7dafcea0cd876f2681d2b59c1710e11eb0dc8e5c9415c35070945c7441b0ca0e8d4a4653bb353b774bf5dd2447991cfd7d326fec9eb256b5844e881168a194bb6f9a1734019a6780bd618d11d5ed57e0274185e18f332f0fbec6725d9823af196df666d642af7caf3d9d35750f74f08c5610a29f66f20504d848da9345e4d512ebcb3859806641ad1f956fb4ed804ba3370248eb95354b2e1d4f52a728284fd14313e0d972f1a864f8c80cf3182c1a412b428d5f984e24ffe1324a169ef3cc24a80bd3ece4d5606664e8196445b59a4406fa6544a79a57876db5913102333d6680a4ff5d7eef7e75a3ab77b7f787ff107a923572a15627cb6a1c74a2c65ae90f7d96ad5911c29b7eae3c241b78ace508be0d3936189398bf2f36f976fd56e96d590395ced4a6e392bb5258a3bf5cee7c61ad8949058d412a141063e750b78d3f7fd4afbd767dfb519645b8be2acbb986c5950efebcadd8d38918084f02fa3f2ff67adeb0b95b5ddc6d6e0abb99f832fbed6df99d507b6fe57ec9dcc3b016a4d037e4f4513f5d7dd6ee10abd89050cd35b66be9144a15080566c70946ea9347753db1410595ebd98f965a9f28b2a22e3266b7424c1ee7d1a3bdf2dec1fe901b41717be0b70f1ebc55414de00b77c74c2e4444bfd63bc8eac962b2d6385530c88fd08a0a7906b092158e2e10b1ee8a12bf8d2bdf12eb0fa7e51edfde2a38dbde89aca4fb3db484625ff05841e139b4e4f18a572042dab130a21ef26d29190afa52afb91fcc45ccfd96f76a4df86778ae5069a8e7d0d06e05632fb0957018415b540e23d9b5925e24be261b15bb35cd1f4a5da5f0b62d765789d7c641941d9e7736369335dc862cd35aa63eb52060e319f00c85d673c57cabcd71c9e34b6b6407c04533c1b4d38bf2bbda5bed235ccc142202a7d09303951201257621137a250b3dd0cd9feaaeb296c567f3d8df3442736fb6c392d039c4fb985609b7384b61bb9c29cc8e84fb9b960e41f267ee36ef1d7251141b47aa1423959e1ce125ef4cda37fa7d9d403c7c760a5ed166c3b8a1d4ff9118769faf52deaf65e0d539da3d5b55d26d04510393739fae2ad2f657521d09cb3903938cd88444923b6ee0d406d98cfd5e4404173a18948b3757b3dfb44f004d14fdc6669d546a4c889b502ca5de2ff5690665c04fe4a90ea7678cf71752d6e744967b0bba2a8fdb9bbedb151edc9de00afe0179c8f505c5fbe2ba4102a735446fca4e6f1eec0391a0b4b376495173f3a153ab1aa80f671fc96ca2a85ae1696dcf7dc74115b507cc3e433edbea0c94f6b2644711ffe7a947dd344cdf33acd0d2dfcc5c9787851fde6f43dad973716ae995734c2c96a1680660c451307e5da80a226adf006b8015d81eb51804dbbf545646655aa427eb11a549f47176bc8190a3e391e8554581dcd167185157001611b0d31e0b8b88e17509040887db0970c20d14b92338d53630928decd18673938f85abf113b2482ec6917346e5a821351ed1bc357fcd01", 0xeb8}, {&(0x7f0000000680)="39056313cb3ff74b4fe704b0143ca26bed2aa3ad6fd7006b092fc5c109548e2422403273fec91ae57f41329c36da963422c390ca50f5af78e0bd0f96e899147438e9e25ab46e4fb95243b454938cad532e562a70756e72cb124606ec1065571f436b22e1d83f83dc9d8b558a96a1ac735893185320f9f399b4041dfcf1adf474606fea68d86070eebd143ca14352cc312a9f65c6200be959148420c005355963488fd0ee72ee279843126ed3473fb1bcfa7b99203fe5bd96d91280fd80f83c2b08fb97c313e7", 0xc6}, {&(0x7f0000000780)="e40ff2b313fc132c5752b67d20ddca64ff7d2965ca58a8560d83c638ccb11dccf6711e37f8a24b93815e55bb1a9871192d699b8614631828912856504b43209d3ca673348757c9fbb8d26518458659bbfdccacf434c8fbf9f1a29c6152705da59309032675af63a014b699a8005207b71fa9073c345478b66dc3fee46cddccf5d84e09a64f8e15c1119c8cc6c76782de4f08f0a9ea7c118f3f71982558dc51642f722c86cb823292678542ed16573817226f5939872ef4f768b97f27fd1cd5932c1019315be6dbddf22d53f196d0fa610fff930b27b6", 0xd6}, {&(0x7f0000000880)="29d0a84c697ce9b743132483251a6b8058a8518520104573c7a612eb1b7d9338e68c479a5683d8ebf799fa42f4640572ec4eec24704c73457c90ec06713fe16cf23dc167f18711b0934899339f9b4caedd0ae76f4b735a20e008c4d1883ee548402e39333d92ed3ced0d816bb7040bc4b9fe351d2db6b9d36e28cc64", 0x7c}, {&(0x7f0000000900)="6db416717a91347fe44c8553ca6dc9f33648f8447915dff4ba5b40985d4f0d8920999fa08c2dadeadf122ee6a96cd2efc49048b091c233c946d6b88fb316c71b252568cbbd13b76ae2ff1d2d4c55693b32ede16f26c4e68029f17b8115f0a472c4db840b08fbd67a49bea534cfbb51b788330a74d675fc93a3c3f8b246d01fc5bf4de1c24050233d15649320b87ae52c17ed9e3f1a187cc3efa453797ba368868e6230e8d462bd9c9afd5e48bf5e7411ac8c06863b340a88f5e8e946efb755d3efdac4af5d13", 0xc6}, {&(0x7f0000000a00)="e6c0e3b9379bdf47321248aac0050b3171987ef396e82b1d9c50f90e088f85c9f42747758d82b97f697f13f6ca17a56d396d05bd97c0ffa287cde5b933049bc8c6223cc8774f1e182331364e45f533fc0eb150ab73c4d676fd80c4f697e1d565d892393aa9e28fe87554b939fe47da537b98434ac19564181be193f4b260706fba0a3fe77c117fed8a3dad5116ceb4368ff452f5474f5bdece4e33e0846a798a2d18f1307991b9295e84845d0f", 0xad}], 0x8}}, {{&(0x7f0000000540)={0xa, 0x4e20, 0xffffffc8, @loopback, 0x5}, 0x1c, 0x0, 0x0, &(0x7f0000004940)=[@rthdr={{0x78, 0x29, 0x39, {0x4, 0xc, 0x2, 0x8, 0x0, [@loopback={0x8f000000}, @mcast2, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, @private1]}}}, @hopopts_2292={{0x80, 0x29, 0x36, {0x88, 0xc, '\x00', [@enc_lim={0x4, 0x1, 0x3f}, @generic={0x4, 0x56, "e9d4dc8043a3b5a6571c438170ffd411d8f255f96fa280da081d86fbd1f02b0e1fca908037c2cc57cf0b936904fc8629191235225a70d7ff3ed8bcbd3dd8a01a65506df80a25fa27bedc78691e7e04c87e36043173ac"}, @pad1, @pad1]}}}, @tclass={{0x14, 0x29, 0x43, 0x10}}, @rthdr_2292={{0x88, 0x29, 0x39, {0x87, 0xe, 0x0, 0x54, 0x0, [@local, @local, @loopback, @loopback, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02']}}}, @hopopts={{0x18, 0x29, 0x36, {0x5e}}}, @hopopts={{0xe8, 0x29, 0x36, {0x0, 0x19, '\x00', [@generic={0x2, 0x31, "542c1ece5cfe775a834463efa27b1acbe594c93a9a2fd2e11be202e70f2b5c0cf9b2f7cd8774c09159c668475df3a50518"}, @calipso={0x7, 0x20, {0x2, 0x6, 0x40, 0x4, [0x7, 0x4, 0x6]}}, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @calipso={0x7, 0x48, {0x3, 0x10, 0x9, 0x8001, [0xa5af8ec, 0x1, 0x4, 0x3ff, 0x20f54351, 0x80, 0x5, 0x7f]}}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, @pad1, @enc_lim, @enc_lim={0x4, 0x1, 0x1}]}}}, @rthdr={{0x18, 0x29, 0x39, {0x2b, 0x0, 0x0, 0x1}}}], 0x2b0}}], 0x2, 0x80040c4)

7m28.902086016s ago: executing program 1 (id=11264):
syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0) (async)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0) (async)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x161242, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x7, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f00000002c0)={"8022e64e74e6f67b82f0d8a62127912e8e0facb291d8f00126635901181631134a20c7ef49c18bc0bbece53852b95bb8302f6c2286d6b0fb5b13bbdd128c382cebf211c3853f6fb48ab335f3ac853cf7c64d4f27ece7c262cdabfa5660cde1d28dc3eab72b8cfa5b08d6129c86ca79bd9dc43c37e75246dcf04b3816fd90365c877a2c10e8ef4c444ecb4784a0afbf5e962e390bb1ad3bbce049ae51325e79f5ab8bfa80b35fff1da6833ec7fa9ebfc93da9e4b190e5e3a752eca97dc669a937e6ab654169108a38d414fb90e1b894494f314298428ef482b0009084c95e735b6b09ca2de115d77f6a657fb7da142c896f9dce212aa58af72879da88687ce4620501a4ba17e906a02662f902745e9f41b50874ce099ac0fc00ed05470d176364b1f30495b4a088bdde663172734fa8107e5fc0cd4fa60869c83a6669a4ea3040dbaa38f2571543d8521e37ab5aa5be850e3ade4b3682db01d94841077e9eb09e6de146aa0c8fc98fea7bb50efa589af6978ec8d970f908dc4676ea3d15b3b6ebe8ae56a6292704900e611367b278b6716b4d04279792aeb649688ac6bcb7a5e58cbab0c07c8916a7cef3bb0d6303523bad9c0ad5f3024dfbdf364792b75f0b01333336b3bf645fc40061edf7e042de07fc652ec4958373d9f3af542adc030334cc63caa85c8a2628bb1d257c746b2cc57798c23e30f2799f5f392f6af7a3d0cc47299928634afd54ce987c1951989ef81b39f5c7ba4cb2a74250f15261fedf3a25396b83199151ea4b406c2e1aa3135f2a77a8d75b75ef0b25efcdb3b031d8eaed29862173e93994f8d6e6e70df79978551804744eefa635c71d4b38da513f3ea8f48853322cfe5ef1b1ee632e0fcd3eae1993d883fc91f0f2437dce252b6ce5175e7d119afcb9c3c92baf3df6716ce61b54d0dd7dda2360a4c93e26f3eaa4a1637d108966074638697f5b374cf9ae6b32dce29da73fece352c94a1bdb45d6e0fe98533562ee5e55d2f2d3ce5c301ca9c5706a1d0605414f103878eb88169e6681297616b4e1c8c1a43a33f5d99b619962066e7c5698470772696f58dbed61d8507119769e30101f229e012a08b76c0d752cdb290d46f2504177164282fbd084a4817b5ed7448586bc3de1d30af5472e6b67d2ad120e1401ebdcc5358c8eff7e68f4a48aed32f55970a5a6a7c7dcba4887bc4bb1c7fde1610ed25f4f64f25a9f79fad21b5e558fcc97c120c0977a92f5471cc391edf228ff4bf7f9fc7b92737e32b3af48780cb96f5623b5f01dcd3cea45d72ccdb7a36682fd3094542726b24790534728f2c0b2757edc7599ccb170b2db42c9460c42082081ab86d9d5fc971b4d7987ee2c70ced65e08d74474763c6d6ec671c42f6acaa4ccbd2fe981121c04571c1794450b9650b0249f2a633e880ab386510ea86298112a2f01f0ac7f81ee"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000000040)={0x80000, 0x0, [0x80, 0x0, 0x8, 0x4, 0x3, 0x5, 0x400, 0x936b]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x7004, 0x101000, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
read(r0, &(0x7f0000000180)=""/95, 0xffffff51) (async)
read(r0, &(0x7f0000000180)=""/95, 0xffffff51)

7m12.804994556s ago: executing program 38 (id=11264):
syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0) (async)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0) (async)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x161242, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x7, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f00000002c0)={"8022e64e74e6f67b82f0d8a62127912e8e0facb291d8f00126635901181631134a20c7ef49c18bc0bbece53852b95bb8302f6c2286d6b0fb5b13bbdd128c382cebf211c3853f6fb48ab335f3ac853cf7c64d4f27ece7c262cdabfa5660cde1d28dc3eab72b8cfa5b08d6129c86ca79bd9dc43c37e75246dcf04b3816fd90365c877a2c10e8ef4c444ecb4784a0afbf5e962e390bb1ad3bbce049ae51325e79f5ab8bfa80b35fff1da6833ec7fa9ebfc93da9e4b190e5e3a752eca97dc669a937e6ab654169108a38d414fb90e1b894494f314298428ef482b0009084c95e735b6b09ca2de115d77f6a657fb7da142c896f9dce212aa58af72879da88687ce4620501a4ba17e906a02662f902745e9f41b50874ce099ac0fc00ed05470d176364b1f30495b4a088bdde663172734fa8107e5fc0cd4fa60869c83a6669a4ea3040dbaa38f2571543d8521e37ab5aa5be850e3ade4b3682db01d94841077e9eb09e6de146aa0c8fc98fea7bb50efa589af6978ec8d970f908dc4676ea3d15b3b6ebe8ae56a6292704900e611367b278b6716b4d04279792aeb649688ac6bcb7a5e58cbab0c07c8916a7cef3bb0d6303523bad9c0ad5f3024dfbdf364792b75f0b01333336b3bf645fc40061edf7e042de07fc652ec4958373d9f3af542adc030334cc63caa85c8a2628bb1d257c746b2cc57798c23e30f2799f5f392f6af7a3d0cc47299928634afd54ce987c1951989ef81b39f5c7ba4cb2a74250f15261fedf3a25396b83199151ea4b406c2e1aa3135f2a77a8d75b75ef0b25efcdb3b031d8eaed29862173e93994f8d6e6e70df79978551804744eefa635c71d4b38da513f3ea8f48853322cfe5ef1b1ee632e0fcd3eae1993d883fc91f0f2437dce252b6ce5175e7d119afcb9c3c92baf3df6716ce61b54d0dd7dda2360a4c93e26f3eaa4a1637d108966074638697f5b374cf9ae6b32dce29da73fece352c94a1bdb45d6e0fe98533562ee5e55d2f2d3ce5c301ca9c5706a1d0605414f103878eb88169e6681297616b4e1c8c1a43a33f5d99b619962066e7c5698470772696f58dbed61d8507119769e30101f229e012a08b76c0d752cdb290d46f2504177164282fbd084a4817b5ed7448586bc3de1d30af5472e6b67d2ad120e1401ebdcc5358c8eff7e68f4a48aed32f55970a5a6a7c7dcba4887bc4bb1c7fde1610ed25f4f64f25a9f79fad21b5e558fcc97c120c0977a92f5471cc391edf228ff4bf7f9fc7b92737e32b3af48780cb96f5623b5f01dcd3cea45d72ccdb7a36682fd3094542726b24790534728f2c0b2757edc7599ccb170b2db42c9460c42082081ab86d9d5fc971b4d7987ee2c70ced65e08d74474763c6d6ec671c42f6acaa4ccbd2fe981121c04571c1794450b9650b0249f2a633e880ab386510ea86298112a2f01f0ac7f81ee"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000000040)={0x80000, 0x0, [0x80, 0x0, 0x8, 0x4, 0x3, 0x5, 0x400, 0x936b]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x7004, 0x101000, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
read(r0, &(0x7f0000000180)=""/95, 0xffffff51) (async)
read(r0, &(0x7f0000000180)=""/95, 0xffffff51)

4m30.602311911s ago: executing program 9 (id=13513):
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = socket$packet(0x11, 0x3, 0x300)
bind$packet(r3, &(0x7f0000000080)={0x11, 0x1a, 0x0, 0x1, 0x2, 0x6, @broadcast}, 0x14)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x200)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"})
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x4000, 0x0, 0x0, 0xeffffdff, 0x0, [{0x9, 0x0, 0xff, '\x00', 0xf7}, {0x0, 0x2a, 0x0, '\x00', 0x7e}, {0xfc, 0x12, 0x5, '\x00', 0xba}, {0x11, 0xb, 0x0, '\x00', 0xfe}, {}, {0x0, 0x0, 0x4, '\x00', 0x2}, {0xfd, 0x0, 0x6}, {}, {0x0, 0x8f, 0xf7, '\x00', 0xa}, {0xa8, 0x6, 0x0, '\x00', 0x1}, {0xb}, {0x5, 0x99, 0x2, '\x00', 0xef}, {0x0, 0x1, 0x5, '\x00', 0x3}, {0x2, 0x0, 0x8, '\x00', 0x3}, {0xc3, 0xfd, 0x0, '\x00', 0x2}, {0x0, 0x21, 0x88, '\x00', 0x5}, {0x3}, {0x0, 0x2, 0x6, '\x00', 0x10}, {0xb, 0x9, 0x3}, {0x1, 0xbb}, {0x0, 0x4, 0x0, '\x00', 0x37}, {0xfd, 0x9, 0x0, '\x00', 0x5}, {0x0, 0x6, 0x9}, {0x7f, 0xff, 0x3}]}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000380)={0x1, 0x0, 0x1})
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f0000000140)={0x0, {0x2, 0x4e21, @private=0xa010100}, {0x2, 0x4e20, @private=0xa010101}, {0x2, 0x4e20, @multicast1}, 0x200, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000040)='netpci0\x00', 0x5, 0x2743, 0x3524})
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r9 = getpgrp(0xffffffffffffffff)
syz_open_procfs(r9, &(0x7f0000000000)='attr/prev\x00')
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x4052, r8, 0xffffd000)

4m30.251303347s ago: executing program 9 (id=13518):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="04010000110007000000000000000000ff020000000000000000000000000001e0000002000000000000000000"], 0x104}, 0x1, 0x0, 0x0, 0x32}, 0x0)

4m30.170877708s ago: executing program 9 (id=13519):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x1000) (async)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) (async)
mkdir(&(0x7f0000001f40)='./file0\x00', 0x84)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000001000/0x3000)=nil, 0x3000}, 0x7}) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) (async)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f0000770000/0x3000)=nil, 0x3000, 0x9) (async)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x511340, 0x0)
readv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/139, 0x8b}], 0x1) (async)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000180)=ANY=[]) (async)
madvise(&(0x7f00001d7000/0x4000)=nil, 0x4000, 0x12)

4m29.865437723s ago: executing program 9 (id=13522):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r0, 0x6, 0x10, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x12, &(0x7f0000000240)=0xff, 0x4)
mount$binderfs(0x0, &(0x7f00000000c0)='./binderfs\x00', &(0x7f0000000140), 0x0, &(0x7f0000000280)={[{@max={'max', 0x3d, 0x7fffffff}}]})

4m29.693573525s ago: executing program 9 (id=13524):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="84010000100013070000040000000000ac1e010000fe8000000000000000000000000000bb0000000000000000000000003c00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb000004d332000000010000000000000000000000ffffff8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000004800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c001400636d616328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0"], 0x184}}, 0x0)

4m29.604385077s ago: executing program 9 (id=13525):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8500, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x10004, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000200)={0x220000, 0x0, [0xfffffffffffffff8, 0x10000000000006, 0x200000000000000, 0x5, 0x3, 0x0, 0x10000, 0xa3f]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read(r3, &(0x7f0000000180)=""/95, 0xffffff51)

4m13.146749652s ago: executing program 39 (id=13525):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8500, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x10004, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000200)={0x220000, 0x0, [0xfffffffffffffff8, 0x10000000000006, 0x200000000000000, 0x5, 0x3, 0x0, 0x10000, 0xa3f]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read(r3, &(0x7f0000000180)=""/95, 0xffffff51)

3m2.726774304s ago: executing program 0 (id=14587):
mount$binderfs(0x0, &(0x7f0000000280)='./binderfs\x00', 0x0, 0x2000063, &(0x7f0000000400)={[], [{@flag='dirsync'}]}) (async)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000200)={0x3, 0x0, &(0x7f0000000140)=""/60, &(0x7f00000002c0)=""/206, &(0x7f0000000180)=""/2, 0x80a0000})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
write(r1, &(0x7f0000000440)="36941089a4dbe115aad737070d340f2342dd11fa5024d57a548f139d8c5e1f8f268b05c425fcb2cf6a6ef7f353522a2c4e8163a486dcf3378a939b506e74072e08bc8f0ea5468d157f41b6f018991d3f9444645dd71eda7e992cddedee9bf268af8e681d03c9beb2316c9ec931d79ac52f291bb895b543ea519b808a0675d77d08119babe044882b56d76ba166c4dc915b590f3bb5c55a84171a85b06f982400b86ea7f1858fad4c3ca4c3d5728d9cae57c8fbd99db6933969bd558ea19864364ecad8d0f2ddf0c59d1a4c43994aef593eb925f8745115672437817949aae9011cb70041118f750a2e0130e486f1a269", 0xf0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x14, 0xc, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil}) (async)
ioctl$KVM_GET_DIRTY_LOG(r4, 0x4010ae42, &(0x7f00000000c0)={0x0, 0x0, &(0x7f000000f000/0x2000)=nil})
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) (async)
r6 = syz_open_dev$usbmon(&(0x7f00000000c0), 0xfd2, 0x440)
ioctl$MON_IOCX_MFETCH(r6, 0xc0109207, 0x0) (async)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r5, 0x400455c8, 0x0) (async, rerun: 64)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000000)={0x5, 0xe91, 0x6, 0x10, 0x2}, 0x14) (rerun: 64)

3m0.43660475s ago: executing program 0 (id=14603):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000400)={0x8, {"940de312c9be185c33394390ce360adcb8443d1ca2464ad29fe46c8717a823e29b12011e867516a9c1b63394e6b4922549ac2f98b0bafc013757371b5762e5b03b4c8cfcc5d34368b21917740955f80e80fa98a68cb052b102c03e72a4c6702778dfcc5bb74ce23d914f8b143bd94d7382a385be93f61eef509d6cbffae00ad2a23728722436d1c150b512b6c642cb2eeaecb085719014332015474a4ddf7098bb5ac398c0ce256e4dcfd4613dbe9a34b96439546a28db9ce97b344b6c97288b3854e127b4f533f56439a74fcffc41dfeffc5d7a99c01a0fedfd937af595c05a942216581f8efd1ffa1c23c6f08d6987be16bb52420c80bda5da46987fbf7209487defe0374226a526d3588660192d921bfe407f1d1833f390dd8b41b30c53b4deba5a086c516d9bc8ca572d8f0f875303c85bd16570e89f74d7c4ef547a07dd62f334fee76e2e0ca31cca1ad0528d7448ceecd4c9785c302a40bc114335dea8775958a3beff8eeb31afcb9a2c7561980f8554220769e5e90fdfb2f5a905518ef1667a91e2dd474383e4312ea219fe65d421006734fe04661f75e69ae825120b33fb74293e3b83e7f7f563b475cd6e08fd6878ee424fa141d3aee86d952c212c2e7730796510a463a8da486852b23a1d62b714a11301499029d9efb715a11b64f24cd2660c9a47573ce4dd042e333e433ee28b2bce545cf067040193057de290965c1d547fed137e5eb22f5c0a06ad4de6b78204bf053f37c5d96b8053ea445b640360da8fce3391514dc3d1f4e4b35047138cd8c2717bcba278a4f8c27bac01b469ee3fd04004f58287a18307b0ad4120f2c26b08c3267249bfbe1064a3f171e0cfe595f7ab146f3148c73228edf694dc0c400c36e3493b1aca5f85972dadb8d02bddb607b7a431750ca4863812b8020000000000000042db2971e280541cbfa446c6c6d85b77e3327a2d327c25b7619647374e76b1be266cb68959d2651d0c7438cb1b53982191858c66500d8536013701194a9f02dd77216f932e07a4c4b4558b2a38d7e5c39a453c8fb5fae0d00550a2d143f721cd676d842f2ae39ecbf99e027b4cf9f3c2a9bf3b663e51a0b29cf4cfb0877d5b89fdfa93fd9bf33392e6a2c8df36f9f2faa3716d293b7d94c93458c17df99aaadd218fe4c7b967b43f48725e6bac67bf9176e8c63f94862b036b1870bc314b51fea9d0c92020427abaf5be10d3faad2f684d46a2461f2a92350d6f204f03ad2a9fa54cbd8a7a3e7ba2d54f3615ac5ea47f120572f8ef941e81b0812bfc4227ef5719093afbf90040ef1a5eda64563eb7fd015ea54342340ec8648d911a8f3f358ca124ef8c70685bce2fbaeeebf54d059cefd53751b5cf33fe2d92c9df6a63821b6db5188210565e132768b192fb27e745605c529e3648060a98d656f35e36dc4be3102bd678db0ceb0301c5cb0f7f7a08c55cd038a5f751a7c96116f0bd9c9a349558a7a8fc6a73cce1132549169822bf32d742fc4f4e2e50f59eb669f2384282247c60253edc98f9bc802a288a94e1011a066ce9f6eca5f87d2afd893900c3aff87be959451269bc9ac735c43c1e5ecf5d5bff262a27f0c8a1ad401492ffec662e27b12399096fee9910d0fadfd1e1bcf1f20f8f7e5ff1cce9e8db0fd71dda6f228aa96bba6b4120361a6f6acc832be5daa1aabd03a9ae810f0d21466c1a652a47c11db6a8e52580a8347326113b54a4beeaeb21b45e5ef0aa3cfbfb22d99640b7b935bce8e37cebce586f7fe72208b491795a9fbb220ec9b98dd7811ced86292189ce351e8a64c6afde9c1dccbaaebf7e5e3d5e529e926e814b381342c13ea0757ce52a0b0a155d1c85c4108deffa719a22bef7b681a17504e22d6fe9197699e0a16a7104f412e3a681c8ee41d8fbddc8610c161f1fad9e4a5e526e20ac61496e9f3596cc94b79e9680a64a832dc26d6e33e127abe5c405b16978bc4297a85ccaf1599b195db9d66b698c770d84fa90d89b51eca02ed3a3465b8eca9589af034bd6b9c8f6329e393e4753887696ae5158e8ca3ef2e66fac38a6d6a1b61e81d5b6a3c1cb007d64a33f1fe01cf39b82b270e9083ce13b1a32f0c98376d43cdbf9f17b74655f3000343fe051a75ac658a84629b1245107652d6dfa54b1a7d77922becb74539ffb11292794f12ebfd3ea8888c7cd10692d52c85340f92c5d01464fe36deaaec6ad6cc22870372d61485e2d76accd9bf93e0842efe5652e73100a6727b3a4ce4d1594c8ddb5742897d05fd6f6333fa1b90afeaab9fc7426251d24deeef43784f12c0bb09f102962ee9ab427a53fd8da8e1e3c8000ac7164e61d6258c515dcdd911fb1a519d7b38e556457da330ceda8e948aeaf7421d37faf50071f0d38c08fc938278f247084195e778ac90ab7bfafb59c2a1c643cd18d883a46a6cc41410f505ba209746d6b12c015eddf31b6c9ebf2f04605518033721cdf02b1da210ca1465129b443c0c46247b5f8cceb000af2c551fcea1c1bef29c5859e95bcf0956b9092279b47dc652134d2bc54c3688978fd4d7c203749da5e4824fe314aa57e76f58fadfafcc7660b68b1a6043acf8f9f0c259d16fe236b5906f88816e7ab69b67f762ad79a5f654c507cc49be181525ff05cde4d56b53790151efa8060c4685e2b1dd0ad89551a41e0d3dda33c2b528922849a8dfcd7246c242c3b2aa38a69e3e5a37c5806c4bcff53e08ffc7a830d925e3394b688ffffffffcbfe387c9e7df19cfb2b54303c101557aa2ed080194fe0af76d672ed77dfa4c5c0c0f9693f4e8c446d3bc19c0a8654bb4ba8b4daae69edf414615473ec2aadaa6871b7d08a51e349acc7b16fddf741f71670da4c2b0eadcf19f46f0fd18b59ecf7b943a2a5c90125638a3b3270a366c074868e62fe2e8751ff3e60411d7e1b3fb6a873f7843489f661f1bc401765cdfacbd76e1b52e15fb10fc19dc4803d3a4743ab977fae35eed00d59ddf64fcbc61f5fa0cf4098d0babde4a397d2ef100c23ca9f836656d5f25b018606e148e3f66400a682472ed5d28b7de624ed838277432623c11027da18378e46c3fd340585b4835ab1d771266322eee56c3e6bf3300f5d48b6b01f515ba7f3fb726cfc6fdf6c07a2f46bbc3f36fc9ba6e551a46335337c881cc4b73e79e76638411adcaa81ee3b6d0e6e6c721da36dcab68bfb0ca6ba7b2c267b80120143a5c4be333b2cf85b3bd2425ca691ff367d130dbbd8e5f6a819e093eae9d176c1c3fb61557f9e5080ee7703fe2ca1061b52d0a40d7ee2f408b3ceac303e302d96d929c17026793c66423d748a81adfd7cb29027f327b0dac4055e88e385f0400f97988aa1fa40cdf776f9f07991fb55d9d4bf62ebefced240d821bd4fbba62c1b62320228c6a4ca613878e3eb538eea28e92b5d909fc7e63ed5a544e7698d0b7d3d99415d4028a5da4cc67fcba3b744acd4f92938027f42b785405228a38d85fd678703b9d41a6a54cd48303a6be64408101fc5471641c1c5a747244da684fef97aa48bf1a225007f26d9f4002a0dc14d01191ef1d749ea2ea05c42c173c3244c1039c04341b0cf37574d8b78e357b451bfcfb79762ed6a4fbc689690bf37afaa92702a0349ed9aecd9111df9fd57b97749bbf5003991029344497c9ff85adaa7a2e566647ba5bad341eed62034b581981dd7c9de9fd4c241a54ad4d6e9e1cf7ca984b13c628cc65eca0829e69d4d390581e43cd2ed5c56608b45c109f35350fb875316e71f79c433319462d4b589a1f7f2d14d43092655da23d63c63298ed62dd481ab0bc58e97f397b39c94b32fad6a1e0cd9da2dfbe6897ee4986fdbafdb0e4b575f800df5da43cf318ea7a5e83a0136b3bde3296b2bd230ed212f79500c6a4458522c3881532b7bfd170647ee65931760f35a1c1f95b8c93e4233f0de2a13c83f31522f2bee05a57c8378ac6bdd3c9e30dc188b30dadb936f35a3fa247732ebae6a8d762992f8a96c1d26981bda157f2b676ac9d61bb786ac8c349da94dbf75a21b786cdceb47a92597b6d2b22f7dc1187cdb4681ce9bebd69977bab9eabf2a68c1d3b3463d6c7f1392e12a17deb97f2ce5c9ef4021d3b4e0df6b3f4b693e136e3931837e91617cd85846f3019a74d2d65f36369e73a461753631d72f9e2834c446ae7e173d6b1935adc0ce65eb0eac830d442a0344f2cbaedf8d48cb0a6959d07f208fbb2dae434f4fdf35b265fbdbde4138b455b7941096d55808de601ddd8a41a70b12968862d0b4086d4ff55152aee65eaa761a9588bb25bce193b4e55ebb183807f118bff0ccbd85ea761e7c3b6cccb64f97b3f1bf7a96eecc7ab40e770a1620209b509f23aab0f769a16c9b8082326987f0cd1de94b911ea6bef5cf15a93829b7cbf03aa85ef577633e058f81e9653fc47d15ab8bead567ed2affbbf5a470302c065086324dc304c777228050ea9f717e45b6676fc9002ccd0428fcb27d839e4139fb17d4ee72e2fe8394e5de0cc814d92663f8c5f87e131a34ef7094078be0cf54763c82004af9727c7972ff1ea6162b279beea87bc2741e996d14f549d0474aabe780c5b80a35eed311cb734c23d01c160e439662c813126747c7d09068e32fa72605d71abc2a332cb59d81071818d5e0944194285f4cfc050392e505dd93c8c882f46fb6b70b4660784d543a6bf34653487840fdc298c8280241174805bf3cf38083224d213cd6076beac135ed3f8c4c6d808c45da2a47750cb0f4d2be6beada1c481a0152d80c0b520d2f090455494c83ba78eb91e6558d52ceceb23c956bb382bb280e6382d2cb679eecd2bcfb6107e2e4f568f1be293eaa0d2ebb77169b103d5fe74d745cf082c36022108b4c430a87fa8535f1c56d0c1d5dae50c549b1b08911e2d2619eef61131c7804b35c3ca4dac1f2595c68941b013b5ded8bfd52ed41da13c0886b7f9c61a5244a815711253aad7ea74eae788b1beea9bc15addb199d2fc79e81a34b887a0e4b935ad154e961c8b6972f124cae7742e82db1e714af15f34908960dbb4ea24e44ffd750c9d11dd45bfaae73028bc88fddf74b2d24de205980ba14f4889119f8a6291b3724497503ddf95222d5d050414e487a3dc65e5eda3169e10570a50440be346cc1f1b0c848410b46610c738636707c5d740a8e3a9b688c2c1ea54135bffd2ffd87d9dfa902f3dd97b2a6068fa65f5a5f95da2b9f6124fe07682e27ab65ab96573e762f5060439e18649798e0b9d7864f91dbcfc983eea074d809f8f7f3c49c7ac504a754f9420fd9b22421afd7203f7cd6dd8c8e7a33709e12d004e402672af2b3f9046bc57854f98482538ad48723cd153cf03103c157cdb1a63e839a02c3f0041d7020280f96f3f7e0ce89c408be10d344540808dee1bfcb01f5293ab606c71ffc09f9e63b93b37e8d8007ad8432d2e81c3d1d40a57711bdb798ee91a3f05f93f4f46f883db0613bf95fabd523d955d0d4a5518e1bb3dae7646af8af8d4a4d7dcfac633c6efa3164f9e05bbb4b05947ac0e6c4edd99a768eda4c7149cf38a460b522d6405aa47fada1c78f56fbd336334b69d0a7cf6c46cefe5ecd0fd923b14929fd3db8a1a94ba63954b58ceb9b1e0f8471a02c13a160aa763083a5fd36c199075a769768e164f17911f5a416bb96198aa0954a7d27e30c480691ce80dc71a49100", 0x1000}}, 0x1006)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="500100001a00130429bd7000000000000000000000000000000000000000000020010000000000000000000000000000000000004e2400000a0000203b000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0a0101020000000000000000000000000000000032000000e0000001000000000000000000000900ff80000000000000feffffffffffffff0000000000000000000000000000000008000000000000000000ee000000000081000000000000000000000000000000030000000000000005000000000000000400000000000000060000040000000000000000f9ffffff2000080000000000000000000200048168000000000000006000120072"], 0x150}, 0x1, 0x0, 0x0, 0x612fc0b6c779297b}, 0x0)

3m0.310817652s ago: executing program 0 (id=14605):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x482, 0x0, 0x7ff}]})
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB='max=00000000000000000000001,stats=globCl,stats=global,max=00000000000000000000003,max=0000000000000000000001:,silent,rootcontext='])

3m0.186888714s ago: executing program 0 (id=14608):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000300)='\x00', 0x81901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x41720, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x1000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000005000000014d564b00000000af"])
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_GET_FPU(r6, 0x81a0ae8c, &(0x7f0000000100))
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @flat=@weak_binder={0x77622a85, 0x1, 0x2}, @fda={0x66646185, 0x8, 0x1, 0x18}}, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r8 = socket$packet(0x11, 0x2, 0x300)
r9 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r9, 0x107, 0x12, &(0x7f0000000000), 0x8)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000000), 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1800001, 0x28011, r7, 0x0)

2m59.350694727s ago: executing program 0 (id=14617):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, 0x0, &(0x7f0000001b80))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r2 = openat$selinux_user(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mmap(&(0x7f0000ff0000/0xf000)=nil, 0xf000, 0x6, 0x12, r2, 0x6931b000)
r3 = syz_usb_connect$hid(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000040ef17476000000000000109022400010000000009040000010300020009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x204100, 0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
rt_tgsigqueueinfo(0x0, 0x0, 0x1c, &(0x7f0000000140)={0xfffffffe, 0x4, 0x27})
readv(r4, &(0x7f0000000580)=[{&(0x7f00000003c0)=""/234, 0xea}], 0x1)
ioctl$ASHMEM_SET_NAME(r4, 0x41007701, &(0x7f0000000000)='(](\x00')
r5 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000a40)={'ip6_vti0\x00', &(0x7f00000009c0)={'syztnl2\x00', 0x0, 0x2f, 0x5, 0x4, 0x8, 0x4a, @mcast1, @empty, 0x20, 0x1, 0xdfb, 0x7}})
syz_usb_control_io(r3, &(0x7f0000000040)={0x2c, &(0x7f0000000080)=ANY=[@ANYBLOB="202316000000160aa7ea3163fd3b73d54cfc4ad28400000000000000"], 0x0, 0x0, 0x0, 0x0}, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x4c, 0x0, &(0x7f00000003c0)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat=@binder={0x73622a85, 0x1, 0x2}, @fd, @ptr={0x70742a85, 0x2, 0x0, 0x0, 0x0, 0x31}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})

2m59.266404588s ago: executing program 0 (id=14622):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000a40)=ANY=[@ANYBLOB="44010000100001000000000000000000ffffffff000000000000000000000000ac1414bb00000000000000000000000000003b00"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="640101020000000000000000000080ff000000006c000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000fdffffffffffffff04000000000000000000000000000000020000000000000004000000000000000000004000000000000000000000000000000002000000000000000025bd7000000000000a000301000000000000000048000300"], 0x144}, 0x1, 0x0, 0x0, 0x44}, 0x4810)

2m59.15716921s ago: executing program 40 (id=14622):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000a40)=ANY=[@ANYBLOB="44010000100001000000000000000000ffffffff000000000000000000000000ac1414bb00000000000000000000000000003b00"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="640101020000000000000000000080ff000000006c000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000fdffffffffffffff04000000000000000000000000000000020000000000000004000000000000000000004000000000000000000000000000000002000000000000000025bd7000000000000a000301000000000000000048000300"], 0x144}, 0x1, 0x0, 0x0, 0x44}, 0x4810)

2m8.392454067s ago: executing program 4 (id=15313):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="84010000100013070000040000000000ac1e010000fe8000000000000000000000000000bb0000000000000000000000003c00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb000004d332000000010000000000000000000000000000000000ffffff8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000004800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c001400636d616328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0"], 0x184}}, 0x0)

2m8.329487858s ago: executing program 4 (id=15314):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)=ANY=[@ANYBLOB="08010000160001000000000000000000fe880000000000000000000000000101ffffffff00000000000000000000000000000000000000010000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414000000000000000000000000000000000032", @ANYRES32, @ANYRESHEX, @ANYRES64=r0, @ANYBLOB="3b0d07ea773e3ed72c6bab341f42d799c925b9bb20a54b83b69d0140ef3f2b6f2745c0eccf98a24d21529850aa9be8483f38bb9542b111795ed26e08bc995588c95d6bbc0cb358d796daa1ee00ecc54d34e7e30ea8061874f2a5308baf092ebfa936e7"], 0x108}, 0x1, 0x0, 0x0, 0x7ffffffe}, 0x0)

2m8.254454289s ago: executing program 4 (id=15316):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r1, &(0x7f0000000080)="000000000097ffffffff", 0xa, 0x0, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
recvfrom(r0, &(0x7f0000000100)=""/10, 0xa, 0x0, 0x0, 0x0)

2m7.302838344s ago: executing program 4 (id=15327):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000500)='./file1/file0\x00', 0x0, 0x201008, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000001180)='./bus\x00')
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x80000006, 0x48002)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000400)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d9600010000000000000000000000000000010e00", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

2m7.272002564s ago: executing program 4 (id=15329):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="84010000100013070000040000000000ac1e010000fe8000000000000000000000000000bb0000000000000000000000003c00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb000004d33200000001000000000000000000000000000000000080ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000004800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c001400636d616328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0"], 0x184}}, 0x0)

2m7.146833296s ago: executing program 4 (id=15330):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000a40)=ANY=[@ANYBLOB="400100001000010000000000000000000000000000000000000000b3d043fc00fe8000000000000000000000000000bb0000fff720000001006999fb82000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="64010102000000000000000000000000000000006c000000ac1414bb0000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000003000000000000000000000000000000040000000000000000000000000000000000000000000000040000000000000000000040000000000000000000000000000000000000000000000000000000000000000002000001"], 0x140}}, 0x4810)

2m7.123775657s ago: executing program 41 (id=15330):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000a40)=ANY=[@ANYBLOB="400100001000010000000000000000000000000000000000000000b3d043fc00fe8000000000000000000000000000bb0000fff720000001006999fb82000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="64010102000000000000000000000000000000006c000000ac1414bb0000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000003000000000000000000000000000000040000000000000000000000000000000000000000000000040000000000000000000040000000000000000000000000000000000000000000000000000000000000000002000001"], 0x140}}, 0x4810)

3.018845283s ago: executing program 2 (id=17191):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x2082, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, 0x0, 0x2040)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000100)="93823f08c826a46e670b192cd7a2fa89e635dd", 0x13}, {&(0x7f0000000300)="1dd962be50a86ef9", 0x8}], 0x2)

2.864401356s ago: executing program 2 (id=17195):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000058c0)=ANY=[@ANYBLOB="fc010000130001000000000000000000000000000000006c0000000000000001fc0200000000000000000000000000014e24000d040000090a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="020000010000000000000000000000000000000000000000ffffffffffffffff00000000000000000300000000000000090000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000feffffff00000000000000000000000044010500e0000002000000000000000000000000000004d6320000000a000000ac1414aa000000000000000000000000053500000303030009000000b4000000070000007f000001000000000000000000000000000004d36c00000000000000fc0100000000000006000000000000000000000000000900010000000080000008000000ac1414aa000000000000000000000000000004d2330000000a000000ac1414bb0000000000000000ddffffff023500000002fa00070000000a00000002000000fe80000000000000000000000000000f000004d43c"], 0x1fc}, 0x1, 0x0, 0x0, 0x11}, 0x0)

2.754147927s ago: executing program 2 (id=17196):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000004700)=[{{&(0x7f00000000c0)={0xa, 0x4e22, 0x2b4, @remote, 0x8}, 0x1c, &(0x7f0000000ac0)=[{&(0x7f00000005c0)="5a54d25935f1e281303beec4db878cfdf3943c9dc0c2369e44056212de6f08b36502b6779757238b99394d932b3747d9c3071a020db08bba55339aa6e1cd86701df74991c3b7f695fb5cecbccb32924feda8003f7cb7055d9341beb82db8040cfc0ff699242c7838cb47de01a46e37fc12da784062a5697bcc3529fbd12abc0dbaa83d046eb50590a326e1f7aca1e4", 0x8f}, {&(0x7f0000000500)="ebce8f4a3ad6f79b42231f8a6ae6d1795c143943bf58052d91d293163a2c070ef977e96f475ea53b479d22cc60700215c356a383d8fdb6da91ef81ab4f4d9351", 0x40}, {&(0x7f0000001640)="b42debb7bb5e0d4a9d147347af095030d170505f0c50579da4770ba44548dac35812c481acd13ae0eda0f56b02e248608fd7c6ba1815b0a169586d0c38edcac401754717a3db76925e6b440348469d96903cb7a17c3fd7d778dd8dabd8417659061eba46f8c2ef4972370c50735ac1320e277ecc1230a74b0314bfb4319495d12df0257709ada4a79b6db9dc0d4d5605f3788a84158bb484d4dc9701ed6d7f57fdd3fc1d75d1add15472a01899365793a0b6d43a8cdeb4261f844345125b24f0f6ca16270d0b2487aeaa3dd9fbc65fcdffcb39a84eae121d4f9decfa1816e32e98090ba2414aa3c1be60fc0a95a533c2e9d44f24fb28bb8ff334a4fa64293166494f15bb3be6d6b5dba7dfeb88362656178f9d8a5e5aa812ee6df95a3bf46e89fa186d6c796c1086290ca7c224f197f041ef304b65608984d1ee2f8ca6ab0bae74f88a5628efab0036e68f2aacd2575fe59a7896c81b0f26ae9809ddfc714a67f389945c4e35dd7ce91e334381dc4e4dec39137e2e672752aad296156b1cfbda2e9ca4c3ec5f46d0d2926e14868bca86b3ae216165ce892c3399604e19aa0e193c92bc90e72869238d87429ab86505d77b896c366a08fce4192e35a8329b43071f5a0c07d532c081ad8fa23b8ea31edce68cc57314cad6571afe98e6da3b4216d25c5f7a6706dbca215c99fcf0b13b0fa7d0d5528042ee12f8bb73d783d508d82c64a1854df7f9e54c01ee4c376898e66cdaf23b9c33927799ed211fd656c67190ed8739cc827a327cd53f73b74f2eb248521e9afe4cff26c05613b5bc9bdb0637a0946b93038256e542f04450fc4e8f8772ae64e8177157508479e118677f0b8dd05134f5d666ad3a22dfb9e74da21cd843e9a0ada6d281f3f5c2798c5ba0a75fb1babf4f694814f29f3e99f7b47c8bb1f556bcd99c01af29409fa7015050ccfbfac6c43ddb60e797789ca895b6419e56f43438cfbeffe2011a331bdc2ebe0cf535d064f859516f1c257fa902f4ce512e9d261f387c7ec3956d44d3cf23744ccc0c04cf21b87172c4d3dba5343041368f5de174061c8ab0a7b95e8669700939e3a3ed4a242e14438499d30c0dda69a88f009e2d64011d186a8f4600a75b598fb183010046c1ba4122d7c71de63524c53dca96d5e7de9fcacf69cf578a9a7ec6bb54f560e4a10dbd87bd61a95bef5dc4db87c490944e93768a893c556e826398de9c2dea4bbecd4cfe306f01173fbd979a2b5ab08e9de8551b347d1aae56d79c3446b0620cbd2cfc8d9ab8e76a234ce29690fc2020d8ee1903212ce4440363f1833b4b7eac859d3796b86a4c7959b0366774918fe04d020e7fa156991ae01e3428ea50826eac3ae900355eb4f72b7bab4508b3ffcc1fabfb41b23beac5fecefdedd361127f7f4d51560381ca5f9aaa27fbee6e699daae5a50b2522f450424a7dc84bedc89c70401838e95416eb6f4784c250d9575220122d72ba4206a751e289029b0873602483cba80ccad4a3c638401b76f615ca1d19d43fbabea159284cf6219c45fedcc3a8c1266865bf08c5aa259690a776a2d2b30679fa94e47f63c889287c0c12878d33df7778d673be0669cf72d1d7ca1dde36673a204f4658ddb04e852264273309cf652a5aa8346adc0820ef53e0aeae0ce4ec53a1507582452a83822bfb9023a22ed35bf4667de19292ea6431a034961dddedbb0f9983b3f8643d07b8a8866547fa3d305f5b3de6bcfcf778118bfe28412e2edfc3aeeb1097d2db5cffc8036814349d9b7f4c339f428980f2448f3baf802e7691f5ab831baf66a522c1b3ab45fd927d1ea8cdb7aa91e1a072fc84bc869c5241326b043145aa7b3cba92b5d2b1a4902f53f16344fa76a3102729bb40f0dee81838ece09af81813044c1f4518ce3c8fdda81a60f2d29a5fdc5302114b1b66734f7b84efce2f12fe8dc984dbcba4b61538a04c07a2bfe90b588ac7a97113a5a69d6fbd787dcf18951a5274d21e8bd81f583e013e367c7ca2ee181cf74b05d2d39ecefab132cfe8a2c374e5b3c550bcc96caab44aab64e00a050a46bb90deb618b95d9749d4ff442b7186911cebf3646adc1d2b11b1c2718fff68626937234e9c1572ae790993be59313d287498bc553dbcc998aa190e5c79696b591fe8db572e37bfc764903602330dbc3ec33cc14db8c52ffc4124dccbe5cd1ab45194f9480c111f7541e898c9c6098bc27ff369c18653769120fc5cc155c0456d9181f25ca0d1e28fdc2843c97390e4893c3abf3d303e1cbab73f35a23f0ef3bb89e2c3b4e29b02cb0fb1351c18272741caaebc5b7fab39cf9bdb3e7797c1dda2db2decb7e488f2e253aef3a2720ef4923b0a9597704eaa3a911c440758b090498a9c3ca4ad5f13fda2985fc873c48a5d1ad30fae94fa0733babaf7790e39541c5b569804c343673e99c90e2d6a32821758421d12968f31330b08da69149d435e5c39c929cba4fd6d716a8e73bf1421cd899c40f3b3c76f1ae2e4e69bde48841dd723a4a142915d190d2d5f39e0fc9467e9438b0a2b892b25454523c8ec973e5c7259599e3a74d5c87ff51c4108ec86c23ab6dbf3853d717ab228a494c03e1b16c1a83498ef6617257c30942e9cb2c00d70fa9626fa3b512ec27b6acc4a65d574c5ecbaeeb4c234c73ed2ef9c4762d0a666cfe055310143d082ba4317bd8a24acfe514a0f9db2173e01e186b9b4515392758dd27ce6387956274e2496b29a37afd22be97eb0a93b8ad58934570ca5d0d66158d9cb82557a73f07532bea4c6c69ba9363a82fd0f7ef702eaccf607d7bd2fe7000dae3c648f6ee158b31a85f4fa2c886ce8c4b0054daab1da206f836712157ce811e9820aa63ba3ede63161d73018198e6f149281c2214cb1cd895f532e38e327df6e0dec45a8c4710d693fea4250f7c7f9a3c4882175fa458a4e3972295b4866bdc47b589fe67a4267ac40714ff0fa5e057808f7ebea8446e6fec5fd678fae7efd7254b8fec13e8b8d0e97080be0f64c52c45eb903b5bef97d9eda06a498b0863973b3e3be76ec1a9dd46a6116213a5f17ec67507685b81a830920494da49f6712d1621343373a5da2dc7af9bfe51467e9724ec8c8557f6a179827972374e9926919bccc64f2c90a2c7466ff605ab9240dbc668520892525914be6cc08914a6591b92e37de1ad2406163b7e57a995dd4b7f1362f46e31dd5fa2528798636361e0358125a3fdfc6f6e1792014b09cb2b88dbe48950748d302b659f6eb354bec283d030e99b57cdb442bdbc2b46f898e7b2ca3b1742ade72d39f789cc1019b9315da8f33f5bc2c7ed4ae9eeb7cd085941290896878c6105009b526c1613ed88c3a52b83f7811cecf6be2c4474a1b3eb2531f3f03b1d20bee9dc56d0a2c70f42381577d4e8adf49fbe1c16935196317f10a2574e788ac3e6b085ba6c1f12451d716539d2ad8cb29ad5daf43483b5f0f4cd3ff02377938c068ce8c3e8e3b0730dfaa8de4aea0f68ad1e93762fdfc0be960a4801ddbf194a2c4b8a773d636a5c729997a3ebdaa56a343683c4fd60b7906e394742e6b4575dffb59fa15b50b78ef262f509e2aaf856e31416cadc0602959621f9cb3024ee41569fb4eed1ff1ea12f58b840f14c209f7bd06c15b20bd87de8126aa3b128d91b767a83b32b280e4568a9b29680741e20c3725ed256c96ee8a087bd98a95819f6d069f443105fe924d6da6fb12930eb36afe373a16fef17a5867fc4fe43a02995e7f9cf442177582fe6691c12c2b4959977dfc0604584d7c68bc1d251b066f00d98e852ffbdc5f74ab7dafcea0cd876f2681d2b59c1710e11eb0dc8e5c9415c35070945c7441b0ca0e8d4a4653bb353b774bf5dd2447991cfd7d326fec9eb256b5844e881168a194bb6f9a1734019a6780bd618d11d5ed57e0274185e18f332f0fbec6725d9823af196df666d642af7caf3d9d35750f74f08c5610a29f66f20504d848da9345e4d512ebcb3859806641ad1f956fb4ed804ba3370248eb95354b2e1d4f52a728284fd14313e0d972f1a864f8c80cf3182c1a412b428d5f984e24ffe1324a169ef3cc24a80bd3ece4d5606664e8196445b59a4406fa6544a79a57876db5913102333d6680a4ff5d7eef7e75a3ab77b7f787ff107a923572a15627cb6a1c74a2c65ae90f7d96ad5911c29b7eae3c241b78ace508be0d3936189398bf2f36f976fd56e96d590395ced4a6e392bb5258a3bf5cee7c61ad8949058d412a141063e750b78d3f7fd4afbd767dfb519645b8be2acbb986c5950efebcadd8d38918084f02fa3f2ff67adeb0b95b5ddc6d6e0abb99f832fbed6df99d507b6fe57ec9dcc3b016a4d037e4f4513f5d7dd6ee10abd89050cd35b66be9144a15080566c70946ea9347753db1410595ebd98f965a9f28b2a22e3266b7424c1ee7d1a3bdf2dec1fe901b41717be0b70f1ebc55414de00b77c74c2e4444bfd63bc8eac962b2d6385530c88fd08a0a7906b092158e2e10b1ee8a12bf8d2bdf12eb0fa7e51edfde2a38dbde89aca4fb3db484625ff05841e139b4e4f18a572042dab130a21ef26d29190afa52afb91fcc45ccfd96f76a4df86778ae5069a8e7d0d06e05632fb0957018415b540e23d9b5925e24be261b15bb35cd1f4a5da5f0b62d765789d7c641941d9e7736369335dc862cd35aa63eb52060e319f00c85d673c57cabcd71c9e34b6b6407c04533c1b4d38bf2bbda5bed235ccc142202a7d09303951201257621137a250b3dd0cd9feaaeb296c567f3d8df3442736fb6c392d039c4fb985609b7384b61bb9c29cc8e84fb9b960e41f267ee36ef1d7251141b47aa1423959e1ce125ef4cda37fa7d9d403c7c760a5ed166c3b8a1d4ff9118769faf52deaf65e0d539da3d5b55d26d04510393739fae2ad2f657521d09cb3903938cd88444923b6ee0d406d98cfd5e4404173a18948b3757b3dfb44f004d14fdc6669d546a4c889b502ca5de2ff5690665c04fe4a90ea7678cf71752d6e744967b0bba2a8fdb9bbedb151edc9de00afe0179c8f505c5fbe2ba4102a735446fca4e6f1eec0391a0b4b376495173f3a153ab1aa80f671fc96ca2a85ae1696dcf7dc74115b507cc3e433edbea0c94f6b2644711ffe7a947dd344cdf33acd0d2dfcc5c9787851fde6f43dad973716ae995734c2c96a1680660c451307e5da80a226adf006b8015d81eb51804dbbf545646655aa427eb11a549f47176bc8190a3e391e8554581dcd167185157001611b0d31e0b8b88e17509040887db0970c20d14b92338d53630928decd18673938f85abf113b2482ec6917346e5a821351ed1bc357fcd01", 0xeb8}, {&(0x7f0000000680)="39056313cb3ff74b4fe704b0143ca26bed2aa3ad6fd7006b092fc5c109548e2422403273fec91ae57f41329c36da963422c390ca50f5af78e0bd0f96e899147438e9e25ab46e4fb95243b454938cad532e562a70756e72cb124606ec1065571f436b22e1d83f83dc9d8b558a96a1ac735893185320f9f399b4041dfcf1adf474606fea68d86070eebd143ca14352cc312a9f65c6200be959148420c005355963488fd0ee72ee279843126ed3473fb1bcfa7b99203fe5bd96d91280fd80f83c2b08fb97c313e7", 0xc6}, {&(0x7f0000000780)="e40ff2b313fc132c5752b67d20ddca64ff7d2965ca58a8560d83c638ccb11dccf6711e37f8a24b93815e55bb1a9871192d699b8614631828912856504b43209d3ca673348757c9fbb8d26518458659bbfdccacf434c8fbf9f1a29c6152705da59309032675af63a014b699a8005207b71fa9073c345478b66dc3fee46cddccf5d84e09a64f8e15c1119c8cc6c76782de4f08f0a9ea7c118f3f71982558dc51642f722c86cb823292678542ed16573817226f5939872ef4f768b97f27fd1cd5932c1019315be6dbddf22d53f196d0fa610fff930b27b6", 0xd6}, {&(0x7f0000000880)="29d0a84c697ce9b743132483251a6b8058a8518520104573c7a612eb1b7d9338e68c479a5683d8ebf799fa42f4640572ec4eec24704c73457c90ec06713fe16cf23dc167f18711b0934899339f9b4caedd0ae76f4b735a20e008c4d1883ee548402e39333d92ed3ced0d816bb7040bc4b9fe351d2db6b9d36e28cc64", 0x7c}, {&(0x7f0000000900)="6db416717a91347fe44c8553ca6dc9f33648f8447915dff4ba5b40985d4f0d8920999fa08c2dadeadf122ee6a96cd2efc49048b091c233c946d6b88fb316c71b252568cbbd13b76ae2ff1d2d4c55693b32ede16f26c4e68029f17b8115f0a472c4db840b08fbd67a49bea534cfbb51b788330a74d675fc93a3c3f8b246d01fc5bf4de1c24050233d15649320b87ae52c17ed9e3f1a187cc3efa453797ba368868e6230e8d462bd9c9afd5e48bf5e7411ac8c06863b340a88f5e8e946efb755d3efdac4af5d13", 0xc6}, {&(0x7f0000000a00)="e6c0e3b9379bdf47321248aac0050b3171987ef396e82b1d9c50f90e088f85c9f42747758d82b97f697f13f6ca17a56d396d05bd97c0ffa287cde5b933049bc8c6223cc8774f1e182331364e45f533fc0eb150ab73c4d676fd80c4f697e1d565d892393aa9e28fe87554b939fe47da537b98434ac19564181be193f4b260706fba0a3fe77c117fed8a3dad5116ceb4368ff452f5474f5bdece4e33e0846a798a2d18f1307991b9295e84845d0f", 0xad}], 0x8}}, {{&(0x7f0000000540)={0xa, 0x4e20, 0xffffffc8, @loopback, 0x5}, 0x1c, 0x0, 0x0, &(0x7f0000004940)=[@rthdr={{0x78, 0x29, 0x39, {0x4, 0xc, 0x2, 0x8, 0x0, [@loopback, @mcast2, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, @private1]}}}, @hopopts_2292={{0x80, 0x29, 0x36, {0x88, 0xc, '\x00', [@enc_lim={0x4, 0x1, 0x3f}, @generic={0x4, 0x56, "e9d4dc8043a3b5a6571c438170ffd411d8f255f96fa280da081d86fbd1f02b0e1fca908037c2cc57cf0b936904fc8629191235225a70d7ff3ed8bcbd3dd8a01a65506df80a25fa27bedc78691e7e04c87e36043173ac"}, @pad1, @pad1]}}}, @tclass={{0x14, 0x29, 0x43, 0x10}}, @rthdr_2292={{0x88, 0x29, 0x39, {0x87, 0xe, 0x0, 0x54, 0x0, [@local, @local, @loopback, @loopback, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02']}}}, @hopopts={{0x18, 0x29, 0x36, {0x5e}}}, @hopopts={{0xe8, 0x29, 0x36, {0x0, 0x19, '\x00', [@generic={0x2, 0x31, "542c1ece5cfe775a834463efa27b1acbe594c93a9a2fd2e11be202e70f2b5c0cf9b2f7cd8774c09159c668475df3a50518"}, @calipso={0x7, 0x20, {0x2, 0x6, 0x40, 0x4, [0x7, 0x4, 0x6]}}, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @calipso={0x7, 0x48, {0x3, 0x10, 0x9, 0x8001, [0xa5af8ec, 0x1, 0x4, 0x3ff, 0x20f54351, 0x80, 0x5, 0x7f]}}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, @pad1, @enc_lim, @enc_lim={0x4, 0x1, 0x1}]}}}, @rthdr={{0x18, 0x29, 0x39, {0x2b, 0x0, 0x0, 0x1}}}], 0x2b0}, 0x8f}], 0x2, 0x80040c4)

2.699560408s ago: executing program 2 (id=17199):
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x802, 0x0) (async)
r2 = epoll_create(0x5) (async)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, &(0x7f0000000080)='\x1c}\x00') (async)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200000, 0xcc)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000040)={0x40000000})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
epoll_create1(0x80000) (async)
fstat(r6, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setreuid(0x0, r7)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r9, 0xaea3, 0x0) (async)
fsetxattr$system_posix_acl(r5, &(0x7f0000000040)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r10, 0x0, 0x6, 0x0, 0x0) (async)
getsockopt$inet6_tcp_buf(r4, 0x6, 0xb, 0x0, &(0x7f0000000080)) (async)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000540)={0x4c, 0x0, &(0x7f0000000400)=[@reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x5, 0x0, &(0x7f0000000500)="7da3644468"})

2.522569351s ago: executing program 2 (id=17202):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00007fc000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x8000000000)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_GET_XSAVE(r6, 0x9000aea4, &(0x7f0000000540))
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xffff1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_inet_SIOCSARP(r8, 0x8955, &(0x7f0000000140)={{0x2, 0x4e20, @rand_addr=0x5}, {0x306, @random="57b326025446"}, 0x14, {0x2, 0x4e22, @broadcast}, 'sit0\x00'})
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)

2.137657777s ago: executing program 2 (id=17209):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000001801090224000100000000090400000903000000092100000001222200090581030800000000"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0)
syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB')
syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB')
syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB')

1.764376223s ago: executing program 6 (id=17216):
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000600)={'filter\x00', 0x7, 0x4, 0x408, 0x0, 0x210, 0x0, 0x320, 0x320, 0x320, 0x8000000, 0x0, {[{{@uncond, 0xc0, 0x100}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "39db3a550f0420921586a79ec5b64093e6072fc889bea60bdd24beacd802"}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="d6c0105d02ce", @loopback, @empty, 0x8, 0x1}}}, {{@arp={@loopback, @rand_addr=0x64010100, 0xff000000, 0x0, 0x5, 0xd, {@mac, {[0xff, 0xff, 0xff, 0xff, 0xff]}}, {@empty, {[0x0, 0xff, 0xff, 0xff, 0xff, 0xff]}}, 0x5, 0x5, 0x0, 0x6, 0x40, 0x12, 'veth1_to_bridge\x00', 'ip6_vti0\x00', {0xff}, {0xff}, 0x0, 0x40}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @empty, @broadcast, @rand_addr=0x64010100, 0x8, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x458)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@private2={0xfc, 0x2, '\x00', 0x8}, 0x1, 0x0, 0xff, 0xa, 0x8, 0x6}, 0x20)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bind$tipc(r2, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x1, {0x2, 0x3, 0x1}}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000140)={'macsec0\x00', {0x2, 0x4e24, @remote}})
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000083c0)={{0x1}})
read(r4, &(0x7f00000013c0)=""/4089, 0xff9)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r4, 0x54a2)
mmap(&(0x7f0000b7e000/0x2000)=nil, 0x2000, 0x3000008, 0x50, r4, 0x8f233000)
read(r4, &(0x7f0000000280)=""/4096, 0x1000)
arch_prctl$ARCH_GET_CPUID(0x1011)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000000)=ANY=[@ANYBLOB='fscontext?}'])

1.433063008s ago: executing program 3 (id=17221):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
add_key$keyring(&(0x7f0000000140), &(0x7f0000000000)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
close(0xffffffffffffffff)
close(0xffffffffffffffff)
r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r2, &(0x7f0000000000), 0x2002)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000580)={@ptr={0x70742a85, 0x0, &(0x7f00000001c0)=""/75, 0x4b, 0x0, 0x32}, @fda={0x66646185, 0x7, 0x0, 0x16}, @ptr={0x70742a85, 0xfffffffc, 0x0, 0x0, 0x1}}, &(0x7f00000004c0)={0x0, 0x28, 0x48}}, 0x1000}], 0x0, 0x0, 0x0})

1.310711119s ago: executing program 3 (id=17222):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x0, 0x2})
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x10}], 0x5b, 0x0, 0x0}) (async)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)

1.254991961s ago: executing program 3 (id=17223):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f00000002c0)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/255, 0xff, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0xe90f, 0x31}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x50, 0x0, &(0x7f0000000380)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f61"})

1.170842022s ago: executing program 3 (id=17224):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) (async)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_WOL_SET(r1, &(0x7f0000002440)={0x0, 0x0, &(0x7f0000002400)={&(0x7f00000016c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010025bd7000fffbdf250a00000018000180140002006c6f0000000000000000000000000000edf4a4a23bba31bdca909e1850408db0687498ece8aade34de109bee527fe4b0db6f1c36ff25e9b38ed60c42eb34179508027d69d17b99037785fccacbcb8334ca439c151bd591c0296230be291c283f1b46a7c1cba8251be7b6442296c7b9f263196fb2f04718fa6d66c07a07779f3eebdc6ab0cea31c0a8670667be5612b5a2cdbdb555438a9298d7ee7887adc9f4b7f39876557a67c11f3f2770950b2424eba090ef580ccc8aed7979b23ace86f2ed6f2f82417efb97fdec8d0c0a19188dc89b2485a6d2d2c4a3db172acbfc0de7b90d4c46ccd178dcb09a6a6b8438a1786c2beea01fc9a6e15c4057a00934e"], 0x2c}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000000)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
socket$pptp(0x18, 0x1, 0x2) (async)
r3 = socket$pptp(0x18, 0x1, 0x2)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r0, 0x200, 0x70bd2b, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)
dup2(r3, r2) (async)
r4 = dup2(r3, r2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f00000042c0)={0x0, 0x0, &(0x7f0000003440)=[{&(0x7f0000001800)=ANY=[@ANYBLOB="10000000300012082abd7000fedbdf25699b52523e150cdc991396c0fd70109e9c8ead29772373d00702dc1caf7f90d0ff00ec742d5c10532d0231c7c1d389b3d45531eaca8c85227f521a233d3d633b6fc41ceddc124d9147221887d1a3df714a6f1fa9f0f6911e81caefd5eb70c7cdf225e8fafc80d8922f508fa4696711e1c8da99b37972f14fbe7412debc87517973bdc06f4813fbc54acd9ba54a06c2a00a80757405e9539578eae047dbd8391cd07601cacd4a708d6b9f7f32cbf04041bce335e413a1f2472d15fcd766b7a7b5e9db99b476b9e5c110363a6fff37a6d74724d8473f4338d1909c2e8eed72da91f250d1e40e4d9fe94810b6f6aa34efbe8fc695d49a249723f49958263031b8bec70ce6c7fd2d39d7c8f200f6aa608be1f53297649420d3b1344beff66d1f77372fd5b8e5c6efbcb0fa353370f74d8553b1817ca3cc306f21767fcf943e24a367bd3ff22e414d793e851437d9e03ca918aea936b962b49447193a8f73fe5b8ef56f56c47a5bd26c701714eb2fcc2d8db8cf513250e9f490235b157a6fc53f21272a32ec0d0cd2625635fe80065f50c43dd686a244aabdf5921110ad3482787820bbadaac19cddaf12aa3e0073be77e4e97671b37e7332212fdf3c94684133205a6054b05e3413500c2bcf6913df197d4705254d57dd7c4a7e875978ea6ad96f44724f5c66a17d5a92ef802c63b62c19b0e7f99ff5599d887925609043de1af86bccff1982555a40d087ad5351ff375e5800872425f434fef69cc0a5"], 0x10}, {0x0}, {0x0, 0x164}], 0x3, 0x0, 0x0, 0x40}, 0x4)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000000)) (async)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r6, 0xc028aa03, &(0x7f0000000080)={&(0x7f00006c6000/0x400000)=nil, &(0x7f000018b000/0x3000)=nil, 0x400000, 0x0, 0x18100})
openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$unix(0x1, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r4, 0xc0c89425, &(0x7f0000000540)={"0e1facf55505806e9f36e8eb70ada24f", <r7=>0x0, 0x0, {0x6, 0xfffffff7}, {0xffffffffffffffff, 0x3}, 0x6, [0x7, 0xbd, 0xff, 0x9, 0x94, 0x9, 0x8000000000000001, 0x9, 0xc308, 0x80000000, 0x6124, 0xffffffffffffffff, 0x1, 0xb0e, 0xe, 0xc]})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f00000006c0)={{r1}, r7, 0x0, @inherit={0x70, &(0x7f0000000640)={0x0, 0x5, 0x1, 0x9a3, {0x28, 0x1, 0x8, 0x3ff8000, 0xd7}, [0x66a7, 0x1800000, 0xffffffffffffffff, 0x4, 0x80000001]}}, @subvolid=0xf})
openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0) (async)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r10, 0x4030ae7b, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r8}, 0x2c, {'rootmode', 0x3d, 0x4000}}) (async)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r8}, 0x2c, {'rootmode', 0x3d, 0x4000}})
openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r8, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000004280)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r11 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r11, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) (async)
connect$bt_l2cap(r11, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) (async)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)

774.907828ms ago: executing program 6 (id=17225):
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000000)='/dev/audio#\x00')
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x5)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0)

749.004169ms ago: executing program 6 (id=17226):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x109c40, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000300)='uid_map\x00')
preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000500)=""/148, 0x94}], 0x52, 0x80000001, 0x0) (async)
ioctl$RTC_WKALM_SET(r0, 0x40187014, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x1}}) (async)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f0000000040)=ANY=[@ANYBLOB="636f79424c0d56a72269358edd1994c3f9d26e746578743d73797374656d5f752c"])

682.469469ms ago: executing program 6 (id=17227):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000004700)=[{{&(0x7f00000000c0)={0xa, 0x4e22, 0x2b4, @remote, 0x8}, 0x1c, &(0x7f0000000ac0)=[{&(0x7f00000005c0)="5a54d25935f1e281303beec4db878cfdf3943c9dc0c2369e44056212de6f08b36502b6779757238b99394d932b3747d9c3071a020db08bba55339aa6e1cd86701df74991c3b7f695fb5cecbccb32924feda8003f7cb7055d9341beb82db8040cfc0ff699242c7838cb47de01a46e37fc12da784062a5697bcc3529fbd12abc0dbaa83d046eb50590a326e1f7aca1e4", 0x8f}, {&(0x7f0000000500)="ebce8f4a3ad6f79b42231f8a6ae6d1795c143943bf58052d91d293163a2c070ef977e96f475ea53b479d22cc60700215c356a383d8fdb6da91ef81ab4f4d9351", 0x40}, {&(0x7f0000001640)="b42debb7bb5e0d4a9d147347af095030d170505f0c50579da4770ba44548dac35812c481acd13ae0eda0f56b02e248608fd7c6ba1815b0a169586d0c38edcac401754717a3db76925e6b440348469d96903cb7a17c3fd7d778dd8dabd8417659061eba46f8c2ef4972370c50735ac1320e277ecc1230a74b0314bfb4319495d12df0257709ada4a79b6db9dc0d4d5605f3788a84158bb484d4dc9701ed6d7f57fdd3fc1d75d1add15472a01899365793a0b6d43a8cdeb4261f844345125b24f0f6ca16270d0b2487aeaa3dd9fbc65fcdffcb39a84eae121d4f9decfa1816e32e98090ba2414aa3c1be60fc0a95a533c2e9d44f24fb28bb8ff334a4fa64293166494f15bb3be6d6b5dba7dfeb88362656178f9d8a5e5aa812ee6df95a3bf46e89fa186d6c796c1086290ca7c224f197f041ef304b65608984d1ee2f8ca6ab0bae74f88a5628efab0036e68f2aacd2575fe59a7896c81b0f26ae9809ddfc714a67f389945c4e35dd7ce91e334381dc4e4dec39137e2e672752aad296156b1cfbda2e9ca4c3ec5f46d0d2926e14868bca86b3ae216165ce892c3399604e19aa0e193c92bc90e72869238d87429ab86505d77b896c366a08fce4192e35a8329b43071f5a0c07d532c081ad8fa23b8ea31edce68cc57314cad6571afe98e6da3b4216d25c5f7a6706dbca215c99fcf0b13b0fa7d0d5528042ee12f8bb73d783d508d82c64a1854df7f9e54c01ee4c376898e66cdaf23b9c33927799ed211fd656c67190ed8739cc827a327cd53f73b74f2eb248521e9afe4cff26c05613b5bc9bdb0637a0946b93038256e542f04450fc4e8f8772ae64e8177157508479e118677f0b8dd05134f5d666ad3a22dfb9e74da21cd843e9a0ada6d281f3f5c2798c5ba0a75fb1babf4f694814f29f3e99f7b47c8bb1f556bcd99c01af29409fa7015050ccfbfac6c43ddb60e797789ca895b6419e56f43438cfbeffe2011a331bdc2ebe0cf535d064f859516f1c257fa902f4ce512e9d261f387c7ec3956d44d3cf23744ccc0c04cf21b87172c4d3dba5343041368f5de174061c8ab0a7b95e8669700939e3a3ed4a242e14438499d30c0dda69a88f009e2d64011d186a8f4600a75b598fb183010046c1ba4122d7c71de63524c53dca96d5e7de9fcacf69cf578a9a7ec6bb54f560e4a10dbd87bd61a95bef5dc4db87c490944e93768a893c556e826398de9c2dea4bbecd4cfe306f01173fbd979a2b5ab08e9de8551b347d1aae56d79c3446b0620cbd2cfc8d9ab8e76a234ce29690fc2020d8ee1903212ce4440363f1833b4b7eac859d3796b86a4c7959b0366774918fe04d020e7fa156991ae01e3428ea50826eac3ae900355eb4f72b7bab4508b3ffcc1fabfb41b23beac5fecefdedd361127f7f4d51560381ca5f9aaa27fbee6e699daae5a50b2522f450424a7dc84bedc89c70401838e95416eb6f4784c250d9575220122d72ba4206a751e289029b0873602483cba80ccad4a3c638401b76f615ca1d19d43fbabea159284cf6219c45fedcc3a8c1266865bf08c5aa259690a776a2d2b30679fa94e47f63c889287c0c12878d33df7778d673be0669cf72d1d7ca1dde36673a204f4658ddb04e852264273309cf652a5aa8346adc0820ef53e0aeae0ce4ec53a1507582452a83822bfb9023a22ed35bf4667de19292ea6431a034961dddedbb0f9983b3f8643d07b8a8866547fa3d305f5b3de6bcfcf778118bfe28412e2edfc3aeeb1097d2db5cffc8036814349d9b7f4c339f428980f2448f3baf802e7691f5ab831baf66a522c1b3ab45fd927d1ea8cdb7aa91e1a072fc84bc869c5241326b043145aa7b3cba92b5d2b1a4902f53f16344fa76a3102729bb40f0dee81838ece09af81813044c1f4518ce3c8fdda81a60f2d29a5fdc5302114b1b66734f7b84efce2f12fe8dc984dbcba4b61538a04c07a2bfe90b588ac7a97113a5a69d6fbd787dcf18951a5274d21e8bd81f583e013e367c7ca2ee181cf74b05d2d39ecefab132cfe8a2c374e5b3c550bcc96caab44aab64e00a050a46bb90deb618b95d9749d4ff442b7186911cebf3646adc1d2b11b1c2718fff68626937234e9c1572ae790993be59313d287498bc553dbcc998aa190e5c79696b591fe8db572e37bfc764903602330dbc3ec33cc14db8c52ffc4124dccbe5cd1ab45194f9480c111f7541e898c9c6098bc27ff369c18653769120fc5cc155c0456d9181f25ca0d1e28fdc2843c97390e4893c3abf3d303e1cbab73f35a23f0ef3bb89e2c3b4e29b02cb0fb1351c18272741caaebc5b7fab39cf9bdb3e7797c1dda2db2decb7e488f2e253aef3a2720ef4923b0a9597704eaa3a911c440758b090498a9c3ca4ad5f13fda2985fc873c48a5d1ad30fae94fa0733babaf7790e39541c5b569804c343673e99c90e2d6a32821758421d12968f31330b08da69149d435e5c39c929cba4fd6d716a8e73bf1421cd899c40f3b3c76f1ae2e4e69bde48841dd723a4a142915d190d2d5f39e0fc9467e9438b0a2b892b25454523c8ec973e5c7259599e3a74d5c87ff51c4108ec86c23ab6dbf3853d717ab228a494c03e1b16c1a83498ef6617257c30942e9cb2c00d70fa9626fa3b512ec27b6acc4a65d574c5ecbaeeb4c234c73ed2ef9c4762d0a666cfe055310143d082ba4317bd8a24acfe514a0f9db2173e01e186b9b4515392758dd27ce6387956274e2496b29a37afd22be97eb0a93b8ad58934570ca5d0d66158d9cb82557a73f07532bea4c6c69ba9363a82fd0f7ef702eaccf607d7bd2fe7000dae3c648f6ee158b31a85f4fa2c886ce8c4b0054daab1da206f836712157ce811e9820aa63ba3ede63161d73018198e6f149281c2214cb1cd895f532e38e327df6e0dec45a8c4710d693fea4250f7c7f9a3c4882175fa458a4e3972295b4866bdc47b589fe67a4267ac40714ff0fa5e057808f7ebea8446e6fec5fd678fae7efd7254b8fec13e8b8d0e97080be0f64c52c45eb903b5bef97d9eda06a498b0863973b3e3be76ec1a9dd46a6116213a5f17ec67507685b81a830920494da49f6712d1621343373a5da2dc7af9bfe51467e9724ec8c8557f6a179827972374e9926919bccc64f2c90a2c7466ff605ab9240dbc668520892525914be6cc08914a6591b92e37de1ad2406163b7e57a995dd4b7f1362f46e31dd5fa2528798636361e0358125a3fdfc6f6e1792014b09cb2b88dbe48950748d302b659f6eb354bec283d030e99b57cdb442bdbc2b46f898e7b2ca3b1742ade72d39f789cc1019b9315da8f33f5bc2c7ed4ae9eeb7cd085941290896878c6105009b526c1613ed88c3a52b83f7811cecf6be2c4474a1b3eb2531f3f03b1d20bee9dc56d0a2c70f42381577d4e8adf49fbe1c16935196317f10a2574e788ac3e6b085ba6c1f12451d716539d2ad8cb29ad5daf43483b5f0f4cd3ff02377938c068ce8c3e8e3b0730dfaa8de4aea0f68ad1e93762fdfc0be960a4801ddbf194a2c4b8a773d636a5c729997a3ebdaa56a343683c4fd60b7906e394742e6b4575dffb59fa15b50b78ef262f509e2aaf856e31416cadc0602959621f9cb3024ee41569fb4eed1ff1ea12f58b840f14c209f7bd06c15b20bd87de8126aa3b128d91b767a83b32b280e4568a9b29680741e20c3725ed256c96ee8a087bd98a95819f6d069f443105fe924d6da6fb12930eb36afe373a16fef17a5867fc4fe43a02995e7f9cf442177582fe6691c12c2b4959977dfc0604584d7c68bc1d251b066f00d98e852ffbdc5f74ab7dafcea0cd876f2681d2b59c1710e11eb0dc8e5c9415c35070945c7441b0ca0e8d4a4653bb353b774bf5dd2447991cfd7d326fec9eb256b5844e881168a194bb6f9a1734019a6780bd618d11d5ed57e0274185e18f332f0fbec6725d9823af196df666d642af7caf3d9d35750f74f08c5610a29f66f20504d848da9345e4d512ebcb3859806641ad1f956fb4ed804ba3370248eb95354b2e1d4f52a728284fd14313e0d972f1a864f8c80cf3182c1a412b428d5f984e24ffe1324a169ef3cc24a80bd3ece4d5606664e8196445b59a4406fa6544a79a57876db5913102333d6680a4ff5d7eef7e75a3ab77b7f787ff107a923572a15627cb6a1c74a2c65ae90f7d96ad5911c29b7eae3c241b78ace508be0d3936189398bf2f36f976fd56e96d590395ced4a6e392bb5258a3bf5cee7c61ad8949058d412a141063e750b78d3f7fd4afbd767dfb519645b8be2acbb986c5950efebcadd8d38918084f02fa3f2ff67adeb0b95b5ddc6d6e0abb99f832fbed6df99d507b6fe57ec9dcc3b016a4d037e4f4513f5d7dd6ee10abd89050cd35b66be9144a15080566c70946ea9347753db1410595ebd98f965a9f28b2a22e3266b7424c1ee7d1a3bdf2dec1fe901b41717be0b70f1ebc55414de00b77c74c2e4444bfd63bc8eac962b2d6385530c88fd08a0a7906b092158e2e10b1ee8a12bf8d2bdf12eb0fa7e51edfde2a38dbde89aca4fb3db484625ff05841e139b4e4f18a572042dab130a21ef26d29190afa52afb91fcc45ccfd96f76a4df86778ae5069a8e7d0d06e05632fb0957018415b540e23d9b5925e24be261b15bb35cd1f4a5da5f0b62d765789d7c641941d9e7736369335dc862cd35aa63eb52060e319f00c85d673c57cabcd71c9e34b6b6407c04533c1b4d38bf2bbda5bed235ccc142202a7d09303951201257621137a250b3dd0cd9feaaeb296c567f3d8df3442736fb6c392d039c4fb985609b7384b61bb9c29cc8e84fb9b960e41f267ee36ef1d7251141b47aa1423959e1ce125ef4cda37fa7d9d403c7c760a5ed166c3b8a1d4ff9118769faf52deaf65e0d539da3d5b55d26d04510393739fae2ad2f657521d09cb3903938cd88444923b6ee0d406d98cfd5e4404173a18948b3757b3dfb44f004d14fdc6669d546a4c889b502ca5de2ff5690665c04fe4a90ea7678cf71752d6e744967b0bba2a8fdb9bbedb151edc9de00afe0179c8f505c5fbe2ba4102a735446fca4e6f1eec0391a0b4b376495173f3a153ab1aa80f671fc96ca2a85ae1696dcf7dc74115b507cc3e433edbea0c94f6b2644711ffe7a947dd344cdf33acd0d2dfcc5c9787851fde6f43dad973716ae995734c2c96a1680660c451307e5da80a226adf006b8015d81eb51804dbbf545646655aa427eb11a549f47176bc8190a3e391e8554581dcd167185157001611b0d31e0b8b88e17509040887db0970c20d14b92338d53630928decd18673938f85abf113b2482ec6917346e5a821351ed1bc357fcd01", 0xeb8}, {&(0x7f0000000680)="39056313cb3ff74b4fe704b0143ca26bed2aa3ad6fd7006b092fc5c109548e2422403273fec91ae57f41329c36da963422c390ca50f5af78e0bd0f96e899147438e9e25ab46e4fb95243b454938cad532e562a70756e72cb124606ec1065571f436b22e1d83f83dc9d8b558a96a1ac735893185320f9f399b4041dfcf1adf474606fea68d86070eebd143ca14352cc312a9f65c6200be959148420c005355963488fd0ee72ee279843126ed3473fb1bcfa7b99203fe5bd96d91280fd80f83c2b08fb97c313e7", 0xc6}, {&(0x7f0000000780)="e40ff2b313fc132c5752b67d20ddca64ff7d2965ca58a8560d83c638ccb11dccf6711e37f8a24b93815e55bb1a9871192d699b8614631828912856504b43209d3ca673348757c9fbb8d26518458659bbfdccacf434c8fbf9f1a29c6152705da59309032675af63a014b699a8005207b71fa9073c345478b66dc3fee46cddccf5d84e09a64f8e15c1119c8cc6c76782de4f08f0a9ea7c118f3f71982558dc51642f722c86cb823292678542ed16573817226f5939872ef4f768b97f27fd1cd5932c1019315be6dbddf22d53f196d0fa610fff930b27b6", 0xd6}, {&(0x7f0000000880)="29d0a84c697ce9b743132483251a6b8058a8518520104573c7a612eb1b7d9338e68c479a5683d8ebf799fa42f4640572ec4eec24704c73457c90ec06713fe16cf23dc167f18711b0934899339f9b4caedd0ae76f4b735a20e008c4d1883ee548402e39333d92ed3ced0d816bb7040bc4b9fe351d2db6b9d36e28cc64", 0x7c}, {&(0x7f0000000900)="6db416717a91347fe44c8553ca6dc9f33648f8447915dff4ba5b40985d4f0d8920999fa08c2dadeadf122ee6a96cd2efc49048b091c233c946d6b88fb316c71b252568cbbd13b76ae2ff1d2d4c55693b32ede16f26c4e68029f17b8115f0a472c4db840b08fbd67a49bea534cfbb51b788330a74d675fc93a3c3f8b246d01fc5bf4de1c24050233d15649320b87ae52c17ed9e3f1a187cc3efa453797ba368868e6230e8d462bd9c9afd5e48bf5e7411ac8c06863b340a88f5e8e946efb755d3efdac4af5d13", 0xc6}, {&(0x7f0000000a00)="e6c0e3b9379bdf47321248aac0050b3171987ef396e82b1d9c50f90e088f85c9f42747758d82b97f697f13f6ca17a56d396d05bd97c0ffa287cde5b933049bc8c6223cc8774f1e182331364e45f533fc0eb150ab73c4d676fd80c4f697e1d565d892393aa9e28fe87554b939fe47da537b98434ac19564181be193f4b260706fba0a3fe77c117fed8a3dad5116ceb4368ff452f5474f5bdece4e33e0846a798a2d18f1307991b9295e84845d0f", 0xad}], 0x8}}, {{&(0x7f0000000540)={0xa, 0x4e20, 0xffffffc8, @loopback, 0x5}, 0x1c, 0x0, 0x0, &(0x7f0000004940)=[@rthdr={{0x78, 0x29, 0x39, {0x4, 0xc, 0x2, 0x8, 0x0, [@loopback, @mcast2, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, @private1]}}}, @hopopts_2292={{0x80, 0x29, 0x36, {0x88, 0xc, '\x00', [@enc_lim={0x4, 0x1, 0x3f}, @generic={0x4, 0x56, "e9d4dc8043a3b5a6571c438170ffd411d8f255f96fa280da081d86fbd1f02b0e1fca908037c2cc57cf0b936904fc8629191235225a70d7ff3ed8bcbd3dd8a01a65506df80a25fa27bedc78691e7e04c87e36043173ac"}, @pad1, @pad1]}}}, @tclass={{0x14, 0x29, 0x43, 0x10}}, @rthdr_2292={{0x88, 0x29, 0x39, {0x87, 0xe, 0x0, 0x54, 0x0, [@local, @local, @loopback, @loopback, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02']}}}, @hopopts={{0x18, 0x29, 0x36, {0x5e}}}, @hopopts={{0xe8, 0x29, 0x36, {0x0, 0x19, '\x00', [@generic={0x2, 0x31, "542c1ece5cfe775a834463efa27b1acbe594c93a9a2fd2e11be202e70f2b5c0cf9b2f7cd8774c09159c668475df3a50518"}, @calipso={0x7, 0x20, {0x2, 0x6, 0x40, 0x4, [0x7, 0x4, 0x6]}}, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @calipso={0x7, 0x48, {0x3, 0x10, 0x9, 0x8001, [0xa5af8ec, 0x1, 0x4, 0x3ff, 0x20f54351, 0x80, 0x5, 0x7f]}}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, @pad1, @enc_lim, @enc_lim={0x4, 0x1, 0x1}]}}}, @rthdr={{0x18, 0x29, 0x39, {0x2b, 0x0, 0x0, 0x1}}}], 0x2b0}, 0xf5}], 0x2, 0x80040c4)

618.805311ms ago: executing program 6 (id=17228):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000058c0)=ANY=[@ANYBLOB="fc01000013000100000000000000000000000000000000002b00000000000001fc0200000000000000000000000000014e24000d040000090a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="020000010000000000000000000000000000000000000000ffffffffffffffff00000000000000000300000000000000090000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000feffffff00000000000000000000000044010500e0000002000000000000000000000000000004d6320000000a000000ac1414aa000000000000000000000000053500000303030009000000b4000000070000007f000001000000000000000000000000000004d36c00000000000000fc0100000000000006000000000000000000000000000900010000000080000008000000ac1414aa000000000000000000000000000004d2330000000a000000ac1414bb0000000000000000ddffffff023500000002fa00070000000a00000002000000fe80000000000000000000000000000f000004d43c"], 0x1fc}, 0x1, 0x0, 0x0, 0x11}, 0x0)

618.511031ms ago: executing program 6 (id=17229):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x143202, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xffffeffffffff7fb)
rt_sigtimedwait(&(0x7f0000000240)={[0x5]}, 0x0, 0x0, 0x8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000e80)={0x14, 0x3, 0x2, 0x101}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
mmap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x13, r0, 0x4758f000)

344.084655ms ago: executing program 5 (id=17230):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000058c0)=ANY=[@ANYBLOB="fc01000013000100000000000000000000000000000000000000000000000001fc020000000000000000000000000001", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="020000010000000000000000200000000000000000000000ffffffffffffffff00000000000000000300000000000000090000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000feffffff00000000000000000000000044010500e0000002000000000000000000000000000004d632"], 0x1fc}, 0x1, 0x0, 0x0, 0x11}, 0x0)

307.716165ms ago: executing program 5 (id=17231):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x100000001)
mmap(&(0x7f0000701000/0x4000)=nil, 0x4000, 0x200000a, 0x12, r0, 0x2546c000)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$ASHMEM_SET_NAME(r0, 0x40087708, &(0x7f0000001500)='\x00\x00\b\x00\xff\xff\xf7\xff\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q\x00\x00\x00\x00\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9f\xf0:\xfd$\xad\xbb\x9a\x00\x80\xff\xff\xff\xff\xff\xff\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xc3\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84x\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a<W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~~\x84\\\xe4\x00!\xd1\xe2\x92\x01@\xe6\xa0\xa4.tt\xf1\x13\xcd\xdf\x90\xf4\xb5\v\x852\x9eT\xb84\xf1\r\x1d\x1e\x15\xec}\x8a\x84\xca*6<O\\=\xd1q\v7\xcb\xe6\x1c\f\xd1\xcd\x95s\xc61\x9c\a\xc9\xb5\x8f\x15c\x03|\xcfA1Uva\xa7\x051AyN\x06\xed\xbb6\xc2$\xe7+:w\n\x89\xc8s>\xde]X1`d\x9d\x9e\xd0\n\xa1\xa9\x8cO\xb8p\"\xe7\xdb\xab\x0eAW&+\xe8\xf7p\v\x01\\\x98\xeey\xc4c\x18\x91\xd9\x00\x1c\xf0.\x9f\x1e?\xea\xea\'0\"\x94\xd1\xd3P\xa8\xc5wP`\xa6\xd5Q\x11\xc3o\x04\vat\xb9}\x83g\xca\xfe\xf4\xe6;\x18\xb9\xe7<\xcf\x96~\x0f\xb0\xd3\x1bl\x9e\xc2\xc6\xcc\xbe\x8c#\xd0\x9f\x050\x1csf\x84\x06Z\xf4\xd2!\a\x8a\xc8\xbe\xdb\xf6y\x94Z\xed0\xdbZ\x9b8~\xc0\xbbU\xd5I\x14\xb6\xeb\xa7V\x00\x18A%')

226.692387ms ago: executing program 5 (id=17232):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)=ANY=[@ANYBLOB="08010000160001000000000000000000fe880000000000000000000000000101ffffffff000000000000000000000000000000007ffffffe0000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414000000000000000000000000000000000033"], 0x108}, 0x1, 0x0, 0x0, 0x1}, 0x0)

226.066597ms ago: executing program 5 (id=17233):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c000280050001002100000008000740000000"], 0x64}}, 0x0)

184.963957ms ago: executing program 5 (id=17234):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x28103, 0x0)
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f0000003d40)={0x0, 0x0, &(0x7f0000003d00)={&(0x7f0000003bc0)={0x4c, 0x14, 0x403, 0x70bd2c, 0x25dfdbff, {0x18, 0xda, 0x5, 0x6, {0x4e21, 0x4e22, [0x8ae3, 0x5, 0x2000000, 0x6], [0x2182, 0xfffffff4, 0x3ff, 0x128f], 0x0, [0xffffffff, 0x7f]}, 0x8, 0x200}}, 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
eventfd(0x2)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x2082, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x80000)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r4, 0x80585414, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="3ea3706f6b0f827146c6dd039782144fe2a075b3c9505962346ae411a56f8481972b0434cc1c59265bcfa74f721cfbeacb34a3b0042ab8708b9988f932e3174a36bf5572086c17ea969bcb1170c740949997845906804c6be6a0da22f5cc34c60d175c2d768629b5d23aa37d59802e68ca8c4ff7244bcbe6c38e762781c93c1f90c8c2b653f010962e64861d", @ANYRESDEC=r0, @ANYRES32=r4, @ANYRESDEC=r2], 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x2040)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000000)="89edee2c78daddb4b473fec988cafb", 0xf}, {&(0x7f0000000100)="93823f08c826a46e670b192cd7a2fa89e635dd", 0x13}, {&(0x7f0000000300)="1dd962be50a86ef9", 0x8}], 0x3)

82.886059ms ago: executing program 3 (id=17235):
r0 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@uexit={0x0, 0x18, 0x6}, @code={0x1, 0x4a, {"470f090f01f066baa00066b8f36066ef2664410f017b140f0055eb65470fc5c20766ba200066ed66b802010f00d08f0868ef7d66003e4730e4"}}, @code={0x1, 0x48, {"670f01c266b878008ee066b87b000f00d8c4012173f3b666bad00466edf04680a0308baffda40f30470f01df2666418e0e66b8b0008ec8"}}, @code={0x1, 0x6e, {"b9da0200000f32b9800000c00f3235010000000f30f3460fc73523000000400f09660fea6100c7442400b1000000c744240200000000ff1c24c482dd910422c4c115150c51b9aa010000b88cb80000ba000000000f30c401f97e4c7c25"}}, @uexit={0x0, 0x18, 0x7fff}, @cpuid={0x2, 0x18, {0x8, 0xfffffffb}}], 0x148})
ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f00000001c0)={0x7, 0x0, [{0xb83, 0x0, 0x7}, {0x934, 0x0, 0x9b0a}, {0x4000009c, 0x0, 0x5}, {0x242, 0x0, 0x9553}, {0xb4c, 0x0, 0x43d}, {0x9d5, 0x0, 0x1000}, {0x905, 0x0, 0x2}]})
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/warn_count', 0x109002, 0x80)
r2 = getpid()
write$cgroup_pid(r1, &(0x7f0000000280)=r2, 0x12)
lgetxattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)=@known='trusted.overlay.redirect\x00', &(0x7f0000000340)=""/208, 0xd0)
ioctl$TIOCSIG(r1, 0x40045436, 0x2a)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r3, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x50, r4, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x23}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x5}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @loopback}]}, 0x50}, 0x1, 0x0, 0x0, 0x2000c014}, 0x24044840)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000600)={'wpan3\x00', <r6=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r5, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x5c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x2e, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0202}}}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x2e, 0x0, 0x1, {0xc, 0x4, {0x5555555555540604}}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x40000000)
r7 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000740), 0x2200, 0x0)
ioctl$UI_SET_LEDBIT(r7, 0x40045569, 0x9)
r8 = openat(r1, &(0x7f0000000780)='./file0\x00', 0x100, 0x198)
ioctl$KDSKBENT(r8, 0x4b47, &(0x7f00000007c0)={0xff, 0x2, 0x40})
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0xf504, 0x0)
r9 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000840), r5)
sendmsg$NLBL_UNLABEL_C_ACCEPT(r3, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x24, r9, 0x10, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @remote}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040000}, 0x4000000)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000980), r3)
sendmsg$NFC_CMD_GET_TARGET(r5, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x14, r10, 0x10, 0x70bd26, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40c0}, 0x40084)
r11 = syz_genetlink_get_family_id$nbd(&(0x7f0000000ac0), r3)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000000b80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x20, r11, 0x100, 0x70bd26, 0x25dfdbff, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x102}]}, 0x20}}, 0x94)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000c00), r5)
sendmsg$NL802154_CMD_SET_SHORT_ADDR(r12, &(0x7f0000000cc0)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, r13, 0x2, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000000}, 0x20000994)
r14 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000d40), r12)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r5, &(0x7f0000000e00)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x81000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d80)={0x40, r14, 0x4, 0x70bd29, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x8}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r6}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa3}]}, 0x40}, 0x1, 0x0, 0x0, 0x4041045}, 0x8010)
ioctl$KVM_SET_SREGS(r8, 0x4138ae84, &(0x7f0000000e40)={{0x3000, 0x2000, 0xc, 0x0, 0xf, 0x7f, 0x5, 0x1, 0xd5, 0xd, 0x8, 0x9}, {0x2000, 0xeeee8000, 0xf, 0x2, 0x3, 0xb, 0x2, 0x4, 0x4, 0xef, 0xc, 0x4}, {0x3000, 0x10000, 0xf, 0x0, 0x9, 0xc, 0x4, 0x8, 0x18, 0x6, 0x2, 0x8}, {0x6000, 0x4000, 0xe, 0x5, 0x9, 0x9d, 0xa, 0x81, 0x4, 0x4, 0xff, 0x1}, {0x5000, 0x0, 0xd, 0x6, 0x6, 0x8, 0x6, 0x1, 0x2, 0x3, 0x7, 0x5}, {0x4000, 0x3000, 0x3, 0x1, 0x2, 0xee, 0x7f, 0x8, 0x1, 0x3, 0x6, 0x56}, {0x0, 0xdddd1000, 0x0, 0x8, 0x5, 0xa6, 0xb4, 0xb, 0x9, 0x2, 0x1, 0x9}, {0x6000, 0x1, 0xd, 0x7f, 0xff, 0x1, 0x3, 0x3, 0x6, 0x8, 0x8, 0x9}, {0xeeee8000, 0xfc9d}, {0x8000000, 0xb}, 0x18000, 0x0, 0x10000, 0x10600, 0xb, 0x5c00, 0xdddd1000, [0x6, 0x8001, 0x1ef2, 0x4]})

22.7685ms ago: executing program 5 (id=17236):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = epoll_create(0x4)
epoll_pwait(r1, &(0x7f0000000280)=[{}], 0x1, 0x8, &(0x7f0000000380)={[0x4]}, 0x8)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0x2301, 0x400000000000001})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
r3 = dup(r2)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x1000, 0x8000000001})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r5}, @fd={0x66642a85, 0x0, r5}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000fff000/0x1000)=nil, 0x1000, &(0x7f0000000040)='fd/3\x00')
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})

0s ago: executing program 3 (id=17237):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
epoll_create(0x1)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
socket$key(0xf, 0x3, 0x2)
close(0xffffffffffffffff)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
pselect6(0x40, &(0x7f0000000000)={0xb, 0x100000000, 0x1, 0x9, 0xaae5, 0x2, 0x101, 0x2}, 0x0, 0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @multicast2}, 0x10)
r4 = getuid()
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, r4}, {0x0, 0x0, 0x0, 0x0, 0x3}, {0xfffffffffffffffc}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$AUTOFS_IOC_PROTOVER(r1, 0x80049363, &(0x7f0000000140))
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000800)={0x4c, 0x0, &(0x7f0000000600)=[@reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x51, 0x0, &(0x7f0000000700)="93ca2efc9445b68c079d41dcfff066e61c4d8f1021949c8c75c29113ed78c691e4a88534e71804ab594c9c0cea97e979adb05f81276775d60f54e903eb87a57f7cbe1f97039cb9d611ffa16ca4582a68cd"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f00000003c0)=[@transaction_sg={0x40486311, {0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x3}, @flat=@weak_binder={0x77622a85, 0x300a, 0x3}, @flat=@handle={0x73682a85, 0x0, 0x3}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

bcdDevice= 0.00
[ 1260.930166][   T45] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1260.940386][   T45] usb 4-1: config 0 descriptor??
[ 1260.947155][ T2287] usb 7-1: new high-speed USB device number 47 using dummy_hcd
[ 1261.031392][  T426] usb 3-1-port1: cannot reset (err = -71)
[ 1261.031562][ T1557] usb 3-1: USB disconnect, device number 101
[ 1261.042076][  T426] usb 3-1-port1: attempt power cycle
[ 1261.107520][ T2287] usb 7-1: Using ep0 maxpacket: 32
[ 1261.122916][ T2287] usb 7-1: config 0 has an invalid interface number: 67 but max is 0
[ 1261.131821][ T2287] usb 7-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config
[ 1261.155285][ T2287] usb 7-1: config 0 has no interface number 0
[ 1261.165121][ T2287] usb 7-1: config 0 interface 67 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1261.200302][ T2287] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1261.211153][ T2287] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1261.219283][ T2287] usb 7-1: Product: syz
[ 1261.223551][ T2287] usb 7-1: Manufacturer: syz
[ 1261.228214][ T2287] usb 7-1: SerialNumber: syz
[ 1261.235722][ T2287] usb 7-1: config 0 descriptor??
[ 1261.253762][ T2287] smsc95xx v2.0.0
[ 1261.258422][ T2287] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[ 1261.269452][ T2287] smsc95xx 7-1:0.67: probe with driver smsc95xx failed with error -22
[ 1261.277797][ T2287] cdc_acm 7-1:0.67: Zero length descriptor references
[ 1261.285719][ T2287] cdc_acm 7-1:0.67: probe with driver cdc_acm failed with error -22
[ 1261.400068][   T45] HID 045e:07da: Invalid code 65791 type 1
[ 1261.415046][   T45] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0077/input/input167
[ 1261.440702][   T45] microsoft 0003:045E:07DA.0077: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[ 1261.474565][   T45] usb 7-1: USB disconnect, device number 47
[ 1261.637727][ T8714] FAULT_INJECTION: forcing a failure.
[ 1261.637727][ T8714] name failslab, interval 1, probability 0, space 0, times 0
[ 1261.674158][ T8714] CPU: 0 UID: 0 PID: 8714 Comm: syz.5.16321 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[ 1261.674196][ T8714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1261.674209][ T8714] Call Trace:
[ 1261.674228][ T8714]  <TASK>
[ 1261.674237][ T8714]  __dump_stack+0x21/0x30
[ 1261.674268][ T8714]  dump_stack_lvl+0x10c/0x190
[ 1261.674294][ T8714]  ? __cfi_dump_stack_lvl+0x10/0x10
[ 1261.674321][ T8714]  dump_stack+0x19/0x20
[ 1261.674345][ T8714]  should_fail_ex+0x3d9/0x530
[ 1261.674369][ T8714]  should_failslab+0xac/0x100
[ 1261.674398][ T8714]  kmem_cache_alloc_lru_noprof+0x45/0x3a0
[ 1261.674423][ T8714]  ? xas_split_alloc+0x150/0x510
[ 1261.674454][ T8714]  xas_split_alloc+0x150/0x510
[ 1261.674488][ T8714]  split_huge_page_to_list_to_order+0xb43/0x13f0
[ 1261.674518][ T8714]  ? __cfi_split_huge_page_to_list_to_order+0x10/0x10
[ 1261.674544][ T8714]  ? __kasan_check_write+0x18/0x20
[ 1261.674569][ T8714]  shmem_writepage+0x47d/0x12e0
[ 1261.674601][ T8714]  ? __cfi_shmem_writepage+0x10/0x10
[ 1261.674630][ T8714]  ? folio_unlock+0x12f/0x1a0
[ 1261.674660][ T8714]  ? __cfi_try_to_unmap_one+0x10/0x10
[ 1261.674688][ T8714]  ? __cfi_folio_not_mapped+0x10/0x10
[ 1261.674717][ T8714]  ? __cfi_folio_clear_dirty_for_io+0x10/0x10
[ 1261.674747][ T8714]  shrink_folio_list+0x2b57/0x4450
[ 1261.674785][ T8714]  ? reclaim_clean_pages_from_list+0x690/0x690
[ 1261.674817][ T8714]  ? folio_remove_rmap_ptes+0xf1/0x350
[ 1261.674846][ T8714]  ? folio_remove_rmap_ptes+0x29b/0x350
[ 1261.674882][ T8714]  ? __cfi_try_to_unmap_one+0x10/0x10
[ 1261.674910][ T8714]  ? __xas_nomem+0xad/0x4f0
[ 1261.674946][ T8714]  ? __cfi_cgroup_rstat_updated+0x10/0x10
[ 1261.674972][ T8714]  ? tokenize_frame_descr+0x30/0xc0
[ 1261.674997][ T8714]  ? zone_page_state_add+0x43/0x90
[ 1261.675027][ T8714]  __reclaim_pages+0x339/0x680
[ 1261.675060][ T8714]  ? __cfi___reclaim_pages+0x10/0x10
[ 1261.675089][ T8714]  ? lru_gen_del_folio+0x20b/0x380
[ 1261.675111][ T8714]  ? isolate_folio+0x550/0x550
[ 1261.675134][ T8714]  ? __cfi_folio_isolate_lru+0x10/0x10
[ 1261.675166][ T8714]  ? __kasan_check_read+0x15/0x20
[ 1261.675191][ T8714]  madvise_cold_or_pageout_pte_range+0x121e/0x1900
[ 1261.675227][ T8714]  ? __cfi_madvise_cold_or_pageout_pte_range+0x10/0x10
[ 1261.675253][ T8714]  ? __call_rcu_common+0x40b/0x6f0
[ 1261.675283][ T8714]  walk_pgd_range+0xd17/0x1ba0
[ 1261.675311][ T8714]  ? walk_page_range_novma+0x270/0x270
[ 1261.675333][ T8714]  ? find_vma+0xcd/0x110
[ 1261.675357][ T8714]  ? __cfi_find_vma+0x10/0x10
[ 1261.675381][ T8714]  ? avc_has_perm+0x144/0x220
[ 1261.675405][ T8714]  walk_page_range_mm+0x5e3/0x810
[ 1261.675428][ T8714]  ? __cfi_walk_page_range_mm+0x10/0x10
[ 1261.675449][ T8714]  ? selinux_file_open+0x457/0x610
[ 1261.675481][ T8714]  ? __cfi_lru_add_drain_cpu+0x10/0x10
[ 1261.675514][ T8714]  walk_page_range+0x76/0x90
[ 1261.675535][ T8714]  madvise_vma_behavior+0x2181/0x2d40
[ 1261.675560][ T8714]  ? __cfi_madvise_vma_behavior+0x10/0x10
[ 1261.675583][ T8714]  ? is_bpf_text_address+0x17b/0x1a0
[ 1261.675615][ T8714]  ? kernel_text_address+0xa9/0xe0
[ 1261.675637][ T8714]  ? __kernel_text_address+0x11/0x40
[ 1261.675659][ T8714]  ? unwind_get_return_address+0x51/0x90
[ 1261.675680][ T8714]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[ 1261.675706][ T8714]  ? arch_stack_walk+0x10b/0x170
[ 1261.675733][ T8714]  ? irqentry_exit+0x4a/0x60
[ 1261.675756][ T8714]  ? sysvec_apic_timer_interrupt+0x50/0x90
[ 1261.675778][ T8714]  ? asm_sysvec_apic_timer_interrupt+0x1f/0x30
[ 1261.675816][ T8714]  ? __cfi_mt_find+0x10/0x10
[ 1261.675842][ T8714]  ? mas_prev+0x5f/0xa0
[ 1261.675863][ T8714]  ? find_vma_prev+0xfd/0x170
[ 1261.675887][ T8714]  ? __cfi_find_vma_prev+0x10/0x10
[ 1261.675913][ T8714]  ? find_vma+0xcd/0x110
[ 1261.675937][ T8714]  ? __cfi_find_vma+0x10/0x10
[ 1261.675961][ T8714]  ? rwsem_read_trylock+0x2b1/0x660
[ 1261.675983][ T8714]  ? downgrade_write+0x440/0x440
[ 1261.676006][ T8714]  ? vfs_write+0x8ba/0xe80
[ 1261.676031][ T8714]  madvise_walk_vmas+0x1ae/0x2e0
[ 1261.676053][ T8714]  ? __cfi_madvise_vma_behavior+0x10/0x10
[ 1261.676076][ T8714]  ? madvise_set_anon_name+0x610/0x610
[ 1261.676100][ T8714]  ? __asan_memset+0x39/0x50
[ 1261.676123][ T8714]  ? blk_start_plug+0x72/0x1c0
[ 1261.676147][ T8714]  do_madvise+0x508/0x8b0
[ 1261.676169][ T8714]  ? __kasan_check_write+0x18/0x20
[ 1261.676194][ T8714]  ? __cfi_do_madvise+0x10/0x10
[ 1261.676216][ T8714]  ? ksys_write+0x1ef/0x250
[ 1261.676249][ T8714]  __x64_sys_madvise+0xae/0xc0
[ 1261.676274][ T8714]  x64_sys_call+0x20c3/0x2ee0
[ 1261.676301][ T8714]  do_syscall_64+0x58/0xf0
[ 1261.676327][ T8714]  ? clear_bhb_loop+0x35/0x90
[ 1261.676358][ T8714]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 1261.676388][ T8714] RIP: 0033:0x7fc6f538e929
[ 1261.676406][ T8714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1261.676425][ T8714] RSP: 002b:00007fc6f62c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[ 1261.676448][ T8714] RAX: ffffffffffffffda RBX: 00007fc6f55b5fa0 RCX: 00007fc6f538e929
[ 1261.676465][ T8714] RDX: 0000000000000015 RSI: 0000000000600003 RDI: 0000200000000000
[ 1261.676479][ T8714] RBP: 00007fc6f62c6090 R08: 0000000000000000 R09: 0000000000000000
[ 1261.676493][ T8714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1261.676506][ T8714] R13: 0000000000000000 R14: 00007fc6f55b5fa0 R15: 00007ffe1fc8bcf8
[ 1261.676524][ T8714]  </TASK>
[ 1261.937087][   T36] kauditd_printk_skb: 712 callbacks suppressed
[ 1261.937110][   T36] audit: type=1400 audit(2000033205.647:145424): avc:  denied  { read write } for  pid=5377 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1262.245376][   T36] audit: type=1400 audit(2000033205.675:145425): avc:  denied  { ioctl } for  pid=8694 comm="syz.3.16314" path="/dev/raw-gadget" dev="devtmpfs" ino=190 ioctlcmd=0x5507 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1262.272229][   T36] audit: type=1400 audit(2000033205.750:145426): avc:  denied  { read write open } for  pid=5377 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1262.334087][   T36] audit: type=1400 audit(2000033205.750:145427): avc:  denied  { ioctl } for  pid=5377 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1262.360814][   T36] audit: type=1400 audit(2000033205.796:145428): avc:  denied  { read write } for  pid=5377 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1262.391100][   T31] usb 4-1: USB disconnect, device number 34
[ 1262.392544][   T36] audit: type=1400 audit(2000033205.796:145429): avc:  denied  { read write open } for  pid=5377 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1262.429723][   T36] audit: type=1400 audit(2000033205.796:145430): avc:  denied  { ioctl } for  pid=5377 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1262.454562][  T426] usb 6-1: new high-speed USB device number 62 using dummy_hcd
[ 1262.463862][   T36] audit: type=1400 audit(2000033205.815:145431): avc:  denied  { create } for  pid=8721 comm="syz.2.16323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1262.490259][   T36] audit: type=1400 audit(2000033205.862:145432): avc:  denied  { read write } for  pid=1972 comm="syz-executor" name="loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1262.532267][   T36] audit: type=1400 audit(2000033205.862:145433): avc:  denied  { read write open } for  pid=1972 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1262.580732][ T8737] rust_binder: Write failure EFAULT in pid:1191
[ 1262.604241][  T426] usb 6-1: device descriptor read/64, error -71
[ 1262.659038][ T8739] netlink: 'syz.2.16330': attribute type 4 has an invalid length.
[ 1262.888362][ T8750] rust_binder: Write failure EINVAL in pid:549
[ 1262.892852][  T426] usb 6-1: device descriptor read/64, error -71
[ 1263.170828][  T426] usb 6-1: new high-speed USB device number 63 using dummy_hcd
[ 1263.331250][  T426] usb 6-1: device descriptor read/64, error -71
[ 1263.522157][ T8774] __nla_validate_parse: 7 callbacks suppressed
[ 1263.522172][ T8774] netlink: 80 bytes leftover after parsing attributes in process `syz.2.16344'.
[ 1263.592803][  T426] usb 6-1: device descriptor read/64, error -71
[ 1263.634345][ T8778] netlink: 96 bytes leftover after parsing attributes in process `syz.2.16346'.
[ 1263.716496][  T426] usb usb6-port1: attempt power cycle
[ 1263.823473][ T8785] netlink: 112 bytes leftover after parsing attributes in process `syz.2.16349'.
[ 1263.883562][ T8787] netlink: 12 bytes leftover after parsing attributes in process `syz.6.16350'.
[ 1264.079707][  T426] usb 6-1: new high-speed USB device number 64 using dummy_hcd
[ 1264.101624][ T8802] netlink: 80 bytes leftover after parsing attributes in process `syz.3.16356'.
[ 1264.123578][  T426] usb 6-1: device descriptor read/8, error -71
[ 1264.206818][ T8811] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1264.235023][ T8812] rust_binder: 8808 RLIMIT_NICE not set
[ 1264.266259][  T426] usb 6-1: device descriptor read/8, error -71
[ 1264.281122][ T8813] rust_binder: Error in use_page_slow: ESRCH
[ 1264.281151][ T8813] rust_binder: use_range failure ESRCH
[ 1264.293340][ T8813] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[ 1264.299065][ T8813] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[ 1264.325387][ T8813] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:436
[ 1264.383278][ T8818] rust_binder: Error in use_page_slow: ESRCH
[ 1264.383305][ T8818] rust_binder: use_range failure ESRCH
[ 1264.389458][ T8818] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[ 1264.395183][ T8818] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[ 1264.403262][ T8818] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:565
[ 1264.550638][  T426] usb 6-1: new high-speed USB device number 65 using dummy_hcd
[ 1264.590888][  T426] usb 6-1: device descriptor read/8, error -71
[ 1264.651730][ T8821] rust_binder: Error in use_page_slow: ESRCH
[ 1264.651754][ T8821] rust_binder: use_range failure ESRCH
[ 1264.657889][ T8821] rust_binder: Failed to allocate buffer. len:112, is_oneway:true
[ 1264.663370][ T8821] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[ 1264.671288][ T8821] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1242
[ 1264.678199][   T45] usb 7-1: new high-speed USB device number 48 using dummy_hcd
[ 1264.735637][  T426] usb 6-1: device descriptor read/8, error -71
[ 1264.837946][ T8826] netlink: 112 bytes leftover after parsing attributes in process `syz.2.16363'.
[ 1264.860464][  T426] usb usb6-port1: unable to enumerate USB device
[ 1264.870682][   T45] usb 7-1: Using ep0 maxpacket: 32
[ 1264.894186][   T45] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1264.907510][ T8828] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[ 1264.913413][   T45] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1264.935498][   T45] usb 7-1: Product: Л
[ 1264.939637][   T45] usb 7-1: Manufacturer: Х
[ 1264.944178][   T45] usb 7-1: SerialNumber: syz
[ 1264.983994][ T8831] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1264.984037][ T8831] rust_binder: Error while translating object.
[ 1264.994672][ T8831] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1265.000899][ T8831] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1252
[ 1265.243291][ T8840] rust_binder: Error while translating object.
[ 1265.252724][ T8840] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1265.259047][ T8840] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1259
[ 1265.301831][ T8845] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2048 sclass=netlink_route_socket pid=8845 comm=syz.3.16371
[ 1265.397372][   T45] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -71
[ 1265.410949][   T45] usb 7-1: USB disconnect, device number 48
[ 1265.482144][ T8849] FAULT_INJECTION: forcing a failure.
[ 1265.482144][ T8849] name failslab, interval 1, probability 0, space 0, times 0
[ 1265.516752][ T8849] CPU: 1 UID: 0 PID: 8849 Comm: syz.2.16373 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[ 1265.516792][ T8849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1265.516807][ T8849] Call Trace:
[ 1265.516815][ T8849]  <TASK>
[ 1265.516825][ T8849]  __dump_stack+0x21/0x30
[ 1265.516862][ T8849]  dump_stack_lvl+0x10c/0x190
[ 1265.516887][ T8849]  ? __cfi_dump_stack_lvl+0x10/0x10
[ 1265.516913][ T8849]  ? bpf_lsm_file_permission+0xd/0x20
[ 1265.516939][ T8849]  dump_stack+0x19/0x20
[ 1265.516962][ T8849]  should_fail_ex+0x3d9/0x530
[ 1265.516988][ T8849]  should_failslab+0xac/0x100
[ 1265.517018][ T8849]  kmem_cache_alloc_noprof+0x42/0x3a0
[ 1265.517043][ T8849]  ? getname_flags+0xc6/0x710
[ 1265.517070][ T8849]  getname_flags+0xc6/0x710
[ 1265.517097][ T8849]  user_path_at+0x2b/0x60
[ 1265.517126][ T8849]  do_fchmodat+0xf3/0x200
[ 1265.517147][ T8849]  ? do_faccessat+0xcb0/0xcb0
[ 1265.517170][ T8849]  ? __kasan_check_read+0x15/0x20
[ 1265.517193][ T8849]  __x64_sys_fchmodat+0x81/0xa0
[ 1265.517222][ T8849]  x64_sys_call+0x2a28/0x2ee0
[ 1265.517250][ T8849]  do_syscall_64+0x58/0xf0
[ 1265.517278][ T8849]  ? clear_bhb_loop+0x35/0x90
[ 1265.517309][ T8849]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 1265.517339][ T8849] RIP: 0033:0x7f918078e929
[ 1265.517357][ T8849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1265.517376][ T8849] RSP: 002b:00007f918164e038 EFLAGS: 00000246 ORIG_RAX: 000000000000010c
[ 1265.517401][ T8849] RAX: ffffffffffffffda RBX: 00007f91809b5fa0 RCX: 00007f918078e929
[ 1265.517418][ T8849] RDX: 00000000000001ff RSI: 0000200000000440 RDI: ffffffffffffff9c
[ 1265.517434][ T8849] RBP: 00007f918164e090 R08: 0000000000000000 R09: 0000000000000000
[ 1265.517448][ T8849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1265.517461][ T8849] R13: 0000000000000000 R14: 00007f91809b5fa0 R15: 00007ffd1458fd28
[ 1265.517479][ T8849]  </TASK>
[ 1265.730954][ T8853] netlink: 'syz.3.16374': attribute type 4 has an invalid length.
[ 1265.770389][ T8855] netlink: 88 bytes leftover after parsing attributes in process `syz.2.16375'.
[ 1265.820997][ T8858] netlink: 324 bytes leftover after parsing attributes in process `syz.3.16376'.
[ 1265.830776][ T8859] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1267
[ 1265.830817][ T8859] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[ 1265.843939][ T8859] rust_binder: Read failure Err(EFAULT) in pid:1267
[ 1265.892425][ T8863] netlink: 96 bytes leftover after parsing attributes in process `syz.2.16379'.
[ 1265.908238][   T31] usb 6-1: new high-speed USB device number 66 using dummy_hcd
[ 1266.057265][   T31] usb 6-1: device descriptor read/64, error -71
[ 1266.140804][ T8873] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1266.206196][ T8873] syzkaller0: entered promiscuous mode
[ 1266.229616][ T8873] syzkaller0: entered allmulticast mode
[ 1266.235547][ T8873] tipc: Resetting bearer <eth:syzkaller0>
[ 1266.251851][ T8879] netlink: 112 bytes leftover after parsing attributes in process `syz.2.16386'.
[ 1266.265479][ T8871] tipc: Resetting bearer <eth:syzkaller0>
[ 1266.298884][ T8871] tipc: Disabling bearer <eth:syzkaller0>
[ 1266.316256][ T8882] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1266.335285][   T31] usb 6-1: device descriptor read/64, error -71
[ 1266.534756][ T8893] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[ 1266.534795][ T8893] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:462
[ 1266.549694][ T8893] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[ 1266.569785][ T8893] rust_binder: Read failure Err(EFAULT) in pid:462
[ 1266.613190][   T31] usb 6-1: new high-speed USB device number 67 using dummy_hcd
[ 1266.773584][   T31] usb 6-1: device descriptor read/64, error -71
[ 1266.823297][ T8904] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1266.982283][ T8914] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:590
[ 1267.030131][   T31] usb 6-1: device descriptor read/64, error -71
[ 1267.159766][ T8921] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[ 1267.179889][   T31] usb usb6-port1: attempt power cycle
[ 1267.265555][   T36] kauditd_printk_skb: 1044 callbacks suppressed
[ 1267.265575][   T36] audit: type=1400 audit(2000033210.651:146478): avc:  denied  { create } for  pid=8925 comm="syz.2.16407" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1267.327935][   T36] audit: type=1400 audit(2000033210.651:146479): avc:  denied  { create } for  pid=8924 comm="syz.3.16406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1267.350280][   T36] audit: type=1400 audit(2000033210.651:146480): avc:  denied  { write } for  pid=8924 comm="syz.3.16406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1267.370765][   T36] audit: type=1400 audit(2000033210.651:146481): avc:  denied  { nlmsg_write } for  pid=8924 comm="syz.3.16406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1267.408145][   T36] audit: type=1400 audit(2000033210.651:146482): avc:  denied  { read write } for  pid=6964 comm="syz-executor" name="loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1267.457734][   T36] audit: type=1400 audit(2000033210.651:146483): avc:  denied  { read write open } for  pid=6964 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1267.511179][   T36] audit: type=1400 audit(2000033210.651:146484): avc:  denied  { ioctl } for  pid=6964 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1267.514290][ T8935] fuse: Bad value for 'group_id'
[ 1267.569641][ T8935] fuse: Bad value for 'group_id'
[ 1267.573362][   T36] audit: type=1400 audit(2000033210.689:146485): avc:  denied  { create } for  pid=8925 comm="syz.2.16407" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1267.607328][   T31] usb 6-1: new high-speed USB device number 68 using dummy_hcd
[ 1267.650207][   T36] audit: type=1400 audit(2000033210.689:146486): avc:  denied  { ioctl } for  pid=8925 comm="syz.2.16407" path="socket:[300940]" dev="sockfs" ino=300940 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1267.682599][ T8847] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1267.724992][   T31] usb 6-1: device descriptor read/8, error -71
[ 1267.823369][ T8950] rust_binder: Write failure EFAULT in pid:486
[ 1267.876073][   T31] usb 6-1: device descriptor read/8, error -71
[ 1267.922765][ T8956] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1267.964948][ T8956] syzkaller0: entered promiscuous mode
[ 1267.970497][ T8956] syzkaller0: entered allmulticast mode
[ 1268.004137][ T8956] tipc: Resetting bearer <eth:syzkaller0>
[ 1268.033218][ T8955] tipc: Resetting bearer <eth:syzkaller0>
[ 1268.087184][ T8955] tipc: Disabling bearer <eth:syzkaller0>
[ 1268.094873][ T8959] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1268.103331][ T8966] tmpfs: Invalid uid '0x00000000ffffffff'
[ 1268.121831][ T8964] syzkaller0: entered promiscuous mode
[ 1268.127483][ T8964] syzkaller0: entered allmulticast mode
[ 1268.133631][ T8964] tipc: Resetting bearer <eth:syzkaller0>
[ 1268.150910][ T8957] tipc: Resetting bearer <eth:syzkaller0>
[ 1268.167609][   T31] usb 6-1: new high-speed USB device number 69 using dummy_hcd
[ 1268.181448][ T8957] tipc: Disabling bearer <eth:syzkaller0>
[ 1268.224231][   T31] usb 6-1: device descriptor read/8, error -71
[ 1268.258592][ T8972] netlink: 'syz.3.16425': attribute type 4 has an invalid length.
[ 1268.378848][   T31] usb 6-1: device descriptor read/8, error -71
[ 1268.507269][   T31] usb usb6-port1: unable to enumerate USB device
[ 1268.516715][ T8985] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1268.540438][ T8985] syzkaller0: entered promiscuous mode
[ 1268.545994][ T8985] syzkaller0: entered allmulticast mode
[ 1268.563351][ T8985] tipc: Resetting bearer <eth:syzkaller0>
[ 1268.572036][ T8984] tipc: Resetting bearer <eth:syzkaller0>
[ 1268.588369][ T8984] tipc: Disabling bearer <eth:syzkaller0>
[ 1268.665274][ T8996] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[ 1268.665299][ T8996] rust_binder: Read failure Err(EFAULT) in pid:506
[ 1268.897818][ T9014] __nla_validate_parse: 21 callbacks suppressed
[ 1268.897841][ T9014] netlink: 76 bytes leftover after parsing attributes in process `syz.6.16444'.
[ 1268.963508][ T9016] netlink: 80 bytes leftover after parsing attributes in process `syz.6.16445'.
[ 1269.125481][ T6336] usb 4-1: new full-speed USB device number 35 using dummy_hcd
[ 1269.126745][ T9025] netlink: 96 bytes leftover after parsing attributes in process `syz.6.16449'.
[ 1269.181563][ T9027] netlink: 112 bytes leftover after parsing attributes in process `syz.6.16450'.
[ 1269.297586][ T6336] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1269.308630][ T6336] usb 4-1: not running at top speed; connect to a high speed hub
[ 1269.341457][ T6336] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 147, changing to 4
[ 1269.355835][ T9031] binder: Bad value for 'stats'
[ 1269.378091][ T6336] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1269.398678][ T6336] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1269.409450][ T6336] usb 4-1: Product: syz
[ 1269.413670][ T6336] usb 4-1: Manufacturer: syz
[ 1269.430980][ T6336] usb 4-1: SerialNumber: syz
[ 1269.501112][ T9037] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1301
[ 1269.539046][ T9041] netlink: 12 bytes leftover after parsing attributes in process `syz.6.16456'.
[ 1269.703596][ T9047] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16459'.
[ 1269.725774][ T9045] x_tables: duplicate underflow at hook 1
[ 1269.775169][ T9049] netlink: 324 bytes leftover after parsing attributes in process `syz.2.16461'.
[ 1269.830087][ T9052] rust_binder: Error while translating object.
[ 1269.830126][ T9052] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1269.844432][ T9052] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1067
[ 1270.098580][ T9059] netlink: 16 bytes leftover after parsing attributes in process `syz.6.16472'.
[ 1270.141108][ T2287] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[ 1270.204997][ T9061] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1270.264462][ T9061] syzkaller0: entered promiscuous mode
[ 1270.290764][ T9061] syzkaller0: entered allmulticast mode
[ 1270.296696][ T9061] tipc: Resetting bearer <eth:syzkaller0>
[ 1270.312135][ T2287] usb 3-1: Using ep0 maxpacket: 8
[ 1270.340138][ T2287] usb 3-1: config 7 has an invalid interface number: 83 but max is 2
[ 1270.365576][ T2287] usb 3-1: config 7 has an invalid interface number: 158 but max is 2
[ 1270.374935][ T9060] tipc: Resetting bearer <eth:syzkaller0>
[ 1270.375604][ T2287] usb 3-1: config 7 has an invalid interface number: 23 but max is 2
[ 1270.390401][ T9066] netlink: 80 bytes leftover after parsing attributes in process `syz.6.16466'.
[ 1270.407579][ T9060] tipc: Disabling bearer <eth:syzkaller0>
[ 1270.412140][ T2287] usb 3-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[ 1270.422416][ T2287] usb 3-1: config 7 has an invalid interface number: 7 but max is 2
[ 1270.438555][ T2287] usb 3-1: config 7 has an invalid interface number: 255 but max is 2
[ 1270.448194][ T2287] usb 3-1: config 7 has an invalid descriptor of length 227, skipping remainder of the config
[ 1270.472501][ T2287] usb 3-1: config 7 has 5 interfaces, different from the descriptor's value: 3
[ 1270.499747][ T2287] usb 3-1: config 7 has no interface number 0
[ 1270.518795][ T2287] usb 3-1: config 7 has no interface number 1
[ 1270.524966][ T2287] usb 3-1: config 7 has no interface number 2
[ 1270.550107][ T2287] usb 3-1: config 7 has no interface number 3
[ 1270.568080][ T9070] netlink: 112 bytes leftover after parsing attributes in process `syz.5.16468'.
[ 1270.579394][ T2287] usb 3-1: config 7 has no interface number 4
[ 1270.585597][ T2287] usb 3-1: config 7 interface 83 altsetting 2 has an invalid descriptor for endpoint zero, skipping
[ 1270.615504][ T2287] usb 3-1: config 7 interface 83 altsetting 2 has an invalid descriptor for endpoint zero, skipping
[ 1270.627784][ T2287] usb 3-1: config 7 interface 83 altsetting 2 has an invalid descriptor for endpoint zero, skipping
[ 1270.638728][ T2287] usb 3-1: config 7 interface 83 altsetting 2 has an endpoint descriptor with address 0x1C, changing to 0xC
[ 1270.650345][ T2287] usb 3-1: config 7 interface 83 altsetting 2 bulk endpoint 0xC has invalid maxpacket 32
[ 1270.660292][ T2287] usb 3-1: config 7 interface 83 altsetting 2 has 4 endpoint descriptors, different from the interface descriptor's value: 16
[ 1270.674040][ T2287] usb 3-1: too many endpoints for config 7 interface 158 altsetting 156: 194, using maximum allowed: 30
[ 1270.685344][ T2287] usb 3-1: config 7 interface 158 altsetting 156 endpoint 0x7 has invalid maxpacket 512, setting to 64
[ 1270.696501][ T2287] usb 3-1: config 7 interface 158 altsetting 156 has a duplicate endpoint with address 0xF, skipping
[ 1270.707487][ T2287] usb 3-1: config 7 interface 158 altsetting 156 has 4 endpoint descriptors, different from the interface descriptor's value: 194
[ 1270.729067][ T2287] usb 3-1: too many endpoints for config 7 interface 23 altsetting 219: 117, using maximum allowed: 30
[ 1270.732299][ T9072] binder: Unknown parameter 'processor	: 0
[ 1270.732299][ T9072] vendor_id	: GenuineIntel
[ 1270.732299][ T9072] cpu family	: 6
[ 1270.732299][ T9072] model		: 79
[ 1270.732299][ T9072] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[ 1270.732299][ T9072] stepping	: 0
[ 1270.732299][ T9072] microcode	: 0xffffffff
[ 1270.732299][ T9072] cpu MHz		: 2199.998
[ 1270.732299][ T9072] cache size	: 56320 KB
[ 1270.732299][ T9072] physical id	: 0
[ 1270.732299][ T9072] siblings	: 2
[ 1270.732299][ T9072] core id		: 0
[ 1270.732299][ T9072] cpu cores	: 1
[ 1270.732299][ T9072] apicid		: 0
[ 1270.732299][ T9072] initial apicid	: 0
[ 1270.732299][ T9072] fpu		: yes
[ 1270.732299][ T9072] fpu_exception	: yes
[ 1270.732299][ T9072] cpuid level	: 13
[ 1270.732299][ T9072] wp		: yes
[ 1270.732299][ T9072] flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities
[ 1270.732299][ T9072] vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi
[ 1270.750461][ T2287] usb 3-1: config 7 interface 23 altsetting 219 endpoint 0x85 has invalid maxpacket 1023, setting to 64
[ 1270.804071][   T31] usb 7-1: new high-speed USB device number 49 using dummy_hcd
[ 1270.900805][ T2287] usb 3-1: config 7 interface 23 altsetting 219 endpoint 0xA has invalid maxpacket 1024, setting to 64
[ 1270.915331][ T6336] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found
[ 1270.926416][ T2287] usb 3-1: config 7 interface 23 altsetting 219 endpoint 0xB has invalid maxpacket 1024, setting to 64
[ 1270.938439][ T2287] usb 3-1: config 7 interface 23 altsetting 219 has a duplicate endpoint with address 0xA, skipping
[ 1270.985685][ T6336] usb 4-1: USB disconnect, device number 35
[ 1270.993137][ T2287] usb 3-1: config 7 interface 23 altsetting 219 has a duplicate endpoint with address 0x2, skipping
[ 1271.015874][ T2287] usb 3-1: config 7 interface 23 altsetting 219 endpoint 0xE has invalid maxpacket 1024, setting to 64
[ 1271.053349][ T2287] usb 3-1: config 7 interface 23 altsetting 219 has a duplicate endpoint with address 0x7, skipping
[ 1271.067707][ T2287] usb 3-1: config 7 interface 23 altsetting 219 has a duplicate endpoint with address 0x7, skipping
[ 1271.099021][ T2287] usb 3-1: config 7 interface 23 altsetting 219 has 8 endpoint descriptors, different from the interface descriptor's value: 117
[ 1271.114266][ T2287] usb 3-1: config 7 interface 7 altsetting 11 has a duplicate endpoint with address 0x5, skipping
[ 1271.125489][ T2287] usb 3-1: config 7 interface 7 altsetting 11 has a duplicate endpoint with address 0x5, skipping
[ 1271.136423][ T2287] usb 3-1: config 7 interface 7 altsetting 11 has a duplicate endpoint with address 0xE, skipping
[ 1271.146052][   T31] usb 7-1: Using ep0 maxpacket: 8
[ 1271.147327][ T2287] usb 3-1: config 7 interface 7 altsetting 11 has an invalid descriptor for endpoint zero, skipping
[ 1271.157457][   T31] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1271.163021][ T2287] usb 3-1: config 7 interface 7 altsetting 11 has an endpoint descriptor with address 0xB1, changing to 0x81
[ 1271.187392][ T2287] usb 3-1: config 7 interface 7 altsetting 11 endpoint 0x81 has invalid maxpacket 41028, setting to 64
[ 1271.199623][ T2287] usb 3-1: config 7 interface 7 altsetting 11 has 6 endpoint descriptors, different from the interface descriptor's value: 5
[ 1271.199777][T29202] udevd[29202]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1271.212952][ T2287] usb 3-1: config 7 interface 255 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 13
[ 1271.230291][   T31] usb 7-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00
[ 1271.251700][   T31] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1271.252779][ T2287] usb 3-1: config 7 interface 83 has no altsetting 0
[ 1271.267365][ T2287] usb 3-1: config 7 interface 158 has no altsetting 0
[ 1271.275376][ T2287] usb 3-1: config 7 interface 23 has no altsetting 0
[ 1271.278647][   T31] usb 7-1: config 0 descriptor??
[ 1271.286882][ T2287] usb 3-1: config 7 interface 7 has no altsetting 0
[ 1271.294230][ T2287] usb 3-1: config 7 interface 255 has no altsetting 0
[ 1271.327743][  T426] usb 6-1: new high-speed USB device number 70 using dummy_hcd
[ 1271.348144][ T2287] usb 3-1: New USB device found, idVendor=0403, idProduct=e520, bcdDevice=62.dc
[ 1271.364865][ T2287] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1271.382212][ T2287] usb 3-1: Product: 辶僡輦ﴽ吴찞甧ᚷ₟虘萅囗隸浥㜣甇Ａُ計輕똼췍쯹洽প탓뺦❒苰፝䋓᲎᷇궐∨잻熠壍謺䞋枥
[ 1271.413253][ T2287] usb 3-1: Manufacturer: Н
[ 1271.424603][ T2287] usb 3-1: SerialNumber: Э
[ 1271.434428][ T9054] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1271.491040][  T426] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1271.501421][  T426] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1271.512611][  T426] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1271.521761][  T426] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1271.531144][  T426] usb 6-1: SerialNumber: syz
[ 1271.726958][ T2287] ftdi_sio 3-1:7.83: FTDI USB Serial Device converter detected
[ 1271.736592][   T31] ortek 0003:1223:3F07.0078: unknown main item tag 0x0
[ 1271.749737][ T2287] ftdi_sio ttyUSB0: unknown device type: 0x62dc
[ 1271.755398][   T31] ortek 0003:1223:3F07.0078: unknown main item tag 0x0
[ 1271.764362][   T31] ortek 0003:1223:3F07.0078: unknown main item tag 0x0
[ 1271.764621][ T2287] ftdi_sio 3-1:7.158: FTDI USB Serial Device converter detected
[ 1271.782086][ T2287] ftdi_sio ttyUSB1: unknown device type: 0x62dc
[ 1271.787516][   T31] ortek 0003:1223:3F07.0078: unknown main item tag 0x0
[ 1271.795823][   T31] ortek 0003:1223:3F07.0078: unknown main item tag 0x0
[ 1271.802457][ T2287] ftdi_sio 3-1:7.23: FTDI USB Serial Device converter detected
[ 1271.813452][ T9079] rust_binder: Got transaction with invalid offset.
[ 1271.813505][ T9079] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1271.814277][ T2287] ftdi_sio ttyUSB2: unknown device type: 0x62dc
[ 1271.820466][   T31] ortek 0003:1223:3F07.0078: hidraw0: USB HID v0.07 Device [HID 1223:3f07] on usb-dummy_hcd.6-1/input0
[ 1271.851575][ T9079] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1083
[ 1271.860291][ T2287] ftdi_sio 3-1:7.7: FTDI USB Serial Device converter detected
[ 1271.897236][ T2287] ftdi_sio ttyUSB3: unknown device type: 0x62dc
[ 1271.918787][ T2287] ftdi_sio 3-1:7.255: FTDI USB Serial Device converter detected
[ 1271.938110][ T2287] ftdi_sio ttyUSB4: unknown device type: 0x62dc
[ 1271.952408][ T9096] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1271.956519][ T9096] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[ 1271.980083][ T2287] usb 3-1: USB disconnect, device number 106
[ 1271.986118][   T31] usb 7-1: USB disconnect, device number 49
[ 1271.991597][ T9096] rust_binder: Write failure EINVAL in pid:530
[ 1272.025832][ T2287] ftdi_sio 3-1:7.83: device disconnected
[ 1272.071958][ T2287] ftdi_sio 3-1:7.158: device disconnected
[ 1272.081572][ T9099] random: crng reseeded on system resumption
[ 1272.084456][ T2287] ftdi_sio 3-1:7.23: device disconnected
[ 1272.098501][ T2287] ftdi_sio 3-1:7.7: device disconnected
[ 1272.108725][ T2287] ftdi_sio 3-1:7.255: device disconnected
[ 1272.115968][ T9097] fido_id[9097]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[ 1272.454017][ T9109] netlink: 'syz.3.16482': attribute type 4 has an invalid length.
[ 1272.600700][ T2287] usb 3-1: new high-speed USB device number 107 using dummy_hcd
[ 1272.631975][   T36] kauditd_printk_skb: 921 callbacks suppressed
[ 1272.631994][   T36] audit: type=1400 audit(2000033215.665:147382): avc:  denied  { read write } for  pid=6190 comm="syz-executor" name="loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1272.711249][   T36] audit: type=1400 audit(2000033215.665:147383): avc:  denied  { read write open } for  pid=6190 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1272.770991][   T36] audit: type=1400 audit(2000033215.665:147384): avc:  denied  { ioctl } for  pid=6190 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1272.783181][ T9127] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1272.808666][ T2287] usb 3-1: Using ep0 maxpacket: 32
[ 1272.813738][   T36] audit: type=1400 audit(2000033215.665:147385): avc:  denied  { ioctl } for  pid=9104 comm="syz.2.16480" path="/dev/raw-gadget" dev="devtmpfs" ino=190 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1272.827464][ T2287] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1272.840909][   T36] audit: type=1400 audit(2000033215.665:147386): avc:  denied  { ioctl } for  pid=9104 comm="syz.2.16480" path="/dev/raw-gadget" dev="devtmpfs" ino=190 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1272.877889][ T2287] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1272.904874][ T9127] syzkaller0: entered promiscuous mode
[ 1272.918344][ T2287] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1272.934789][   T36] audit: type=1400 audit(2000033215.665:147387): avc:  denied  { ioctl } for  pid=9104 comm="syz.2.16480" path="/dev/raw-gadget" dev="devtmpfs" ino=190 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1272.939611][ T2287] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1272.969099][ T9127] syzkaller0: entered allmulticast mode
[ 1272.982100][ T9127] tipc: Resetting bearer <eth:syzkaller0>
[ 1272.984937][ T9134] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1272.995649][ T9136] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1273.002210][ T9136] audit: audit_lost=178 audit_rate_limit=0 audit_backlog_limit=64
[ 1273.010480][   T36] audit: type=1400 audit(2000033215.674:147388): avc:  denied  { unmount } for  pid=6964 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[ 1273.011296][ T9126] tipc: Resetting bearer <eth:syzkaller0>
[ 1273.032378][ T9134] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1273.061057][ T2287] usb 3-1: config 0 descriptor??
[ 1273.065815][ T9134] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1273.087161][ T2287] hub 3-1:0.0: USB hub found
[ 1273.100942][ T9126] tipc: Disabling bearer <eth:syzkaller0>
[ 1273.310071][ T2287] hub 3-1:0.0: config failed, hub doesn't have any ports! (err -19)
[ 1273.400181][ T9149] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1273.543043][ T2287] usbhid 3-1:0.0: can't add hid device: -71
[ 1273.572812][ T2287] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1273.630423][ T2287] usb 3-1: USB disconnect, device number 107
[ 1273.861415][   T45] usb 7-1: new full-speed USB device number 50 using dummy_hcd
[ 1274.033784][   T45] usb 7-1: not running at top speed; connect to a high speed hub
[ 1274.044076][   T45] usb 7-1: config 1 interface 0 altsetting 127 endpoint 0x81 has invalid maxpacket 512, setting to 64
[ 1274.068223][   T45] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1274.085805][   T45] usb 7-1: New USB device found, idVendor=056a, idProduct=00d2, bcdDevice= 0.40
[ 1274.101911][   T45] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1274.126046][   T45] usb 7-1: Product: syz
[ 1274.131121][   T45] usb 7-1: Manufacturer: syz
[ 1274.135768][   T45] usb 7-1: SerialNumber: syz
[ 1274.152778][ T9165] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1274.291408][ T9194] __nla_validate_parse: 9 callbacks suppressed
[ 1274.291428][ T9194] netlink: 96 bytes leftover after parsing attributes in process `syz.5.16516'.
[ 1274.315826][ T9197] netlink: 80 bytes leftover after parsing attributes in process `syz.3.16517'.
[ 1274.362150][ T9200] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1274.365353][ T9200] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1274.371885][ T9200] rust_binder: Error while translating object.
[ 1274.395974][ T9200] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1274.402319][ T9200] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1320
[ 1274.420511][   T45] usbhid 7-1:1.0: can't add hid device: -71
[ 1274.463519][ T9203] netlink: 'syz.6.16522': attribute type 4 has an invalid length.
[ 1274.470845][   T45] usbhid 7-1:1.0: probe with driver usbhid failed with error -71
[ 1274.503978][   T45] usb 7-1: USB disconnect, device number 50
[ 1274.669988][ T9214] netlink: 16 bytes leftover after parsing attributes in process `syz.2.16526'.
[ 1274.733536][ T9216] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[ 1274.733575][ T9216] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:1118
[ 1275.015605][ T9225] /dev/loop0: Can't lookup blockdev
[ 1275.101843][ T9228] netlink: 324 bytes leftover after parsing attributes in process `syz.2.16531'.
[ 1275.301505][ T9240] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1275.301655][ T9241] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1275.385396][ T9241] rust_binder: Error in use_page_slow: ESRCH
[ 1275.390246][ T9245] rust_binder: Error in use_page_slow: ESRCH
[ 1275.399096][ T9241] rust_binder: use_range failure ESRCH
[ 1275.411529][ T9245] rust_binder: use_range failure ESRCH
[ 1275.413331][ T9241] rust_binder: Failed to allocate buffer. len:112, is_oneway:false
[ 1275.417072][ T9245] rust_binder: Failed to allocate buffer. len:112, is_oneway:false
[ 1275.417087][ T9245] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[ 1275.432151][ T9241] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[ 1275.448683][ T9241] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:583
[ 1275.459057][ T9245] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:583
[ 1275.497074][ T6336] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[ 1275.653912][ T9254] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1275.668130][ T6336] usb 3-1: Using ep0 maxpacket: 16
[ 1275.680086][ T9254] syzkaller0: entered promiscuous mode
[ 1275.680129][ T6336] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[ 1275.686985][ T9254] syzkaller0: entered allmulticast mode
[ 1275.700759][ T9254] tipc: Resetting bearer <eth:syzkaller0>
[ 1275.707335][ T6336] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1275.717765][ T6336] usb 3-1: config 0 has no interface number 0
[ 1275.724024][ T9253] tipc: Resetting bearer <eth:syzkaller0>
[ 1275.730703][ T6336] usb 3-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[ 1275.743050][ T6336] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1275.751208][ T6336] usb 3-1: Product: syz
[ 1275.760458][ T6336] usb 3-1: Manufacturer: syz
[ 1275.767116][ T6336] usb 3-1: SerialNumber: syz
[ 1275.769691][ T9253] tipc: Disabling bearer <eth:syzkaller0>
[ 1275.779628][ T6336] usb 3-1: config 0 descriptor??
[ 1275.787484][ T6336] usb 3-1: Found UVC 0.00 device syz (046d:08f3)
[ 1275.798433][ T6336] usb 3-1: No valid video chain found.
[ 1275.906027][ T9256] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1275.930666][ T9256] syzkaller0: entered promiscuous mode
[ 1275.936300][ T9256] syzkaller0: entered allmulticast mode
[ 1275.946382][ T9256] tipc: Resetting bearer <eth:syzkaller0>
[ 1275.967188][ T9255] tipc: Resetting bearer <eth:syzkaller0>
[ 1275.992282][ T9255] tipc: Disabling bearer <eth:syzkaller0>
[ 1276.015419][ T9235] rust_binder: Write failure EINVAL in pid:1330
[ 1276.018515][   T31] usb 3-1: USB disconnect, device number 108
[ 1276.105504][ T9260] netlink: 'syz.6.16544': attribute type 4 has an invalid length.
[ 1276.191135][ T9264] binder: Unknown parameter 'stan#nts'
[ 1276.267138][ T9268] netlink: 112 bytes leftover after parsing attributes in process `syz.5.16548'.
[ 1276.334373][ T9270] netlink: 16 bytes leftover after parsing attributes in process `syz.6.16549'.
[ 1276.368718][ T9273] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1276.401623][ T9273] syzkaller0: entered promiscuous mode
[ 1276.407418][ T9273] syzkaller0: entered allmulticast mode
[ 1276.413472][ T9273] tipc: Resetting bearer <eth:syzkaller0>
[ 1276.428820][ T9272] tipc: Resetting bearer <eth:syzkaller0>
[ 1276.456532][ T9272] tipc: Disabling bearer <eth:syzkaller0>
[ 1276.464722][ T9276] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16552'.
[ 1276.818584][ T9294] netlink: 112 bytes leftover after parsing attributes in process `syz.6.16559'.
[ 1276.893939][ T9293] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1334
[ 1276.909108][ T9293] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1334
[ 1276.946040][  T426] usb 6-1: 0:2 : does not exist
[ 1277.056603][ T9298] netlink: 88 bytes leftover after parsing attributes in process `syz.5.16561'.
[ 1277.181640][ T9305] netlink: 96 bytes leftover after parsing attributes in process `syz.5.16564'.
[ 1277.214339][ T9302] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1277.304817][ T9302] syzkaller0: entered promiscuous mode
[ 1277.310866][ T9302] syzkaller0: entered allmulticast mode
[ 1277.317049][ T9302] tipc: Resetting bearer <eth:syzkaller0>
[ 1277.327780][ T9301] tipc: Resetting bearer <eth:syzkaller0>
[ 1277.370505][ T9301] tipc: Disabling bearer <eth:syzkaller0>
[ 1277.557324][ T9320] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1339
[ 1277.630996][ T9322] fuse: Bad value for 'fd'
[ 1277.652495][ T9327] rust_binder: Write failure EINVAL in pid:1339
[ 1277.941846][ T9334] binder: Bad value for 'max'
[ 1277.989616][   T36] kauditd_printk_skb: 904 callbacks suppressed
[ 1277.989644][   T36] audit: type=1400 audit(2000033220.679:148278): avc:  denied  { read write } for  pid=9333 comm="syz.6.16575" name="fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1278.044067][   T36] audit: type=1400 audit(2000033220.679:148279): avc:  denied  { read write open } for  pid=9333 comm="syz.6.16575" path="/dev/fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1278.091192][   T36] audit: type=1400 audit(2000033220.688:148280): avc:  denied  { read write } for  pid=9333 comm="syz.6.16575" name="fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1278.136246][   T36] audit: type=1400 audit(2000033220.688:148281): avc:  denied  { read write open } for  pid=9333 comm="syz.6.16575" path="/dev/fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1278.186258][   T36] audit: type=1400 audit(2000033220.744:148282): avc:  denied  { read write } for  pid=6190 comm="syz-executor" name="loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1278.233589][   T36] audit: type=1400 audit(2000033220.744:148283): avc:  denied  { read write open } for  pid=6190 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1278.284775][   T36] audit: type=1400 audit(2000033220.744:148284): avc:  denied  { ioctl } for  pid=6190 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1278.353850][   T36] audit: type=1400 audit(2000033220.856:148285): avc:  denied  { create } for  pid=9336 comm="syz.6.16576" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1278.410151][   T36] audit: type=1400 audit(2000033220.866:148286): avc:  denied  { write } for  pid=9336 comm="syz.6.16576" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1278.475816][   T36] audit: type=1400 audit(2000033220.866:148287): avc:  denied  { nlmsg_write } for  pid=9336 comm="syz.6.16576" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1278.535293][ T9346] binder: Unknown parameter 'c��	V��(��G�爟;dz���@
wm���z��85�m�1�}
[ 1278.535293][ T9346] �W���9?vE�Ȇv�*���#���ʖrA����m����9�-����Q��ێ�	�O�&XK��'�'
[ 1278.778557][ T9356] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1278.778587][ T9356] rust_binder: Error while translating object.
[ 1278.809102][ T9356] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1278.809140][ T9356] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1346
[ 1278.833940][ T9360] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1278.872793][ T9360] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1279.061368][ T9365] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1348
[ 1279.779890][ T9403] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[ 1279.779885][ T9405] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[ 1279.779917][ T9403] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:613
[ 1279.826801][ T9405] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:613
[ 1279.835991][ T9405] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[ 1279.867356][ T9407] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1185
[ 1279.880223][   T45] usb 3-1: new full-speed USB device number 109 using dummy_hcd
[ 1279.897282][ T9403] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[ 1279.897304][ T9403] rust_binder: Read failure Err(EFAULT) in pid:613
[ 1279.899783][ T9409] __nla_validate_parse: 7 callbacks suppressed
[ 1279.899805][ T9409] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16605'.
[ 1279.912801][ T9405] rust_binder: Read failure Err(EFAULT) in pid:613
[ 1279.945685][ T9407] rust_binder: Error while translating object.
[ 1279.952293][ T9407] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1279.987147][ T9407] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1185
[ 1280.078708][ T9414] netlink: 'syz.6.16607': attribute type 4 has an invalid length.
[ 1280.099246][   T45] usb 3-1: config 0 has an invalid interface number: 41 but max is 0
[ 1280.108064][   T45] usb 3-1: config 0 has no interface number 0
[ 1280.124754][   T45] usb 3-1: config 0 interface 41 altsetting 2 has an endpoint descriptor with address 0x7F, changing to 0xF
[ 1280.148889][   T45] usb 3-1: config 0 interface 41 has no altsetting 0
[ 1280.167892][   T45] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[ 1280.177596][   T45] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1280.186841][   T45] usb 3-1: Product: syz
[ 1280.191991][   T45] usb 3-1: Manufacturer: syz
[ 1280.196626][   T45] usb 3-1: SerialNumber: syz
[ 1280.204328][   T45] usb 3-1: config 0 descriptor??
[ 1280.222373][   T45] CoreChips 3-1:0.41: probe with driver CoreChips failed with error -22
[ 1280.330373][ T9419] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1280.352712][ T9419] syzkaller0: entered promiscuous mode
[ 1280.358221][ T9419] syzkaller0: entered allmulticast mode
[ 1280.364087][ T9419] tipc: Resetting bearer <eth:syzkaller0>
[ 1280.371441][ T9418] tipc: Resetting bearer <eth:syzkaller0>
[ 1280.382948][ T9418] tipc: Disabling bearer <eth:syzkaller0>
[ 1280.414768][  T426] usb 7-1: new full-speed USB device number 51 using dummy_hcd
[ 1280.442721][ T9427] netlink: 112 bytes leftover after parsing attributes in process `syz.3.16611'.
[ 1280.505619][ T9432] netlink: 112 bytes leftover after parsing attributes in process `syz.3.16614'.
[ 1280.508595][ T9433] rust_binder: Write failure EINVAL in pid:1192
[ 1280.570915][ T9437] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16616'.
[ 1280.590905][  T426] usb 7-1: config 0 has an invalid interface number: 230 but max is 0
[ 1280.607178][  T426] usb 7-1: config 0 has no interface number 0
[ 1280.613855][  T426] usb 7-1: config 0 interface 230 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 1280.627142][  T426] usb 7-1: config 0 interface 230 altsetting 2 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1280.638845][  T426] usb 7-1: config 0 interface 230 has no altsetting 0
[ 1280.652327][  T426] usb 7-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[ 1280.662281][  T426] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1280.670355][  T426] usb 7-1: Product: syz
[ 1280.675716][  T426] usb 7-1: Manufacturer: syz
[ 1280.680365][  T426] usb 7-1: SerialNumber: syz
[ 1280.693140][  T426] usb 7-1: config 0 descriptor??
[ 1280.700907][ T9417] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1280.706368][ T9446] rust_binder: Write failure EFAULT in pid:633
[ 1280.708763][ T9417] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1280.729284][  T426] ums-usbat 7-1:0.230: USB Mass Storage device detected
[ 1280.747614][  T426] ums-usbat 7-1:0.230: Quirks match for vid 0781 pid 0005: 1
[ 1280.774867][ T9450] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1280.785936][ T9452] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[ 1280.785995][ T9452] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:1201
[ 1280.801473][ T9450] syzkaller0: entered promiscuous mode
[ 1280.816673][ T9450] syzkaller0: entered allmulticast mode
[ 1280.824129][ T9450] tipc: Resetting bearer <eth:syzkaller0>
[ 1280.833415][ T9449] tipc: Resetting bearer <eth:syzkaller0>
[ 1280.851161][ T9449] tipc: Disabling bearer <eth:syzkaller0>
[ 1280.859759][ T9454] netlink: 'syz.5.16622': attribute type 4 has an invalid length.
[ 1280.903652][ T9456] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1280.903680][ T9456] rust_binder: Error while translating object.
[ 1280.914418][ T9456] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1280.920721][ T9456] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1205
[ 1280.982077][ T9459] netlink: 12 bytes leftover after parsing attributes in process `syz.5.16625'.
[ 1281.015633][ T9460] rust_binder: Write failure EINVAL in pid:637
[ 1281.162837][ T9471] netlink: 112 bytes leftover after parsing attributes in process `syz.5.16630'.
[ 1281.278877][ T9474] rust_binder: Error while translating object.
[ 1281.278915][ T9474] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1281.285240][ T9474] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1218
[ 1281.297283][ T9475] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1281.339777][ T9479] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16632'.
[ 1281.405238][ T9484] netlink: 76 bytes leftover after parsing attributes in process `syz.5.16634'.
[ 1281.408476][ T9483] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1281.441966][ T9486] netlink: 'syz.5.16636': attribute type 4 has an invalid length.
[ 1281.582715][ T9490] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1281.617887][ T9493] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1281.624495][ T9493] rust_binder: Error while translating object.
[ 1281.636258][ T9493] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1281.643804][ T9493] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1231
[ 1281.653757][ T9494] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[ 1281.665182][ T9494] rust_binder: Read failure Err(EFAULT) in pid:645
[ 1281.720616][ T9496] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1281.735881][ T9496] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1281.746982][ T9496] binder: Unknown parameter 'context'
[ 1282.603094][ T9508] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1282.622759][ T9508] syzkaller0: entered promiscuous mode
[ 1282.628321][ T9508] syzkaller0: entered allmulticast mode
[ 1282.634115][ T9508] tipc: Resetting bearer <eth:syzkaller0>
[ 1282.642277][ T9507] tipc: Resetting bearer <eth:syzkaller0>
[ 1282.657627][ T9507] tipc: Disabling bearer <eth:syzkaller0>
[ 1282.720059][   T45] usb 3-1: USB disconnect, device number 109
[ 1282.929183][ T9519] netlink: 88 bytes leftover after parsing attributes in process `syz.2.16649'.
[ 1283.042574][ T9522] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1283.094006][ T9524] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1283.114123][ T9521] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1283.162264][  T426] ums-usbat 7-1:0.230: probe with driver ums-usbat failed with error -5
[ 1283.287080][ T9533] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1283.310332][ T9533] syzkaller0: entered promiscuous mode
[ 1283.316740][ T9533] syzkaller0: entered allmulticast mode
[ 1283.323431][ T9535] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16655'.
[ 1283.323802][ T9533] tipc: Resetting bearer <eth:syzkaller0>
[ 1283.341994][ T9530] tipc: Resetting bearer <eth:syzkaller0>
[ 1283.363318][   T36] kauditd_printk_skb: 1023 callbacks suppressed
[ 1283.363338][   T36] audit: type=1400 audit(2000033225.702:149311): avc:  denied  { read write } for  pid=6964 comm="syz-executor" name="loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1283.372961][ T9530] tipc: Disabling bearer <eth:syzkaller0>
[ 1283.400482][   T36] audit: type=1400 audit(2000033225.702:149312): avc:  denied  { read write open } for  pid=6964 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1283.427432][   T36] audit: type=1400 audit(2000033225.702:149313): avc:  denied  { ioctl } for  pid=6964 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1283.468175][   T36] audit: type=1400 audit(2000033225.758:149314): avc:  denied  { create } for  pid=9536 comm="syz.5.16656" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1283.489644][   T36] audit: type=1400 audit(2000033225.777:149315): avc:  denied  { create } for  pid=9538 comm="syz.3.16657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1283.521006][   T36] audit: type=1400 audit(2000033225.777:149316): avc:  denied  { write } for  pid=9538 comm="syz.3.16657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1283.587891][   T36] audit: type=1400 audit(2000033225.777:149317): avc:  denied  { nlmsg_write } for  pid=9538 comm="syz.3.16657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1283.632421][   T36] audit: type=1400 audit(2000033225.795:149318): avc:  denied  { read write } for  pid=6964 comm="syz-executor" name="loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1283.662326][ T9547] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1283.677549][ T9547] rust_binder: Error while translating object.
[ 1283.683302][   T36] audit: type=1400 audit(2000033225.795:149319): avc:  denied  { read write open } for  pid=6964 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1283.690111][ T9549] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1283.691883][   T36] audit: type=1400 audit(2000033225.795:149320): avc:  denied  { ioctl } for  pid=6964 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1283.738990][ T9549] rust_binder: Error while translating object.
[ 1283.751816][ T9547] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[ 1283.758150][ T9547] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1368
[ 1283.769589][ T9549] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1283.779608][ T9549] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1243
[ 1284.063611][ T9566] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1284.116429][ T9566] syzkaller0: entered promiscuous mode
[ 1284.126664][ T9566] syzkaller0: entered allmulticast mode
[ 1284.136078][ T9566] tipc: Resetting bearer <eth:syzkaller0>
[ 1284.144807][ T9565] tipc: Resetting bearer <eth:syzkaller0>
[ 1284.174815][ T9565] tipc: Disabling bearer <eth:syzkaller0>
[ 1284.220247][ T9572] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1284.223355][ T9572] rust_binder: Error in use_page_slow: ESRCH
[ 1284.229849][ T9572] rust_binder: use_range failure ESRCH
[ 1284.236173][ T9572] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[ 1284.249499][ T9572] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[ 1284.259996][ T9572] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1378
[ 1284.332874][ T9581] netlink: 'syz.5.16674': attribute type 4 has an invalid length.
[ 1284.434393][   T45] usb 7-1: USB disconnect, device number 51
[ 1284.455306][ T9586] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[ 1284.538594][ T9593] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[ 1284.538622][ T9593] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[ 1284.566387][ T9593] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:744
[ 1284.625493][ T9591] tmpfs: Unsupported parameter 'mpol'
[ 1284.690575][ T9598] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1284.713092][ T9598] syzkaller0: entered promiscuous mode
[ 1284.719239][ T9598] syzkaller0: entered allmulticast mode
[ 1284.725491][ T9598] tipc: Resetting bearer <eth:syzkaller0>
[ 1284.736523][ T9597] tipc: Resetting bearer <eth:syzkaller0>
[ 1284.775277][ T9597] tipc: Disabling bearer <eth:syzkaller0>
[ 1284.866825][ T9611] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1284.866860][ T9611] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:750
[ 1285.048425][ T9621] netlink: 'syz.6.16692': attribute type 4 has an invalid length.
[ 1285.286456][ T9636] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1285.320138][ T9636] syzkaller0: entered promiscuous mode
[ 1285.325754][ T9636] syzkaller0: entered allmulticast mode
[ 1285.331814][ T9636] tipc: Resetting bearer <eth:syzkaller0>
[ 1285.340412][ T9634] tipc: Resetting bearer <eth:syzkaller0>
[ 1285.368650][ T9634] tipc: Disabling bearer <eth:syzkaller0>
[ 1285.521907][ T9645] __nla_validate_parse: 12 callbacks suppressed
[ 1285.521928][ T9645] netlink: 324 bytes leftover after parsing attributes in process `syz.5.16700'.
[ 1285.641124][ T9651] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16704'.
[ 1285.697007][ T9656] SELinux: security_context_str_to_sid () failed with errno=-22
[ 1285.833301][ T9660] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1285.849422][ T9669] netlink: 88 bytes leftover after parsing attributes in process `syz.3.16710'.
[ 1285.866395][ T9660] syzkaller0: entered promiscuous mode
[ 1285.872771][ T9660] syzkaller0: entered allmulticast mode
[ 1285.879531][ T9660] tipc: Resetting bearer <eth:syzkaller0>
[ 1285.902854][   T12] tipc: Resetting bearer <eth:syzkaller0>
[ 1285.910905][ T9659] tipc: Resetting bearer <eth:syzkaller0>
[ 1285.933990][ T9659] tipc: Disabling bearer <eth:syzkaller0>
[ 1285.987635][ T9675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1285.999281][ T9675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1286.022120][ T9675] block device autoloading is deprecated and will be removed.
[ 1286.035747][ T9671] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1286.045814][ T9675] syz.5.16713: attempt to access beyond end of device
[ 1286.045814][ T9675] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1286.082111][ T9678] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1286.082146][ T9678] rust_binder: Error while translating object.
[ 1286.100332][ T9671] overlay: ./file0 is not a directory
[ 1286.112860][ T9678] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1286.112899][ T9678] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:771
[ 1286.224033][ T9671] rust_binder: Error in use_page_slow: ESRCH
[ 1286.251469][ T9671] rust_binder: use_range failure ESRCH
[ 1286.282778][ T9671] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[ 1286.305499][ T9671] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[ 1286.320097][ T9686] netlink: 12 bytes leftover after parsing attributes in process `syz.6.16717'.
[ 1286.335541][ T9671] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:704
[ 1286.454930][ T9689] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[ 1286.472668][ T9689] rust_binder: Write failure EINVAL in pid:777
[ 1286.489188][ T9691] netlink: 112 bytes leftover after parsing attributes in process `syz.2.16719'.
[ 1286.594012][ T9695] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1286.742902][ T9702] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[ 1286.920609][ T9709] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1287.005333][ T9709] syzkaller0: entered promiscuous mode
[ 1287.022708][ T9709] syzkaller0: entered allmulticast mode
[ 1287.040279][ T9709] tipc: Resetting bearer <eth:syzkaller0>
[ 1287.053775][   T46] tipc: Resetting bearer <eth:syzkaller0>
[ 1287.094011][ T9708] tipc: Resetting bearer <eth:syzkaller0>
[ 1287.111562][ T9719] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1287.122421][ T9719] rust_binder: Error in use_page_slow: ESRCH
[ 1287.135223][ T9708] tipc: Disabling bearer <eth:syzkaller0>
[ 1287.142365][ T9719] rust_binder: use_range failure ESRCH
[ 1287.147041][ T9719] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[ 1287.155679][ T9719] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[ 1287.163701][ T9719] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:708
[ 1287.218128][ T9721] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1287.275878][ T9721] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1287.352952][ T2287] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[ 1287.458455][ T9735] fuse: Bad value for 'user_id'
[ 1287.470545][ T9735] fuse: Bad value for 'user_id'
[ 1287.516336][ T2287] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[ 1287.520762][ T9738] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16738'.
[ 1287.528258][ T2287] usb 3-1: config 220 has an invalid descriptor of length 72, skipping remainder of the config
[ 1287.556092][ T2287] usb 3-1: config 220 has no interface number 2
[ 1287.562511][ T2287] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1287.588127][ T2287] usb 3-1: config 220 interface 0 has no altsetting 0
[ 1287.601891][ T2287] usb 3-1: config 220 interface 76 has no altsetting 0
[ 1287.615767][ T2287] usb 3-1: config 220 interface 1 has no altsetting 0
[ 1287.626367][ T2287] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1287.635648][ T2287] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1287.643777][ T2287] usb 3-1: Product: syz
[ 1287.648022][ T2287] usb 3-1: Manufacturer: syz
[ 1287.652721][ T2287] usb 3-1: SerialNumber: syz
[ 1287.772362][ T9749] rust_binder: Failed to allocate buffer. len:64, is_oneway:false
[ 1287.777070][ T9751] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16742'.
[ 1287.852518][ T9754] netlink: 88 bytes leftover after parsing attributes in process `syz.6.16744'.
[ 1288.207512][ T9769] netlink: 76 bytes leftover after parsing attributes in process `syz.6.16748'.
[ 1288.256472][ T9765] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1288.403119][ T9765] syzkaller0: entered promiscuous mode
[ 1288.408933][ T9765] syzkaller0: entered allmulticast mode
[ 1288.448062][ T9765] tipc: Resetting bearer <eth:syzkaller0>
[ 1288.480162][ T9764] tipc: Resetting bearer <eth:syzkaller0>
[ 1288.553431][ T9764] tipc: Disabling bearer <eth:syzkaller0>
[ 1288.598108][ T9774] netlink: 'syz.6.16750': attribute type 4 has an invalid length.
[ 1288.728055][   T36] kauditd_printk_skb: 1098 callbacks suppressed
[ 1288.728091][   T36] audit: type=1400 audit(2000033230.725:150419): avc:  denied  { read write } for  pid=6964 comm="syz-executor" name="loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1288.789925][ T9776] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16751'.
[ 1288.815302][   T36] audit: type=1400 audit(2000033230.753:150420): avc:  denied  { read write open } for  pid=6964 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1288.871775][   T36] audit: type=1400 audit(2000033230.753:150421): avc:  denied  { create } for  pid=9775 comm="syz.6.16751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1288.916489][   T36] audit: type=1400 audit(2000033230.753:150422): avc:  denied  { ioctl } for  pid=6964 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1289.033375][   T36] audit: type=1400 audit(2000033230.772:150423): avc:  denied  { write } for  pid=9775 comm="syz.6.16751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1289.114665][   T36] audit: type=1400 audit(2000033230.781:150424): avc:  denied  { nlmsg_write } for  pid=9775 comm="syz.6.16751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1289.187193][   T36] audit: type=1400 audit(2000033230.856:150425): avc:  denied  { create } for  pid=9777 comm="syz.3.16752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1289.275806][   T36] audit: type=1400 audit(2000033230.856:150426): avc:  denied  { write } for  pid=9777 comm="syz.3.16752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1289.337425][   T36] audit: type=1400 audit(2000033230.856:150427): avc:  denied  { nlmsg_write } for  pid=9777 comm="syz.3.16752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1289.385999][   T36] audit: type=1400 audit(2000033230.931:150428): avc:  denied  { read write } for  pid=6190 comm="syz-executor" name="loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1289.663652][ T9796] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:824
[ 1289.664216][ T9796] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:824
[ 1289.707664][ T9796] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1289.940118][   T45] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[ 1290.121824][   T45] usb 4-1: Using ep0 maxpacket: 16
[ 1290.130064][   T45] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1290.143364][   T45] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1290.160230][   T45] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1290.169379][   T45] usb 4-1: New USB device strings: Mfr=0, Product=5, SerialNumber=2
[ 1290.177452][   T45] usb 4-1: Product: syz
[ 1290.181631][   T45] usb 4-1: SerialNumber: syz
[ 1290.189225][   T45] usb 4-1: config 0 descriptor??
[ 1290.594412][ T9821] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1290.620018][ T9821] syzkaller0: entered promiscuous mode
[ 1290.625613][ T9821] syzkaller0: entered allmulticast mode
[ 1290.631542][ T9821] tipc: Resetting bearer <eth:syzkaller0>
[ 1290.640123][ T9820] tipc: Resetting bearer <eth:syzkaller0>
[ 1290.655871][ T9820] tipc: Disabling bearer <eth:syzkaller0>
[ 1290.743092][ T2287] usb 3-1: selecting invalid altsetting 0
[ 1290.754013][ T9823] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1290.759783][ T2287] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[ 1290.774641][ T2287] usb 3-1: No valid video chain found.
[ 1290.794503][ T2287] usb 3-1: USB disconnect, device number 110
[ 1290.817614][ T9823] syzkaller0: entered promiscuous mode
[ 1290.823270][ T9823] syzkaller0: entered allmulticast mode
[ 1290.835161][ T9823] tipc: Resetting bearer <eth:syzkaller0>
[ 1290.881467][ T9822] tipc: Resetting bearer <eth:syzkaller0>
[ 1290.912085][ T9822] tipc: Disabling bearer <eth:syzkaller0>
[ 1291.076679][ T9832] __nla_validate_parse: 3 callbacks suppressed
[ 1291.076701][ T9832] netlink: 76 bytes leftover after parsing attributes in process `syz.5.16772'.
[ 1291.151085][ T9834] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1291.249966][ T9836] syzkaller0: entered promiscuous mode
[ 1291.262137][ T9836] syzkaller0: entered allmulticast mode
[ 1291.389670][ T9842] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1291.411326][ T9842] syzkaller0: entered promiscuous mode
[ 1291.415406][   T31] usb 3-1: new high-speed USB device number 111 using dummy_hcd
[ 1291.417006][ T9842] syzkaller0: entered allmulticast mode
[ 1291.430474][ T9842] tipc: Resetting bearer <eth:syzkaller0>
[ 1291.439354][ T9841] tipc: Resetting bearer <eth:syzkaller0>
[ 1291.452706][ T9841] tipc: Disabling bearer <eth:syzkaller0>
[ 1291.586448][   T31] usb 3-1: Using ep0 maxpacket: 16
[ 1291.599854][   T31] usb 3-1: config 1 has an invalid interface number: 4 but max is 2
[ 1291.608622][   T31] usb 3-1: config 1 has no interface number 1
[ 1291.614795][   T31] usb 3-1: too many endpoints for config 1 interface 4 altsetting 0: 102, using maximum allowed: 30
[ 1291.627654][   T31] usb 3-1: config 1 interface 4 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 102
[ 1291.652561][   T31] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1291.661756][   T31] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1291.669865][   T31] usb 3-1: Product: syz
[ 1291.674161][   T31] usb 3-1: Manufacturer: syz
[ 1291.679162][   T31] usb 3-1: SerialNumber: syz
[ 1291.917589][ T9834] rust_binder: Write failure EINVAL in pid:1418
[ 1291.921834][   T31] usb 3-1: 2:1: cannot set freq 11835083 to ep 0x82
[ 1291.947752][ T9847] netlink: 324 bytes leftover after parsing attributes in process `syz.6.16779'.
[ 1291.966807][   T31] usb 3-1: USB disconnect, device number 111
[ 1292.001259][ T9849] rust_binder: Write failure EFAULT in pid:853
[ 1292.046967][ T9851] rust_binder: Write failure EINVAL in pid:855
[ 1292.099808][ T9853] netlink: 112 bytes leftover after parsing attributes in process `syz.6.16782'.
[ 1292.182783][T29111] udevd[29111]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card1/controlC1/../uevent} for writing: No such file or directory
[ 1292.326491][ T9857] syzkaller0: entered promiscuous mode
[ 1292.332100][ T9857] syzkaller0: entered allmulticast mode
[ 1292.450447][ T9859] netlink: 80 bytes leftover after parsing attributes in process `syz.5.16785'.
[ 1292.530644][ T9861] netlink: 88 bytes leftover after parsing attributes in process `syz.2.16787'.
[ 1292.613089][ T9865] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1314
[ 1292.625599][ T9865] rust_binder: Error while translating object.
[ 1292.647881][ T9865] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1292.665661][ T9865] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1314
[ 1292.722865][ T9871] netlink: 112 bytes leftover after parsing attributes in process `syz.6.16790'.
[ 1292.747910][ T9873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1292.770754][ T9873] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1292.806438][ T9875] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16792'.
[ 1292.890338][ T9877] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1292.925847][   T45] usbhid 4-1:0.0: can't add hid device: -71
[ 1292.931887][   T45] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1292.962060][   T45] usb 4-1: USB disconnect, device number 36
[ 1292.983482][ T9877] syzkaller0: entered promiscuous mode
[ 1293.008366][ T9877] syzkaller0: entered allmulticast mode
[ 1293.020159][ T9883] binder: Bad value for 'max'
[ 1293.025352][ T9877] tipc: Resetting bearer <eth:syzkaller0>
[ 1293.054157][ T9876] tipc: Resetting bearer <eth:syzkaller0>
[ 1293.087610][ T9876] tipc: Disabling bearer <eth:syzkaller0>
[ 1293.276681][ T9893] netlink: 80 bytes leftover after parsing attributes in process `syz.6.16799'.
[ 1293.320415][ T9897] netlink: 88 bytes leftover after parsing attributes in process `syz.3.16801'.
[ 1293.450805][ T9905] netlink: 16 bytes leftover after parsing attributes in process `syz.6.16802'.
[ 1293.575729][ T9911] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1293.602977][ T9916] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1293.603008][ T9916] rust_binder: Error while translating object.
[ 1293.614442][ T9916] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1293.621998][ T9916] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1321
[ 1293.630835][ T9911] syzkaller0: entered promiscuous mode
[ 1293.649957][ T9911] syzkaller0: entered allmulticast mode
[ 1293.656787][ T9911] tipc: Resetting bearer <eth:syzkaller0>
[ 1293.664768][ T9915] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1293.674717][ T9910] tipc: Resetting bearer <eth:syzkaller0>
[ 1293.687707][ T9910] tipc: Disabling bearer <eth:syzkaller0>
[ 1293.695625][ T9913] tipc: Disabling bearer <eth:syzkaller0>
[ 1293.784488][ T9923] netlink: 'syz.6.16811': attribute type 4 has an invalid length.
[ 1294.007761][ T9935] rust_binder: Write failure EFAULT in pid:881
[ 1294.078358][   T36] kauditd_printk_skb: 762 callbacks suppressed
[ 1294.078379][   T36] audit: type=1400 audit(2000033235.729:151191): avc:  denied  { read } for  pid=9933 comm="syz.2.16818" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1 trawcon="system_u:object_r:modules_conf_t:s0"
[ 1294.132738][   T36] audit: type=1400 audit(2000033235.729:151192): avc:  denied  { read write } for  pid=5377 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1294.138422][ T9946] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1294.158129][   T36] audit: type=1400 audit(2000033235.729:151193): avc:  denied  { read write open } for  pid=5377 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1294.189630][ T9945] tipc: Disabling bearer <eth:syzkaller0>
[ 1294.191482][   T36] audit: type=1400 audit(2000033235.729:151194): avc:  denied  { ioctl } for  pid=5377 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1294.221235][   T36] audit: type=1400 audit(2000033235.767:151195): avc:  denied  { name_bind } for  pid=9943 comm="syz.6.16819" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[ 1294.243271][   T36] audit: type=1400 audit(2000033235.767:151196): avc:  denied  { read open } for  pid=9933 comm="syz.2.16818" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1 trawcon="system_u:object_r:modules_conf_t:s0"
[ 1294.271337][   T36] audit: type=1400 audit(2000033235.776:151197): avc:  denied  { read write } for  pid=9945 comm="syz.5.16820" name="binder1" dev="binder" ino=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1294.294963][   T36] audit: type=1400 audit(2000033235.776:151198): avc:  denied  { read write open } for  pid=9945 comm="syz.5.16820" path="/dev/binderfs/binder1" dev="binder" ino=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1294.327087][   T36] audit: type=1400 audit(2000033235.776:151199): avc:  denied  { read write } for  pid=9945 comm="syz.5.16820" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1294.352941][   T36] audit: type=1400 audit(2000033235.776:151200): avc:  denied  { ioctl open } for  pid=9945 comm="syz.5.16820" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1294.588652][ T9957] usb usb8: usbfs: process 9957 (syz.5.16825) did not claim interface 0 before use
[ 1294.639149][ T9963] netlink: 'syz.5.16826': attribute type 4 has an invalid length.
[ 1294.843594][   T46] bridge_slave_1: left allmulticast mode
[ 1294.849420][   T46] bridge_slave_1: left promiscuous mode
[ 1294.855044][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1294.862787][   T46] bridge_slave_0: left allmulticast mode
[ 1294.868553][   T46] bridge_slave_0: left promiscuous mode
[ 1294.874165][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1294.987325][ T9955] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1294.994522][ T9955] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1295.001680][ T9955] bridge_slave_0: entered allmulticast mode
[ 1295.008138][ T9955] bridge_slave_0: entered promiscuous mode
[ 1295.018725][ T9955] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1295.025808][ T9955] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1295.035973][ T9955] bridge_slave_1: entered allmulticast mode
[ 1295.043092][ T9955] bridge_slave_1: entered promiscuous mode
[ 1295.049467][ T9970] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1295.082095][ T9972] syzkaller0: entered promiscuous mode
[ 1295.087808][ T9972] syzkaller0: entered allmulticast mode
[ 1295.094114][ T9972] tipc: Resetting bearer <eth:syzkaller0>
[ 1295.100058][   T46] tipc: Left network mode
[ 1295.107348][ T6091] tipc: Resetting bearer <eth:syzkaller0>
[ 1295.114112][   T46] veth1_macvtap: left promiscuous mode
[ 1295.119754][   T46] veth0_vlan: left promiscuous mode
[ 1295.164006][ T9969] tipc: Resetting bearer <eth:syzkaller0>
[ 1295.178247][ T9969] tipc: Disabling bearer <eth:syzkaller0>
[ 1295.198069][ T9976] rust_binder: Write failure EINVAL in pid:886
[ 1295.323241][ T6091] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1295.336879][ T6091] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1295.352406][ T6091] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1295.359537][ T6091] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1295.381902][ T9978] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1295.390280][ T9977] tipc: Disabling bearer <eth:syzkaller0>
[ 1295.460461][ T9955] veth0_vlan: entered promiscuous mode
[ 1295.496700][ T9955] veth1_macvtap: entered promiscuous mode
[ 1295.607948][ T9982] rust_binder: Write failure EINVAL in pid:1355
[ 1295.798927][ T9991] rust_binder: Error while translating object.
[ 1295.805473][ T9991] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[ 1295.811827][ T9991] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1359
[ 1296.227582][ T9997] syzkaller0: entered promiscuous mode
[ 1296.242507][ T9997] syzkaller0: entered allmulticast mode
[ 1296.258861][ T9999] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1296.282884][ T9999] syzkaller0: entered promiscuous mode
[ 1296.288417][ T9999] syzkaller0: entered allmulticast mode
[ 1296.294559][ T9999] tipc: Resetting bearer <eth:syzkaller0>
[ 1296.310138][ T9998] tipc: Resetting bearer <eth:syzkaller0>
[ 1296.321315][ T9998] tipc: Disabling bearer <eth:syzkaller0>
[ 1296.409412][T10002] netlink: 'syz.2.16841': attribute type 4 has an invalid length.
[ 1296.585535][T10010] __nla_validate_parse: 6 callbacks suppressed
[ 1296.585555][T10010] netlink: 96 bytes leftover after parsing attributes in process `syz.6.16846'.
[ 1296.619198][T10012] netlink: 80 bytes leftover after parsing attributes in process `syz.2.16845'.
[ 1296.676353][T10014] netlink: 12 bytes leftover after parsing attributes in process `syz.6.16848'.
[ 1296.746123][T10016] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1296.782293][T10016] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1296.801354][T10018] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1296.861234][T10018] syzkaller0: entered promiscuous mode
[ 1296.878321][T10018] syzkaller0: entered allmulticast mode
[ 1296.887865][T10018] tipc: Resetting bearer <eth:syzkaller0>
[ 1296.896819][T10017] tipc: Resetting bearer <eth:syzkaller0>
[ 1296.908408][T10017] tipc: Disabling bearer <eth:syzkaller0>
[ 1296.933151][T10020] syzkaller0: entered promiscuous mode
[ 1296.938761][T10020] syzkaller0: entered allmulticast mode
[ 1297.017545][T10028] netlink: 88 bytes leftover after parsing attributes in process `syz.6.16853'.
[ 1297.084507][T10032] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16855'.
[ 1297.103553][T10031] netlink: 'syz.2.16854': attribute type 4 has an invalid length.
[ 1297.139573][T10034] netlink: 16 bytes leftover after parsing attributes in process `syz.6.16856'.
[ 1297.356905][T10042] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16860'.
[ 1297.412825][ T2287] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[ 1297.464776][T10045] netlink: 112 bytes leftover after parsing attributes in process `syz.2.16861'.
[ 1297.551045][T10047] tipc: Started in network mode
[ 1297.556174][T10047] tipc: Node identity 16711393d5ed, cluster identity 4711
[ 1297.564890][T10047] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1297.574725][T10046] tipc: Disabling bearer <eth:syzkaller0>
[ 1297.594775][ T2287] usb 4-1: Using ep0 maxpacket: 16
[ 1297.602640][ T2287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1297.626621][ T2287] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1297.650894][ T2287] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1297.665309][ T2287] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=5
[ 1297.699128][ T2287] usb 4-1: Product: syz
[ 1297.704006][ T2287] usb 4-1: SerialNumber: syz
[ 1297.731691][ T2287] usb 4-1: config 0 descriptor??
[ 1297.748563][T10049] syzkaller0: entered promiscuous mode
[ 1297.761598][T10049] syzkaller0: entered allmulticast mode
[ 1298.053210][T10066] overlayfs: missing 'lowerdir'
[ 1298.123709][T10073] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16872'.
[ 1298.203439][T10076] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[ 1298.225325][T10076] rust_binder: Write failure EINVAL in pid:1370
[ 1298.295858][T10080] netlink: 88 bytes leftover after parsing attributes in process `syz.5.16876'.
[ 1298.311751][T10078] rust_binder: Write failure EFAULT in pid:924
[ 1299.103151][T10088] rust_binder: Write failure EINVAL in pid:37
[ 1299.435504][   T36] kauditd_printk_skb: 762 callbacks suppressed
[ 1299.435525][   T36] audit: type=1400 audit(2000033240.743:151963): avc:  denied  { setattr } for  pid=10096 comm="syz.2.16882" name="NETLINK" dev="sockfs" ino=310815 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1299.503411][   T36] audit: type=1400 audit(2000033240.743:151964): avc:  denied  { read write } for  pid=5377 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1299.559767][   T36] audit: type=1400 audit(2000033240.743:151966): avc:  denied  { ioctl } for  pid=10096 comm="syz.2.16882" path="/dev/uinput" dev="devtmpfs" ino=194 ioctlcmd=0x5564 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1299.618017][   T36] audit: type=1400 audit(2000033240.743:151965): avc:  denied  { read write open } for  pid=5377 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1299.638431][T10105] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1299.655005][   T36] audit: type=1400 audit(2000033240.743:151967): avc:  denied  { ioctl } for  pid=5377 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1299.681626][T10103] tipc: Disabling bearer <eth:syzkaller0>
[ 1299.681767][   T36] audit: type=1400 audit(2000033240.743:151968): avc:  denied  { ioctl } for  pid=10096 comm="syz.2.16882" path="socket:[310815]" dev="sockfs" ino=310815 ioctlcmd=0xf50c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1299.714233][   T36] audit: type=1400 audit(2000033240.790:151970): avc:  denied  { read write } for  pid=9955 comm="syz-executor" name="loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1299.715268][T10109] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[ 1299.743093][   T36] audit: type=1400 audit(2000033240.790:151971): avc:  denied  { read write open } for  pid=9955 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1299.801860][   T36] audit: type=1400 audit(2000033240.790:151972): avc:  denied  { ioctl } for  pid=9955 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1299.830971][   T36] audit: type=1400 audit(2000033240.780:151969): avc:  denied  { read write } for  pid=6190 comm="syz-executor" name="loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1300.277895][ T6336] usb 3-1: new high-speed USB device number 112 using dummy_hcd
[ 1300.357082][T10138] syzkaller0: entered promiscuous mode
[ 1300.362665][T10138] syzkaller0: entered allmulticast mode
[ 1300.387265][ T2287] usbhid 4-1:0.0: can't add hid device: -71
[ 1300.395649][ T2287] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1300.414498][ T2287] usb 4-1: USB disconnect, device number 37
[ 1300.438250][ T6336] usb 3-1: Using ep0 maxpacket: 16
[ 1300.448529][T10140] fuseblk: Unknown parameter 'groug_id'
[ 1300.470488][ T6336] usb 3-1: config 1 has an invalid interface number: 4 but max is 2
[ 1300.473515][T10140] xfrm0: mtu less than device minimum
[ 1300.500365][ T6336] usb 3-1: config 1 has no interface number 1
[ 1300.512940][ T6336] usb 3-1: too many endpoints for config 1 interface 4 altsetting 0: 102, using maximum allowed: 30
[ 1300.564180][ T6336] usb 3-1: config 1 interface 4 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 102
[ 1300.610217][ T6336] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1300.630154][ T6336] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1300.651680][ T6336] usb 3-1: Product: syz
[ 1300.663242][ T6336] usb 3-1: Manufacturer: syz
[ 1300.668068][ T6336] usb 3-1: SerialNumber: syz
[ 1301.156146][T10190] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1301.164836][T10190] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1301.267193][T10199] netlink: 'syz.6.16923': attribute type 4 has an invalid length.
[ 1301.309693][T10201] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1301.392003][T10206] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1301.481090][ T6336] usb 3-1: 2:1: cannot set freq 11835083 to ep 0x82
[ 1301.505739][ T6336] usb 3-1: USB disconnect, device number 112
[ 1301.700763][ T4790] udevd[4790]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card1/controlC1/../uevent} for writing: No such file or directory
[ 1301.953452][T10227] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1302.284677][T10238] __nla_validate_parse: 15 callbacks suppressed
[ 1302.284701][T10238] netlink: 96 bytes leftover after parsing attributes in process `syz.6.16940'.
[ 1302.454686][T10248] 8021q: VLANs not supported on ip_vti0
[ 1302.471483][T10247] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1302.522928][T10248] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[ 1302.522956][T10248] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[ 1302.531618][T10248] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:794
[ 1302.622340][T10256] netlink: 'syz.6.16948': attribute type 4 has an invalid length.
[ 1302.673626][T10261] netlink: 16 bytes leftover after parsing attributes in process `syz.3.16951'.
[ 1302.785631][T10264] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16952'.
[ 1302.809912][T10268] netlink: 80 bytes leftover after parsing attributes in process `syz.5.16954'.
[ 1302.941024][T10272] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1303.162368][T10288] netlink: 'syz.3.16963': attribute type 4 has an invalid length.
[ 1303.378228][T10300] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1303.401758][T10300] syzkaller0: entered promiscuous mode
[ 1303.407368][T10300] syzkaller0: entered allmulticast mode
[ 1303.413335][T10300] tipc: Resetting bearer <eth:syzkaller0>
[ 1303.422069][T10299] tipc: Resetting bearer <eth:syzkaller0>
[ 1303.448172][T10299] tipc: Disabling bearer <eth:syzkaller0>
[ 1303.605066][T10308] netlink: 80 bytes leftover after parsing attributes in process `syz.3.16971'.
[ 1303.652010][T10310] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16974'.
[ 1303.708470][T10316] netlink: 96 bytes leftover after parsing attributes in process `syz.6.16975'.
[ 1303.720087][T10312] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[ 1303.720114][T10312] rust_binder: Error while translating object.
[ 1303.730554][T10312] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1303.732933][T10315] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1303.744445][T10312] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:74
[ 1303.986836][T10327] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1304.027655][T10327] syzkaller0: entered promiscuous mode
[ 1304.035101][T10327] syzkaller0: entered allmulticast mode
[ 1304.042280][T10327] tipc: Resetting bearer <eth:syzkaller0>
[ 1304.050861][T10326] tipc: Resetting bearer <eth:syzkaller0>
[ 1304.067730][T10326] tipc: Disabling bearer <eth:syzkaller0>
[ 1304.174041][T10331] netlink: 112 bytes leftover after parsing attributes in process `syz.5.16983'.
[ 1304.214058][T10333] netlink: 16 bytes leftover after parsing attributes in process `syz.2.16982'.
[ 1304.408690][T10339] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16986'.
[ 1304.484320][T10341] netlink: 'syz.2.16987': attribute type 4 has an invalid length.
[ 1304.769548][T10349] binder: Unknown parameter 'coyBLV�"i5������ntext'
[ 1304.799498][   T36] kauditd_printk_skb: 1011 callbacks suppressed
[ 1304.799518][   T36] audit: type=1400 audit(2000033245.757:152984): avc:  denied  { read write } for  pid=5377 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1304.839583][   T36] audit: type=1400 audit(2000033245.757:152985): avc:  denied  { read write open } for  pid=5377 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1304.877650][   T36] audit: type=1400 audit(2000033245.766:152986): avc:  denied  { ioctl } for  pid=5377 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1304.921132][   T36] audit: type=1400 audit(2000033245.775:152987): avc:  denied  { read write } for  pid=9955 comm="syz-executor" name="loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1304.923457][T10357] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1304.956845][   T36] audit: type=1400 audit(2000033245.775:152988): avc:  denied  { read write open } for  pid=9955 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1305.047971][   T36] audit: type=1400 audit(2000033245.775:152989): avc:  denied  { ioctl } for  pid=9955 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1305.064848][T10357] syzkaller0: entered promiscuous mode
[ 1305.084376][   T36] audit: type=1400 audit(2000033245.813:152990): avc:  denied  { read write } for  pid=10354 comm="syz.6.16993" name="binder1" dev="binder" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1305.094651][T10357] syzkaller0: entered allmulticast mode
[ 1305.153443][T10357] tipc: Resetting bearer <eth:syzkaller0>
[ 1305.159461][T10355] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1305.169462][   T36] audit: type=1400 audit(2000033245.813:152991): avc:  denied  { read write open } for  pid=10354 comm="syz.6.16993" path="/dev/binderfs/binder1" dev="binder" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1305.206804][   T36] audit: type=1400 audit(2000033245.822:152992): avc:  denied  { read write } for  pid=10354 comm="syz.6.16993" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1305.240826][T10353] tipc: Resetting bearer <eth:syzkaller0>
[ 1305.257153][T10353] tipc: Disabling bearer <eth:syzkaller0>
[ 1305.276877][   T36] audit: type=1400 audit(2000033245.822:152993): avc:  denied  { ioctl open } for  pid=10354 comm="syz.6.16993" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1305.488241][T10376] netlink: 'syz.2.17001': attribute type 4 has an invalid length.
[ 1305.739989][T10391] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1305.831040][T10391] syzkaller0: entered promiscuous mode
[ 1305.836591][T10391] syzkaller0: entered allmulticast mode
[ 1305.852117][T10391] tipc: Resetting bearer <eth:syzkaller0>
[ 1305.867539][T10388] tipc: Resetting bearer <eth:syzkaller0>
[ 1305.925053][T10388] tipc: Disabling bearer <eth:syzkaller0>
[ 1306.153898][T10410] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1306.252516][T10410] syzkaller0: entered promiscuous mode
[ 1306.270013][ T2287] usb 6-1: USB disconnect, device number 70
[ 1306.270955][T10421] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1306.279354][T10421] rust_binder: Error while translating object.
[ 1306.287020][T10410] syzkaller0: entered allmulticast mode
[ 1306.292076][T10421] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1306.302591][T10421] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1017
[ 1306.307754][T10410] tipc: Resetting bearer <eth:syzkaller0>
[ 1306.347850][T10409] tipc: Resetting bearer <eth:syzkaller0>
[ 1306.384382][T10409] tipc: Disabling bearer <eth:syzkaller0>
[ 1306.619484][T10434] syzkaller0: entered promiscuous mode
[ 1306.625228][T10434] syzkaller0: entered allmulticast mode
[ 1306.650071][   T46] bridge_slave_1: left allmulticast mode
[ 1306.654732][T10440] kvm: kvm [10439]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0xa1a9
[ 1306.658410][   T46] bridge_slave_1: left promiscuous mode
[ 1306.681787][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1306.691651][   T46] bridge_slave_0: left allmulticast mode
[ 1306.697492][   T46] bridge_slave_0: left promiscuous mode
[ 1306.703355][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1306.761305][T10432] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1306.802332][T10437] syzkaller0: entered promiscuous mode
[ 1306.807846][T10437] syzkaller0: entered allmulticast mode
[ 1306.813745][T10437] tipc: Resetting bearer <eth:syzkaller0>
[ 1306.820865][   T46] tipc: Left network mode
[ 1306.833175][   T46] veth1_macvtap: left promiscuous mode
[ 1306.838744][   T46] veth0_vlan: left promiscuous mode
[ 1306.947761][T10430] tipc: Resetting bearer <eth:syzkaller0>
[ 1306.965289][T10430] tipc: Disabling bearer <eth:syzkaller0>
[ 1307.029618][T10451] netlink: 'syz.2.17031': attribute type 4 has an invalid length.
[ 1307.174621][T10415] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1307.183381][T10415] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1307.190642][T10415] bridge_slave_0: entered allmulticast mode
[ 1307.198532][T10415] bridge_slave_0: entered promiscuous mode
[ 1307.206196][T10415] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1307.213272][T10415] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1307.220538][T10415] bridge_slave_1: entered allmulticast mode
[ 1307.228078][T10415] bridge_slave_1: entered promiscuous mode
[ 1307.249425][T10461] syzkaller0: entered promiscuous mode
[ 1307.254960][T10461] syzkaller0: entered allmulticast mode
[ 1307.504205][T10473] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1307.533627][T10473] syzkaller0: entered promiscuous mode
[ 1307.540604][T10473] syzkaller0: entered allmulticast mode
[ 1307.547281][T10473] tipc: Resetting bearer <eth:syzkaller0>
[ 1307.557806][T10472] tipc: Resetting bearer <eth:syzkaller0>
[ 1307.572358][T10472] tipc: Disabling bearer <eth:syzkaller0>
[ 1307.651248][ T6091] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1307.658375][ T6091] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1307.678211][ T6091] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1307.685480][ T6091] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1307.732116][T10478] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1307.764606][T10478] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1307.791288][T10478] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[ 1307.824838][T10478] rust_binder: Write failure EINVAL in pid:856
[ 1307.904551][T10415] veth0_vlan: entered promiscuous mode
[ 1307.934426][T10486] netlink: 'syz.3.17045': attribute type 4 has an invalid length.
[ 1307.983558][T10488] __nla_validate_parse: 11 callbacks suppressed
[ 1307.983579][T10488] netlink: 12 bytes leftover after parsing attributes in process `syz.2.17046'.
[ 1308.010193][T10415] veth1_macvtap: entered promiscuous mode
[ 1308.042000][T10491] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1308.120754][T10494] netlink: 324 bytes leftover after parsing attributes in process `syz.6.17049'.
[ 1308.226470][T10499] netlink: 112 bytes leftover after parsing attributes in process `syz.3.17052'.
[ 1308.289024][T10501] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1308.295862][T10501] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[ 1308.309765][T10501] rust_binder: Write failure EINVAL in pid:1043
[ 1308.328294][T10501] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1043
[ 1308.334365][T10505] netlink: 80 bytes leftover after parsing attributes in process `syz.5.17014'.
[ 1308.354239][T10504] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1308.361629][T10504] rust_binder: Write failure EINVAL in pid:866
[ 1308.548809][T10513] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1308.789981][T10527] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1308.825108][T10527] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1308.877737][ T6091] tipc: Subscription rejected, illegal request
[ 1308.887215][T10533] netlink: 324 bytes leftover after parsing attributes in process `syz.5.17063'.
[ 1308.968933][T10537] block device autoloading is deprecated and will be removed.
[ 1308.985626][T10537] syz.5.17065: attempt to access beyond end of device
[ 1308.985626][T10537] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1309.020283][T10539] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1309.020310][T10539] rust_binder: Error while translating object.
[ 1309.054914][T10539] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1309.061302][T10539] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1055
[ 1309.094806][T10541] netlink: 76 bytes leftover after parsing attributes in process `syz.2.17067'.
[ 1309.184670][T10546] netlink: 80 bytes leftover after parsing attributes in process `syz.6.17069'.
[ 1309.205094][T10548] netlink: 8 bytes leftover after parsing attributes in process `syz.5.17070'.
[ 1309.233922][   T31] hid-generic 0000:0000:0000.0079: unknown main item tag 0x0
[ 1309.249321][   T31] hid-generic 0000:0000:0000.0079: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1309.307123][T10557] netlink: 'syz.5.17073': attribute type 4 has an invalid length.
[ 1309.400184][T10560] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1309.700867][T10574] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1309.701143][T10572] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1309.711883][T10574] netlink: 48 bytes leftover after parsing attributes in process `syz.3.17079'.
[ 1309.737627][T10575] netlink: 48 bytes leftover after parsing attributes in process `syz.3.17079'.
[ 1309.762164][T10572] rust_binder: Error while translating object.
[ 1309.762220][T10572] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1309.794439][T10572] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:875
[ 1309.860257][T10583] binder: Binderfs stats mode cannot be changed during a remount
[ 1309.938749][T10586] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1310.175480][   T36] kauditd_printk_skb: 1014 callbacks suppressed
[ 1310.175501][   T36] audit: type=1400 audit(2000033250.780:154008): avc:  denied  { unmount } for  pid=6190 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1310.197050][T10601] netlink: 'syz.2.17092': attribute type 4 has an invalid length.
[ 1310.234340][   T36] audit: type=1400 audit(2000033250.827:154009): avc:  denied  { unmount } for  pid=6190 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 1310.305711][   T36] audit: type=1400 audit(2000033250.836:154010): avc:  denied  { read write } for  pid=6190 comm="syz-executor" name="loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1310.353543][   T36] audit: type=1400 audit(2000033250.836:154011): avc:  denied  { read write open } for  pid=6190 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1310.397922][   T36] audit: type=1400 audit(2000033250.845:154012): avc:  denied  { create } for  pid=10599 comm="syz.5.17091" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1310.455351][   T36] audit: type=1400 audit(2000033250.864:154013): avc:  denied  { write } for  pid=10599 comm="syz.5.17091" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1310.514799][   T36] audit: type=1400 audit(2000033250.864:154014): avc:  denied  { nlmsg_write } for  pid=10599 comm="syz.5.17091" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1310.554490][   T36] audit: type=1400 audit(2000033250.864:154015): avc:  denied  { read write } for  pid=6964 comm="syz-executor" name="loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1310.605032][   T45] usb 7-1: new high-speed USB device number 52 using dummy_hcd
[ 1310.614190][T10606] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1310.616859][   T36] audit: type=1400 audit(2000033250.864:154016): avc:  denied  { read write open } for  pid=6964 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1310.788261][   T45] usb 7-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[ 1310.797383][   T45] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1310.826986][   T45] usb 7-1: Product: syz
[ 1310.839878][   T45] usb 7-1: Manufacturer: syz
[ 1310.850237][   T45] usb 7-1: SerialNumber: syz
[ 1310.856901][   T45] usb 7-1: config 0 descriptor??
[ 1310.968503][  T358] usb 6-1: new high-speed USB device number 71 using dummy_hcd
[ 1311.165040][  T358] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[ 1311.197592][  T358] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[ 1311.226662][  T358] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1311.249030][  T358] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1311.269952][  T358] usb 6-1: config 0 descriptor??
[ 1311.288266][  T358] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[ 1311.540600][T10664] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1311.545261][T10664] rust_binder: Error in use_page_slow: ESRCH
[ 1311.552586][T10664] rust_binder: use_range failure ESRCH
[ 1311.559448][T10664] rust_binder: Failed to allocate buffer. len:4216, is_oneway:false
[ 1311.568007][T10664] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[ 1311.576118][T10664] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:914
[ 1311.648440][T10668] rust_binder: Write failure EFAULT in pid:916
[ 1311.772912][   T45] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1311.822398][   T45] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9
[ 1311.855876][T10687] netlink: 'syz.3.17128': attribute type 4 has an invalid length.
[ 1311.866588][   T45] asix 7-1:0.0: probe with driver asix failed with error -71
[ 1311.888003][   T45] usb 7-1: USB disconnect, device number 52
[ 1312.018587][T10697] rust_binder: Error in use_page_slow: ESRCH
[ 1312.018617][T10697] rust_binder: use_range failure ESRCH
[ 1312.024662][T10697] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[ 1312.063448][T10697] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[ 1312.078894][T10697] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1081
[ 1312.300380][T10708] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1312.342856][T10708] rust_binder: Error while translating object.
[ 1312.365067][T10708] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1312.373645][T10708] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1085
[ 1312.634229][T10729] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1312.652678][T10728] tipc: Disabling bearer <eth:syzkaller0>
[ 1312.899474][T10744] 9pnet_fd: Insufficient options for proto=fd
[ 1312.918509][T10744] rust_binder: Write failure EFAULT in pid:948
[ 1313.024225][T10748] binfmt_misc: register: failed to install interpreter file ./file0
[ 1313.377956][T10752] __nla_validate_parse: 20 callbacks suppressed
[ 1313.377977][T10752] netlink: 76 bytes leftover after parsing attributes in process `syz.3.17153'.
[ 1313.469912][T10754] syzkaller0: entered promiscuous mode
[ 1313.475567][T10754] syzkaller0: entered allmulticast mode
[ 1313.571928][T10758] netlink: 16 bytes leftover after parsing attributes in process `syz.2.17156'.
[ 1313.758762][ T6336] usb 4-1: new full-speed USB device number 38 using dummy_hcd
[ 1313.766268][   T45] usb 6-1: USB disconnect, device number 71
[ 1313.950116][T10770] binder: Unknown parameter 'fscontext?}'
[ 1313.958795][ T6336] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[ 1313.969701][ T6336] usb 4-1: config 0 has no interface number 0
[ 1313.987922][ T6336] usb 4-1: config 0 interface 41 has no altsetting 0
[ 1314.008431][ T6336] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[ 1314.025323][ T6336] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1314.044892][ T6336] usb 4-1: Product: syz
[ 1314.052449][ T6336] usb 4-1: Manufacturer: syz
[ 1314.057099][ T6336] usb 4-1: SerialNumber: syz
[ 1314.062077][T10776] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17166'.
[ 1314.070580][T10774] syzkaller0: entered promiscuous mode
[ 1314.077831][ T6336] usb 4-1: config 0 descriptor??
[ 1314.077950][T10774] syzkaller0: entered allmulticast mode
[ 1314.156120][T10783] netlink: 324 bytes leftover after parsing attributes in process `syz.2.17167'.
[ 1314.472621][T10799] netlink: 76 bytes leftover after parsing attributes in process `syz.2.17174'.
[ 1314.757630][T10756] tmpfs: Bad value for 'nr_blocks'
[ 1314.775814][T10804] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:228
[ 1314.785095][   T31] usb 7-1: new high-speed USB device number 53 using dummy_hcd
[ 1314.847689][T10806] netlink: 112 bytes leftover after parsing attributes in process `syz.2.17177'.
[ 1314.926808][T10808] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1314.926853][T10808] rust_binder: Error while translating object.
[ 1314.938113][T10808] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1314.944312][T10808] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:232
[ 1314.977503][   T31] usb 7-1: Using ep0 maxpacket: 32
[ 1314.995024][   T31] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1315.008503][   T31] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1315.020770][   T31] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1315.032788][   T31] usb 7-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1315.052311][   T31] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1315.077360][   T31] usb 7-1: config 0 descriptor??
[ 1315.089123][T10800] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1315.101257][   T31] hub 7-1:0.0: USB hub found
[ 1315.203956][T10813] syzkaller0: entered promiscuous mode
[ 1315.209528][T10813] syzkaller0: entered allmulticast mode
[ 1315.214503][T10815] netlink: 16 bytes leftover after parsing attributes in process `syz.5.17181'.
[ 1315.347233][   T31] hub 7-1:0.0: 2 ports detected
[ 1315.417243][ T6336] CoreChips 4-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[ 1315.446543][ T6336] CoreChips 4-1:0.41 (unnamed net_device) (uninitialized): Failed to power down PHY : -71
[ 1315.465952][ T6336] CoreChips 4-1:0.41: probe with driver CoreChips failed with error -71
[ 1315.480963][ T6336] usb 4-1: USB disconnect, device number 38
[ 1315.522719][   T36] kauditd_printk_skb: 915 callbacks suppressed
[ 1315.522738][   T36] audit: type=1400 audit(2000033261.780:154906): avc:  denied  { create } for  pid=10829 comm="syz.2.17187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1315.558631][T10831] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17187'.
[ 1315.569866][   T36] audit: type=1400 audit(2000033261.808:154907): avc:  denied  { write } for  pid=10829 comm="syz.2.17187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1315.596840][   T36] audit: type=1400 audit(2000033261.808:154908): avc:  denied  { nlmsg_write } for  pid=10829 comm="syz.2.17187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1315.618016][   T36] audit: type=1400 audit(2000033261.836:154909): avc:  denied  { ioctl } for  pid=10796 comm="syz.6.17173" path="/dev/raw-gadget" dev="devtmpfs" ino=190 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1315.671674][   T36] audit: type=1400 audit(2000033261.836:154910): avc:  denied  { read } for  pid=10830 comm="syz.5.17188" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1315.695780][   T36] audit: type=1400 audit(2000033261.836:154911): avc:  denied  { ioctl } for  pid=10796 comm="syz.6.17173" path="/dev/raw-gadget" dev="devtmpfs" ino=190 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1315.730853][   T36] audit: type=1400 audit(2000033261.836:154912): avc:  denied  { read open } for  pid=10830 comm="syz.5.17188" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1315.755505][   T36] audit: type=1400 audit(2000033261.854:154913): avc:  denied  { ioctl } for  pid=10830 comm="syz.5.17188" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1315.799310][T10839] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1315.799338][T10839] rust_binder: Error while translating object.
[ 1315.810730][T10839] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1315.814730][T10798] SELinux:  policydb magic number 0xf97cff8d does not match expected magic number 0xf97cff8c
[ 1315.818294][   T36] audit: type=1400 audit(2000033261.882:154914): avc:  denied  { create } for  pid=10830 comm="syz.5.17188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1315.832829][T10798] SELinux: failed to load policy
[ 1315.839127][T10839] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:60
[ 1315.873194][   T36] audit: type=1400 audit(2000033261.882:154915): avc:  denied  { read write } for  pid=9955 comm="syz-executor" name="loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1315.961693][T10841] syzkaller0: entered promiscuous mode
[ 1315.967318][T10841] syzkaller0: entered allmulticast mode
[ 1316.010723][T10843] netlink: 'syz.5.17192': attribute type 4 has an invalid length.
[ 1316.102209][T10846] netlink: 12 bytes leftover after parsing attributes in process `syz.3.17193'.
[ 1316.164746][   T31] hub 7-1:0.0: set hub depth failed
[ 1316.192582][   T31] usb 7-1: USB disconnect, device number 53
[ 1316.270981][T10858] netlink: 324 bytes leftover after parsing attributes in process `syz.3.17198'.
[ 1316.308362][T10862] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:256
[ 1316.508864][T10870] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 2
[ 1316.527670][T10870] rust_binder: Write failure EINVAL in pid:964
[ 1316.830021][T10887] netlink: 'syz.5.17210': attribute type 4 has an invalid length.
[ 1316.952090][T10889] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[ 1317.062156][   T31] usb 3-1: new high-speed USB device number 113 using dummy_hcd
[ 1317.243897][   T31] usb 3-1: Using ep0 maxpacket: 16
[ 1317.260456][   T31] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1317.271454][   T31] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1317.288597][   T31] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1317.298684][   T31] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=24
[ 1317.306789][   T31] usb 3-1: SerialNumber: syz
[ 1317.314343][   T31] usb 3-1: config 0 descriptor??
[ 1317.341704][T10900] binder: Unknown parameter 'fscontext?}mer'
[ 1317.425683][  T426] usb 6-1: new high-speed USB device number 72 using dummy_hcd
[ 1317.522229][T10911] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1317.523936][T10911] rust_binder: Error in use_page_slow: ESRCH
[ 1317.530485][T10911] rust_binder: use_range failure ESRCH
[ 1317.539495][T10911] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[ 1317.545975][T10911] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[ 1317.554241][T10911] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:977
[ 1317.599198][T10914] rust_binder: Failed to allocate buffer. len:96, is_oneway:false
[ 1317.609631][  T426] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1317.627628][T10914] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[ 1317.627652][T10914] rust_binder: Read failure Err(EFAULT) in pid:979
[ 1317.635802][  T426] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1317.653562][  T426] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1317.663191][  T426] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1317.672301][  T426] usb 6-1: SerialNumber: syz
[ 1317.707364][T10917] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1317.710016][T10917] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[ 1317.716595][T10917] rust_binder: Error while translating object.
[ 1317.727250][T10917] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[ 1317.733461][T10917] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:983
[ 1317.949217][T10898] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[ 1317.967202][T10898] rust_binder: Write failure EINVAL in pid:84
[ 1318.017793][  T426] usb 6-1: 0:2 : does not exist
[ 1318.043160][  T426] usb 6-1: USB disconnect, device number 72
[ 1318.207418][T10929] binder: Unknown parameter 'coyBLV�"i5������ntext'
[ 1318.218340][ T4790] udevd[4790]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1318.776408][T10946] syzkaller0: entered promiscuous mode
[ 1318.781946][T10946] syzkaller0: entered allmulticast mode
[ 1318.910342][T10950] rust_kernel: panicked at rust/kernel/sync/poll.rs:54:18:
[ 1318.910342][T10950] null pointer dereference occurred
[ 1318.928845][T10950] ------------[ cut here ]------------
[ 1318.934429][T10950] kernel BUG at rust/helpers/bug.c:7!
[ 1318.940258][T10950] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[ 1318.947242][T10950] CPU: 0 UID: 0 PID: 10950 Comm: syz.5.17236 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[ 1318.960908][T10950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1318.971008][T10950] RIP: 0010:rust_helper_BUG+0x8/0x10
[ 1318.976344][T10950] Code: cc cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 96 a0 80 47 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 <0f> 0b 66 0f 1f 44 00 00 b8 dc 64 c9 cb 90 90 90 90 90 90 90 90 90
[ 1318.995985][T10950] RSP: 0018:ffffc90001b9f1d0 EFLAGS: 00010246
[ 1319.002072][T10950] RAX: 000000000000005a RBX: 1ffff92000373e3c RCX: ada0b49b53be2100
[ 1319.010072][T10950] RDX: ffffc90013740000 RSI: 0000000000005bc2 RDI: 0000000000005bc3
[ 1319.018086][T10950] RBP: ffffc90001b9f1d0 R08: ffffc90001b9eec7 R09: 1ffff92000373dd8
[ 1319.026115][T10950] R10: dffffc0000000000 R11: fffff52000373dd9 R12: 0000000000000000
[ 1319.034120][T10950] R13: dffffc0000000000 R14: ffffc90001b9f200 R15: ffffc90001b9f230
[ 1319.042131][T10950] FS:  00007fbff6b796c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 1319.051107][T10950] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1319.057730][T10950] CR2: 000055558621f4a8 CR3: 000000010f330000 CR4: 00000000003526b0
[ 1319.065744][T10950] DR0: 0000000000000007 DR1: 000000000000009b DR2: 00040000ffffffff
[ 1319.073753][T10950] DR3: 0000000000000009 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1319.081762][T10950] Call Trace:
[ 1319.085074][T10950]  <TASK>
[ 1319.088039][T10950]  _RNvCscSpY9Juk0HT_7___rustc17rust_begin_unwind+0x15b/0x160
[ 1319.095547][T10950]  ? __cfi__RNvCscSpY9Juk0HT_7___rustc17rust_begin_unwind+0x10/0x10
[ 1319.103670][T10950]  ? __cfi__RNvXs1b_NtCs9jEwPDbx20M_4core3fmtRNtNtNtB8_5panic10panic_info9PanicInfoNtB6_7Display3fmtCs43vyB533jt3_6kernel+0x10/0x10
[ 1319.117361][T10950]  ? p9pdu_vwritef+0x2720/0x2720
[ 1319.122358][T10950]  ? radix_tree_node_alloc+0x1af/0x400
[ 1319.127873][T10950]  ? __cfi_p9pdu_vwritef+0x10/0x10
[ 1319.133038][T10950]  ? p9pdu_vwritef+0x1c5e/0x2720
[ 1319.138030][T10950]  _RNvNtCs9jEwPDbx20M_4core9panicking18panic_nounwind_fmt+0xec/0xf0
[ 1319.146150][T10950]  ? __cfi__RNvNtCs9jEwPDbx20M_4core9panicking18panic_nounwind_fmt+0x10/0x10
[ 1319.154980][T10950]  ? p9pdu_writef+0xdb/0x130
[ 1319.159606][T10950]  ? p9pdu_vwritef+0x2720/0x2720
[ 1319.164600][T10950]  _RNvNtCs9jEwPDbx20M_4core9panicking30panic_null_pointer_dereference+0x49/0x4c
[ 1319.173846][T10950]  _RNvMNtNtCs43vyB533jt3_6kernel4sync4pollNtB2_9PollTable8from_ptr+0x40/0x40
[ 1319.182736][T10950]  ? _RNvCshgDM7dBCdno_11rust_binder16rust_binder_poll+0xce/0x570
[ 1319.190581][T10950]  _RNvCshgDM7dBCdno_11rust_binder16rust_binder_poll+0xe2/0x570
[ 1319.198333][T10950]  ? p9_client_prepare_req+0x732/0xa10
[ 1319.203916][T10950]  ? __cfi__RNvCshgDM7dBCdno_11rust_binder16rust_binder_poll+0x10/0x10
[ 1319.212194][T10950]  ? __kasan_check_write+0x18/0x20
[ 1319.217332][T10950]  ? _raw_spin_lock+0x8c/0x120
[ 1319.222143][T10950]  ? tun_chr_poll+0x127/0x770
[ 1319.226867][T10950]  ? _raw_spin_lock+0x8c/0x120
[ 1319.231754][T10950]  ? __cfi__RNvCshgDM7dBCdno_11rust_binder16rust_binder_poll+0x10/0x10
[ 1319.240039][T10950]  p9_fd_request+0x446/0x520
[ 1319.244673][T10950]  p9_client_rpc+0x2f9/0xb40
[ 1319.249294][T10950]  ? __cfi__RNvCshgDM7dBCdno_11rust_binder16rust_binder_poll+0x10/0x10
[ 1319.257572][T10950]  ? p9_fid_create+0x3d0/0x3d0
[ 1319.262365][T10950]  ? __cfi__RNvCshgDM7dBCdno_11rust_binder16rust_binder_poll+0x10/0x10
[ 1319.270642][T10950]  ? p9_conn_create+0x4c9/0x570
[ 1319.275524][T10950]  ? p9_fd_create+0x2f3/0x4c0
[ 1319.280245][T10950]  p9_client_create+0x96a/0x1190
[ 1319.285220][T10950]  ? __cfi_p9_client_create+0x10/0x10
[ 1319.290632][T10950]  ? kasan_save_alloc_info+0x40/0x50
[ 1319.295957][T10950]  ? __kasan_kmalloc+0x96/0xb0
[ 1319.300764][T10950]  ? kstrdup+0x7b/0x140
[ 1319.304963][T10950]  ? __kasan_check_write+0x18/0x20
[ 1319.310121][T10950]  v9fs_session_init+0x1e1/0x1820
[ 1319.315201][T10950]  ? __cfi_v9fs_session_init+0x10/0x10
[ 1319.320784][T10950]  ? kasan_save_alloc_info+0x40/0x50
[ 1319.326108][T10950]  ? __kasan_kmalloc+0x96/0xb0
[ 1319.330927][T10950]  ? v9fs_mount+0xbd/0xa00
[ 1319.335389][T10950]  v9fs_mount+0xd7/0xa00
[ 1319.339669][T10950]  ? selinux_sb_eat_lsm_opts+0xa69/0xb40
[ 1319.345391][T10950]  ? __cfi_v9fs_mount+0x10/0x10
[ 1319.350285][T10950]  ? selinux_capable+0x38/0x50
[ 1319.355089][T10950]  legacy_get_tree+0x103/0x1b0
[ 1319.359905][T10950]  ? __cfi_v9fs_mount+0x10/0x10
[ 1319.364797][T10950]  vfs_get_tree+0x9e/0x290
[ 1319.369253][T10950]  do_new_mount+0x251/0xb40
[ 1319.373804][T10950]  path_mount+0x688/0x1050
[ 1319.378260][T10950]  ? putname+0x113/0x150
[ 1319.382555][T10950]  __se_sys_mount+0x2bd/0x480
[ 1319.387275][T10950]  ? __x64_sys_mount+0xf0/0xf0
[ 1319.392090][T10950]  ? __kasan_check_write+0x18/0x20
[ 1319.397244][T10950]  ? fpregs_restore_userregs+0x11d/0x260
[ 1319.402928][T10950]  __x64_sys_mount+0xc3/0xf0
[ 1319.407567][T10950]  x64_sys_call+0x2021/0x2ee0
[ 1319.412291][T10950]  do_syscall_64+0x58/0xf0
[ 1319.416756][T10950]  ? clear_bhb_loop+0x35/0x90
[ 1319.421617][T10950]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 1319.427563][T10950] RIP: 0033:0x7fbff5d8e929
[ 1319.432015][T10950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1319.451646][T10950] RSP: 002b:00007fbff6b79038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1319.460186][T10950] RAX: ffffffffffffffda RBX: 00007fbff5fb5fa0 RCX: 00007fbff5d8e929
[ 1319.468175][T10950] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 0000000000000000
[ 1319.476171][T10950] RBP: 00007fbff5e10b39 R08: 0000200000000240 R09: 0000000000000000
[ 1319.484174][T10950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1319.492178][T10950] R13: 0000000000000000 R14: 00007fbff5fb5fa0 R15: 00007ffc20405848
[ 1319.500271][T10950]  </TASK>
[ 1319.503391][T10950] Modules linked in:
[ 1319.507524][T10950] ---[ end trace 0000000000000000 ]---
[ 1319.515074][T10950] RIP: 0010:rust_helper_BUG+0x8/0x10
[ 1319.520456][T10950] Code: cc cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 96 a0 80 47 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 <0f> 0b 66 0f 1f 44 00 00 b8 dc 64 c9 cb 90 90 90 90 90 90 90 90 90
[ 1319.526960][T10955] rust_binder: BINDER_SET_CONTEXT_MGR already set
[ 1319.540141][T10950] RSP: 0018:ffffc90001b9f1d0 EFLAGS: 00010246
[ 1319.553536][T10950] RAX: 000000000000005a RBX: 1ffff92000373e3c RCX: ada0b49b53be2100
[ 1319.561554][T10950] RDX: ffffc90013740000 RSI: 0000000000005bc2 RDI: 0000000000005bc3
[ 1319.569647][T10950] RBP: ffffc90001b9f1d0 R08: ffffc90001b9eec7 R09: 1ffff92000373dd8
[ 1319.588894][T10950] R10: dffffc0000000000 R11: fffff52000373dd9 R12: 0000000000000000
[ 1319.598025][T10955] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[ 1319.598470][T10950] R13: dffffc0000000000 R14: ffffc90001b9f200 R15: ffffc90001b9f230
[ 1319.615122][T10950] FS:  00007fbff6b796c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 1319.624359][T10950] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1319.631035][T10950] CR2: 00007fbff6b58d58 CR3: 000000010f330000 CR4: 00000000003526b0
[ 1319.639080][T10950] DR0: 0000000000000007 DR1: 000000000000009b DR2: 00040000ffffffff
[ 1319.647084][T10950] DR3: 0000000000000009 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1319.655124][T10950] Kernel panic - not syncing: Fatal exception
[ 1319.661539][T10950] Kernel Offset: disabled
[ 1319.665875][T10950] Rebooting in 86400 seconds..