last executing test programs:

1m47.044458261s ago: executing program 3 (id=272):
r0 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000240)="df37", 0x2, r0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
getgroups(0x2, &(0x7f0000000000)=[0xee01, <r2=>0xffffffffffffffff])
setregid(0xffffffffffffffff, r2)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r3, &(0x7f0000000f80)=""/4096, 0x1000)

1m47.022165671s ago: executing program 3 (id=273):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000480)={&(0x7f0000000040)={0x428, 0x3f3, 0x8, 0x70bd2d, 0x25dfdbfe, {0x6, 0x0, 0x39, [0x80, 0x4, 0x101, 0x3ff, 0xb, 0x0, 0x8, 0x5, 0x0, 0x81, 0x3, 0x8, 0x4, 0x80000001, 0x4, 0x2, 0x55, 0x200, 0xffffffff, 0xe635, 0x960, 0x9, 0x1, 0xc7, 0x1, 0x9, 0x0, 0xa, 0x3, 0x0, 0x7, 0x3, 0x5, 0xfffffff9, 0xca3, 0xd7, 0x10000, 0x8, 0x4d, 0x27a, 0x8000, 0x2, 0x90ae, 0x2e, 0x40, 0x0, 0x6, 0x80000000, 0x849d, 0x4, 0x7abe, 0x2, 0x9, 0xffffffff, 0x3, 0x1, 0x9, 0x6, 0x6e, 0x7ff, 0x3], [0x800, 0xfb, 0x2, 0x3ff, 0x2a4, 0x4f40, 0x7, 0xfffffffc, 0x2, 0x8, 0x5, 0xe, 0x8, 0x6, 0xffff, 0xdbcd, 0x1, 0x7, 0x6, 0x8, 0x7, 0x6, 0x5, 0x2, 0x200, 0x3, 0x2, 0x1, 0x9, 0xffffffff, 0x0, 0x3, 0x100, 0x9, 0x4, 0x12000, 0x6, 0x9, 0xbe, 0xffffff80, 0x200, 0x3, 0x4, 0x400, 0x0, 0x5e, 0x9b5f, 0xbbc, 0x8, 0x6, 0x8, 0x89, 0x247, 0x7, 0xa65, 0x101, 0x2, 0x9, 0x9, 0x5, 0x500000, 0x3, 0xa4a, 0x8], [0x9, 0x3, 0x5, 0x1, 0x5, 0x4, 0x3, 0x0, 0x8, 0x8, 0x8, 0xffffffff, 0x2, 0x2, 0xda9e, 0x60b, 0x5, 0x200, 0x6, 0x7, 0x10000, 0x5a96, 0x9, 0x5, 0xffff, 0x100, 0x8, 0x0, 0x4, 0xfffffffc, 0x0, 0x23a7581e, 0x2, 0xd, 0x0, 0xf, 0xfffffffe, 0x4, 0x2, 0xe8a4, 0x3, 0x3, 0x7, 0x100, 0x6, 0x4, 0x2, 0x7, 0x3ff, 0xe, 0x6, 0x7, 0xc49, 0xfffffff9, 0x9, 0x8, 0x6, 0x8, 0x4, 0x6da9fc16, 0x6, 0xff16, 0xc, 0x7], [0x17, 0x7, 0x9, 0x0, 0x7, 0x7, 0x7, 0x200, 0x6, 0x0, 0xfff, 0xffffff93, 0x10001, 0x2, 0x5, 0x200, 0x577b, 0x9, 0x9, 0x6, 0xfff, 0xfffffffd, 0x783, 0x5, 0x3, 0x800, 0x2, 0xb5c8, 0x2, 0x2, 0x7, 0x5, 0x8000, 0x4, 0x1, 0x2, 0x8001, 0xffffffff, 0x7, 0x5, 0x7, 0x7fff, 0x4, 0x45a, 0x5, 0x1765, 0x8, 0x3, 0x4184, 0x8, 0x81, 0xf, 0x401, 0x1e78, 0x3, 0x8000, 0x10, 0x3f, 0x80, 0x5, 0x5, 0x134, 0x6, 0x3], 0x8, ['}+^\x00', 'U,\x00', '\x00']}, ["", ""]}, 0x428}, 0x1, 0x0, 0x0, 0x8001}, 0x840)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)

1m46.961379422s ago: executing program 3 (id=275):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000080003400000100e140005"], 0x80}}, 0x0)

1m46.934789852s ago: executing program 3 (id=277):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x1400037e)
r1 = open(&(0x7f0000000640)='.\x00', 0x0, 0x0)
r2 = syz_clone(0x20820000, 0x0, 0xffffffffffffffed, 0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e20, @multicast2}, {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e22, @multicast1}, 0x18, 0x0, 0x0, 0x0, 0xaf, &(0x7f0000000040)='veth0_to_bridge\x00', 0x6, 0xffff, 0x8})
tkill(r2, 0x41)

1m46.857653264s ago: executing program 3 (id=279):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1e1243, 0x0) (async)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1e1243, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000100)="1400000052004f7fb3e4bf80a000080000000000", 0x14)
recvmmsg$unix(r2, &(0x7f0000000b80)=[{{0x0, 0x0, &(0x7f0000001fc0)=[{&(0x7f0000000c40)=""/4096, 0x1000}, {&(0x7f0000002a80)=""/4096, 0x1000}], 0x2, &(0x7f0000000940)}}], 0x1, 0x2, 0x0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$BLKRRPART(r0, 0x125f, 0x0) (async)
ioctl$BLKRRPART(r0, 0x125f, 0x0)

1m46.486065889s ago: executing program 3 (id=284):
r0 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private0, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000000140)=0xe8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
creat(&(0x7f0000000200)='./file0\x00', 0x90)
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs2\x00', 0x0, 0x4008024, &(0x7f00000001c0)={[{@max={'max', 0x3d, 0x3}}], [{@smackfsdef={'smackfsdef', 0x3d, '+).#(-'}}, {@euid_eq={'euid', 0x3d, r1}}, {@smackfsdef={'smackfsdef', 0x3d, 'max'}}, {@uid_gt={'uid>', r1}}, {@pcr={'pcr', 0x3d, 0x7}}, {@obj_type={'obj_type', 0x3d, '-/'}}, {@flag='rw'}, {@smackfsroot={'smackfsroot', 0x3d, 'max'}}, {@dont_measure}, {@smackfsroot={'smackfsroot', 0x3d, 'max'}}]})

1m46.485888449s ago: executing program 32 (id=284):
r0 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private0, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000000140)=0xe8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
creat(&(0x7f0000000200)='./file0\x00', 0x90)
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs2\x00', 0x0, 0x4008024, &(0x7f00000001c0)={[{@max={'max', 0x3d, 0x3}}], [{@smackfsdef={'smackfsdef', 0x3d, '+).#(-'}}, {@euid_eq={'euid', 0x3d, r1}}, {@smackfsdef={'smackfsdef', 0x3d, 'max'}}, {@uid_gt={'uid>', r1}}, {@pcr={'pcr', 0x3d, 0x7}}, {@obj_type={'obj_type', 0x3d, '-/'}}, {@flag='rw'}, {@smackfsroot={'smackfsroot', 0x3d, 'max'}}, {@dont_measure}, {@smackfsroot={'smackfsroot', 0x3d, 'max'}}]})

2.851475917s ago: executing program 0 (id=1905):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x55f62000)
mmap(&(0x7f0000196000/0x1000)=nil, 0x1000, 0x0, 0x840000000000a132, 0xffffffffffffffff, 0x0)
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mknod$loop(0x0, 0x0, 0x1)
r1 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x1, @local}, 0x4a, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2f}}})
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RTC_UIE_ON(r3, 0x7003)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r2, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2d6fc2b90952355ec6c61d718c91784312b1b4771888a0811895b02ffb658934b0bbd6466c9cc04cc7252f1f1deea5a8b9c6797c8f1263db526cf88899f7ecab544662eb34743cefb660a78cb9468d2900b3cda4cca9d89ab6d341d145acf249276dda272407bc98d9e5431316d468b9e4750f2316589dc4de3157592d27fd723a512c85b08035842b75ec422346f9696f4bb3226b0ca75d135ebd8cae46fb83b71c103e1fdcb1934fd1d28b4916abe", 0xd3}, {&(0x7f00000003c0)="5453b4b759f9d4f4f33bda880b70e0dadde06223919f4585429ef69078a4956f646ea03bfd4c090a003c01f32b1a175baf38c1eb4572c8b372a4cf9128062e58ff575546876a2804144c3aea98c4a3533396f87e860de8c66bceb0e6b387ec853b7e91c57587d38436637e702ae18eeccefdcd7a3cdd7bfc327b5d619b57d56afe1628b65e2948af5ee0e3f52746a5aff58bb7c6d253a58bf745584d1bc19fe5e42b5534eab9e9d2587b413e81f68b60f56130f82b327f5fe900e3e107bc6b783d1d23a056426d6502133386b51e657046c1c43a2a2c4a7611ee6592a5ee08700d24d832163b3def1f", 0xe9}, {&(0x7f0000000640)="d48c8225ddfdf2c06c27763617468581389d34126760ba3dd0fe077a7c2ce378dd62cafeeb4ba1493766d09fd561d69a5bf8109ffcd3e43d8c16b9c3fa92d4439c5af1fa4775d01dcf0748a24ab51b52fbe75287a4b9aaa18fd479bdd154b4efe531a242d90a1ca2799c242bfd4ddd8271448d3415bd3a907ad340dc2fa2471393212d02eb25242808cffdc4e7a646211c18ac8602f5fc1e4f82b72871a8d42f37988365", 0xa4}, {&(0x7f0000000740)="f52ec22aafecc37a6d9995f1afb5c1727f223f9b84451a110b1dfbf19cc7ed183ba93f6d55645001887fc999262b9c938e22ef5ec46b4b1b535060dcca5cff1f0e5a1d9b32cef2b6e0a61af7968dc1759c4d901867d7d6e9f2521f6a1578e1cc2fbf58837a2633c0b8299192718c61227412dafd01e899723b33735bbec3e1429117362acc4139fc3565f183bd5568f47f4bc416adb360fdd9c497c2ad2ffe1ad738f4c073f1378d2b455e61844076a4a97ac1e13e2fb300ae69d55c501f96dcc39bf7ed835cc866f0fbd8e936e8374a484f111919dc610e0a36a0ee3df2ab1dc34cea42a4292e2fbaa86875a506bdd81fbb3dc5", 0xf4}, {&(0x7f0000000200)="057322e18609ed78266492c2a2ae3f0c0f3f6394c53de2727898d209dcb274efec9fc9", 0x23}], 0x5}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="acc870bde54caaeacb0000108cef4fa7bf44702b284b2e80cb32d33a86853c8c28797cd14c72c87f849f6ccbf3198d11a0b1ef000000000200000088e0e022b04dbd50d36f3c028c27ba0000000000000000000000000033", 0x58}, {&(0x7f0000000840)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b933aa9169f5f7b51dd5319b8016623d1863d70581691a79a6678db1e5e7fa1c98c5b9e4a87272e9c4a1bd98dbb2ab76919ba5c1020e80bd0659e82d861dc6fe4c62639134c504aa438689d28748c22ebfe2772d64", 0xcf}, {&(0x7f0000000e80)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf646e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa5a53ee4c07ab7c96a4a9ed93f4d20269982ab6feb22d8e77afb7b861622ab963b07f0026fd6424082bcd0864a854e542aacc3201fff776fe1c000000000000000000000000000000002da46e8a95bcead77a244256266fe952d151a841aaa0c9c727bf08c37869c70d6aed073d6bb9fb037a079b697f3ba963ba49b6aecdc3e839ae25d497b0e60408b8e0a9931aeb1be35eea2a22fa50d66a634804121bde6a4a2d7a23c08d8237aac90c577c24f4ec2949d9202659fe626262e0764eed651fe91d276cd8918ba1a079", 0x15c}], 0x3}}], 0x2, 0xc0)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r2, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)
mmap(&(0x7f0000af6000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r0, 0x0)

2.557534572s ago: executing program 0 (id=1911):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_async', 0x20000, 0xf3)
read$FUSE(r0, &(0x7f0000001540)={0x2020}, 0x2020)
r1 = socket(0x1e, 0x4, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0xfffffffc, 0x2}, 0x10)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
r3 = syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x0, 0x0, 0x1}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x3ff}}}}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r8 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r9 = dup3(r7, r8, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(r9, 0x0, 0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r10 = getpid()
sched_setscheduler(r10, 0x2, &(0x7f0000000200)=0x5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x480, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
syslog(0x9, &(0x7f0000000080)=""/107, 0x6b)
unshare(0x8010000)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000081050000000000000e00000400000000c7e9f8359002c4a34e1d889e957ea20b6b774d09f51b0c1a9c1ecced262e8fd41268d3b76668b7b2c9465b0068fb29a079e6d61c8f9e2584fe09ccbb2532575a2e9b4907e928ff1533df959f44f511cd7dead4addd672a66f973c99272a090d0d1b296d94aaf1f0000000000000090b2c42488243cbe037fc862d913ac11364e0a35c773"])

2.481027903s ago: executing program 4 (id=1914):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000003fc0)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7}, 0x1c, 0x0, 0x0, 0x0, 0x600}}], 0x1, 0x1)

2.480779863s ago: executing program 4 (id=1915):
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000009800)=[{{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000002180)=""/4096, 0x1000}, {&(0x7f0000003180)=""/177, 0xb1}, {0x0}, {&(0x7f00000033c0)=""/231, 0xe7}, {&(0x7f00000034c0)=""/211, 0xd3}, {&(0x7f00000035c0)=""/68, 0x44}, {&(0x7f0000000200)=""/148, 0x94}, {&(0x7f0000000180)=""/83, 0x53}, {&(0x7f0000000800)=""/127, 0x7f}], 0x9}, 0x81}, {{0x0, 0x0, 0x0}, 0x808}], 0x4, 0x12100, 0x0)

2.480462763s ago: executing program 4 (id=1916):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000040)={{0x2, 0x4e24, @private=0xa010101}, {0x306, @broadcast}, 0x0, {0x2, 0xfff7, @broadcast}, 'dvmrp1\x00'})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
fremovexattr(r4, &(0x7f0000000000)=@known='trusted.overlay.metacopy\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xb8, 0x19, 0x1, 0x3, 0x0, {{@in=@broadcast, @in6=@ipv4={'\x00', '\xff\xff', @private=0xa010100}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x16}, {0x0, 0x7, 0x0, 0x7fffffff, 0x1, 0x2}, {0x0, 0xffffffffffffffff}, 0x0, 0x6e6bb5, 0x1, 0x0, 0x0, 0x3}}, 0xb8}}, 0x4040)

2.429489354s ago: executing program 1 (id=1918):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x40000000, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}})

2.428903003s ago: executing program 1 (id=1919):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x3, 0x0, 0x0, 0x0, 0x4, 0xc, 0x0, 0x5, 0xff, 0x1f, 0x0, 0x10000}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x9}, {0x0, 0x0, 0x3c, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$9p_virtio(&(0x7f00000004c0), &(0x7f0000000500)='./file1\x00', &(0x7f0000000540), 0x4, &(0x7f0000000600)={'trans=virtio,', {[{@privport}], [{@subj_type={'subj_type', 0x3d, 'nl802154\x00'}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file1/file4\x00', &(0x7f00000001c0), 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), r2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x1c0)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1/file4/file6\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file1/file4/file7/file6\x00', 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = mmap$binder(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1, 0x11, r4, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x24, 0x0, &(0x7f0000000000))
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f00000000c0)={0xd, 0x2, 0x7})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_int(r7, &(0x7f0000001180)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000180)=ANY=[@ANYBLOB='-1'], 0x27)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x0, 0xeeee0000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f00000007c0)={0x1f, 0x0, @any, 0x4}, 0xe)
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000280)={0x4003, 0x6, 0x9, 0x4, 0x0, 0x0, 0x40}, 0xc)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000300), r2)
sendmsg$NLBL_MGMT_C_PROTOCOLS(r2, &(0x7f0000000680)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYRESOCT=r5, @ANYRES32=r10, @ANYBLOB="020026bd7000ffdbdf250700000014000500000000000000000000000000b7e134fe8000010000000000000000000000bb00000000000000001248040000"], 0x44}, 0x1, 0x0, 0x0, 0x20049880}, 0x40000)

2.419824904s ago: executing program 4 (id=1920):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'wg2\x00', 0xca58c30f81b6079f})
r1 = userfaultfd(0x80001)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000000)={@mcast2, @mcast1, @loopback, 0x1, 0x3, 0x0, 0x100, 0x4, 0x47e00e3})
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000bdc000/0x400000)=nil)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
read$FUSE(r3, &(0x7f0000000980)={0x2020}, 0x160e)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e0000a027f"], 0x57)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000100)={0x1, 0x6}, 0x8)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)

2.400830444s ago: executing program 1 (id=1921):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x16, &(0x7f0000000000)=0x2, 0x4)
io_setup(0xee, &(0x7f0000000080)=<r1=>0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0xc0000, 0x0)
getdents64(r2, &(0x7f0000004340)=""/159, 0x9f)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000100)='memory.events.local\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000600)={0x2020}, 0x2020)
r5 = eventfd2(0xfffffff8, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000)
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r8, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff})
dup3(r8, r10, 0x0)
r11 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000380), 0x80000, 0x0)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.self_freezing\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r12, 0x0)
r13 = eventfd2(0x8, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r14=>0xffffffffffffffff})
fstat(r14, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r15=>0x0})
setresuid(0x0, 0x0, r15)
r16 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000580)='/sys/power/reserved_size', 0x8000, 0x4)
io_submit(r1, 0x5, &(0x7f0000000540)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5, 0x9, r16, &(0x7f00000000c0)="b3fb522f74366deb90921bd505f13708f57ed905d382e9589ad86cc1f409a39c5567f061fd77e9cf354d74894f950ad31a98f93dcf5d192c7974fe3efe2d6c3c56b09aa4361f6c75f6aa03a718e666f771f536f083533979232e20ff7251cfcc28641b2821ca938252f2e9835def9bc676ba26b4a99a6e0ff7129b845c31766f0423ef8f209d92133096e159b817a8aef89359b7f86dd8a170f51f68463091afd8c8f8b2fc9ff6655f6ca4a38ca17dd41573c46782fce22423e0518b72f0a11bdd6a2bb739e92694d6bd0067e3dee7ad3912ba8d2c8f412b4506c338b511b3bbd7caa344a961ebd0", 0xe8, 0x5, 0x0, 0x3, r13}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x8, 0xf, r0, &(0x7f0000000200)="3df0aa2afa1dad4c9de00051170ab0fbf10581ebac6b", 0x16, 0x0, 0x0, 0x0, r4}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x6, 0x3ff, r0, &(0x7f0000000280)="78616bd67ab51c6deac4b598a10150dc87de4f85cf950bb64d58a712963c9b8637d35e9188f7a56aad1387e77d11766cda0e6841b4ed00676dcd4213dfb7a9c90e44c02263cc403d76edb3544f968c199d58ff56b568686d1c457d5c04e4abf929dba63522f9ac8e4bd536f9f175b1b00100e50147af5bdd0b8f4f883c965d24782642360966b2150e0cea7b44ea095b7e842ddd0e03dac6f79a2a145ab6b1a00c", 0xa1, 0xa, 0x0, 0x3, r5}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2, 0x7f, r11, &(0x7f00000003c0)="16aaa5648bd9e797e5fdffc22bc2f7cf62077701ea4d2186e99219d491a56e85d136629e2f625779d3110be71a93a8015ee3098c1e", 0x35, 0xf4b6, 0x0, 0x3, r12}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x583, r0, &(0x7f0000000440)="797eb9fa8555f7af4215bc21eef1980dee820fdfb22c41fca5dd229ae9cf3d9e2b7655fb533bcb639380c5ceda2accaaacaaa02225e26fef0fea2fd8694d549aa20f1b92a12b94759e8a98efd09e610745dc0bbbbccabcba5c114d819889e9bbc653e93f471897ac6c16642bd26063de1fb6a4b28621dbe0c7b07a5670d8c48eb319dcd78ad72012558fd29b07d17c31c258f2650dbbfd77fa98e938c189926c5a8d1e6ca681d0e152980a4e", 0xffffffca, 0x1, 0x0, 0x2}])
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='bridge_slave_0\x00', 0x10)

2.301679296s ago: executing program 1 (id=1922):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r1 = socket$nl_route(0x10, 0x3, 0x0)
connect$netlink(r1, &(0x7f00000000c0)=@proc={0x10, 0x0, 0x25dfdbfc, 0x2000}, 0xc)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, &(0x7f00000002c0)})

2.095301808s ago: executing program 1 (id=1924):
fadvise64(0xffffffffffffffff, 0x8, 0x2, 0x5)
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x19)
openat$cgroup_ro(r1, &(0x7f0000000140)='cpu.stat\x00', 0x300, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r3, 0x2000)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r4, 0xc008ae09, &(0x7f0000000040)=""/221)
msync(&(0x7f0000640000/0xd000)=nil, 0xd000, 0x3)
ioctl$SIOCGETLINKNAME(r2, 0x89e0, &(0x7f0000000180)={0x1})

2.0129492s ago: executing program 1 (id=1926):
mount$binderfs(0x0, &(0x7f0000000280)='./binderfs\x00', 0x0, 0x2000063, &(0x7f0000000140)=ANY=[@ANYBLOB="6440e728601bfbe97829dca8d125efc53fa96a6972"])
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x2, 0x3, 0x8080000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f00000000c0)={0x0, 0x0, &(0x7f000000f000/0x2000)=nil})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000080)={0x0, 0x3})
openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
setrlimit(0x40000000000008, &(0x7f0000000000))
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
ioctl$TCFLSH(r3, 0x400455c8, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000000)={0x5, 0xe91, 0x6, 0x10, 0x2}, 0x14)

1.577400926s ago: executing program 4 (id=1930):
r0 = userfaultfd(0x801)
mount(&(0x7f0000000080)=@filename='./cgroup\x00', 0x0, 0x0, 0x2011001, 0x0)
mount$fuse(0x0, &(0x7f0000000140)='./cgroup\x00', 0x0, 0x1000020, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0xdd52d6c}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r2, 0x29, 0xc8, 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f000082c000/0x1000)=nil, 0x1000}, 0x2})

1.544899027s ago: executing program 4 (id=1931):
getgroups(0x2, &(0x7f0000000140)=[0x0, <r0=>0xee00])
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006300)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x1000040c, 0xffff}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
dup2(r3, r1)
close_range(r3, r3, 0x2)
r4 = syz_usb_connect(0x1, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r4, 0x0, &(0x7f0000000140)={0x1c, &(0x7f0000000340)=ANY=[@ANYRESDEC=r0], 0x0, 0x0})
syz_usb_control_io$uac1(r4, 0x0, 0x0)
setregid(0x0, r0)
syz_usb_control_io$cdc_ecm(r4, &(0x7f0000000180)={0x14, &(0x7f0000000080)=ANY=[@ANYBLOB="000169000000692189fca42f7748f6a7312f88deaa0e043d2fe1232643aed29a26fb0c3d435cf7ac5002e06d831421a4173479f8c4a0dcb921ccb5961a5f4a2b1d1b2921236908a0701cbd9e3008c05cae24fdbcd0e7a8643c7fd69b4a8620337f0a8efa418054508785a1f828aa92"], &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000300)={0x1c, &(0x7f00000001c0)={0x40, 0xb, 0x6d, "802d9c1747c3b57f155768134aa120f12e87dcdc1aa0fd76ee831606d5440d5c26ab898b423513609a4a1c039809c1865e07ae9a6acb2bed1529fa36c0a179da79a5b137bdc3a64b4aed39fae397ea5e82816d37b3fdf938eff0a61eb0078e6befc7e3d64e7404e0800422037c"}, &(0x7f0000000240)={0x0, 0xa, 0x1, 0x9}, &(0x7f00000002c0)={0x0, 0x8, 0x1, 0x8}})

1.092586414s ago: executing program 2 (id=1935):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000000)={'veth1_to_batadv\x00', @random="3383250a551d"})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
mremap(&(0x7f00008d5000/0x3000)=nil, 0x3000, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f0000000000)='.\x00', 0x400017e)
creat(&(0x7f0000000100)='./file0\x00', 0x1)
r3 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r3, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000), 0x68, 0x0, &(0x7f0000000040)="db68840d6391992756f448023da1981922b144c025e575ad0a5387a3dc9c7fbf6c77a900a7ae218579a4dc0d431d7a5d7b67bc53758dcc572ce17800eb40f5ed71ebfd87f7c6533f9631ad0e6bd25d6fb8f40b90987dec7d38e116a996090bfc5aad8917c695eb4d"})

868.522057ms ago: executing program 0 (id=1936):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$PTP_PIN_SETFUNC2(r0, 0x40603d10, &(0x7f0000000140))
openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000033c0), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)

867.908947ms ago: executing program 0 (id=1937):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x6b940000)
r2 = socket$inet(0x2, 0x2, 0x0)
socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r2, 0x0, 0x200000000000b, &(0x7f0000000080)='\x00', 0x1)
lseek(r0, 0x1, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r4=>0x0})
sendto$packet(r3, 0x0, 0x0, 0x4000, &(0x7f0000000140)={0x11, 0xf7, r4, 0x1, 0x0, 0x6, @local}, 0x14)
openat$ashmem(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)

817.574338ms ago: executing program 0 (id=1938):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
ioctl$BLKPG(r0, 0x1269, &(0x7f00000000c0)={0x0, 0x0, 0x98, &(0x7f0000000000)={0x8000, 0x8000, 0x40000d}}) (async, rerun: 32)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x80401, 0x0) (rerun: 32)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) (async)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) (async)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/87, 0x0}) (async)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000ac0)={0x2, 0x0, [{0x3000, 0x8f, &(0x7f0000000380)=""/143}, {0xe980c971206c8c5e, 0xbe, &(0x7f0000000880)=""/190}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000500)=0x1) (async)
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000000)=0xc000000)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000564404204e080110f9330102030109021b000100000000090400"], 0x0)
ioctl$BLKRRPART(r1, 0x125f, 0x0)

348.813555ms ago: executing program 0 (id=1939):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./bus\x00', 0xe8)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0, 0x4d)
getdents(r0, 0x0, 0x0)
lseek(r0, 0x101, 0x2)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x588, 0x109, 0x400, 0xc, 0x7, 0x10000001, 0x2}, 0x1c)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000800)={'bridge0\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r5, 0x0, 0x0, 0x8044, &(0x7f00000003c0)={0x11, 0x806, r4, 0x1, 0x7, 0x6, @local}, 0x14)
writev(r2, &(0x7f0000000280)=[{&(0x7f0000000080)="580000001500add4050000000000000002117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ffff0100f5c71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
pipe(&(0x7f0000000400))
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
r10 = creat(&(0x7f0000000080)='./file0\x00', 0x2a)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000001200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r10, @ANYRES64=r9], 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x587, 0x0, 0x10000000000ff}]})
ppoll(&(0x7f0000000740)=[{r1, 0x4}], 0x1, 0x0, 0x0, 0x0)

190.276067ms ago: executing program 2 (id=1940):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x80040, 0x0)
r1 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_register(r1, &(0x7f0000000100)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x6, 0x3a, 'E', 0x3a, '@{@$\x9a$^', 0x3a, './file0', 0x3a, [0x50, 0x4f, 0x46, 0x50, 0x43]}, 0x34)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000000)={{0x0, 0xeeef0000, 0xe, 0x0, 0x81, 0x4, 0xa, 0x4e, 0x0, 0x7, 0x6, 0x1}, {0x5000, 0xffff1000, 0x3, 0x5, 0x2, 0x8, 0xd, 0x3, 0x0, 0x81, 0x8, 0x1}, {0x5000, 0x0, 0x0, 0xfd, 0x2, 0x1, 0x6, 0xf, 0x8, 0x6, 0x2}, {0xffff1000, 0xd5dd0000, 0xe, 0x2, 0x1, 0x3, 0xc, 0x2, 0x1, 0x6, 0x4, 0x9}, {0x100002, 0xeeee8000, 0x9, 0x0, 0x80, 0xee, 0x0, 0x7, 0x7c, 0x0, 0xe, 0x9}, {0x3000, 0x4, 0x8, 0x1, 0x5, 0x4, 0x1, 0x1, 0x6, 0x86, 0xb, 0x2}, {0xeeee8000, 0xe6e60000, 0xc, 0x7, 0x7, 0x3, 0x1d, 0x47, 0x30, 0x2, 0x8, 0xe1}, {0xf000, 0x2, 0xc, 0xf8, 0xfd, 0xa, 0x2, 0x4, 0x3, 0x8, 0x5, 0x4e}, {0x4, 0x7}, {0x6000, 0x5}, 0x10, 0x0, 0x0, 0x40, 0x7, 0x1000, 0xeeef0000, [0x5, 0x8001, 0x8]})
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000100)={{0x0, 0xdddd1000, 0x10, 0x0, 0x8, 0x2, 0x1, 0x4, 0x0, 0x4, 0x9, 0x10}, {0xcccff001, 0x0, 0xc, 0x0, 0x0, 0x0, 0x2, 0x1, 0x7, 0x4}, {0x2000, 0xdddd0000, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xffff1000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4, 0x8}, {0xeeee8000, 0x3000, 0xb, 0x0, 0x0, 0x4, 0x0, 0xe, 0x0, 0x3c}, {0x5000, 0xd000, 0x0, 0x7, 0xc, 0x0, 0x2, 0x0, 0x4, 0x10, 0x80}, {0xdddd1000, 0x100000, 0xa, 0x6, 0x0, 0x2, 0x2, 0x4, 0x10}, {0x8080000, 0x3000, 0x0, 0x1, 0x7f, 0x4, 0x0, 0x1a, 0x26, 0x0, 0xff}, {0x80ac000}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x1, 0x70, 0x0, 0xdd00, 0x5000, [0xfffffffffffffffc, 0x1, 0x1, 0xfffffffffffffffc]})
open$dir(&(0x7f0000000000)='./file0\x00', 0x3814c0, 0x102)
mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xa)
r6 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000))
openat$kvm(0xffffff9c, &(0x7f0000000080), 0x2000, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r7)
sendmsg$IEEE802154_ADD_IFACE(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f"], 0x28}}, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r9, 0x4008ae90, &(0x7f0000000300)=ANY=[@ANYBLOB="050000000000000000000000060000000600000009000000ff0f0000260000000400000000000000000000000000000007000000080e000004000000d4df00000100000000000000c1ffffff0000000000000000000000000100000040000000070000000200020024000000f7fffffffcffffff000000000000000000000000a6000000020000ad6e1dd300b500000009000000030000006281f6a43981aff1000000000000000002000000070000008f0500000007000000ff7f0000050000000900"/209])
setns(r6, 0x10000000)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r10, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(r10, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400000001010302090006"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x8080)

57.645999ms ago: executing program 2 (id=1941):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.numa_stat\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
gettid()
gettid()
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$setsig(0x4203, r1, 0x6, &(0x7f0000000000)={0xd, 0x8, 0x8})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
signalfd4(r0, &(0x7f0000000100)={[0x5e6a]}, 0x8, 0x400)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000280)={0x1, 0x0, [{0x296, 0x0, 0x8}]})
r5 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000080)={{0x2, 0x4e21, @empty}, {0x306, @remote}, 0x20, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x10}}, 'gretap0\x00'})
setsockopt$inet_int(r5, 0x0, 0x16, &(0x7f0000000040), 0x4)
setsockopt$inet_int(r5, 0x0, 0x31, &(0x7f0000000000)=0xf62, 0x4)

57.486289ms ago: executing program 2 (id=1942):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, 0x0, &(0x7f0000000080))
mount$binderfs(0x0, 0x0, 0x0, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB='max=00000000000000000000001,stats=globCl,stats=global,max=00000000000000000000003,max=0000000000000000000001:,silent,rootcontext'])
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000002c0)={0xf, 0x0, [{0x4b564d02, 0x0, 0x7f}]})
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f0000000240)=ANY=[])

57.112569ms ago: executing program 2 (id=1943):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080))
ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x7})
pipe2$watch_queue(&(0x7f0000000500)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
r2 = accept$nfc_llcp(r1, &(0x7f0000000440), &(0x7f00000004c0)=0x60)
ioctl$FIOCLEX(r2, 0x5451)
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000040)={{&(0x7f0000ff8000/0x4000)=nil, 0x4000}})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x200000b, 0x41071, 0xffffffffffffffff, 0x894f000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0x7000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r4, 0x0)
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x5)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000140)=ANY=[@ANYBLOB="01000000050000000000009d06ffffffffffe50000000000"])
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f00000007c0)={0x0, <r8=>0x0}, &(0x7f0000000800)=0xc)
setreuid(0xffffffffffffffff, r8)
r9 = socket$xdp(0x2c, 0x3, 0x0)
r10 = fcntl$dupfd(r9, 0x406, r9)
ioctl$USBDEVFS_SUBMITURB(r10, 0x8038550a, &(0x7f0000000380)=@urb_type_iso={0x0, {0x1, 0x1}, 0xfda6, 0x40, &(0x7f0000000180)="4560013278805a89a5fd6d616b83c68c0588de23fe8d57166c16055cd7c3c1137dc1660e168675d66d580f6f44409e2328470586aedd5c6ae16ea7c32567a2f7265822489ca9113b7374888aadad59a87aecf459072b61e1b4f0825dd8e40fd794841bd897d9648b44e500bdf1ee426d4be2015774defcf6876b6b7517defe47be48617e2448f74a160e2a89d430c597c57ef9d771551667ccacc57acdc7d820ed930471dc473e3f856bc031c70ee6b0ed74cba940486b2ea5b422dfc0493df52a1e2dfbe03182b09378445fa9aaa52f805e71edde09e3ebd912e7bbc41939651da5baa76b071eaa", 0xe8, 0xfffffff8, 0xffff0267, 0x7, 0x10001, 0x7, &(0x7f0000000280)="eebf0635281d08a5141f566e0f77d426aeb1f9874b698c7fa092d9f8c01500e65a42e5ec5b4dfede7a1b7ebcf839681c7f4989a2041e0dbacdff75a8e090046973e57dcc1b0408f053d2bfd8c940f798b52165a40fe691d343b07c9c13da706905000000107c96d3bb8164cdc7965d4ac5fdfda2a7906e261a16e4c8b3fe7a7eae3e70c81370906c79f04f4983b08e798340f417d4177dfa3238e05b8fa90f8851eee3b9d5a00f8484d3fae653f866b90d521afcf0b21fc3af5c9020fd429a0d6de7a0d717efc2ff3c66c941d5bb1ffc0d56666373d40ddf2731", [{0x400, 0x9, 0x8}, {0x0, 0xfffffe00, 0x1}, {0xff, 0x9, 0x5}, {0x0, 0xfffffff7, 0x3}, {0x0, 0x5c8d36d3, 0x6}, {0xfffffff7, 0x7ff, 0x59}, {0xe, 0x200, 0x3}]})
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000000)='/dev/audio#\x00')
timer_create(0x9, &(0x7f0000002c00)={0x0, 0x25, 0x1}, &(0x7f0000002c40)=<r11=>0x0)
timer_settime(r11, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x77359400}}, &(0x7f0000000080))
r12 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000002d00), 0xc000)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/tty/drivers\x00', 0x0, 0x0)
close_range(r12, 0xffffffffffffffff, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000100)={0x3})

0s ago: executing program 2 (id=1944):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xffffffffffffffff)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x0, 0x0}, 0x10)
ioctl$ASHMEM_SET_NAME(r0, 0x40087708, &(0x7f0000000e80)='\x00\x00\x03\x06\x00\x00\x00\x05\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80`4/\xe9\x15\x9a\x9f\xf0:\xfd$\xad\xbb\x9a|c\xfc\"\xee\xc4\x93Q\x05\x00\x00\x00c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\xb5\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xef\xe7RGo\x95\xbd\x1c8 \xb0]\xb8L\xba\xc9\xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xe1^/\xd8\x16\\n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84\x04;\xc5[\nja\xb9\'\xc9#\xfcx\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92g\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~~\x84\\\xe4\x00B\x05\xd4\xea\xea\x7f=\xc6:\\N\xc3\xb7Vw\xc6\x9c\x96s\xaaHL\x96\xc72\n\x18Ynj\xceTS\xfbl\x0f\x9f8M\f\x89\xa1\xd2Hs`\x8bp\x8a\xc4%\xf8\x1d3\nV\x9a\xaf\x1f\xf96^\x93\xc1\xaf)\rg\x86\xd6\xea\xa9\x0f\x9a\xf1V\x1b\xbf\x8b\'-\xab\x8e\t7\xd3\xf7\xa9v\xfbY\xe6\x9b^d\x8c\xb1\xdd\x00\x00\x00\x00\x00\xdf\xb8\xb0O\x1a\x11\xb4\xbb\xf4\xdbT\xe8\xa5M\x05u\xfe\x12\xe9\x1e\xd1\x90\xdb\x9c\x83\xb4.R\xbe%\xfd$\xf3\xa6/\x02\xa3c\'\x9bt\xf4\xc1\x9e\x9f\xe8\n(8T3sF\x9a\x05N.&\xd2\xa2\xb5\x14\x9d\xd5G\x03\x1c\'\xa8%\xe3\xfe\x8aHW:\xf8O\xe7\xb9vy\xe3E{\xd7\xca\xb9c\xcf\x17\x1fv\x82\xfc\xb5vO=/\xf2C\n\xdc\x8c\xcb\x18\x0e\xc9O\xa1<\a\x15\x837\xe1U\xaa\x1b(5,\xa9u\x8e\xf5\f*\x01>\xbfb<\xe9\xba\x85\xb6\xf0#,\x7fm-\xbfYe\xaa\xe7\xd0\xf9\xc5\xec\xf0EN\xaa\x85\x8b\x02\x0eH\xb7WMz\xa6\xcd\xc9\'\xcb\xacBj\xb9\x92R\xaa\xaf\xfd\x1e\t\x96\xe70\xfbV\xdd\x967p\xd5\x1b\x81\xb3\xa9u\n\xf5\x82\xf9w\xf1\xaa\x91@\x9bp\xe5^\niM@\xbe\xe6x!\x8a\x88\xd5\n\xdb\xb0\x87\xadF\x8c{\xba\xf4g\x84')
ioctl$ASHMEM_SET_NAME(r0, 0x40087707, &(0x7f0000000300)='\x00\x00\x00\x06\x00\x00\x00\x01\x00x\x92\x12\xbc\x00\x00\xbb\x0642\x9c\x1a\xd1\xcbx\xb0\xd6\x1e\x10gQ\xca\x0e;\xf7\'\x8c\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn\x05\x00\x00\x00-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \xac\xc4K\x03\xfa\x13Vz\xbf\xe3c\x8d \x0f\xb1\xe9\xf2oci(\xcb\x82\x05\xfe[H\xaf\x01\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafd%\xf1\xdbjE\x01\xd1sD5hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\x851Y9OB\xdeB\xe1\x02-&\"1hS\x92\xe4$-\x02\x00\xe4\x8e\"\x85\xc9x\xef\x81E.r\x89\xe5\x00\x9e\x97\x96\xb8j\x81\xf0\xdca\xfb\xa6\xff\xff\xff\xff\x00\x00\x00\x00d\xf0\xf1j\x11\x12\xc0\xbb\xfdq~#\xf7\xa8\"$,\xf4\x84|\x89o\x00<\xa6-\xb0\xd3\x80\xbe\xcf\a\x00\xfc\xa6\xb1\x05\x94\x84l\xbfA\xeb\xd8\t\x00\x00\x00CvNhx461\x04N<\xedV\xcet\xaa~\xf3j\x94\xec\x92\x86uY\xf6\xb5\t?,~\xa67\\\xb9\xc9K\xf8\x9d\x96\xc0\xb5\xc7wF\x99\x12\x97T\x90.\x9c\xe3\x9a\xf1\xb9\x9c\x13\xbc\x19\xde/\xaahB\t\x97\a03\xcd\xb3\xc8\xd5l\x14!\xf9Xg2\x1d\xeeB\xccT\x0e\xd8\xef\xc8\xe9\xb4\xf3l\xc3\xf2\x998\xc8\xc2|2\xee\xb4W\x99f.\xeb\xe9\x05\xcbkz3+\xdd\xe1*8\x95@0t0\xad\xe3#\xd7\x19\xe7Q\xdfmI\xe5\x1e\xe4\x87\xc9\x8f\xa7\xe0\xd9v\xf6\x01\x9d\x8f`,\x1a8\x81I\x86l\x8f2\r:\xc1\x02\xd6Z%\xa7Ks\x8bUolS\x05\xbe\x97\x1fGe\x94\xa6\xa3\xab\xdb\r\x17\xff[\xb1\x00\xff\x7f\x00\x00\x00\x00')
r3 = fsopen(&(0x7f0000000000)='sysv\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000040)='./binderfs\x00', &(0x7f00000009c0)='D\x80\xfe\x05*\xb2f\x01g\xc1\xec\xc3\xa1>\x8c\xaa\x91\xcc\x18r\xc8\x0f\xe9\xf9\t6\xf4l\xff\'\x17{\xd9!\x95\x17\x9fQ\x8f/,\xb8\xf9\x86\xb2b\xd6@\xc7\x14\xf9\xd5\x13\x7f6\x01\xf3{\xf0W[\x1e\xb4\x0eY\x03S~%\xa8\x17\x88\x0fc\xe2x1X\x96\xcfN\xb7\x85zj\xfe\x136\x04\x9b\x1b\xbbj\xc3LMb\t7d)\x981\xef\x80\x8d\xc1\x95D\xf0\xa0\xbb\x86\xed\xfc\xa4\xed\xa0\r\xe2\xd4\xbe\x11m\r\xb0\x02\xf9\x01\xc6\xd3\xa7\xc4\x8f\x15p\xc4\x0e\xce\x1a7\xf5%\xf5c\x92A\xfck\xd1\xa0\x06p\xeen\n\xbf\xcew\x8bH\f\xbf\x80\xbf\x8ee\xa7\xd0\x8db\xa7\xe0\xdchL\x85\x8f82e\xd4\xf0\xa1\x8b\xc3T\xfcZK,\x06\x12\x0fC', 0x0)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x100)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r4, 0xc0145401, &(0x7f0000000080)={0x0, 0x0, 0x100801f8, 0x1, 0xb94})
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141b82, 0x0)
write$cgroup_int(r5, &(0x7f0000000000)=0x800, 0x12)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/custom1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
add_key(&(0x7f0000000000)='rxrpc_s\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)
syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000740)=ANY=[@ANYBLOB="121b100100000008961b090040000102030109022d00010108800209040006020301027209210600020122aa08090581030002030180090502033e514fa6dc6f4520b908000e0bff"], &(0x7f0000000540)={0xa, &(0x7f0000000500)={0xa, 0x6, 0x200, 0x7, 0xfa, 0x8, 0x40, 0x60}, 0xb, &(0x7f0000000680)=ANY=[@ANYRES32=r4], 0x1, [{0x4, &(0x7f0000000600)=@lang_id={0x4, 0x3, 0x43f}}]})
r7 = mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r6, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="38010000100013070000000000000000ac1e0101000000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb000004d3320000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000f2390000000200635738f75ad155d4be59e8b7516263286165732900"/252], 0x138}}, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000880)={@ptr={0x70742a85, 0x0, &(0x7f00000001c0)=""/75, 0x4b, 0x0, 0x32}, @ptr={0x70742a85, 0x0, &(0x7f00000007c0)=""/134, 0x86, 0x1, 0x23}, @fda={0x66646185, 0x5, 0x10000000000000, 0x33}}, &(0x7f00000004c0)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000ffffff040001c0"])
r11 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r11, 0x0, 0x41, 0x0, 0x0)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f00000006c0)=ANY=[@ANYRES8=r7, @ANYBLOB="e6bd06349065545012c8716534086bf1223a796fa0fd2c61cc0670d35f821c69cfeed9e275a2a82c58e5b12a974609992c332e74cda922c5c675119902a44419e20bc87bc3fb62eeffa4003384"])

kernel console output (not intermixed with test programs):

_permission+0xd/0x20
[   97.076885][ T3195]  ? __cfi_proc_fail_nth_write+0x10/0x10
[   97.076894][ T3195]  vfs_write+0x3c0/0xe80
[   97.076905][ T3195]  ? __cfi_vfs_write+0x10/0x10
[   97.076915][ T3195]  ? __kasan_check_write+0x18/0x20
[   97.076925][ T3195]  ? mutex_lock+0x92/0x1c0
[   97.076933][ T3195]  ? __cfi_mutex_lock+0x10/0x10
[   97.076942][ T3195]  ? __fget_files+0x2c5/0x340
[   97.076955][ T3195]  ksys_write+0x141/0x250
[   97.076965][ T3195]  ? __cfi_ksys_write+0x10/0x10
[   97.076976][ T3195]  ? __kasan_check_read+0x15/0x20
[   97.076985][ T3195]  __x64_sys_write+0x7f/0x90
[   97.076999][ T3195]  x64_sys_call+0x271c/0x2ee0
[   97.077010][ T3195]  do_syscall_64+0x58/0xf0
[   97.077022][ T3195]  ? clear_bhb_loop+0x35/0x90
[   97.077035][ T3195]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   97.077049][ T3195] RIP: 0033:0x7f3b4338d3df
[   97.077057][ T3195] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   97.077066][ T3195] RSP: 002b:00007f3b4418a030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   97.077078][ T3195] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3b4338d3df
[   97.077085][ T3195] RDX: 0000000000000001 RSI: 00007f3b4418a0a0 RDI: 0000000000000004
[   97.077091][ T3195] RBP: 00007f3b4418a090 R08: 0000000000000000 R09: 0000000000000000
[   97.077097][ T3195] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   97.077103][ T3195] R13: 0000000000000000 R14: 00007f3b435b5fa0 R15: 00007ffcb0b08be8
[   97.077111][ T3195]  </TASK>
[   97.418517][   T36] audit: type=1400 audit(1750521920.037:492): avc:  denied  { create } for  pid=3204 comm="syz.4.1135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   97.454349][ T3209] loop0: detected capacity change from 0 to 8388608
[   97.719184][  T314] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[   97.804603][   T36] audit: type=1400 audit(1750521920.427:493): avc:  denied  { getattr } for  pid=3238 comm="syz.2.1150" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=27247 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   97.879176][  T314] usb 5-1: Using ep0 maxpacket: 32
[   97.885460][  T314] usb 5-1: too many endpoints for config 0 interface 0 altsetting 32: 253, using maximum allowed: 30
[   97.896457][  T314] usb 5-1: config 0 interface 0 altsetting 32 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   97.907500][  T314] usb 5-1: config 0 interface 0 altsetting 32 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   97.920637][  T314] usb 5-1: config 0 interface 0 has no altsetting 0
[   97.927311][  T314] usb 5-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[   97.936465][  T314] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.945144][  T314] usb 5-1: config 0 descriptor??
[   98.152544][  T314] zeroplus 0003:0C12:0030.0009: hidraw0: USB HID v0.03 Device [HID 0c12:0030] on usb-dummy_hcd.4-1/input0
[   98.163922][  T314] zeroplus 0003:0C12:0030.0009: no inputs found
[   98.351504][ T3214] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.360015][ T3214] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.368125][ T3214] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.376642][ T3215] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.376941][ T3214] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.385667][ T3215] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.402728][ T3215] random: crng reseeded on system resumption
[   98.441961][  T387] usb 5-1: USB disconnect, device number 11
[   98.451855][ T3264] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   98.456274][ T3264] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   98.462878][ T3264] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:509
[   98.729179][   T65] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[   98.743639][  T314] usb 1-1: USB disconnect, device number 27
[   98.759528][ T3271] loop0: detected capacity change from 0 to 8388608
[   98.890135][   T65] usb 2-1: config 0 has an invalid descriptor of length 213, skipping remainder of the config
[   98.900458][   T65] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   98.909456][   T65] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   98.918553][   T65] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.927168][   T65] usb 2-1: config 0 descriptor??
[   98.972716][ T3285] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1171'.
[   99.099238][  T314] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[   99.251884][  T314] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   99.266798][  T314] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   99.280361][  T314] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.295983][  T314] usb 1-1: Product: syz
[   99.300328][  T314] usb 1-1: Manufacturer: syz
[   99.304919][  T314] usb 1-1: SerialNumber: syz
[   99.361350][   T36] audit: type=1326 audit(1750521921.987:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3312 comm="syz.2.1182" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa083f8e929 code=0x0
[   99.384090][   T36] audit: type=1326 audit(1750521921.987:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3312 comm="syz.2.1182" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa083f8e929 code=0x0
[   99.422283][   T36] audit: type=1400 audit(1750521922.047:496): avc:  denied  { create } for  pid=3321 comm="syz.2.1185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   99.580905][ T3333] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1190'.
[   99.590219][ T3333] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1190'.
[   99.599830][ T3333] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  100.125193][   T36] audit: type=1400 audit(1750521922.747:497): avc:  denied  { execute } for  pid=3350 comm="syz.4.1197" path="/197/memory.events" dev="tmpfs" ino=1133 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  100.149935][ T3353] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  100.168863][ T3355] netlink: 300 bytes leftover after parsing attributes in process `syz.4.1199'.
[  100.199443][ T3357] usb usb5: selecting invalid altsetting 2
[  100.240261][   T36] audit: type=1400 audit(1750521922.867:498): avc:  denied  { mounton } for  pid=3363 comm="syz.4.1203" path="/203/file0" dev="tmpfs" ino=1164 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  100.316983][  T314] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42
[  100.323531][  T314] cdc_ncm 1-1:1.0: dwNtbInMaxSize=20 is too small. Using 2048
[  100.331006][  T314] cdc_ncm 1-1:1.0: setting rx_max = 2048
[  100.522924][  T314] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  100.540648][  T314] usb 1-1: USB disconnect, device number 28
[  100.552309][  T314] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP)
[  101.154503][ T3424] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  101.154627][ T3424] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:717
[  101.500710][  T314] usb 2-1: USB disconnect, device number 33
[  101.697125][ T3440] tipc: Cannot configure node identity twice
[  101.879180][  T314] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  101.950725][ T3447] SELinux: security_context_str_to_sid (qytem_u�Gй�:�ߨvZm�tW�>P#��nbҏ��^�') failed with errno=-22
[  102.032142][  T314] usb 2-1: Using ep0 maxpacket: 16
[  102.040080][  T314] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  102.059171][  T314] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  102.079185][  T314] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  102.088310][  T314] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.098754][  T314] usb 2-1: config 0 descriptor??
[  102.218837][   T36] audit: type=1400 audit(1750521924.837:499): avc:  denied  { read } for  pid=3465 comm="syz.2.1235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  102.439180][  T387] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  102.512273][  T314] microsoft 0003:045E:07DA.000A: item fetching failed at offset 14/34
[  102.520622][  T314] microsoft 0003:045E:07DA.000A: parse failed
[  102.526690][  T314] microsoft 0003:045E:07DA.000A: probe with driver microsoft failed with error -22
[  102.589188][  T387] usb 1-1: Using ep0 maxpacket: 16
[  102.595335][  T387] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  102.606221][  T387] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  102.616186][  T387] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  102.629011][  T387] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  102.638056][  T387] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.646650][  T387] usb 1-1: config 0 descriptor??
[  102.720470][  T314] usb 2-1: USB disconnect, device number 34
[  103.053800][  T387] microsoft 0003:045E:07DA.000B: unknown main item tag 0x2
[  103.061121][  T387] microsoft 0003:045E:07DA.000B: ignoring exceeding usage max
[  103.069397][  T387] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  103.076614][  T387] microsoft 0003:045E:07DA.000B: unknown main item tag 0xe
[  103.083840][  T387] microsoft 0003:045E:07DA.000B: collection stack underflow
[  103.091170][  T387] microsoft 0003:045E:07DA.000B: item 0 0 0 12 parsing failed
[  103.098712][  T387] microsoft 0003:045E:07DA.000B: parse failed
[  103.104829][  T387] microsoft 0003:045E:07DA.000B: probe with driver microsoft failed with error -22
[  103.261018][ T3464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  103.269659][ T3464] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  103.278420][  T387] usb 1-1: USB disconnect, device number 29
[  103.508082][ T3510] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  103.508160][   T36] audit: type=1400 audit(1750521926.127:500): avc:  denied  { write } for  pid=3508 comm="syz.1.1252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  103.540308][ T3516] overlayfs: overlapping lowerdir path
[  103.555012][ T3518] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  103.698668][ T3522] usb usb2: usbfs: process 3522 (syz.1.1257) did not claim interface 1 before use
[  104.010248][ T3542] FAULT_INJECTION: forcing a failure.
[  104.010248][ T3542] name failslab, interval 1, probability 0, space 0, times 0
[  104.022957][ T3542] CPU: 0 UID: 0 PID: 3542 Comm: syz.0.1265 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  104.022985][ T3542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.022995][ T3542] Call Trace:
[  104.023000][ T3542]  <TASK>
[  104.023005][ T3542]  __dump_stack+0x21/0x30
[  104.023022][ T3542]  dump_stack_lvl+0x10c/0x190
[  104.023033][ T3542]  ? __cfi_dump_stack_lvl+0x10/0x10
[  104.023044][ T3542]  dump_stack+0x19/0x20
[  104.023054][ T3542]  should_fail_ex+0x3d9/0x530
[  104.023065][ T3542]  should_failslab+0xac/0x100
[  104.023078][ T3542]  __kmalloc_cache_noprof+0x41/0x3c0
[  104.023089][ T3542]  ? x509_cert_parse+0x126/0xc00
[  104.023099][ T3542]  x509_cert_parse+0x126/0xc00
[  104.023107][ T3542]  x509_key_preparse+0x6a/0x890
[  104.023116][ T3542]  ? __cfi_down_read+0x10/0x10
[  104.023126][ T3542]  ? down_read+0x79/0xe0
[  104.023135][ T3542]  ? __cfi_down_read+0x10/0x10
[  104.023144][ T3542]  asymmetric_key_preparse+0xb3/0x100
[  104.023156][ T3542]  __key_create_or_update+0x3d2/0xa30
[  104.023169][ T3542]  ? security_key_permission+0x33/0xd0
[  104.023181][ T3542]  ? key_create_or_update+0x70/0x70
[  104.023194][ T3542]  ? __cfi_lookup_user_key_possessed+0x10/0x10
[  104.023205][ T3542]  ? __cfi_keyring_search_iterator+0x10/0x10
[  104.023218][ T3542]  key_create_or_update+0x47/0x70
[  104.023230][ T3542]  __se_sys_add_key+0x33a/0x490
[  104.023239][ T3542]  ? __x64_sys_add_key+0xf0/0xf0
[  104.023248][ T3542]  __x64_sys_add_key+0xc3/0xf0
[  104.023257][ T3542]  x64_sys_call+0x195f/0x2ee0
[  104.023268][ T3542]  do_syscall_64+0x58/0xf0
[  104.023280][ T3542]  ? clear_bhb_loop+0x35/0x90
[  104.023293][ T3542]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  104.023305][ T3542] RIP: 0033:0x7fa67338e929
[  104.023314][ T3542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.023322][ T3542] RSP: 002b:00007fa674188038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  104.023333][ T3542] RAX: ffffffffffffffda RBX: 00007fa6735b5fa0 RCX: 00007fa67338e929
[  104.023340][ T3542] RDX: 0000200000000240 RSI: 0000000000000000 RDI: 0000200000000040
[  104.023347][ T3542] RBP: 00007fa674188090 R08: 00000000141668e1 R09: 0000000000000000
[  104.023353][ T3542] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  104.023359][ T3542] R13: 0000000000000000 R14: 00007fa6735b5fa0 R15: 00007ffc4f4cea48
[  104.023366][ T3542]  </TASK>
[  104.039646][  T387] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  104.049006][ T3546] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[  104.219189][  T387] usb 2-1: Using ep0 maxpacket: 8
[  104.225311][ T3546] SELinux: failed to load policy
[  104.234295][  T387] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  104.304692][  T387] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.313913][  T387] usb 2-1: config 0 descriptor??
[  104.323033][   T36] audit: type=1400 audit(1750521926.947:501): avc:  denied  { append } for  pid=3548 comm="syz.0.1268" name="random" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  104.364919][   T36] audit: type=1400 audit(1750521926.987:502): avc:  denied  { setopt } for  pid=3548 comm="syz.0.1268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  104.467461][ T3558] FAULT_INJECTION: forcing a failure.
[  104.467461][ T3558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.480554][ T3558] CPU: 0 UID: 0 PID: 3558 Comm: syz.0.1272 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  104.480586][ T3558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.480598][ T3558] Call Trace:
[  104.480603][ T3558]  <TASK>
[  104.480611][ T3558]  __dump_stack+0x21/0x30
[  104.480641][ T3558]  dump_stack_lvl+0x10c/0x190
[  104.480653][ T3558]  ? __cfi_dump_stack_lvl+0x10/0x10
[  104.480664][ T3558]  dump_stack+0x19/0x20
[  104.480674][ T3558]  should_fail_ex+0x3d9/0x530
[  104.480685][ T3558]  should_fail+0xf/0x20
[  104.480696][ T3558]  should_fail_usercopy+0x1e/0x30
[  104.480713][ T3558]  _copy_to_user+0x24/0xa0
[  104.480735][ T3558]  simple_read_from_buffer+0xed/0x160
[  104.480759][ T3558]  proc_fail_nth_read+0x19e/0x210
[  104.480776][ T3558]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  104.480785][ T3558]  ? timerqueue_add+0x212/0x240
[  104.480796][ T3558]  ? bpf_lsm_file_permission+0xd/0x20
[  104.480807][ T3558]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  104.480815][ T3558]  vfs_read+0x278/0xb60
[  104.480826][ T3558]  ? __cfi_vfs_read+0x10/0x10
[  104.480836][ T3558]  ? __kasan_check_write+0x18/0x20
[  104.480853][ T3558]  ? mutex_lock+0x92/0x1c0
[  104.480868][ T3558]  ? __cfi_mutex_lock+0x10/0x10
[  104.480883][ T3558]  ? __fget_files+0x2c5/0x340
[  104.480905][ T3558]  ksys_read+0x141/0x250
[  104.480920][ T3558]  ? __cfi_ksys_read+0x10/0x10
[  104.480930][ T3558]  ? __cfi___x64_sys_alarm+0x10/0x10
[  104.480940][ T3558]  ? __kasan_check_read+0x15/0x20
[  104.480950][ T3558]  __x64_sys_read+0x7f/0x90
[  104.480960][ T3558]  x64_sys_call+0x2638/0x2ee0
[  104.480971][ T3558]  do_syscall_64+0x58/0xf0
[  104.480984][ T3558]  ? clear_bhb_loop+0x35/0x90
[  104.481008][ T3558]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  104.481030][ T3558] RIP: 0033:0x7fa67338d33c
[  104.481044][ T3558] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  104.481059][ T3558] RSP: 002b:00007fa674188030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  104.481070][ T3558] RAX: ffffffffffffffda RBX: 00007fa6735b5fa0 RCX: 00007fa67338d33c
[  104.481077][ T3558] RDX: 000000000000000f RSI: 00007fa6741880a0 RDI: 0000000000000003
[  104.481084][ T3558] RBP: 00007fa674188090 R08: 0000000000000000 R09: 0000000000000000
[  104.481090][ T3558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.481095][ T3558] R13: 0000000000000000 R14: 00007fa6735b5fa0 R15: 00007ffc4f4cea48
[  104.481103][ T3558]  </TASK>
[  104.886429][   T36] audit: type=1326 audit(1750521927.507:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3569 comm="syz.0.1278" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa67338e929 code=0x0
[  105.134988][  T387] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  105.144982][  T387] asix 2-1:0.0: probe with driver asix failed with error -61
[  105.333107][ T3578] overlayfs: failed to clone upperpath
[  105.446959][ T3588] overlayfs: failed to clone upperpath
[  105.999184][ T1160] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  106.006022][ T3610] cgroup: Invalid name
[  106.138263][ T3622] process 'syz.2.1299' launched './file1' with NULL argv: empty string added
[  106.147346][   T36] audit: type=1400 audit(1750521928.777:504): avc:  denied  { execute_no_trans } for  pid=3621 comm="syz.2.1299" path="/501/file1" dev="tmpfs" ino=2743 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  106.149313][ T1160] usb 1-1: Using ep0 maxpacket: 16
[  106.176913][ T1160] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  106.187011][ T1160] usb 1-1: config 0 has no interfaces?
[  106.192497][ T1160] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  106.201552][ T1160] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.213173][ T1160] usb 1-1: config 0 descriptor??
[  106.423949][ T3608] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  106.432457][ T3608] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  106.440844][ T1160] usb 1-1: USB disconnect, device number 30
[  106.513851][ T3662] binder: Bad value for 'stats'
[  106.572681][ T3663] binder: Bad value for 'stats'
[  106.815982][  T387] usb 2-1: USB disconnect, device number 35
[  107.023567][ T3681] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  107.023596][ T3681] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:796
[  107.131888][   T36] audit: type=1400 audit(1750521929.757:505): avc:  denied  { setattr } for  pid=3697 comm="syz.0.1324" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  107.162709][   T36] audit: type=1400 audit(1750521929.757:506): avc:  denied  { write } for  pid=3697 comm="syz.0.1324" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  107.183342][   T36] audit: type=1400 audit(1750521929.757:507): avc:  denied  { open } for  pid=3697 comm="syz.0.1324" path="/316/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  107.209158][  T387] usb 2-1: new low-speed USB device number 36 using dummy_hcd
[  107.339203][  T387] usb 2-1: device descriptor read/64, error -71
[  107.409393][   T36] audit: type=1326 audit(1750521930.037:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3704 comm="syz.4.1327" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f745398e929 code=0x0
[  107.579170][  T387] usb 2-1: device descriptor read/64, error -71
[  107.819181][  T387] usb 2-1: new low-speed USB device number 37 using dummy_hcd
[  107.949179][  T387] usb 2-1: device descriptor read/64, error -71
[  108.189236][  T387] usb 2-1: device descriptor read/64, error -71
[  108.249619][ T3712] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  108.299308][  T387] usb usb2-port1: attempt power cycle
[  108.419184][  T314] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  108.570415][  T314] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  108.581429][  T314] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  108.591346][  T314] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  108.600642][  T314] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.610809][  T314] usb 1-1: config 0 descriptor??
[  108.650951][  T387] usb 2-1: new low-speed USB device number 38 using dummy_hcd
[  108.670200][  T387] usb 2-1: device descriptor read/8, error -71
[  108.800132][  T387] usb 2-1: device descriptor read/8, error -71
[  109.049211][  T387] usb 2-1: new low-speed USB device number 39 using dummy_hcd
[  109.070169][  T387] usb 2-1: device descriptor read/8, error -71
[  109.200204][  T387] usb 2-1: device descriptor read/8, error -71
[  109.268398][   T36] audit: type=1326 audit(1750521931.887:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3758 comm="syz.2.1350" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa083f8e929 code=0x0
[  109.309254][  T387] usb usb2-port1: unable to enumerate USB device
[  109.372361][   T36] audit: type=1400 audit(1750521931.997:510): avc:  denied  { create } for  pid=3758 comm="syz.2.1350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  109.393154][   T36] audit: type=1400 audit(1750521931.997:511): avc:  denied  { write } for  pid=3758 comm="syz.2.1350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  109.419023][  T314] uclogic 0003:256C:006D.000C: failed retrieving Huion firmware version: -71
[  109.427878][  T314] uclogic 0003:256C:006D.000C: failed probing parameters: -71
[  109.435387][  T314] uclogic 0003:256C:006D.000C: probe with driver uclogic failed with error -71
[  109.447814][  T314] usb 1-1: USB disconnect, device number 31
[  109.867030][   T36] audit: type=1400 audit(1750521932.487:512): avc:  denied  { lock } for  pid=3766 comm="syz.1.1353" path="/dev/binderfs/binder0" dev="binder" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  109.955185][ T3775] af_packet: tpacket_rcv: packet too big, clamped from 25 to 4294967272. macoff=96
[  109.967520][ T3775] kvm: Disabled LAPIC found during irq injection
[  109.974466][ T3775] binder: Bad value for 'max'
[  110.049594][ T3781] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.049641][ T3781] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.064333][   T36] audit: type=1400 audit(1750521932.687:513): avc:  denied  { mounton } for  pid=3785 comm="syz.1.1360" path="/proc/601/cgroup" dev="proc" ino=29583 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  110.064383][ T3786] incfs: Options parsing error. -22
[  110.098938][ T3786] incfs: mount failed -22
[  110.107130][   T36] audit: type=1400 audit(1750521932.737:514): avc:  denied  { remount } for  pid=3785 comm="syz.1.1360" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  110.183762][ T3806] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.199181][ T1160] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  110.235317][ T3811] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:607
[  110.359166][ T1160] usb 1-1: Using ep0 maxpacket: 32
[  110.374523][ T1160] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  110.382558][ T1160] usb 1-1: config 0 has no interface number 0
[  110.388631][ T1160] usb 1-1: config 0 interface 2 has no altsetting 0
[  110.396558][ T1160] usb 1-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  110.405624][ T1160] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.413616][ T1160] usb 1-1: Product: syz
[  110.417776][ T1160] usb 1-1: Manufacturer: syz
[  110.422379][ T1160] usb 1-1: SerialNumber: syz
[  110.427432][ T1160] usb 1-1: config 0 descriptor??
[  110.683759][ T1160] usb 1-1: USB disconnect, device number 32
[  111.043275][ T3821] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  111.043495][ T3821] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  111.101948][ T3822] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:615
[  111.108615][ T3822] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:615
[  111.265005][ T3829] tipc: Started in network mode
[  111.279054][ T3829] tipc: Node identity 40120000000000000000000000000001, cluster identity 4711
[  111.288174][ T3829] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  111.307538][ T3837] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  111.354880][ T3844] fuse: Bad value for 'user_id'
[  111.359906][ T3844] fuse: Bad value for 'user_id'
[  111.368535][ T3844] vlan0: mtu greater than device maximum
[  111.397810][ T3845] overlayfs: failed to resolve './file0': -2
[  111.535215][   T36] audit: type=1400 audit(1750521934.157:515): avc:  denied  { create } for  pid=3857 comm="syz.2.1391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  111.981741][ T3866] fuse: Bad value for 'user_id'
[  111.986693][ T3866] fuse: Bad value for 'user_id'
[  111.997278][ T3866] vlan0: mtu greater than device maximum
[  112.139633][ T3872] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1398'.
[  112.188065][   T36] audit: type=1400 audit(1750521934.807:516): avc:  denied  { map } for  pid=3881 comm="syz.0.1403" path="/dev/usbmon1" dev="devtmpfs" ino=88 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  112.229277][   T36] audit: type=1400 audit(1750521934.847:517): avc:  denied  { append } for  pid=3887 comm="syz.0.1405" name="pfkey" dev="proc" ino=4026532478 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  112.310827][ T3899] fuse: Bad value for 'user_id'
[  112.317791][ T3899] fuse: Bad value for 'user_id'
[  112.327960][ T3899] vlan0: mtu greater than device maximum
[  112.328143][   T36] audit: type=1400 audit(1750521934.957:518): avc:  denied  { name_bind } for  pid=3900 comm="syz.2.1411" src=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=udp_socket permissive=1
[  112.380572][ T3907] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1414'.
[  112.429527][ T3910] rust_binder: 3905 RLIMIT_NICE not set
[  112.549776][ T3922] fuse: Bad value for 'fd'
[  113.121800][ T3935] fuse: Bad value for 'fd'
[  113.129734][ T3935] vlan0: mtu greater than device maximum
[  113.203089][   T36] audit: type=1326 audit(1750521935.827:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3936 comm="syz.1.1426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b4338e929 code=0x7ffc0000
[  113.203738][ T3937] binder: Unknown parameter 'context	'
[  113.226591][   T36] audit: type=1326 audit(1750521935.827:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3936 comm="syz.1.1426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b4338e929 code=0x7ffc0000
[  113.257262][   T36] audit: type=1326 audit(1750521935.827:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3936 comm="syz.1.1426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f3b4338e929 code=0x7ffc0000
[  113.280661][   T36] audit: type=1326 audit(1750521935.867:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3936 comm="syz.1.1426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b4338e929 code=0x7ffc0000
[  113.368481][ T3943] fuse: Bad value for 'group_id'
[  113.373513][ T3943] fuse: Bad value for 'group_id'
[  113.392716][ T3945] fuse: Bad value for 'fd'
[  113.506320][ T3959] fuse: Bad value for 'fd'
[  113.514080][ T3959] vlan0: mtu greater than device maximum
[  113.622297][ T3969] fuse: Bad value for 'group_id'
[  113.628047][ T3970] fuse: Bad value for 'fd'
[  113.629196][ T3969] fuse: Bad value for 'group_id'
[  113.695699][ T3983] overlay: filesystem on ./bus not supported as upperdir
[  113.711837][ T3987] fuse: Bad value for 'fd'
[  113.719611][ T3987] vlan0: mtu greater than device maximum
[  113.818374][ T3992] fuse: Unknown parameter '00000000000000000000003'
[  113.835930][ T3994] fuse: Bad value for 'group_id'
[  113.841030][ T3994] fuse: Bad value for 'group_id'
[  114.568929][ T4018] fuse: Unknown parameter '00000000000000000000003'
[  114.586607][ T4020] binder: Unknown parameter '�'
[  114.653601][ T4037] overlayfs: failed to resolve './file1': -2
[  114.657281][ T4039] overlay: Unknown parameter 'fsname'
[  114.677236][ T4041] fuse: Unknown parameter '00000000000000000000003'
[  114.787975][ T4050] FAULT_INJECTION: forcing a failure.
[  114.787975][ T4050] name failslab, interval 1, probability 0, space 0, times 0
[  114.800784][ T4050] CPU: 0 UID: 0 PID: 4050 Comm: syz.4.1471 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  114.800814][ T4050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  114.800824][ T4050] Call Trace:
[  114.800831][ T4050]  <TASK>
[  114.800837][ T4050]  __dump_stack+0x21/0x30
[  114.800860][ T4050]  dump_stack_lvl+0x10c/0x190
[  114.800877][ T4050]  ? __cfi_dump_stack_lvl+0x10/0x10
[  114.800894][ T4050]  dump_stack+0x19/0x20
[  114.800906][ T4050]  should_fail_ex+0x3d9/0x530
[  114.800917][ T4050]  should_failslab+0xac/0x100
[  114.800932][ T4050]  __kmalloc_node_track_caller_noprof+0x68/0x440
[  114.800945][ T4050]  ? path_mount+0x688/0x1050
[  114.800956][ T4050]  ? v9fs_session_init+0xb3/0x1820
[  114.800967][ T4050]  ? x64_sys_call+0x2021/0x2ee0
[  114.800979][ T4050]  kstrdup+0x4d/0x140
[  114.800989][ T4050]  ? v9fs_session_init+0xa2/0x1820
[  114.800999][ T4050]  v9fs_session_init+0xb3/0x1820
[  114.801009][ T4050]  ? __cfi_v9fs_session_init+0x10/0x10
[  114.801020][ T4050]  ? kasan_save_alloc_info+0x40/0x50
[  114.801030][ T4050]  ? __kasan_kmalloc+0x96/0xb0
[  114.801042][ T4050]  ? v9fs_mount+0xbd/0xa00
[  114.801053][ T4050]  v9fs_mount+0xd7/0xa00
[  114.801064][ T4050]  ? selinux_sb_eat_lsm_opts+0xa69/0xb40
[  114.801078][ T4050]  ? __cfi_v9fs_mount+0x10/0x10
[  114.801089][ T4050]  ? selinux_capable+0x38/0x50
[  114.801101][ T4050]  legacy_get_tree+0x103/0x1b0
[  114.801115][ T4050]  ? __cfi_v9fs_mount+0x10/0x10
[  114.801126][ T4050]  vfs_get_tree+0x9e/0x290
[  114.801136][ T4050]  do_new_mount+0x251/0xb40
[  114.801147][ T4050]  path_mount+0x688/0x1050
[  114.801158][ T4050]  ? putname+0x113/0x150
[  114.801170][ T4050]  __se_sys_mount+0x2bd/0x480
[  114.801180][ T4050]  ? ksys_write+0x1ef/0x250
[  114.801191][ T4050]  ? __x64_sys_mount+0xf0/0xf0
[  114.801203][ T4050]  __x64_sys_mount+0xc3/0xf0
[  114.801213][ T4050]  x64_sys_call+0x2021/0x2ee0
[  114.801225][ T4050]  do_syscall_64+0x58/0xf0
[  114.801237][ T4050]  ? clear_bhb_loop+0x35/0x90
[  114.801251][ T4050]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  114.801264][ T4050] RIP: 0033:0x7f745398e929
[  114.801274][ T4050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.801282][ T4050] RSP: 002b:00007f74537eb038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  114.801295][ T4050] RAX: ffffffffffffffda RBX: 00007f7453bb5fa0 RCX: 00007f745398e929
[  114.801302][ T4050] RDX: 0000200000000400 RSI: 0000200000000380 RDI: 0000200000000340
[  114.801309][ T4050] RBP: 00007f74537eb090 R08: 0000200000000440 R09: 0000000000000000
[  114.801316][ T4050] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[  114.801322][ T4050] R13: 0000000000000000 R14: 00007f7453bb5fa0 R15: 00007ffd57c58168
[  114.801330][ T4050]  </TASK>
[  115.082775][ T4052] random: crng reseeded on system resumption
[  115.110065][ T4054] binder: Unknown parameter '�Ĺ�[Y�(����̓{rw'
[  115.432456][ T4062] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  115.432784][ T4062] rust_binder: Error while translating object.
[  115.439355][ T4062] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  115.445533][ T4062] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:689
[  115.516366][   T36] kauditd_printk_skb: 16 callbacks suppressed
[  115.516385][   T36] audit: type=1326 audit(1750521938.137:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4042 comm="syz.2.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa083f8e929 code=0x7fc00000
[  115.554947][   T36] audit: type=1326 audit(1750521938.137:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4042 comm="syz.2.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa083f8e929 code=0x7fc00000
[  115.575158][ T4066] fuse: Unknown parameter '00000000000000000000003'
[  115.578372][   T36] audit: type=1326 audit(1750521938.137:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4042 comm="syz.2.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa083f8e929 code=0x7fc00000
[  115.586378][ T4066] overlayfs: failed to clone upperpath
[  115.608931][   T36] audit: type=1326 audit(1750521938.137:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4042 comm="syz.2.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa083f8e929 code=0x7fc00000
[  115.636861][   T36] audit: type=1326 audit(1750521938.137:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4042 comm="syz.2.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa083f8e929 code=0x7fc00000
[  115.660161][   T36] audit: type=1326 audit(1750521938.137:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4042 comm="syz.2.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa083f8e929 code=0x7fc00000
[  115.683459][   T36] audit: type=1326 audit(1750521938.137:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4042 comm="syz.2.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa083f8e929 code=0x7fc00000
[  115.706747][   T36] audit: type=1326 audit(1750521938.137:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4042 comm="syz.2.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa083f8e929 code=0x7fc00000
[  115.730072][   T36] audit: type=1326 audit(1750521938.137:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4042 comm="syz.2.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa083f8e929 code=0x7fc00000
[  115.753400][   T36] audit: type=1326 audit(1750521938.137:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4042 comm="syz.2.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa083f8e929 code=0x7fc00000
[  116.231260][ T4079] binder: Bad value for 'stats'
[  116.479171][  T387] usb 2-1: new low-speed USB device number 40 using dummy_hcd
[  116.629162][  T387] usb 2-1: Invalid ep0 maxpacket: 64
[  116.746025][ T4086] fuse: Unknown parameter '00000000000000000000003'
[  116.753402][ T4086] overlayfs: failed to clone upperpath
[  116.759221][  T387] usb 2-1: new low-speed USB device number 41 using dummy_hcd
[  116.833318][ T4105] fuse: Unknown parameter '00000000000000000000003'
[  116.840590][ T4105] overlayfs: failed to clone upperpath
[  116.909158][  T387] usb 2-1: Invalid ep0 maxpacket: 64
[  116.914593][  T387] usb usb2-port1: attempt power cycle
[  117.259204][  T387] usb 2-1: new low-speed USB device number 42 using dummy_hcd
[  117.279528][  T387] usb 2-1: Invalid ep0 maxpacket: 64
[  117.409246][  T387] usb 2-1: new low-speed USB device number 43 using dummy_hcd
[  117.429502][  T387] usb 2-1: Invalid ep0 maxpacket: 64
[  117.434899][  T387] usb usb2-port1: unable to enumerate USB device
[  118.223610][ T4130] fuse: Unknown parameter 'fd00000000000000000000003'
[  118.231083][ T4130] overlayfs: failed to clone upperpath
[  118.371309][ T4132] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.378390][ T4132] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.385483][ T4132] bridge_slave_0: entered allmulticast mode
[  118.391741][ T4132] bridge_slave_0: entered promiscuous mode
[  118.397945][ T4132] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.405066][ T4132] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.412211][ T4132] bridge_slave_1: entered allmulticast mode
[  118.418473][ T4132] bridge_slave_1: entered promiscuous mode
[  118.427728][ T1060] bridge_slave_1: left allmulticast mode
[  118.433431][ T1060] bridge_slave_1: left promiscuous mode
[  118.439022][ T1060] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.446526][ T1060] bridge_slave_0: left allmulticast mode
[  118.452222][ T1060] bridge_slave_0: left promiscuous mode
[  118.457790][ T1060] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.531606][ T4132] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.538692][ T4132] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.545967][ T4132] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.553004][ T4132] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.561916][ T1060] tipc: Left network mode
[  118.567343][ T1060] veth1_macvtap: left promiscuous mode
[  118.572876][ T1060] veth0_vlan: left promiscuous mode
[  118.625580][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.633245][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.645060][ T4147] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1513'.
[  118.658566][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.665629][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.673902][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.681400][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.707135][ T4132] veth0_vlan: entered promiscuous mode
[  118.717985][ T4132] veth1_macvtap: entered promiscuous mode
[  118.758093][ T4156] fuse: Unknown parameter 'fd00000000000000000000003'
[  119.149175][  T314] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  119.217080][ T4166] binder: Bad value for 'max'
[  119.309168][  T314] usb 1-1: Using ep0 maxpacket: 8
[  119.316054][  T314] usb 1-1: config 171 has an invalid interface number: 45 but max is 0
[  119.325220][  T314] usb 1-1: config 171 has no interface number 0
[  119.336486][  T314] usb 1-1: config 171 interface 45 has no altsetting 0
[  119.351415][  T314] usb 1-1: New USB device found, idVendor=0e8d, idProduct=0003, bcdDevice= 2.c4
[  119.354600][ T4178] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1526'.
[  119.369233][  T314] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.379627][  T314] usb 1-1: Product: 珢…辮螼麻傛来撌艹ﴠ㊯갈⳹ㄍ왙⛈䶩ꫥ鳶䶥
[  119.389830][  T314] usb 1-1: Manufacturer: с
[  119.394393][  T314] usb 1-1: SerialNumber: ᇃω䥭뉕‾Ꮬ溢⿳噶켶눘깍牍཭柪긲엒줸Ȼ쇺斈ณ竭㌼㭂힄ꍓ牤ᥨ⼥먅⚝钹쨁큰绞㦘桁鎔峽켅륞・۔溎䤮멀皵럾ꤍꐲ喇ჯ廚㗯㜘ᦔ섊岎㖨郋酅ꈛ団䡏勿衂㞐לּ㯡䌤﶐ⳝ꫈ᶟ隭脄౑桟谅릹
[  119.595666][ T4186] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  119.596568][ T4186] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:582
[  119.625747][  T314] usb 1-1: USB disconnect, device number 33
[  119.679906][ T4188] fuse: Unknown parameter 'grou00000000000000000000'
[  119.711207][ T4192] fuseblk: Bad value for 'fd'
[  119.726227][ T4194] overlayfs: conflicting options: userxattr,metacopy=on
[  119.830430][ T4202] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1536'.
[  119.918185][ T4204] FAULT_INJECTION: forcing a failure.
[  119.918185][ T4204] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.931327][ T4204] CPU: 1 UID: 0 PID: 4204 Comm: syz.2.1537 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  119.931360][ T4204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  119.931371][ T4204] Call Trace:
[  119.931375][ T4204]  <TASK>
[  119.931379][ T4204]  __dump_stack+0x21/0x30
[  119.931397][ T4204]  dump_stack_lvl+0x10c/0x190
[  119.931408][ T4204]  ? __cfi_dump_stack_lvl+0x10/0x10
[  119.931419][ T4204]  ? __sys_recvmsg_sock+0x60/0x60
[  119.931430][ T4204]  dump_stack+0x19/0x20
[  119.931440][ T4204]  should_fail_ex+0x3d9/0x530
[  119.931451][ T4204]  should_fail+0xf/0x20
[  119.931461][ T4204]  should_fail_usercopy+0x1e/0x30
[  119.931472][ T4204]  _copy_from_user+0x22/0xb0
[  119.931486][ T4204]  ___sys_recvmsg+0x12f/0x510
[  119.931495][ T4204]  ? __sys_recvmsg+0x280/0x280
[  119.931505][ T4204]  ? __cfi_kstrtouint_from_user+0x10/0x10
[  119.931515][ T4204]  ? selinux_file_permission+0x309/0xb30
[  119.931529][ T4204]  ? __fget_files+0x2c5/0x340
[  119.931543][ T4204]  do_recvmmsg+0x326/0x770
[  119.931553][ T4204]  ? __sys_recvmmsg+0x290/0x290
[  119.931562][ T4204]  ? __cfi_vfs_write+0x10/0x10
[  119.931573][ T4204]  ? fput+0x1a5/0x240
[  119.931586][ T4204]  __x64_sys_recvmmsg+0x191/0x240
[  119.931596][ T4204]  ? __cfi___x64_sys_recvmmsg+0x10/0x10
[  119.931606][ T4204]  ? __kasan_check_read+0x15/0x20
[  119.931616][ T4204]  x64_sys_call+0x292c/0x2ee0
[  119.931629][ T4204]  do_syscall_64+0x58/0xf0
[  119.931641][ T4204]  ? clear_bhb_loop+0x35/0x90
[  119.931655][ T4204]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  119.931668][ T4204] RIP: 0033:0x7f7ea958e929
[  119.931678][ T4204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.931686][ T4204] RSP: 002b:00007f7ea7bf7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  119.931698][ T4204] RAX: ffffffffffffffda RBX: 00007f7ea97b5fa0 RCX: 00007f7ea958e929
[  119.931706][ T4204] RDX: 0000000000000002 RSI: 0000200000009800 RDI: 0000000000000003
[  119.931712][ T4204] RBP: 00007f7ea7bf7090 R08: 0000000000000000 R09: 0000000000000000
[  119.931719][ T4204] R10: 0000000000002100 R11: 0000000000000246 R12: 0000000000000001
[  119.931725][ T4204] R13: 0000000000000000 R14: 00007f7ea97b5fa0 R15: 00007ffcd2374d68
[  119.931733][ T4204]  </TASK>
[  120.268996][ T4209] fuse: Unknown parameter 'grou00000000000000000000'
[  120.298735][ T4213] No source specified
[  120.330446][ T4222] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  120.337640][ T4222] rust_binder: Write failure EINVAL in pid:28
[  120.347708][ T4224] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  120.354370][ T4224] rust_binder: Error in use_page_slow: ESRCH
[  120.360878][ T4224] rust_binder: use_range failure ESRCH
[  120.366915][ T4224] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  120.377354][ T4224] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  120.382160][ T4226] fuse: Unknown parameter '0x0000000000000003'
[  120.387445][ T4224] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:705
[  120.408996][ T4226] vlan0: mtu greater than device maximum
[  120.416625][ T4230] fuse: Unknown parameter 'grou00000000000000000000'
[  120.480843][ T4236] No source specified
[  120.499923][ T4238] overlayfs: failed to resolve './file1': -2
[  120.507650][ T4240] SELinux:  policydb magic number 0x7379732f does not match expected magic number 0xf97cff8c
[  120.518794][ T4240] SELinux: failed to load policy
[  120.532805][ T4242] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  120.543977][   T36] kauditd_printk_skb: 66 callbacks suppressed
[  120.543992][   T36] audit: type=1326 audit(1750521943.167:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4244 comm="syz.1.1554" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b4338e929 code=0x0
[  120.573513][ T4251] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1556'.
[  120.611392][ T4255] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  120.613766][ T4255] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  120.631423][   T36] audit: type=1400 audit(1750521943.257:616): avc:  denied  { ioctl } for  pid=4257 comm="syz.4.1559" path="socket:[33120]" dev="sockfs" ino=33120 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  120.779179][ T1160] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  120.909190][ T1160] usb 1-1: device descriptor read/64, error -71
[  121.149163][ T1160] usb 1-1: device descriptor read/64, error -71
[  121.322003][ T4269] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:37
[  121.322031][ T4269] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  121.331168][ T4269] rust_binder: Read failure Err(EFAULT) in pid:37
[  121.399230][ T1160] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  121.420117][ T4276] netlink: 112 bytes leftover after parsing attributes in process `syz.1.1574'.
[  121.445305][ T4279] FAULT_INJECTION: forcing a failure.
[  121.445305][ T4279] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  121.458796][ T4279] CPU: 1 UID: 0 PID: 4279 Comm: syz.1.1567 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  121.458825][ T4279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  121.458834][ T4279] Call Trace:
[  121.458838][ T4279]  <TASK>
[  121.458843][ T4279]  __dump_stack+0x21/0x30
[  121.458859][ T4279]  dump_stack_lvl+0x10c/0x190
[  121.458870][ T4279]  ? __cfi_dump_stack_lvl+0x10/0x10
[  121.458882][ T4279]  ? __kmalloc_node_track_caller_noprof+0x1ad/0x440
[  121.458895][ T4279]  dump_stack+0x19/0x20
[  121.458905][ T4279]  should_fail_ex+0x3d9/0x530
[  121.458917][ T4279]  should_fail+0xf/0x20
[  121.458926][ T4279]  should_fail_usercopy+0x1e/0x30
[  121.458937][ T4279]  _copy_from_user+0x22/0xb0
[  121.458950][ T4279]  csum_and_copy_from_iter_full+0x6c1/0x1c00
[  121.458963][ T4279]  ? ip6_pol_route+0x42c/0x12c0
[  121.458975][ T4279]  ? __cfi_csum_and_copy_from_iter_full+0x10/0x10
[  121.458989][ T4279]  ip_generic_getfrag+0x137/0x290
[  121.459002][ T4279]  ? __cfi_ip_generic_getfrag+0x10/0x10
[  121.459014][ T4279]  ? skb_put+0x112/0x1f0
[  121.459026][ T4279]  __ip6_append_data+0x2dab/0x3ab0
[  121.459036][ T4279]  ? __asan_memcpy+0x5a/0x80
[  121.459049][ T4279]  ? __cfi_ip_generic_getfrag+0x10/0x10
[  121.459061][ T4279]  ? __asan_memset+0x39/0x50
[  121.459071][ T4279]  ? ip6_setup_cork+0x1390/0x1390
[  121.459081][ T4279]  ip6_make_skb+0x41c/0x850
[  121.459091][ T4279]  ? __cfi_ip_generic_getfrag+0x10/0x10
[  121.459103][ T4279]  ? __cfi_ip6_make_skb+0x10/0x10
[  121.459116][ T4279]  ? ip6_sk_dst_lookup_flow+0x463/0x790
[  121.459127][ T4279]  udpv6_sendmsg+0x1c46/0x26c0
[  121.459141][ T4279]  ? __cfi_ip_generic_getfrag+0x10/0x10
[  121.459155][ T4279]  ? __cfi_udpv6_sendmsg+0x10/0x10
[  121.459165][ T4279]  ? __cfi__raw_spin_lock_bh+0x10/0x10
[  121.459179][ T4279]  ? _raw_spin_unlock_bh+0x54/0x60
[  121.459190][ T4279]  ? release_sock+0x171/0x1f0
[  121.459203][ T4279]  ? inet_send_prepare+0x1e7/0x4f0
[  121.459212][ T4279]  ? __cfi_udpv6_sendmsg+0x10/0x10
[  121.459221][ T4279]  inet6_sendmsg+0xef/0x120
[  121.459234][ T4279]  ____sys_sendmsg+0x5db/0xa70
[  121.459248][ T4279]  ? __sys_sendmsg_sock+0x50/0x50
[  121.459262][ T4279]  ? import_iovec+0x81/0xb0
[  121.459275][ T4279]  ___sys_sendmsg+0x220/0x2a0
[  121.459288][ T4279]  ? __sys_sendmsg+0x280/0x280
[  121.459301][ T4279]  ? kstrtouint+0x78/0xf0
[  121.459313][ T4279]  __sys_sendmmsg+0x271/0x470
[  121.459322][ T4279]  ? __cfi___sys_sendmmsg+0x10/0x10
[  121.459333][ T4279]  ? __cfi_ksys_write+0x10/0x10
[  121.459345][ T4279]  __x64_sys_sendmmsg+0xa4/0xc0
[  121.459354][ T4279]  x64_sys_call+0xfec/0x2ee0
[  121.459365][ T4279]  do_syscall_64+0x58/0xf0
[  121.459377][ T4279]  ? clear_bhb_loop+0x35/0x90
[  121.459400][ T4279]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  121.459414][ T4279] RIP: 0033:0x7f3b4338e929
[  121.459423][ T4279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.459432][ T4279] RSP: 002b:00007f3b4418a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  121.459443][ T4279] RAX: ffffffffffffffda RBX: 00007f3b435b5fa0 RCX: 00007f3b4338e929
[  121.459451][ T4279] RDX: 0000000000000001 RSI: 0000200000004700 RDI: 0000000000000003
[  121.459458][ T4279] RBP: 00007f3b4418a090 R08: 0000000000000000 R09: 0000000000000000
[  121.459465][ T4279] R10: 00000000080040c4 R11: 0000000000000246 R12: 0000000000000001
[  121.459471][ T4279] R13: 0000000000000000 R14: 00007f3b435b5fa0 R15: 00007ffcb0b08be8
[  121.459479][ T4279]  </TASK>
[  121.639182][ T1160] usb 1-1: device descriptor read/64, error -71
[  121.651032][ T4262] overlayfs: statfs failed on './file0'
[  121.822753][ T4286] fuse: Unknown parameter 'fd0x0000000000000003'
[  121.833181][ T4286] vlan0: mtu greater than device maximum
[  121.863823][ T4288] fuseblk: Unknown parameter 'rootmkde'
[  121.882002][ T4290] binder: Unknown parameter 'di�sync'
[  121.912002][ T1160] usb 1-1: device descriptor read/64, error -71
[  121.923035][   T36] audit: type=1326 audit(1750521944.547:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4291 comm="syz.1.1573" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b4338e929 code=0x0
[  121.956124][ T1060] Bluetooth: hci1: Frame reassembly failed (-84)
[  121.966529][ T4294] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  122.018347][ T4295] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:625
[  122.024979][ T1160] usb usb1-port1: attempt power cycle
[  122.379195][ T1160] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  122.400152][ T1160] usb 1-1: device descriptor read/8, error -71
[  122.540181][ T1160] usb 1-1: device descriptor read/8, error -71
[  122.777546][ T4299] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  122.786250][ T1160] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  122.807748][ T4302] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  122.810340][ T1160] usb 1-1: device descriptor read/8, error -71
[  122.874967][   T36] audit: type=1400 audit(1750521945.497:618): avc:  denied  { map } for  pid=4308 comm="syz.4.1580" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  122.950171][ T1160] usb 1-1: device descriptor read/8, error -71
[  123.059274][ T1160] usb usb1-port1: unable to enumerate USB device
[  123.693068][ T4306] overlayfs: statfs failed on './file0'
[  123.811247][ T4337] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:932
[  123.969242][ T3121] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  123.969568][ T1284] Bluetooth: hci1: command 0x1003 tx timeout
[  123.978451][  T392] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  124.059173][   T31] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  124.140175][  T392] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  124.150348][  T392] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.161226][  T392] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 235, setting to 64
[  124.172042][  T392] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  124.186148][  T392] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  124.195268][  T392] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.203326][  T392] usb 2-1: Product: syz
[  124.207483][  T392] usb 2-1: Manufacturer: syz
[  124.212081][  T392] usb 2-1: SerialNumber: syz
[  124.219558][   T31] usb 1-1: too many configurations: 64, using maximum allowed: 8
[  124.228363][   T31] usb 1-1: unable to read config index 0 descriptor/start: -61
[  124.236016][   T31] usb 1-1: can't read configurations, error -61
[  124.369275][   T31] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  124.519516][   T31] usb 1-1: too many configurations: 64, using maximum allowed: 8
[  124.528241][   T31] usb 1-1: unable to read config index 0 descriptor/start: -61
[  124.535886][   T31] usb 1-1: can't read configurations, error -61
[  124.542259][   T31] usb usb1-port1: attempt power cycle
[  124.872999][ T4343] overlayfs: statfs failed on './file0'
[  124.881772][   T31] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  124.911432][   T31] usb 1-1: too many configurations: 64, using maximum allowed: 8
[  124.920149][   T31] usb 1-1: unable to read config index 0 descriptor/start: -61
[  124.927703][   T31] usb 1-1: can't read configurations, error -61
[  125.059188][   T31] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  125.079808][   T31] usb 1-1: too many configurations: 64, using maximum allowed: 8
[  125.088487][   T31] usb 1-1: unable to read config index 0 descriptor/start: -61
[  125.096118][   T31] usb 1-1: can't read configurations, error -61
[  125.102474][   T31] usb usb1-port1: unable to enumerate USB device
[  125.149173][  T352] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  125.220510][  T392] cdc_ncm 2-1:1.0: bind() failure
[  125.226170][  T392] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  125.233133][  T392] cdc_ncm 2-1:1.1: bind() failure
[  125.300167][  T352] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.311122][  T352] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.320876][  T352] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  125.329947][  T352] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.338425][  T352] usb 3-1: config 0 descriptor??
[  125.424137][  T392] usb 2-1: USB disconnect, device number 44
[  125.745914][  T352] hid-steam 0003:28DE:1142.000D: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  125.939931][ T4351] ������: renamed from team_slave_1
[  125.962982][  T392] usb 3-1: USB disconnect, device number 15
[  125.981723][ T4359] fuse: Bad value for 'user_id'
[  125.986629][ T4359] fuse: Bad value for 'user_id'
[  125.995518][ T4359] vlan0: mtu greater than device maximum
[  126.209193][   T31] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  126.361462][   T31] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  126.370567][   T31] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.378545][   T31] usb 2-1: Product: syz
[  126.382709][   T31] usb 2-1: Manufacturer: syz
[  126.387304][   T31] usb 2-1: SerialNumber: syz
[  126.393411][   T31] r8152-cfgselector 2-1: Unknown version 0x0000
[  126.399698][   T31] r8152-cfgselector 2-1: config 0 descriptor??
[  126.837017][ T4386] fuse: Bad value for 'user_id'
[  126.841949][ T4386] fuse: Bad value for 'user_id'
[  126.850168][ T4386] vlan0: mtu greater than device maximum
[  126.939446][ T4365] overlayfs: statfs failed on './file0'
[  127.008218][  T352] r8152-cfgselector 2-1: USB disconnect, device number 45
[  127.046878][   T36] audit: type=1326 audit(1750521949.667:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4389 comm="syz.0.1612" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa67338e929 code=0x0
[  127.468240][ T4402] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  127.469031][ T4402] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  127.475633][ T4402] rust_binder: Read failure Err(EFAULT) in pid:746
[  127.888412][ T4404] rust_binder: Error in use_page_slow: ESRCH
[  127.888425][ T4404] rust_binder: use_range failure ESRCH
[  127.894517][ T4404] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  127.900043][ T4404] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  127.908014][ T4404] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:941
[  128.169171][  T392] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  128.309172][  T392] usb 1-1: device descriptor read/64, error -71
[  128.549180][  T392] usb 1-1: device descriptor read/64, error -71
[  128.789200][  T392] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  128.919186][  T392] usb 1-1: device descriptor read/64, error -71
[  129.159186][  T392] usb 1-1: device descriptor read/64, error -71
[  129.269243][  T392] usb usb1-port1: attempt power cycle
[  129.609177][  T392] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  129.630140][  T392] usb 1-1: device descriptor read/8, error -71
[  129.760197][  T392] usb 1-1: device descriptor read/8, error -71
[  130.009164][  T392] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  130.030244][  T392] usb 1-1: device descriptor read/8, error -71
[  130.136261][ T4414] fuse: Bad value for 'fd'
[  130.160131][  T392] usb 1-1: device descriptor read/8, error -71
[  130.269298][  T392] usb usb1-port1: unable to enumerate USB device
[  130.316589][   T36] audit: type=1400 audit(1750521952.937:620): avc:  denied  { ioctl } for  pid=4421 comm="syz.4.1625" path="/dev/cpu/0/msr" dev="devtmpfs" ino=16 ioctlcmd=0x63a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  130.350274][ T4424] fuse: Bad value for 'user_id'
[  130.355229][ T4424] fuse: Bad value for 'user_id'
[  130.363619][ T4424] vlan0: mtu greater than device maximum
[  130.399163][ T1160] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  130.478457][   T36] audit: type=1326 audit(1750521953.097:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4425 comm="syz.4.1627" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f745398e929 code=0x0
[  130.517270][   T36] audit: type=1400 audit(1750521953.137:622): avc:  denied  { create } for  pid=4427 comm="syz.1.1628" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  130.538141][   T36] audit: type=1400 audit(1750521953.137:623): avc:  denied  { write } for  pid=4427 comm="syz.1.1628" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  130.554365][ T4430] SELinux: security_context_str_to_sid (syte��) failed with errno=-22
[  130.559404][ T1160] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  130.576904][ T1160] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  130.584179][ T4432] fuse: Bad value for 'fd'
[  130.591390][ T1160] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  130.603633][ T1160] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  130.611841][ T1160] usb 3-1: SerialNumber: syz
[  130.625848][ T1160] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  130.630525][ T4437] FAULT_INJECTION: forcing a failure.
[  130.630525][ T4437] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.647159][ T4437] CPU: 1 UID: 0 PID: 4437 Comm: syz.1.1632 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  130.647190][ T4437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  130.647201][ T4437] Call Trace:
[  130.647208][ T4437]  <TASK>
[  130.647214][ T4437]  __dump_stack+0x21/0x30
[  130.647230][ T4437]  dump_stack_lvl+0x10c/0x190
[  130.647241][ T4437]  ? __cfi_dump_stack_lvl+0x10/0x10
[  130.647252][ T4437]  ? _parse_integer_limit+0x195/0x1e0
[  130.647264][ T4437]  dump_stack+0x19/0x20
[  130.647274][ T4437]  should_fail_ex+0x3d9/0x530
[  130.647285][ T4437]  should_fail+0xf/0x20
[  130.647294][ T4437]  should_fail_usercopy+0x1e/0x30
[  130.647304][ T4437]  _copy_from_user+0x22/0xb0
[  130.647317][ T4437]  kstrtouint_from_user+0xc2/0x150
[  130.647327][ T4437]  ? __cfi_kstrtouint_from_user+0x10/0x10
[  130.647338][ T4437]  proc_coredump_filter_write+0x9b/0x290
[  130.647349][ T4437]  ? __kasan_check_write+0x18/0x20
[  130.647360][ T4437]  ? __cfi_proc_coredump_filter_write+0x10/0x10
[  130.647370][ T4437]  ? bpf_lsm_file_permission+0xd/0x20
[  130.647382][ T4437]  ? __cfi_proc_coredump_filter_write+0x10/0x10
[  130.647394][ T4437]  vfs_write+0x3c0/0xe80
[  130.647405][ T4437]  ? __cfi_vfs_write+0x10/0x10
[  130.647415][ T4437]  ? __kasan_check_write+0x18/0x20
[  130.647424][ T4437]  ? mutex_lock+0x92/0x1c0
[  130.647434][ T4437]  ? __cfi_mutex_lock+0x10/0x10
[  130.647443][ T4437]  ? __fget_files+0x2c5/0x340
[  130.647456][ T4437]  ksys_write+0x141/0x250
[  130.647467][ T4437]  ? __cfi_ksys_write+0x10/0x10
[  130.647478][ T4437]  ? __kasan_check_read+0x15/0x20
[  130.647488][ T4437]  __x64_sys_write+0x7f/0x90
[  130.647499][ T4437]  x64_sys_call+0x271c/0x2ee0
[  130.647511][ T4437]  do_syscall_64+0x58/0xf0
[  130.647523][ T4437]  ? clear_bhb_loop+0x35/0x90
[  130.647537][ T4437]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  130.647550][ T4437] RIP: 0033:0x7f3b4338e929
[  130.647560][ T4437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.647568][ T4437] RSP: 002b:00007f3b4418a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  130.647580][ T4437] RAX: ffffffffffffffda RBX: 00007f3b435b5fa0 RCX: 00007f3b4338e929
[  130.647588][ T4437] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  130.647594][ T4437] RBP: 00007f3b4418a090 R08: 0000000000000000 R09: 0000000000000000
[  130.647601][ T4437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.647607][ T4437] R13: 0000000000000000 R14: 00007f3b435b5fa0 R15: 00007ffcb0b08be8
[  130.647615][ T4437]  </TASK>
[  130.837741][ T1160] usb 3-1: USB disconnect, device number 16
[  130.860546][ T4439] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  130.947167][ T4439] rust_binder: Error while translating object.
[  130.953754][ T4439] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  130.959955][ T4439] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:759
[  130.985091][ T4446] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:951
[  131.014460][ T4451] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1638'.
[  131.044066][ T4453] fuse: Bad value for 'fd'
[  131.113556][   T36] audit: type=1400 audit(1750521953.737:624): avc:  denied  { getopt } for  pid=4467 comm="syz.0.1646" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  131.197802][ T4475] rust_binder: Write failure EFAULT in pid:965
[  131.299973][ T4477] fuse: Bad value for 'fd'
[  131.388895][ T4495] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  131.404230][   T36] audit: type=1326 audit(1750521954.027:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4498 comm="syz.1.1658" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b4338e929 code=0x0
[  131.414191][ T4497] netlink: 'syz.2.1657': attribute type 4 has an invalid length.
[  131.644958][   T36] audit: type=1326 audit(1750521954.267:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4503 comm="syz.2.1660" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7ea958e929 code=0x0
[  132.208158][ T4526] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1667'.
[  132.217769][   T36] audit: type=1400 audit(1750521954.837:627): avc:  denied  { create } for  pid=4525 comm="syz.4.1667" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  132.243471][ T4527] rust_binder: Write failure EFAULT in pid:979
[  132.381395][ T4543] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  132.589171][  T392] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  132.739175][  T392] usb 3-1: Using ep0 maxpacket: 32
[  132.745287][  T392] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  132.753399][  T392] usb 3-1: config 0 has no interface number 0
[  132.760832][  T392] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  132.769947][  T392] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.777943][  T392] usb 3-1: Product: syz
[  132.782121][  T392] usb 3-1: Manufacturer: syz
[  132.786712][  T392] usb 3-1: SerialNumber: syz
[  132.791944][  T392] usb 3-1: config 0 descriptor??
[  132.797593][  T392] smsc95xx v2.0.0
[  133.046047][   T36] audit: type=1326 audit(1750521955.667:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4546 comm="syz.0.1675" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa67338e929 code=0x0
[  133.145017][   T31] hid (null): bogus close delimiter
[  133.150954][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.158706][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.166497][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.174446][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.181218][   T36] audit: type=1326 audit(1750521955.807:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4549 comm="syz.1.1676" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b4338e929 code=0x0
[  133.182595][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.212832][  T392] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  133.223558][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.231314][  T392] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  133.240383][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.248108][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.256049][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.263912][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.271658][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.279477][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.287236][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.295001][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.302750][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.310509][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.318246][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.326001][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.333764][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.341549][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.349316][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.357043][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.364804][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.372567][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.380317][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.388056][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.395809][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.403556][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.411314][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.419070][  T392] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  133.429830][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.437602][  T392] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71
[  133.445791][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.454432][  T392] usb 3-1: USB disconnect, device number 17
[  133.460406][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.468138][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.476448][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.484871][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.492623][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.500369][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.508082][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.515828][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.523629][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.531397][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.539172][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.546894][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.554630][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.562455][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.570249][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.577974][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.585722][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.593465][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.601513][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.609267][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.616982][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.624723][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.632459][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.640407][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.648130][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.655890][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.663644][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.671381][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.679099][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.686855][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.694593][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.702323][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.710070][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.717977][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.725741][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.733614][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.741549][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.749294][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.757005][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.764755][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.772500][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.780246][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.787975][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.795732][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.803477][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.811220][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.818942][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.826680][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.834420][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.842161][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.849911][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.857635][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.865374][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.873121][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.880859][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.888578][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.896352][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.904271][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.912009][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.919764][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.927531][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.929565][ T4555] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  133.935445][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.949792][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.957541][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.965402][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.973395][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.981265][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.989219][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  133.997166][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.005093][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.012870][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.020767][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.028635][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.036462][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.044237][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.051960][ T4563] rust_binder: Write failure EINVAL in pid:109
[  134.052305][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.066960][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.074867][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.074980][   T36] audit: type=1326 audit(1750521956.687:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4566 comm="syz.2.1683" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7ea958e929 code=0x0
[  134.082727][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.113358][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.121438][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.128374][   T36] audit: type=1400 audit(1750521956.747:631): avc:  denied  { mount } for  pid=4566 comm="syz.2.1683" name="/" dev="ramfs" ino=35739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  134.129495][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.159580][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.167330][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.175082][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.182869][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.190629][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.198349][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.206137][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.213920][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.221682][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.229426][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.237137][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.244907][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.252675][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.260437][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.268163][   T31] hid-generic 0008:0000:FFFFFBFF.000E: unknown main item tag 0x0
[  134.275908][   T31] hid-generic 0008:0000:FFFFFBFF.000E: bogus close delimiter
[  134.283339][   T31] hid-generic 0008:0000:FFFFFBFF.000E: item 0 2 2 10 parsing failed
[  134.291668][   T31] hid-generic 0008:0000:FFFFFBFF.000E: probe with driver hid-generic failed with error -22
[  134.300775][ T4572] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  134.418397][   T36] audit: type=1326 audit(1750521957.037:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4579 comm="syz.2.1688" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7ea958e929 code=0x0
[  134.549178][   T36] audit: type=1107 audit(1750521957.167:633): pid=4583 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='A'
[  134.562521][ T4584] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[  134.569911][ T4584] rust_binder: Write failure EINVAL in pid:809
[  134.667671][ T4592] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  134.761983][   T36] audit: type=1400 audit(1750521957.387:634): avc:  denied  { audit_read } for  pid=4602 comm="syz.1.1697" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  134.928593][ T4609] rust_binder: Error in use_page_slow: ESRCH
[  134.928610][ T4609] rust_binder: use_range failure ESRCH
[  134.934665][ T4609] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  134.940202][ T4609] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  134.948288][ T4609] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:834
[  134.988224][ T4615] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  135.019168][ T4617] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  135.019576][ T4617] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:842
[  135.036662][ T4619] syzkaller0: entered allmulticast mode
[  135.055652][ T4619] 8021q: VLANs not supported on xfrm0
[  135.158623][ T4621] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  135.239752][   T36] audit: type=1326 audit(1750521957.867:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4575 comm="syz.0.1686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa67338e929 code=0x7fc00000
[  135.273142][   T36] audit: type=1400 audit(1750521957.897:636): avc:  denied  { read } for  pid=4620 comm="syz.1.1705" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  135.333355][ T4638] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  135.351437][ T4640] fuse: Bad value for 'user_id'
[  135.356298][ T4640] fuse: Bad value for 'user_id'
[  135.364527][ T4640] vlan0: mtu greater than device maximum
[  135.438883][ T4642] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1714'.
[  135.549171][   T31] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  135.699168][   T31] usb 1-1: Using ep0 maxpacket: 8
[  135.705283][   T31] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  135.715405][   T31] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  135.724296][   T31] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  135.738424][   T31] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  135.747482][   T31] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.755486][   T31] usb 1-1: Product: 孫锧њ므ꅡ蜧帗誝왟倝臈儊◀턋瞧ӧ帕鵻䖄賨㊡硄ェ쇇瑧枖璸諛塯뫓堏‡ᴋ뉪籦쐩꿹틗큀⿉䪺嬑漚⑒侦‼㻴≩歏﬿퐁憻䰻ࣦ凮웁涮嫄듖Ჳ୮㑊ᙟ仑䀵䈰邍撔ቨά폕跽ᬭ騿㿪♥앋蠩ꦔ
[  135.782003][   T31] usb 1-1: Manufacturer: ᐁ
[  135.786584][   T31] usb 1-1: SerialNumber: syz
[  135.996376][   T31] usb 1-1: 0:2 : does not exist
[  136.005942][   T31] usb 1-1: USB disconnect, device number 46
[  136.045288][ T4657] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  136.093224][ T4668] rust_binder: Failed to allocate buffer. len:160, is_oneway:false
[  136.206999][ T4670] rust_binder: validate_parent_fixup: fixup_min_offset=29, parent_offset=27
[  136.214943][ T4670] rust_binder: Error while translating object.
[  136.223668][ T4670] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  136.229845][ T4670] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:869
[  136.342696][ T4680] rust_binder: Error while translating object.
[  136.352052][ T4680] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  136.358216][ T4680] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:144
[  136.384022][ T4685] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  136.477425][ T4696] fuse: Bad value for 'rootmode'
[  136.522212][ T4704] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  136.548207][ T4706] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  136.548240][ T4706] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:999
[  136.649331][ T4717] fuse: Unknown parameter 'use00000000000000000000'
[  136.789227][  T314] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  136.929176][   T31] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  136.939171][  T314] usb 2-1: Using ep0 maxpacket: 16
[  136.945320][  T314] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  136.955482][  T314] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  136.968277][  T314] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  136.977443][  T314] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.985951][  T314] usb 2-1: config 0 descriptor??
[  137.079186][   T31] usb 1-1: Using ep0 maxpacket: 16
[  137.085423][   T31] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.096492][   T31] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  137.105628][   T31] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.114632][   T31] usb 1-1: config 0 descriptor??
[  137.193799][    C0] raw-gadget.2 gadget.1: ignoring, device is not running
[  137.201164][    C0] raw-gadget.2 gadget.1: ignoring, device is not running
[  137.208402][    C0] raw-gadget.2 gadget.1: ignoring, device is not running
[  137.215697][  T314] usb 2-1: string descriptor 0 read error: -71
[  137.222764][  T314] usb 2-1: USB disconnect, device number 46
[  137.523088][   T31] hid-generic 0003:04D8:00DD.000F: hidraw0: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[  137.724674][   T31] usb 1-1: USB disconnect, device number 47
[  137.762053][ T4736] FAULT_INJECTION: forcing a failure.
[  137.762053][ T4736] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.775132][ T4736] CPU: 0 UID: 0 PID: 4736 Comm: syz.1.1754 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  137.775159][ T4736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  137.775166][ T4736] Call Trace:
[  137.775171][ T4736]  <TASK>
[  137.775175][ T4736]  __dump_stack+0x21/0x30
[  137.775192][ T4736]  dump_stack_lvl+0x10c/0x190
[  137.775202][ T4736]  ? __cfi_dump_stack_lvl+0x10/0x10
[  137.775214][ T4736]  ? kstrtoull+0x13b/0x1e0
[  137.775224][ T4736]  dump_stack+0x19/0x20
[  137.775234][ T4736]  should_fail_ex+0x3d9/0x530
[  137.775245][ T4736]  should_fail+0xf/0x20
[  137.775254][ T4736]  should_fail_usercopy+0x1e/0x30
[  137.775265][ T4736]  _copy_from_user+0x22/0xb0
[  137.775277][ T4736]  ___sys_sendmsg+0x159/0x2a0
[  137.775299][ T4736]  ? __sys_sendmsg+0x280/0x280
[  137.775321][ T4736]  ? proc_fail_nth_write+0x17e/0x210
[  137.775337][ T4736]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  137.775350][ T4736]  __x64_sys_sendmsg+0x1eb/0x2c0
[  137.775358][ T4736]  ? fput+0x1a5/0x240
[  137.775372][ T4736]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  137.775381][ T4736]  ? ksys_write+0x1ef/0x250
[  137.775392][ T4736]  ? __kasan_check_read+0x15/0x20
[  137.775403][ T4736]  x64_sys_call+0x2a4c/0x2ee0
[  137.775415][ T4736]  do_syscall_64+0x58/0xf0
[  137.775427][ T4736]  ? clear_bhb_loop+0x35/0x90
[  137.775441][ T4736]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  137.775454][ T4736] RIP: 0033:0x7f3b4338e929
[  137.775463][ T4736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.775472][ T4736] RSP: 002b:00007f3b4418a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  137.775484][ T4736] RAX: ffffffffffffffda RBX: 00007f3b435b5fa0 RCX: 00007f3b4338e929
[  137.775491][ T4736] RDX: 0000000004004008 RSI: 0000200000000500 RDI: 0000000000000003
[  137.775498][ T4736] RBP: 00007f3b4418a090 R08: 0000000000000000 R09: 0000000000000000
[  137.775504][ T4736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.775510][ T4736] R13: 0000000000000000 R14: 00007f3b435b5fa0 R15: 00007ffcb0b08be8
[  137.775518][ T4736]  </TASK>
[  137.993646][ T4738] fuse: Unknown parameter 'use00000000000000000000'
[  138.020823][ T4742] fuse: Unknown parameter ''
[  138.263549][ T4756] fuse: Unknown parameter 'use00000000000000000000'
[  138.283413][   T31] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  138.440126][   T31] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  138.450413][   T31] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  138.464432][   T31] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  138.473507][   T31] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  138.481541][   T31] usb 2-1: SerialNumber: syz
[  138.487770][   T31] usb 2-1: bad CDC descriptors
[  138.619189][   T45] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  138.691366][ T4747] rust_binder: Write failure EINVAL in pid:910
[  138.769156][   T45] usb 1-1: Using ep0 maxpacket: 8
[  138.781441][   T45] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  138.789716][   T45] usb 1-1: config 179 has no interface number 0
[  138.796068][   T45] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  138.807148][   T45] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  138.818365][   T45] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  138.829506][   T45] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  138.840901][   T45] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  138.854204][   T45] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  138.863244][   T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.872121][ T4774] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  139.287752][   T45] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input17
[  139.341892][ T4778] rust_binder: Read failure Err(EFAULT) in pid:690
[  139.425716][ T4787] fuse: Bad value for 'group_id'
[  139.439191][ T4787] fuse: Bad value for 'group_id'
[  139.458534][ T4789] fuse: Unknown parameter 'user_i00000000000000000000'
[  139.490469][ T4774] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  139.501280][ T4774] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  139.714093][   T31] usb 1-1: USB disconnect, device number 48
[  139.720078][    C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  139.720116][    C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  139.758280][   T31] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  140.091020][ T4800] overlayfs: missing 'lowerdir'
[  140.121786][ T4806] FAULT_INJECTION: forcing a failure.
[  140.121786][ T4806] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.134928][ T4806] CPU: 0 UID: 0 PID: 4806 Comm: syz.2.1781 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  140.134957][ T4806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  140.134968][ T4806] Call Trace:
[  140.134975][ T4806]  <TASK>
[  140.134983][ T4806]  __dump_stack+0x21/0x30
[  140.135001][ T4806]  dump_stack_lvl+0x10c/0x190
[  140.135012][ T4806]  ? __cfi_dump_stack_lvl+0x10/0x10
[  140.135024][ T4806]  dump_stack+0x19/0x20
[  140.135034][ T4806]  should_fail_ex+0x3d9/0x530
[  140.135046][ T4806]  should_fail+0xf/0x20
[  140.135055][ T4806]  should_fail_usercopy+0x1e/0x30
[  140.135065][ T4806]  _copy_to_user+0x24/0xa0
[  140.135077][ T4806]  simple_read_from_buffer+0xed/0x160
[  140.135092][ T4806]  proc_fail_nth_read+0x19e/0x210
[  140.135102][ T4806]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  140.135111][ T4806]  ? bpf_lsm_file_permission+0xd/0x20
[  140.135122][ T4806]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  140.135131][ T4806]  vfs_read+0x278/0xb60
[  140.135142][ T4806]  ? ip_setsockopt+0xa7/0x100
[  140.135156][ T4806]  ? __cfi_vfs_read+0x10/0x10
[  140.135166][ T4806]  ? __kasan_check_write+0x18/0x20
[  140.135177][ T4806]  ? mutex_lock+0x92/0x1c0
[  140.135186][ T4806]  ? __cfi_mutex_lock+0x10/0x10
[  140.135194][ T4806]  ? __fget_files+0x2c5/0x340
[  140.135208][ T4806]  ksys_read+0x141/0x250
[  140.135218][ T4806]  ? __cfi_ksys_read+0x10/0x10
[  140.135228][ T4806]  ? __kasan_check_write+0x18/0x20
[  140.135238][ T4806]  ? __kasan_check_read+0x15/0x20
[  140.135248][ T4806]  __x64_sys_read+0x7f/0x90
[  140.135259][ T4806]  x64_sys_call+0x2638/0x2ee0
[  140.135271][ T4806]  do_syscall_64+0x58/0xf0
[  140.135282][ T4806]  ? clear_bhb_loop+0x35/0x90
[  140.135297][ T4806]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  140.135310][ T4806] RIP: 0033:0x7f7ea958d33c
[  140.135320][ T4806] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  140.135328][ T4806] RSP: 002b:00007f7ea7bf7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  140.135340][ T4806] RAX: ffffffffffffffda RBX: 00007f7ea97b5fa0 RCX: 00007f7ea958d33c
[  140.135348][ T4806] RDX: 000000000000000f RSI: 00007f7ea7bf70a0 RDI: 0000000000000004
[  140.135355][ T4806] RBP: 00007f7ea7bf7090 R08: 0000000000000000 R09: 0000000000000000
[  140.135361][ T4806] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  140.135368][ T4806] R13: 0000000000000000 R14: 00007f7ea97b5fa0 R15: 00007ffcd2374d68
[  140.135375][ T4806]  </TASK>
[  140.388276][ T4809] fuse: Unknown parameter 'user_i00000000000000000000'
[  140.432274][ T4821] fuse: Bad value for 'user_id'
[  140.437190][ T4821] fuse: Bad value for 'user_id'
[  140.445737][ T4821] vlan0: mtu greater than device maximum
[  140.563742][ T4829] input: syz0 as /devices/virtual/input/input18
[  140.639184][   T31] usb 1-1: new low-speed USB device number 49 using dummy_hcd
[  140.790159][   T31] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  140.799279][   T31] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.807804][   T31] usb 1-1: config 0 descriptor??
[  141.013534][   T31] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  141.023562][   T31] asix 1-1:0.0: probe with driver asix failed with error -61
[  141.130673][  T314] usb 2-1: USB disconnect, device number 47
[  141.147720][ T4834] fuse: Unknown parameter 'user_i00000000000000000000'
[  141.187203][   T36] kauditd_printk_skb: 6 callbacks suppressed
[  141.187218][   T36] audit: type=1400 audit(1750521963.807:643): avc:  denied  { map } for  pid=4838 comm="syz.1.1795" path="/dev/net/tun" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tun_tap_device_t tclass=chr_file permissive=1
[  141.217370][   T36] audit: type=1400 audit(1750521963.807:644): avc:  denied  { execute } for  pid=4838 comm="syz.1.1795" path="/dev/net/tun" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tun_tap_device_t tclass=chr_file permissive=1
[  141.589199][  T314] usb 2-1: new low-speed USB device number 48 using dummy_hcd
[  141.740150][  T314] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  141.749239][  T314] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.757720][  T314] usb 2-1: config 0 descriptor??
[  142.364944][ T4845] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1797'.
[  142.374356][  T314] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  142.384331][  T314] asix 2-1:0.0: probe with driver asix failed with error -32
[  142.399214][   T45] usb 3-1: new low-speed USB device number 19 using dummy_hcd
[  142.550194][   T45] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  142.559340][   T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.567781][   T45] usb 3-1: config 0 descriptor??
[  142.773920][   T36] audit: type=1400 audit(1750521965.397:645): avc:  denied  { setopt } for  pid=4863 comm="syz.2.1805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  143.195456][   T45] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  143.205536][   T45] asix 3-1:0.0: probe with driver asix failed with error -61
[  143.397821][  T314] usb 1-1: USB disconnect, device number 49
[  143.490945][ T4875] x_tables: duplicate underflow at hook 1
[  143.849175][  T314] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  143.999166][  T314] usb 1-1: Using ep0 maxpacket: 32
[  144.005342][  T314] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  144.013661][  T314] usb 1-1: config 0 has no interface number 0
[  144.019770][  T314] usb 1-1: config 0 interface 184 has no altsetting 0
[  144.027813][  T314] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  144.036882][  T314] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.044886][  T314] usb 1-1: Product: syz
[  144.049037][  T314] usb 1-1: Manufacturer: syz
[  144.053640][  T314] usb 1-1: SerialNumber: syz
[  144.058758][  T314] usb 1-1: config 0 descriptor??
[  144.064406][  T314] smsc75xx v1.0.0
[  144.068108][  T314] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  144.078279][  T314] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -22
[  144.279735][   T45] usb 2-1: USB disconnect, device number 48
[  144.288149][   T36] audit: type=1400 audit(1750521966.907:646): avc:  denied  { map } for  pid=4887 comm="syz.1.1814" path="socket:[39433]" dev="sockfs" ino=39433 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  144.311264][   T36] audit: type=1400 audit(1750521966.907:647): avc:  denied  { read } for  pid=4887 comm="syz.1.1814" path="socket:[39433]" dev="sockfs" ino=39433 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  145.119178][   T45] usb 2-1: new low-speed USB device number 49 using dummy_hcd
[  145.164961][  T314] usb 3-1: USB disconnect, device number 19
[  145.178005][ T4895] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  145.178027][ T4895] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:223
[  145.188384][ T4896] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  145.215909][ T4902] overlayfs: missing 'lowerdir'
[  145.270131][   T45] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  145.279231][   T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.287972][   T45] usb 2-1: config 0 descriptor??
[  145.494167][   T45] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  145.504209][   T45] asix 2-1:0.0: probe with driver asix failed with error -61
[  145.909163][   T45] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  146.059164][   T45] usb 3-1: Using ep0 maxpacket: 8
[  146.065869][   T45] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  146.076014][   T45] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  146.086253][   T45] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  146.095337][   T45] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.103374][   T45] usb 3-1: Product: 䱘烈⑾뎱㵃䇆㑚룱䉔䐭諪뜥㼱栬Īჱ決뭟곑쪅ꕽ곞푟雳磎늶ﬞ‿䅹悏䱏桤黷抌⸳ᡃ㤭呃归㣓첀흒넮⮎媼峽 眂ᑵ藀랚ݭ쯣쪊⸕㶈㓉飲荪䛗級鉴씨烨ﱳꎮ滣䘽嶭ᓅ펧䯘㞟筵阶螠뿤寀訅鋑⧏纠럴탥蔢ᓓꗥⱔ糟妦녶念坕᳼⩋驯೥ᅡ靝㩩▧漱⍏귙슥㠸諂犈ﱡ
[  146.139136][   T45] usb 3-1: Manufacturer: Ж
[  146.143704][   T45] usb 3-1: SerialNumber: ࠇ
[  146.533868][  T352] usb 1-1: USB disconnect, device number 50
[  146.547971][ T4928] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  146.558915][ T4928] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  146.604420][   T45] usb 3-1: 0:2 : does not exist
[  146.613601][ T4936] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:718
[  146.627042][   T45] usb 3-1: USB disconnect, device number 20
[  146.690645][   T36] audit: type=1400 audit(1750521969.317:648): avc:  denied  { create } for  pid=4941 comm="syz.4.1835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  146.770810][ T4946] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  146.779570][ T4946] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  146.799940][  T334] udevd[334]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  147.578617][ T4967] veth0_vlan: mtu less than device minimum
[  147.585171][   T60] tipc: Subscription rejected, illegal request
[  147.611218][ T4969] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  147.620084][ T4969] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  147.649178][ T4971] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1847'.
[  147.668934][ T4974] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.711225][ T4977] FAULT_INJECTION: forcing a failure.
[  147.711225][ T4977] name failslab, interval 1, probability 0, space 0, times 0
[  147.730909][ T4977] CPU: 1 UID: 0 PID: 4977 Comm: syz.0.1850 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  147.730941][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  147.730951][ T4977] Call Trace:
[  147.730958][ T4977]  <TASK>
[  147.730965][ T4977]  __dump_stack+0x21/0x30
[  147.730996][ T4977]  dump_stack_lvl+0x10c/0x190
[  147.731015][ T4977]  ? __cfi_dump_stack_lvl+0x10/0x10
[  147.731035][ T4977]  dump_stack+0x19/0x20
[  147.731053][ T4977]  should_fail_ex+0x3d9/0x530
[  147.731076][ T4977]  should_failslab+0xac/0x100
[  147.731107][ T4977]  __kmalloc_node_noprof+0x6c/0x450
[  147.731127][ T4977]  ? __vmalloc_node_range_noprof+0x544/0x1420
[  147.731145][ T4977]  __vmalloc_node_range_noprof+0x544/0x1420
[  147.731166][ T4977]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[  147.731185][ T4977]  ? kasan_save_alloc_info+0x40/0x50
[  147.731202][ T4977]  ? arch_dup_task_struct+0x5b/0xe0
[  147.731222][ T4977]  ? __asan_memcpy+0x5a/0x80
[  147.731240][ T4977]  dup_task_struct+0x5bd/0xc50
[  147.731256][ T4977]  ? copy_process+0x538/0x3220
[  147.731272][ T4977]  ? _raw_spin_lock_irq+0x8d/0x120
[  147.731293][ T4977]  ? copy_process+0x3220/0x3220
[  147.731309][ T4977]  ? __kasan_check_write+0x18/0x20
[  147.731328][ T4977]  copy_process+0x538/0x3220
[  147.731345][ T4977]  ? __cfi_copy_process+0x10/0x10
[  147.731368][ T4977]  ? __kasan_check_write+0x18/0x20
[  147.731386][ T4977]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  147.731410][ T4977]  vhost_task_create+0x1d6/0x350
[  147.731432][ T4977]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  147.731456][ T4977]  ? __cfi_vhost_task_create+0x10/0x10
[  147.731478][ T4977]  ? __cfi_vhost_task_fn+0x10/0x10
[  147.731499][ T4977]  ? __kasan_check_write+0x18/0x20
[  147.731517][ T4977]  ? mutex_lock+0x92/0x1c0
[  147.731532][ T4977]  ? __cfi_mutex_lock+0x10/0x10
[  147.731548][ T4977]  ? kernel_text_address+0xa9/0xe0
[  147.731565][ T4977]  kvm_mmu_post_init_vm+0x1a6/0x310
[  147.731585][ T4977]  kvm_arch_vcpu_ioctl_run+0xd7/0x1aa0
[  147.731604][ T4977]  ? _parse_integer_limit+0x195/0x1e0
[  147.731623][ T4977]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  147.731641][ T4977]  ? kstrtoull+0x13b/0x1e0
[  147.731657][ T4977]  ? kstrtouint+0x78/0xf0
[  147.731674][ T4977]  ? ioctl_has_perm+0x1aa/0x4d0
[  147.731696][ T4977]  ? __asan_memcpy+0x5a/0x80
[  147.731714][ T4977]  ? ioctl_has_perm+0x3e0/0x4d0
[  147.731736][ T4977]  ? has_cap_mac_admin+0xd0/0xd0
[  147.731758][ T4977]  ? __kasan_check_write+0x18/0x20
[  147.731775][ T4977]  ? mutex_lock_killable+0x92/0x1c0
[  147.731792][ T4977]  ? __cfi_mutex_lock_killable+0x10/0x10
[  147.731808][ T4977]  ? proc_fail_nth_write+0x17e/0x210
[  147.731826][ T4977]  kvm_vcpu_ioctl+0x96f/0xee0
[  147.731848][ T4977]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  147.731869][ T4977]  ? __cfi_vfs_write+0x10/0x10
[  147.731887][ T4977]  ? __kasan_check_write+0x18/0x20
[  147.731905][ T4977]  ? mutex_unlock+0x8b/0x240
[  147.731921][ T4977]  ? __cfi_mutex_unlock+0x10/0x10
[  147.731937][ T4977]  ? __fget_files+0x2c5/0x340
[  147.731959][ T4977]  ? __fget_files+0x2c5/0x340
[  147.731980][ T4977]  ? bpf_lsm_file_ioctl+0xd/0x20
[  147.731998][ T4977]  ? security_file_ioctl+0x34/0xd0
[  147.732019][ T4977]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  147.732039][ T4977]  __se_sys_ioctl+0x132/0x1b0
[  147.732061][ T4977]  __x64_sys_ioctl+0x7f/0xa0
[  147.732083][ T4977]  x64_sys_call+0x1878/0x2ee0
[  147.732111][ T4977]  do_syscall_64+0x58/0xf0
[  147.732131][ T4977]  ? clear_bhb_loop+0x35/0x90
[  147.732155][ T4977]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  147.732176][ T4977] RIP: 0033:0x7fa67338e929
[  147.732191][ T4977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.732205][ T4977] RSP: 002b:00007fa674188038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  147.732224][ T4977] RAX: ffffffffffffffda RBX: 00007fa6735b5fa0 RCX: 00007fa67338e929
[  147.732237][ T4977] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  147.732248][ T4977] RBP: 00007fa674188090 R08: 0000000000000000 R09: 0000000000000000
[  147.732259][ T4977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.732270][ T4977] R13: 0000000000000000 R14: 00007fa6735b5fa0 R15: 00007ffc4f4cea48
[  147.732285][ T4977]  </TASK>
[  147.732386][ T4977] syz.0.1850: vmalloc error: size 32768, failed to allocated page array size 64, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null)
[  147.732411][ T4978] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:260
[  147.890843][  T314] usb 2-1: USB disconnect, device number 49
[  147.901175][ T4977] ,cpuset=
[  148.038857][ T4982] syzkaller0: entered allmulticast mode
[  148.042599][ T4977] syz0,mems_allowed=0
[  148.061787][   T36] audit: type=1400 audit(1750521970.677:649): avc:  denied  { accept } for  pid=4981 comm="syz.1.1852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  148.065663][ T4977] 
[  148.211360][ T4977] CPU: 0 UID: 0 PID: 4977 Comm: syz.0.1850 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  148.211387][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  148.211398][ T4977] Call Trace:
[  148.211404][ T4977]  <TASK>
[  148.211411][ T4977]  __dump_stack+0x21/0x30
[  148.211435][ T4977]  dump_stack_lvl+0x10c/0x190
[  148.211453][ T4977]  ? __cfi_dump_stack_lvl+0x10/0x10
[  148.211469][ T4977]  dump_stack+0x19/0x20
[  148.211479][ T4977]  warn_alloc+0x1bc/0x2a0
[  148.211490][ T4977]  ? __cfi_warn_alloc+0x10/0x10
[  148.211499][ T4977]  ? __kasan_kmalloc+0x28/0xb0
[  148.211512][ T4977]  ? __kmalloc_node_noprof+0x1b1/0x450
[  148.211525][ T4977]  ? __vmalloc_node_range_noprof+0x544/0x1420
[  148.211535][ T4977]  __vmalloc_node_range_noprof+0x68e/0x1420
[  148.211547][ T4977]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[  148.211558][ T4977]  ? kasan_save_alloc_info+0x40/0x50
[  148.211567][ T4977]  ? arch_dup_task_struct+0x5b/0xe0
[  148.211579][ T4977]  ? __asan_memcpy+0x5a/0x80
[  148.211590][ T4977]  dup_task_struct+0x5bd/0xc50
[  148.211599][ T4977]  ? copy_process+0x538/0x3220
[  148.211607][ T4977]  ? _raw_spin_lock_irq+0x8d/0x120
[  148.211621][ T4977]  ? copy_process+0x3220/0x3220
[  148.211629][ T4977]  ? __kasan_check_write+0x18/0x20
[  148.211640][ T4977]  copy_process+0x538/0x3220
[  148.211650][ T4977]  ? __cfi_copy_process+0x10/0x10
[  148.211665][ T4977]  ? __kasan_check_write+0x18/0x20
[  148.211675][ T4977]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  148.211690][ T4977]  vhost_task_create+0x1d6/0x350
[  148.211704][ T4977]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  148.211718][ T4977]  ? __cfi_vhost_task_create+0x10/0x10
[  148.211730][ T4977]  ? __cfi_vhost_task_fn+0x10/0x10
[  148.211743][ T4977]  ? __kasan_check_write+0x18/0x20
[  148.211752][ T4977]  ? mutex_lock+0x92/0x1c0
[  148.211761][ T4977]  ? __cfi_mutex_lock+0x10/0x10
[  148.211770][ T4977]  ? kernel_text_address+0xa9/0xe0
[  148.211781][ T4977]  kvm_mmu_post_init_vm+0x1a6/0x310
[  148.211792][ T4977]  kvm_arch_vcpu_ioctl_run+0xd7/0x1aa0
[  148.211804][ T4977]  ? _parse_integer_limit+0x195/0x1e0
[  148.211815][ T4977]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  148.211825][ T4977]  ? kstrtoull+0x13b/0x1e0
[  148.211834][ T4977]  ? kstrtouint+0x78/0xf0
[  148.211844][ T4977]  ? ioctl_has_perm+0x1aa/0x4d0
[  148.211857][ T4977]  ? __asan_memcpy+0x5a/0x80
[  148.211867][ T4977]  ? ioctl_has_perm+0x3e0/0x4d0
[  148.211879][ T4977]  ? has_cap_mac_admin+0xd0/0xd0
[  148.211892][ T4977]  ? __kasan_check_write+0x18/0x20
[  148.211901][ T4977]  ? mutex_lock_killable+0x92/0x1c0
[  148.211911][ T4977]  ? __cfi_mutex_lock_killable+0x10/0x10
[  148.211920][ T4977]  ? proc_fail_nth_write+0x17e/0x210
[  148.211930][ T4977]  kvm_vcpu_ioctl+0x96f/0xee0
[  148.211943][ T4977]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  148.211955][ T4977]  ? __cfi_vfs_write+0x10/0x10
[  148.211965][ T4977]  ? __kasan_check_write+0x18/0x20
[  148.211975][ T4977]  ? mutex_unlock+0x8b/0x240
[  148.211984][ T4977]  ? __cfi_mutex_unlock+0x10/0x10
[  148.211993][ T4977]  ? __fget_files+0x2c5/0x340
[  148.212005][ T4977]  ? __fget_files+0x2c5/0x340
[  148.212017][ T4977]  ? bpf_lsm_file_ioctl+0xd/0x20
[  148.212028][ T4977]  ? security_file_ioctl+0x34/0xd0
[  148.212041][ T4977]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  148.212053][ T4977]  __se_sys_ioctl+0x132/0x1b0
[  148.212065][ T4977]  __x64_sys_ioctl+0x7f/0xa0
[  148.212077][ T4977]  x64_sys_call+0x1878/0x2ee0
[  148.212089][ T4977]  do_syscall_64+0x58/0xf0
[  148.212101][ T4977]  ? clear_bhb_loop+0x35/0x90
[  148.212116][ T4977]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  148.212129][ T4977] RIP: 0033:0x7fa67338e929
[  148.212138][ T4977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.212146][ T4977] RSP: 002b:00007fa674188038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  148.212158][ T4977] RAX: ffffffffffffffda RBX: 00007fa6735b5fa0 RCX: 00007fa67338e929
[  148.212166][ T4977] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  148.212172][ T4977] RBP: 00007fa674188090 R08: 0000000000000000 R09: 0000000000000000
[  148.212179][ T4977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.212185][ T4977] R13: 0000000000000000 R14: 00007fa6735b5fa0 R15: 00007ffc4f4cea48
[  148.212193][ T4977]  </TASK>
[  148.629915][ T4977] Mem-Info:
[  148.633309][ T4977] active_anon:27612 inactive_anon:14 isolated_anon:0
[  148.633309][ T4977]  active_file:14574 inactive_file:12477 isolated_file:0
[  148.633309][ T4977]  unevictable:0 dirty:185 writeback:0
[  148.633309][ T4977]  slab_reclaimable:5375 slab_unreclaimable:72987
[  148.633309][ T4977]  mapped:25063 shmem:20602 pagetables:1114
[  148.633309][ T4977]  sec_pagetables:0 bounce:0
[  148.633309][ T4977]  kernel_misc_reclaimable:0
[  148.633309][ T4977]  free:1488452 free_pcp:9640 free_cma:0
[  148.678750][ T4977] Node 0 active_anon:110348kB inactive_anon:56kB active_file:58296kB inactive_file:49908kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:100252kB dirty:740kB writeback:0kB shmem:82408kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4908kB pagetables:4456kB sec_pagetables:0kB all_unreclaimable? no
[  148.712098][ T4977] DMA32 free:2960212kB boost:0kB min:19088kB low:23860kB high:28632kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2966004kB mlocked:0kB bounce:0kB free_pcp:5792kB local_pcp:64kB free_cma:0kB
[  148.741920][ T4977] lowmem_reserve[]: 0 3921 3921
[  148.746816][ T4977] Normal free:2995676kB boost:0kB min:25964kB low:32452kB high:38940kB reserved_highatomic:0KB free_highatomic:0KB active_anon:110440kB inactive_anon:56kB active_file:58296kB inactive_file:49908kB unevictable:0kB writepending:740kB present:5242880kB managed:4016120kB mlocked:0kB bounce:0kB free_pcp:31092kB local_pcp:29884kB free_cma:0kB
[  148.778572][ T4977] lowmem_reserve[]: 0 0 0
[  148.782947][ T4977] DMA32: 5*4kB (M) 2*8kB (M) 3*16kB (M) 4*32kB (M) 4*64kB (M) 3*128kB (M) 4*256kB (M) 4*512kB (M) 5*1024kB (UM) 5*2048kB (M) 718*4096kB (M) = 2960212kB
[  148.798460][ T4977] Normal: 127*4kB (UME) 290*8kB (UME) 313*16kB (UME) 326*32kB (UME) 228*64kB (UME) 61*128kB (UME) 37*256kB (UME) 25*512kB (UME) 6*1024kB (UE) 7*2048kB (UME) 711*4096kB (M) = 2995676kB
[  148.816732][ T4977] 47666 total pagecache pages
[  148.821559][ T4977] 17 pages in swap cache
[  148.825857][ T4977] Free swap  = 124396kB
[  148.830182][ T4977] Total swap = 124996kB
[  148.834337][ T4977] 2097051 pages RAM
[  148.838151][ T4977] 0 pages HighMem/MovableOnly
[  148.851490][ T4977] 351520 pages reserved
[  148.855678][ T4977] 0 pages cma reserved
[  148.861491][ T4977] Memory allocations:
[  148.865540][ T4977]          0 B        0 init/main.c:1370 func:do_initcalls
[  148.872820][ T4977]          0 B        0 init/do_mounts.c:186 func:mount_root_generic
[  148.880948][ T4977]          0 B        0 init/do_mounts.c:158 func:do_mount_root
[  148.888644][   T36] audit: type=1400 audit(1750521971.517:650): avc:  denied  { execute } for  pid=4991 comm="syz.1.1855" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  148.911910][ T4977]          0 B        0 init/do_mounts.c:352 func:mount_nodev_root
[  148.919835][ T4977]          0 B        0 init/do_mounts_rd.c:241 func:rd_load_image
[  148.927785][ T4977]          0 B        0 init/do_mounts_rd.c:72 func:identify_ramdisk_image
[  148.936425][ T4977]          0 B        0 init/initramfs.c:507 func:unpack_to_rootfs
[  148.944433][ T4977]          0 B        0 init/initramfs.c:508 func:unpack_to_rootfs
[  148.953815][ T4977]          0 B        0 init/initramfs.c:509 func:unpack_to_rootfs
[  148.962502][ T4977]          0 B        0 init/initramfs.c:101 func:find_link
[  148.988202][ T4995] overlayfs: missing 'lowerdir'
[  148.994381][ T4997] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1857'.
[  149.050846][ T5005] rust_binder: Write failure EFAULT in pid:949
[  149.078977][   T36] audit: type=1400 audit(1750521971.697:651): avc:  denied  { mount } for  pid=5008 comm="syz.0.1863" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  149.106857][   T36] audit: type=1400 audit(1750521971.717:652): avc:  denied  { unmount } for  pid=294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  149.168944][ T5017] overlayfs: missing 'lowerdir'
[  149.213887][ T5022] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1868'.
[  149.259170][  T352] usb 3-1: new low-speed USB device number 21 using dummy_hcd
[  149.420292][  T352] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  149.435269][  T352] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.446170][  T352] usb 3-1: config 0 descriptor??
[  149.652210][  T352] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  149.662630][  T352] asix 3-1:0.0: probe with driver asix failed with error -61
[  149.913589][ T5042] overlayfs: missing 'lowerdir'
[  149.934435][ T5046] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1877'.
[  150.242066][ T5065] overlayfs: missing 'workdir'
[  150.266222][ T5069] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.266370][ T5070] rust_binder: Error while translating object.
[  150.272912][ T5070] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  150.279098][ T5070] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:752
[  150.297461][ T5073] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1888'.
[  150.650310][ T5092] Restarting kernel threads ... done.
[  150.656178][ T5092] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  150.656192][ T5092] rust_binder: Error while translating object.
[  150.664867][ T5092] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  150.671138][ T5092] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1111
[  150.788077][ T5095] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1897'.
[  150.815130][ T5097] netlink: 304 bytes leftover after parsing attributes in process `syz.0.1898'.
[  150.853784][ T5099] FAULT_INJECTION: forcing a failure.
[  150.853784][ T5099] name failslab, interval 1, probability 0, space 0, times 0
[  150.866777][ T5099] CPU: 1 UID: 0 PID: 5099 Comm: syz.1.1899 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  150.866805][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  150.866816][ T5099] Call Trace:
[  150.866823][ T5099]  <TASK>
[  150.866829][ T5099]  __dump_stack+0x21/0x30
[  150.866853][ T5099]  dump_stack_lvl+0x10c/0x190
[  150.866870][ T5099]  ? __cfi_dump_stack_lvl+0x10/0x10
[  150.866890][ T5099]  dump_stack+0x19/0x20
[  150.866907][ T5099]  should_fail_ex+0x3d9/0x530
[  150.866926][ T5099]  should_failslab+0xac/0x100
[  150.866948][ T5099]  __kmalloc_cache_node_noprof+0x46/0x3d0
[  150.866969][ T5099]  ? __get_vm_area_node+0x154/0x3a0
[  150.866985][ T5099]  ? kasan_save_track+0x3e/0x80
[  150.867007][ T5099]  __get_vm_area_node+0x154/0x3a0
[  150.867023][ T5099]  __vmalloc_node_range_noprof+0x33c/0x1420
[  150.867042][ T5099]  ? copy_process+0x538/0x3220
[  150.867062][ T5099]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[  150.867080][ T5099]  ? kasan_save_alloc_info+0x40/0x50
[  150.867098][ T5099]  ? arch_dup_task_struct+0x5b/0xe0
[  150.867117][ T5099]  ? __asan_memcpy+0x5a/0x80
[  150.867143][ T5099]  dup_task_struct+0x5bd/0xc50
[  150.867158][ T5099]  ? copy_process+0x538/0x3220
[  150.867173][ T5099]  ? _raw_spin_lock_irq+0x8d/0x120
[  150.867196][ T5099]  ? copy_process+0x3220/0x3220
[  150.867212][ T5099]  ? __kasan_check_write+0x18/0x20
[  150.867231][ T5099]  copy_process+0x538/0x3220
[  150.867249][ T5099]  ? __cfi_copy_process+0x10/0x10
[  150.867274][ T5099]  ? __kasan_check_write+0x18/0x20
[  150.867292][ T5099]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  150.867317][ T5099]  vhost_task_create+0x1d6/0x350
[  150.867338][ T5099]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  150.867363][ T5099]  ? __cfi_vhost_task_create+0x10/0x10
[  150.867386][ T5099]  ? __cfi_vhost_task_fn+0x10/0x10
[  150.867407][ T5099]  ? __kasan_check_write+0x18/0x20
[  150.867424][ T5099]  ? mutex_lock+0x92/0x1c0
[  150.867440][ T5099]  ? __cfi_mutex_lock+0x10/0x10
[  150.867456][ T5099]  ? kernel_text_address+0xa9/0xe0
[  150.867474][ T5099]  kvm_mmu_post_init_vm+0x1a6/0x310
[  150.867494][ T5099]  kvm_arch_vcpu_ioctl_run+0xd7/0x1aa0
[  150.867513][ T5099]  ? _parse_integer_limit+0x195/0x1e0
[  150.867532][ T5099]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  150.867549][ T5099]  ? kstrtoull+0x13b/0x1e0
[  150.867566][ T5099]  ? kstrtouint+0x78/0xf0
[  150.867583][ T5099]  ? ioctl_has_perm+0x1aa/0x4d0
[  150.867605][ T5099]  ? __asan_memcpy+0x5a/0x80
[  150.867624][ T5099]  ? ioctl_has_perm+0x3e0/0x4d0
[  150.867645][ T5099]  ? has_cap_mac_admin+0xd0/0xd0
[  150.867668][ T5099]  ? __kasan_check_write+0x18/0x20
[  150.867685][ T5099]  ? mutex_lock_killable+0x92/0x1c0
[  150.867702][ T5099]  ? __cfi_mutex_lock_killable+0x10/0x10
[  150.867723][ T5099]  ? proc_fail_nth_write+0x17e/0x210
[  150.867741][ T5099]  kvm_vcpu_ioctl+0x96f/0xee0
[  150.867763][ T5099]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  150.867785][ T5099]  ? __cfi_vfs_write+0x10/0x10
[  150.867804][ T5099]  ? __kasan_check_write+0x18/0x20
[  150.867822][ T5099]  ? mutex_unlock+0x8b/0x240
[  150.867837][ T5099]  ? __cfi_mutex_unlock+0x10/0x10
[  150.867853][ T5099]  ? __fget_files+0x2c5/0x340
[  150.867875][ T5099]  ? __fget_files+0x2c5/0x340
[  150.867896][ T5099]  ? bpf_lsm_file_ioctl+0xd/0x20
[  150.867914][ T5099]  ? security_file_ioctl+0x34/0xd0
[  150.867936][ T5099]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  150.867956][ T5099]  __se_sys_ioctl+0x132/0x1b0
[  150.867978][ T5099]  __x64_sys_ioctl+0x7f/0xa0
[  150.867998][ T5099]  x64_sys_call+0x1878/0x2ee0
[  150.868019][ T5099]  do_syscall_64+0x58/0xf0
[  150.868039][ T5099]  ? clear_bhb_loop+0x35/0x90
[  150.868064][ T5099]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  150.868087][ T5099] RIP: 0033:0x7f3b4338e929
[  150.868102][ T5099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.868117][ T5099] RSP: 002b:00007f3b4418a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  150.868142][ T5099] RAX: ffffffffffffffda RBX: 00007f3b435b5fa0 RCX: 00007f3b4338e929
[  150.868156][ T5099] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  150.868167][ T5099] RBP: 00007f3b4418a090 R08: 0000000000000000 R09: 0000000000000000
[  150.868180][ T5099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.868191][ T5099] R13: 0000000000000000 R14: 00007f3b435b5fa0 R15: 00007ffcb0b08be8
[  150.868205][ T5099]  </TASK>
[  150.872168][ T5101] rust_binder: Error while translating object.
[  151.296601][ T5101] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  151.308378][ T5101] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:1118
[  151.362154][ T5114] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1906'.
[  151.393766][   T36] audit: type=1400 audit(1750521974.017:653): avc:  denied  { create } for  pid=5116 comm="syz.1.1907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  151.592639][ T5125] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[  151.592662][ T5125] rust_binder: Error while translating object.
[  151.603482][ T5125] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  151.613474][ T5125] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:978
[  151.626025][ T5125] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  151.644326][ T5129] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  151.651541][ T5129] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[  151.651563][ T5129] rust_binder: Error while translating object.
[  151.662461][ T5129] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  151.671135][ T5129] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:978
[  151.755004][ T5148] 9pnet_virtio: no channels available for device syz
[  151.849255][   T45] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  152.000259][   T45] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1023
[  152.010373][   T45] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  152.024444][   T45] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  152.039055][   T31] usb 3-1: USB disconnect, device number 21
[  152.045322][   T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  152.059638][   T45] usb 1-1: SerialNumber: syz
[  152.065845][ T5127] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  152.080210][   T36] audit: type=1400 audit(1750521974.707:654): avc:  denied  { write } for  pid=5158 comm="syz.2.1923" path="socket:[41892]" dev="sockfs" ino=41892 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  152.190338][ T5165] binder: Unknown parameter 'd@�(`��x)ܨ�%��?�jir'
[  152.232724][ T1060] Bluetooth: hci1: Frame reassembly failed (-84)
[  152.279613][ T5171] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  152.281247][ T5127] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  152.286253][   T36] audit: type=1400 audit(1750521974.907:655): avc:  denied  { listen } for  pid=5170 comm="syz.2.1929" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  152.337990][ T5172] rust_binder: Write failure EINVAL in pid:280
[  152.632947][   T36] audit: type=1400 audit(1750521975.257:656): avc:  denied  { remount } for  pid=5173 comm="syz.4.1930" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  152.821110][   T45] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -71
[  152.830253][   T45] usb 1-1: USB disconnect, device number 51
[  153.038233][   T36] audit: type=1400 audit(1750521975.657:657): avc:  denied  { map } for  pid=5181 comm="syz.2.1933" path="socket:[40846]" dev="sockfs" ino=40846 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  153.062255][   T36] audit: type=1400 audit(1750521975.657:658): avc:  denied  { read } for  pid=5181 comm="syz.2.1933" path="socket:[40846]" dev="sockfs" ino=40846 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  154.020537][ T5200] binfmt_misc: register: failed to install interpreter file ./file0
[  154.099242][  T314] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  154.123534][ T5205] binder: Bad value for 'stats'
[  154.140869][   T36] audit: type=1400 audit(1750521976.767:659): avc:  denied  { ioctl } for  pid=5206 comm="syz.2.1943" path="socket:[42318]" dev="sockfs" ino=42318 ioctlcmd=0x550a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  154.210337][ T5209] rust_kernel: panicked at /syzkaller/managers/ci2-android-6-12-rust/kernel/rust/kernel/page_size_compat.rs:60:5:
[  154.210337][ T5209] attempt to add with overflow
[  154.227146][ T5209] ------------[ cut here ]------------
[  154.232661][ T5209] kernel BUG at rust/helpers/bug.c:7!
[  154.233928][   T36] audit: type=1400 audit(1750521976.857:660): avc:  denied  { read } for  pid=91 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  154.238362][ T5209] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[  154.260079][   T36] audit: type=1400 audit(1750521976.857:661): avc:  denied  { search } for  pid=91 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  154.266658][ T5209] CPU: 1 UID: 0 PID: 5209 Comm: syz.2.1944 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  154.288285][   T36] audit: type=1400 audit(1750521976.857:662): avc:  denied  { write } for  pid=91 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  154.301314][ T5209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  154.301330][ T5209] RIP: 0010:rust_helper_BUG+0x8/0x10
[  154.301364][ T5209] Code: cc cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 d2 f7 2f 24 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 <0f> 0b 66 0f 1f 44 00 00 b8 98 33 66 a8 90 90 90 90 90 90 90 90 90
[  154.322835][   T36] audit: type=1400 audit(1750521976.857:663): avc:  denied  { add_name } for  pid=91 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  154.332541][ T5209] RSP: 0018:ffffc9000825f3f0 EFLAGS: 00010246
[  154.332560][ T5209] RAX: 000000000000008c RBX: 1ffff9200104be80 RCX: 1343b623f3de7300
[  154.332573][ T5209] RDX: ffffc90009cb9000 RSI: 00000000000062f8 RDI: 00000000000062f9
[  154.332585][ T5209] RBP: ffffc9000825f3f0 R08: ffffc9000825f0e7 R09: 1ffff9200104be1c
[  154.332604][ T5209] R10: dffffc0000000000 R11: fffff5200104be1d R12: 0000000000000000
[  154.332617][ T5209] R13: dffffc0000000000 R14: ffffc9000825f420 R15: ffffc9000825f450
[  154.332631][ T5209] FS:  00007f7ea7bf76c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  154.332647][ T5209] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  154.338317][ T3121] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  154.357473][ T5209] CR2: 0000001b2e31fffc CR3: 000000012d6dc000 CR4: 00000000003526b0
[  154.357492][ T5209] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  154.357504][ T5209] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  154.357516][ T5209] Call Trace:
[  154.378146][ T1284] Bluetooth: hci1: command 0x1003 tx timeout
[  154.384086][ T5209]  <TASK>
[  154.384097][ T5209]  _RNvCscSpY9Juk0HT_7___rustc17rust_begin_unwind+0x15b/0x160
[  154.488668][ T5209]  ? __cfi__RNvCscSpY9Juk0HT_7___rustc17rust_begin_unwind+0x10/0x10
[  154.496653][ T5209]  ? kernel_text_address+0xa9/0xe0
[  154.501757][ T5209]  ? __cfi__RNvXs1b_NtCs9jEwPDbx20M_4core3fmtRNtNtNtB8_5panic10panic_info9PanicInfoNtB6_7Display3fmtCs43vyB533jt3_6kernel+0x10/0x10
[  154.515288][ T5209]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  154.521432][ T5209]  ? arch_stack_walk+0x10b/0x170
[  154.526356][ T5209]  _RNvNtCs9jEwPDbx20M_4core9panicking9panic_fmt+0x84/0x90
[  154.533549][ T5209]  ? __cfi__RNvNtCs9jEwPDbx20M_4core9panicking9panic_fmt+0x10/0x10
[  154.541437][ T5209]  _RNvNtNtCs9jEwPDbx20M_4core9panicking11panic_const24panic_const_add_overflow+0xb2/0xc0
[  154.551313][ T5209]  ? __cfi__RNvNtNtCs9jEwPDbx20M_4core9panicking11panic_const24panic_const_add_overflow+0x10/0x10
[  154.561885][ T5209]  _RNvXs1_CscPPBqWtAqum_11ashmem_rustNtB5_6AshmemNtNtCs43vyB533jt3_6kernel10miscdevice10MiscDevice4mmap+0xe44/0xfb0
[  154.574112][ T5209]  ? mas_wr_store_type+0x8eb/0x1ad0
[  154.579299][ T5209]  ? __cfi__RNvXs1_CscPPBqWtAqum_11ashmem_rustNtB5_6AshmemNtNtCs43vyB533jt3_6kernel10miscdevice10MiscDevice4mmap+0x10/0x10
[  154.592045][ T5209]  ? mas_preallocate+0x56e/0xc60
[  154.596969][ T5209]  ? __cfi_mas_preallocate+0x10/0x10
[  154.602238][ T5209]  ? kasan_save_alloc_info+0x40/0x50
[  154.607511][ T5209]  ? __asan_memset+0x39/0x50
[  154.612083][ T5209]  mmap_region+0x1371/0x1bd0
[  154.616662][ T5209]  ? __cfi_mmap_region+0x10/0x10
[  154.621582][ T5209]  ? __futex_queue+0x19a/0x340
[  154.626338][ T5209]  ? __kasan_check_read+0x15/0x20
[  154.631346][ T5209]  ? arch_get_unmapped_area_topdown+0x232/0x8d0
[  154.637575][ T5209]  ? file_mmap_ok+0x147/0x1a0
[  154.642234][ T5209]  do_mmap+0xb6d/0x13c0
[  154.646374][ T5209]  ? __cfi_do_mmap+0x10/0x10
[  154.650946][ T5209]  ? down_write_killable+0xe9/0x2d0
[  154.656134][ T5209]  ? __cfi_down_write_killable+0x10/0x10
[  154.661751][ T5209]  vm_mmap_pgoff+0x38f/0x4e0
[  154.666332][ T5209]  ? __cfi_vm_mmap_pgoff+0x10/0x10
[  154.671515][ T5209]  ? __fget_files+0x2c5/0x340
[  154.676186][ T5209]  ksys_mmap_pgoff+0x166/0x1e0
[  154.680935][ T5209]  __x64_sys_mmap+0x121/0x140
[  154.685602][ T5209]  x64_sys_call+0x13bf/0x2ee0
[  154.690272][ T5209]  do_syscall_64+0x58/0xf0
[  154.694679][ T5209]  ? clear_bhb_loop+0x35/0x90
[  154.699348][ T5209]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  154.705230][ T5209] RIP: 0033:0x7f7ea958e929
[  154.709636][ T5209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.729228][ T5209] RSP: 002b:00007f7ea7bf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  154.737631][ T5209] RAX: ffffffffffffffda RBX: 00007f7ea97b5fa0 RCX: 00007f7ea958e929
[  154.745600][ T5209] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000200000701000
[  154.753557][ T5209] RBP: 00007f7ea9610b39 R08: 0000000000000003 R09: 0000000000000000
[  154.761520][ T5209] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[  154.769476][ T5209] R13: 0000000000000000 R14: 00007f7ea97b5fa0 R15: 00007ffcd2374d68
[  154.777441][ T5209]  </TASK>
[  154.780442][ T5209] Modules linked in:
[  154.784498][ T5209] ---[ end trace 0000000000000000 ]---
[  154.790381][  T314] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  154.790619][ T5209] RIP: 0010:rust_helper_BUG+0x8/0x10
[  154.801105][  T314] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  154.805869][ T5209] Code: cc cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 d2 f7 2f 24 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 <0f> 0b 66 0f 1f 44 00 00 b8 98 33 66 a8 90 90 90 90 90 90 90 90 90
[  154.815413][  T314] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  154.834671][ T5209] RSP: 0018:ffffc9000825f3f0 EFLAGS: 00010246
[  154.843445][  T314] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  154.844474][ T5209] 
[  154.849915][  T314] usb 1-1: SerialNumber: syz
[  154.867933][ T5209] RAX: 000000000000008c RBX: 1ffff9200104be80 RCX: 1343b623f3de7300
[  154.876028][ T5209] RDX: ffffc90009cb9000 RSI: 00000000000062f8 RDI: 00000000000062f9
[  154.884059][ T5209] RBP: ffffc9000825f3f0 R08: ffffc9000825f0e7 R09: 1ffff9200104be1c
[  154.892058][ T5209] R10: dffffc0000000000 R11: fffff5200104be1d R12: 0000000000000000
[  154.900066][ T5209] R13: dffffc0000000000 R14: ffffc9000825f420 R15: ffffc9000825f450
[  154.908036][ T5209] FS:  00007f7ea7bf76c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  154.916983][ T5209] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  154.923589][ T5209] CR2: 00007f7ea7bf6f98 CR3: 000000012d6dc000 CR4: 00000000003526b0
[  154.931589][ T5209] DR0: 0000000000000007 DR1: 000000000000000b DR2: 0000000000000002
[  154.939584][ T5209] DR3: 0000000000000009 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  154.947551][ T5209] Kernel panic - not syncing: Fatal exception
[  154.953815][ T5209] Kernel Offset: disabled
[  154.958122][ T5209] Rebooting in 86400 seconds..