last executing test programs:

9m25.658065336s ago: executing program 32 (id=472):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="fc01000013000100000000000000000000000000000000000000000000000001fc0200000000000000000000003300014e24000d040000090a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="020000010000000000000000000000000000000000000000ffffffffffffffff00000000000000000300000000000000090000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000feffffff00000000000000000000000044010500e0000002000000000000000000000000000004d6320000000a000000ac1414aa000000000000000000000000053500000303030009000000b4000000070000007f000001000000000000000000000000000004d36c00000000000000fc0100000000000006000000000000000000000000000900010000000080000008000000ac1414aa000000000000000000000000000004d2330000000a000000ac1414bb0000000000000000ddffffff023500000002fa00070000000a00000002000000fe80000000000000000000000000000f000004d43c"], 0x1fc}, 0x1, 0x0, 0x0, 0x11}, 0x0)

9m12.326743896s ago: executing program 33 (id=905):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_timeval(r2, 0x1, 0x14, 0x0, &(0x7f00000004c0))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000000)={0x4}) (async)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000040)={0x4})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (async)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) (async)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8983, &(0x7f0000000180)={0x2, 'vlan0\x00', {0x1}, 0x2}) (async)
fspick(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000140)=@v1={0x0, @aes256, 0x0, @desc2}) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) (async)
r9 = timerfd_create(0x1, 0x80800) (async)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r12, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x611, 0x0, 0xfffffffffffffffe}]}) (async)
timerfd_gettime(r9, &(0x7f0000000000)) (async)
ioctl$KVM_SET_XCRS(r8, 0x4188aea7, &(0x7f0000000100)=ANY=[@ANYBLOB]) (async)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x20, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})

9m6.423120258s ago: executing program 34 (id=988):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x482001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in6=@private0, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@private}, 0x0, @in=@multicast1}}, &(0x7f0000000240)=0xe8)
stat(&(0x7f0000000280)='./cgroup\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
newfstatat(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x400)
fsetxattr$system_posix_acl(r1, &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f0000000400)={{}, {}, [{0x2, 0x3, r2}], {}, [{0x8, 0x3, r3}, {0x8, 0x0, r4}], {0x10, 0x3}, {0x20, 0x4}}, 0x3c, 0x2)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x4000009a}]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='efivarfs\x00', 0x200000, 0x0)

7m4.84335083s ago: executing program 35 (id=3033):
mmap(&(0x7f000088c000/0x3000)=nil, 0x3000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x1000)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
mkdir(&(0x7f0000001f40)='./file0\x00', 0x84)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000001000/0x3000)=nil, 0x3000}, 0x7})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000180)=ANY=[])
madvise(&(0x7f00001d7000/0x4000)=nil, 0x4000, 0x12)
mmap(&(0x7f000088c000/0x3000)=nil, 0x3000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x1000) (async)
userfaultfd(0x80001) (async)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) (async)
mkdir(&(0x7f0000001f40)='./file0\x00', 0x84) (async)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000001000/0x3000)=nil, 0x3000}, 0x7}) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) (async)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000180)=ANY=[]) (async)
madvise(&(0x7f00001d7000/0x4000)=nil, 0x4000, 0x12) (async)

6m49.881032479s ago: executing program 36 (id=3532):
creat(&(0x7f0000000080)='./file0\x00', 0xa0) (async)
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000040)='ext4\x00', 0x8000, 0x0)

4m30.332035595s ago: executing program 37 (id=5973):
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x5, 0xfffffffffffffffe)
ioprio_set$pid(0x1, r0, 0x2004)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x8800, 0x0)
read(r1, &(0x7f0000000080)=""/93, 0xffffff6c)

3m31.615012939s ago: executing program 38 (id=6640):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="78010000170001000000000000000000fc0000000000000000040000000000000000000000000000fe8000000000000000000000000000bbac1414bb000000000000000000000000fc00"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000ffffffff00000000000000000000000000000000000000000a"], 0x178}}, 0x0)

3m29.552080892s ago: executing program 39 (id=6878):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x4810)

2m47.72009567s ago: executing program 40 (id=7414):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="78010000170001000000000000000000fc00000000ffffffffffffff800000000000000000000000fe8000000000000000000000000000bbac1414bb000000000000000000000000fc00"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000ffffffff00000000000000000000000000000000000000000a"], 0x178}}, 0x0)

1m8.027186859s ago: executing program 41 (id=8893):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0xc, 0x109e00)
prlimit64(0x0, 0x2, &(0x7f0000000440)={0x6, 0x1000000000000000}, 0x0)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet_buf(r1, 0x0, 0x30, &(0x7f00000001c0)="7383bfdbfa1c045b4f2e48e40da6cafecdd7d68838700b525d871ce6e51f3c7955808be07d388ae7d8aa0102303fc4d900b0020fdeba858c891a5a6ed56b371e2631ae400fdb8594d14d4850701b58712afa2e6c5228ef0f47cc2ab402ab0c96b7c1a83b1b69b502725322fce938da8cc4809d601fd1cf9b61b246f5f22f7f5772e39e43ba7044c7c5b8d47229755f7e07", 0x91)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, &(0x7f0000000040)=0x8001)
fcntl$setownex(r3, 0xf, &(0x7f0000000140)={0x2, r2})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000680)={{{@in6=@mcast2, @in6=@local}}, {{@in=@loopback}, 0x0, @in=@local}}, &(0x7f0000000780)=0xe8)
statx(0xffffffffffffffff, &(0x7f00000007c0)='./file0\x00', 0x400, 0x10, &(0x7f0000000800))
read$FUSE(0xffffffffffffffff, &(0x7f0000000900)={0x2020}, 0x2020)
fstat(r1, &(0x7f0000002940))
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.numa_stat\x00', 0x275a, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
socket$inet(0x2, 0x32a961c088f19325, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x20001, 0x0)
write$vga_arbiter(r5, &(0x7f0000000280)=ANY=[@ANYBLOB="6465636f64651120696f00"], 0xb)
write$vga_arbiter(r5, &(0x7f0000000000)=@other={'lock', ' ', 'mem'}, 0x9)
write$vga_arbiter(r5, &(0x7f00000001c0)=@other={'decodes', ' ', 'none'}, 0xd)
newfstatat(0xffffffffffffff9c, &(0x7f00000029c0)='./file0\x00', &(0x7f0000002a00), 0x800)
ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000100)={0x1, 0x67, &(0x7f0000000040)="42162b9dfcde69a459febfc791ae87aae652d75e56c293cf39fab15ac9c13cb35ecde82ccf73a39e18e6509ded51e40a052ceea11578b37a7f3b8d694a492fabd6159a9c11474bd800d6868d1e33ea97961a8c2eb8f477b229cbb600e13e34702e928c931ad37f"})

59.909895297s ago: executing program 42 (id=8979):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x4000fffffffe)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x414680, 0x0)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x11, r2, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f0000000040)={0x9, 0x6})

58.600316277s ago: executing program 43 (id=8998):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="78010000170001000000000000000000fc00000000000000000000000000000080fffffffffffffffe8000000000000000000000000000bbac1414bb000000000000000000000000fc00"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000ffffffff00000000000000000000000000000000000000000a"], 0x178}}, 0x0)

56.51092188s ago: executing program 44 (id=9014):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async, rerun: 64)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6) (rerun: 64)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=@newsa={0x138, 0x18, 0x713, 0x0, 0x0, {{@in6=@mcast1, @in6=@loopback}, {@in=@private, 0x0, 0x32}, @in6=@loopback, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/255, 0xff, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x31}}, &(0x7f0000000280)={0x9, 0x18, 0x40}}, 0x10}], 0x52, 0x0, &(0x7f0000000380)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f612948"})

49.332732973s ago: executing program 45 (id=9103):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/binder1\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x0, 0x1, 0x11, r1, 0x0)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f0000000140)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x40, 0x13, 0x5e, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r2, 0x0, &(0x7f0000001740)={0xfffffffffffffc8d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x40, 0x19, 0x2, "0400"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r2, 0x0, &(0x7f00000000c0)={0x34, &(0x7f0000000100)={0x40, 0x18, 0x1, "04"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
pivot_root(0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0)

41.172422032s ago: executing program 1 (id=9192):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x141342, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) (async)
write(r0, &(0x7f0000000280)="59898001d1571c66d822289244a49866bf5fe4d6819f96b87aa6a78a2856", 0x1e)

41.149403712s ago: executing program 1 (id=9193):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xc8c0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000008c0)='./bus\x00', 0x0)
chdir(&(0x7f00000001c0)='./bus\x00')
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
mknodat(r1, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000640)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
sendto$inet6(r3, &(0x7f0000000040)="f18f0e6477b303fe5e19f53b4acd841d4be7d380814495810977d9516a1ba7d826", 0x21, 0x0, &(0x7f0000000180)={0xa, 0x4e22, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x5}, 0x1c)
statfs(&(0x7f0000000000)='./bus\x00', 0x0)
linkat(r2, &(0x7f0000000100)='./file1\x00', r3, &(0x7f0000000240)='./bus\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./bus\x00', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000)
add_key(&(0x7f0000000000)='rxrpc_s\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)

41.134268502s ago: executing program 1 (id=9194):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="78010000170001000000000000000000fc000000000000000000000000000000000000000a000000fe8000000000000000000000000000bbac1414bb000000000000000000000000fc00"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000ffffffff00000000000000000000000000000000000000000a"], 0x178}}, 0x0)

41.071358063s ago: executing program 1 (id=9195):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
r1 = add_key$keyring(&(0x7f0000002280), &(0x7f00000022c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$revoke(0x3, r1)
write$selinux_load(0xffffffffffffffff, 0x0, 0x2046)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x1, 0x3032, r0, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0xa0000004})
epoll_wait(r2, &(0x7f0000004140)=[{}], 0x1, 0x4000005)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000001c0)=ANY=[], 0xc)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x4, &(0x7f00000000c0)={&(0x7f0000000240)=@delpolicy={0x50, 0x27, 0x1, 0x0, 0x0, {{@in=@remote, @in=@remote, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xc0, 0xc, 0x0, 0xee01}, 0x6e6bb7}}, 0x50}}, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f00000005c0), 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f00000000000100", @ANYRES64=0x2710], 0x48}}, 0x0)
r5 = dup(r3)
setreuid(0xee00, 0x0)
ioprio_get$uid(0x3, 0xee00)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f00000000c0)=ANY=[@ANYRES8=r3], 0xb0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x80000, 0x0)
read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020)

40.179408397s ago: executing program 1 (id=9213):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = syz_create_resource$binfmt(&(0x7f0000000000)='./file0\x00')
execveat$binfmt(0xffffffffffffffff, r3, 0x0, 0x0, 0x1000)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0xacec)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x10, 0x0, &(0x7f00000000c0)=[@clear_death={0x400c630f, 0x3}], 0x0, 0x0, 0x0})

40.03158278s ago: executing program 1 (id=9215):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="fc01000013000100000000000000000000000000000000000000000000000001fc0200000000000000000000000000014e24000d040000090a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="020000010000000000000000000000000000000000000000ffffffffffffffff00000000330000000300000000000000090000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000feffffff00000000000000000000000044010500e0000002000000000000000000000000000004d6320000000a000000ac1414aa000000000000000000000000053500000303030009000000b4000000070000007f000001000000000000000000000000000004d36c00000000000000fc0100000000000006000000000000000000000000000900010000000080000008000000ac1414aa000000000000000000000000000004d2330000000a000000ac1414bb0000000000000000ddffffff023500000002fa00070000000a00000002000000fe80000000000000000000000000000f000004d43c"], 0x1fc}, 0x1, 0x0, 0x0, 0x11}, 0x0)

40.02116172s ago: executing program 46 (id=9215):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="fc01000013000100000000000000000000000000000000000000000000000001fc0200000000000000000000000000014e24000d040000090a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="020000010000000000000000000000000000000000000000ffffffffffffffff00000000330000000300000000000000090000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000feffffff00000000000000000000000044010500e0000002000000000000000000000000000004d6320000000a000000ac1414aa000000000000000000000000053500000303030009000000b4000000070000007f000001000000000000000000000000000004d36c00000000000000fc0100000000000006000000000000000000000000000900010000000080000008000000ac1414aa000000000000000000000000000004d2330000000a000000ac1414bb0000000000000000ddffffff023500000002fa00070000000a00000002000000fe80000000000000000000000000000f000004d43c"], 0x1fc}, 0x1, 0x0, 0x0, 0x11}, 0x0)

35.217066885s ago: executing program 3 (id=9266):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x0, 0x0)
r1 = userfaultfd(0x80001)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f0000000000)='.\x00', 0x1400037e)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
readv(r1, &(0x7f0000000040)=[{&(0x7f0000000180)=""/73, 0x49}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000)

34.94266148s ago: executing program 3 (id=9267):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r1, 0x0, 0xf, &(0x7f0000000140)=0x400030, 0x4)
bind$inet(r1, &(0x7f0000000140)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f00000002c0)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/255, 0xff, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x31}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x50, 0x0, &(0x7f0000000380)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f61"})

34.848348571s ago: executing program 3 (id=9268):
clock_nanosleep(0x9511f3c3a34bb9cc, 0x1, &(0x7f00000004c0), 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, 0x0) (async)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, 0x0)

34.847600011s ago: executing program 3 (id=9269):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
r1 = add_key$keyring(&(0x7f0000002280), &(0x7f00000022c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$revoke(0x3, r1)
write$selinux_load(0xffffffffffffffff, 0x0, 0x2046)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x1, 0x3032, r0, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0xa0000004})
epoll_wait(r2, &(0x7f0000004140)=[{}], 0x1, 0x4000005)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000001c0)=ANY=[], 0xc)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x4, &(0x7f00000000c0)={&(0x7f0000000240)=@delpolicy={0x50, 0x27, 0x1, 0x0, 0x0, {{@in=@remote, @in=@remote, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xc0, 0xc, 0x0, 0xee01}, 0x6e6bb7}}, 0x50}}, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f00000005c0), 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f00000000000100", @ANYRES64=0x2710], 0x48}}, 0x0)
r5 = dup(r3)
setreuid(0xee00, 0x0)
ioprio_get$uid(0x3, 0xee00)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f00000000c0)=ANY=[@ANYRES8=r3], 0xb0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$fuse(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x80000, 0x0)
read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020)

34.132179752s ago: executing program 2 (id=9270):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x5, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}}}]}, 0x50}, 0x1, 0x20}, 0x0)

34.100106573s ago: executing program 2 (id=9271):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r3, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098041000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000300000028020080060001000a00000014000200ff0100000000000000000000000000010500030000000000240001000000000000000000000000000000000000000000000000000000000000000000140004000200000000000000000000000000000024000300000000000000000000000000000000000000000000000000000000000000000014000200776731"], 0x174}}, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r1, 0x0)
syz_usb_connect(0x0, 0x57, &(0x7f0000000300)=ANY=[@ANYBLOB="12010102882333404f17318af4390102030109024500013f06400409044207000e0100010a240107000105ff010302070724050107638c0924030500030406810c2402060602"], &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0})
socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4000854)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x104, 0x0})
socket$unix(0x1, 0x1, 0x0)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000440)={0x7}, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="200000001200010a00000000000000800000000c000800080000000000000000"], 0x20}}, 0x0)
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x45809000)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000080)="bbb6bde179b01b3bb198ec83510f887849ae60e5c81267b00a64cacf8d4e4b9d1a959131ade9ae", 0x27)
close_range(r0, 0xffffffffffffffff, 0x0)

33.928979076s ago: executing program 3 (id=9272):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@flushpolicy={0x10, 0x1d, 0x1, 0x70bd27, 0x25dfdbff}, 0x10}}, 0x0)
setreuid(0xee00, 0x0) (async)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r3, &(0x7f00000012c0)=[{&(0x7f0000000080)=""/152, 0x98}], 0x1, &(0x7f00000015c0)=[{&(0x7f0000001340)=""/189, 0xbd}], 0x1, 0x0) (async)
splice(r1, 0x0, r0, 0x0, 0xaf2, 0x5)

33.863136767s ago: executing program 3 (id=9275):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/custom0\x00', 0x0, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000000000105804380100000000000109022400010000000009040002010300000009210000000122f80409058103"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0) (async)
syz_usb_control_io(r1, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00220508", @ANYRES16=0x0, @ANYBLOB="1b7dd1ce99475246afab416df1"], 0x0}, 0x0) (async)
syz_usb_control_io$hid(r1, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00220508", @ANYRES16=0x0, @ANYBLOB="1b7dd1ce99475246afab416df1"], 0x0}, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r2, &(0x7f0000000100), 0x10) (async)
bind$can_raw(r2, &(0x7f0000000100), 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @mcast2, 0x5}, 0x1c)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20088004, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @remote, 0x7}, 0x1c)
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
close(0x4) (async)
close(0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0xf3a, 0x0)
tee(r3, r6, 0x8f5, 0x100000000000000) (async)
tee(r3, r6, 0x8f5, 0x100000000000000)
write(r4, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000140)="c7cfcaaa22e10542fca5c0190500000000000000fc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f2433e442f80877490b393408142ebcfea6821f543e5ee9e2b032e2b75d78f1b7916a6bb6f0645e267770eb85259b0e42b3bf3f5c9f7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d822bfc494ca048c64c8c02ff81c895a9ba4082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c8d799321f2136da8bd6130f884", 0xf0, 0xc001, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9) (async)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000040)={'veth0_to_bond\x00', &(0x7f0000000500)=@ethtool_drvinfo={0x3, "8c1e9c9911b2e6b9bc4114ac4268477fa0d071fbf1087747fac3d534fa0edaae", "5fd50e7e1d06000009000000bc000000feff00003c0dc08b00", "e4ffffff000500000000000000000000000000000000000d000000001400", "ae8ee05842a76642ccb541de54a5eec4f49a2491329a35b106ae68045a327a59", "1f71f453c4a8a54afef6ddf3fa0facfed8ff3978f9fd7f14221bd27cfc58f00d", "6b0352008327fd34c1ed5720", 0x9, 0xffff16a2, 0xe, 0x7ff, 0xc}})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f0000000080), 0x4) (async)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f0000000080), 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000040), 0x0) (async)
pipe2(&(0x7f0000000040), 0x0)

33.841382167s ago: executing program 47 (id=9275):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/custom0\x00', 0x0, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000000000105804380100000000000109022400010000000009040002010300000009210000000122f80409058103"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0) (async)
syz_usb_control_io(r1, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00220508", @ANYRES16=0x0, @ANYBLOB="1b7dd1ce99475246afab416df1"], 0x0}, 0x0) (async)
syz_usb_control_io$hid(r1, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00220508", @ANYRES16=0x0, @ANYBLOB="1b7dd1ce99475246afab416df1"], 0x0}, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r2, &(0x7f0000000100), 0x10) (async)
bind$can_raw(r2, &(0x7f0000000100), 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @mcast2, 0x5}, 0x1c)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20088004, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @remote, 0x7}, 0x1c)
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
close(0x4) (async)
close(0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0xf3a, 0x0)
tee(r3, r6, 0x8f5, 0x100000000000000) (async)
tee(r3, r6, 0x8f5, 0x100000000000000)
write(r4, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000140)="c7cfcaaa22e10542fca5c0190500000000000000fc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f2433e442f80877490b393408142ebcfea6821f543e5ee9e2b032e2b75d78f1b7916a6bb6f0645e267770eb85259b0e42b3bf3f5c9f7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d822bfc494ca048c64c8c02ff81c895a9ba4082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c8d799321f2136da8bd6130f884", 0xf0, 0xc001, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9) (async)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000040)={'veth0_to_bond\x00', &(0x7f0000000500)=@ethtool_drvinfo={0x3, "8c1e9c9911b2e6b9bc4114ac4268477fa0d071fbf1087747fac3d534fa0edaae", "5fd50e7e1d06000009000000bc000000feff00003c0dc08b00", "e4ffffff000500000000000000000000000000000000000d000000001400", "ae8ee05842a76642ccb541de54a5eec4f49a2491329a35b106ae68045a327a59", "1f71f453c4a8a54afef6ddf3fa0facfed8ff3978f9fd7f14221bd27cfc58f00d", "6b0352008327fd34c1ed5720", 0x9, 0xffff16a2, 0xe, 0x7ff, 0xc}})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f0000000080), 0x4) (async)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f0000000080), 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000040), 0x0) (async)
pipe2(&(0x7f0000000040), 0x0)

32.585552707s ago: executing program 2 (id=9279):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x5, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}}}]}, 0x50}, 0x1, 0x2000}, 0x0)

32.528266057s ago: executing program 2 (id=9280):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
r1 = add_key$keyring(&(0x7f0000002280), &(0x7f00000022c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$revoke(0x3, r1)
write$selinux_load(0xffffffffffffffff, 0x0, 0x2046)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x1, 0x3032, r0, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0xa0000004})
epoll_wait(r2, &(0x7f0000004140)=[{}], 0x1, 0x4000005)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000001c0)=ANY=[], 0xc)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x4, &(0x7f00000000c0)={&(0x7f0000000240)=@delpolicy={0x50, 0x27, 0x1, 0x0, 0x0, {{@in=@remote, @in=@remote, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xc0, 0xc, 0x0, 0xee01}, 0x6e6bb7}}, 0x50}}, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f00000005c0), 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f00000000000100", @ANYRES64=0x2710], 0x48}}, 0x0)
r5 = dup(r3)
setreuid(0xee00, 0x0)
ioprio_get$uid(0x3, 0xee00)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f00000000c0)=ANY=[@ANYRES8=r3], 0xb0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$fuse(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x80000, 0x0)
read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020)

31.597376573s ago: executing program 2 (id=9285):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0xa, 0x1})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0xfffffffffffffcf2, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x60, 0x18, &(0x7f00000001c0)={@fda={0x66646185, 0xfffffffffffffffd, 0x2, 0x34}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @flat=@binder={0x73622a85, 0x1100, 0x1}}, &(0x7f0000000280)={0x0, 0x20, 0x48}}, 0x10}], 0x0, 0x0, 0x0})
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0xa, 0x1}) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0xfffffffffffffcf2, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x60, 0x18, &(0x7f00000001c0)={@fda={0x66646185, 0xfffffffffffffffd, 0x2, 0x34}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @flat=@binder={0x73622a85, 0x1100, 0x1}}, &(0x7f0000000280)={0x0, 0x20, 0x48}}, 0x10}], 0x0, 0x0, 0x0}) (async)

31.493431294s ago: executing program 2 (id=9289):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x1002, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
copy_file_range(r1, &(0x7f0000000000)=0x8, r1, 0x0, 0x4, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6)
write$bt_hci(r4, &(0x7f0000000140)=ANY=[@ANYBLOB="0000023f3201"], 0x138)
ioctl$SIOCGIFHWADDR(r3, 0x8927, 0x0)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000280)={{{@in=@empty, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f00000000c0)=0xe8)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x90028, &(0x7f0000000180)={[{@uuid_off}, {@xino_on}, {@redirect_dir_off}], [{@fowner_gt={'fowner>', r7}}, {@fsname={'fsname', 0x3d, '\x00'}}, {@audit}, {@dont_measure}, {@fowner_lt={'fowner<', 0xee00}}]})
close_range(r0, 0xffffffffffffffff, 0x0)

31.439167425s ago: executing program 48 (id=9289):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x1002, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
copy_file_range(r1, &(0x7f0000000000)=0x8, r1, 0x0, 0x4, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6)
write$bt_hci(r4, &(0x7f0000000140)=ANY=[@ANYBLOB="0000023f3201"], 0x138)
ioctl$SIOCGIFHWADDR(r3, 0x8927, 0x0)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000280)={{{@in=@empty, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f00000000c0)=0xe8)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x90028, &(0x7f0000000180)={[{@uuid_off}, {@xino_on}, {@redirect_dir_off}], [{@fowner_gt={'fowner>', r7}}, {@fsname={'fsname', 0x3d, '\x00'}}, {@audit}, {@dont_measure}, {@fowner_lt={'fowner<', 0xee00}}]})
close_range(r0, 0xffffffffffffffff, 0x0)

31.435787095s ago: executing program 9 (id=9291):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000003580)={&(0x7f00000003c0)=ANY=[@ANYBLOB="44010000100001000000000000000000fe8000000000000000000000000000bbac1414bb0000000000000000000000000004fff920000001000000001d000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ac14142a000000000000000000000000000000006c000000ac1414bb0000000000000000000000000000000000000000000000000000000000000000ff80000000000000000000000100000000000000fdffffffffffffff0400000000000000000000000000000002000000b316138f04000000000000000000004000000000000000000000000000000002000000000000000025bd7000000000000a00000100000000000000004800030000006500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c0096c7015cff082345"], 0x144}, 0x1, 0x0, 0x0, 0x44}, 0x4810)

31.368311416s ago: executing program 9 (id=9292):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r3 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/mnt\x00') (async)
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r5, 0x29, 0x39, &(0x7f0000000580)={0x0, 0x2, 0x2, 0x1, 0x0, [@local]}, 0x18)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, 0x1c) (async)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1)
sendto$inet6(r4, &(0x7f0000000100)="c10e000018001f06b9409b0dffff110d0207be040205060506100a044300040018000000fac8388827a685a168d9a44604094565360c648dcaaf6c26c291214549932fde4a460c89b6ec0cff3959547f509058ba86c902fc3a10004a320c0400160016000a00000000000000000000080756ede4ccbe5880", 0xec1, 0x0, 0x0, 0x9e5e111c47e3504f)
setreuid(0xffffffffffffffff, 0xee01) (async)
ioctl$BTRFS_IOC_BALANCE(r3, 0x5000940c, 0x1000000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (async)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) (async)
pivot_root(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)='./file0/file0\x00') (async)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0xd5)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async)
read$FUSE(r6, &(0x7f00000021c0)={0x2020, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r6, &(0x7f0000000780)={0x50, 0x0, r7, {0x7, 0x1f, 0x0, 0x1020001, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2}}, 0x50)
syz_fuse_handle_req(r6, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x10}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
fcntl$lock(r8, 0x5, &(0x7f0000000200)={0x1, 0x0, 0x8000000000, 0x100000000007})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000000)=[@increfs], 0x0, 0x0, 0x0})

31.368077336s ago: executing program 9 (id=9293):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r1=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)
lsetxattr$security_selinux(&(0x7f0000000180)='.\x00', &(0x7f00000001c0), &(0x7f0000000200)='system_u:object_r:crond_var_run_t:s0\x00', 0x25, 0x0)
getdents(r2, &(0x7f0000000000)=""/26, 0x1a)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x42, 0x0)
timer_delete(r1)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f0000006380)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000100)={0x50, 0x0, r5, {0x7, 0x1f, 0x1000001, 0x5069f481, 0xfffe, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18, 0x0, r5, {0x1}}, 0x18)
tkill(0x0, 0x12)
write(r0, &(0x7f0000000280)="59898001d1571c66d822289244a49866bf5fe4d6819f96b87aa6a78a2856", 0x1e)

31.201591818s ago: executing program 9 (id=9294):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
r1 = add_key$keyring(&(0x7f0000002280), &(0x7f00000022c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$revoke(0x3, r1)
write$selinux_load(0xffffffffffffffff, 0x0, 0x2046)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x1, 0x3032, r0, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0xa0000004})
epoll_wait(r2, &(0x7f0000004140)=[{}], 0x1, 0x4000005)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000001c0)=ANY=[], 0xc)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x4, &(0x7f00000000c0)={&(0x7f0000000240)=@delpolicy={0x50, 0x27, 0x1, 0x0, 0x0, {{@in=@remote, @in=@remote, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xc0, 0xc, 0x0, 0xee01}, 0x6e6bb7}}, 0x50}}, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f00000005c0), 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f00000000000100", @ANYRES64=0x2710], 0x48}}, 0x0)
r5 = dup(r3)
setreuid(0xee00, 0x0)
ioprio_get$uid(0x3, 0xee00)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f00000000c0)=ANY=[@ANYRES8=r3], 0xb0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$fuse(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x80000, 0x0)
read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020)

30.236976604s ago: executing program 9 (id=9298):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x5, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}}}]}, 0x50}, 0x1, 0x2000000000000000}, 0x0)

29.83835962s ago: executing program 9 (id=9301):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
munmap(&(0x7f000045e000/0x1000)=nil, 0x1000)
mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
munmap(&(0x7f0000e29000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000)
munmap(&(0x7f000060f000/0x4000)=nil, 0x4000)
madvise(&(0x7f0000492000/0x2000)=nil, 0x2000, 0x12)
munmap(&(0x7f0000694000/0x3000)=nil, 0x3000)
mremap(&(0x7f0000807000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil)
mremap(&(0x7f000061c000/0x13000)=nil, 0x13000, 0x4000, 0x3, &(0x7f0000fb0000/0x4000)=nil)
mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil)
madvise(&(0x7f0000a30000/0x3000)=nil, 0x3000, 0x10)
mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil)
mlock2(&(0x7f000072d000/0x1000)=nil, 0x1000, 0x0)
mremap(&(0x7f0000b89000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00006e6000/0x3000)=nil)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(0xffffffffffffffff, 0x6a, 0x4, 0x20000000, 0xff78)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000440)="ea", 0x1}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18, 0x81}, 0x4c800)
setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000000), 0x4)
recvmmsg(r1, &(0x7f0000001140), 0x700, 0x2, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
dup3(r3, r2, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000480)={0x48, 0x0, &(0x7f00000004c0)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000040)={@ptr={0x70742a85, 0x1, &(0x7f00000001c0)=""/243, 0xf3, 0x1, 0x2e}, @fda={0x66646185, 0x0, 0x2, 0x30}, @fda={0x66646185, 0x2, 0x1, 0x3d}}, &(0x7f0000000140)={0x0, 0x28, 0x48}}}, @enter_looper], 0x0, 0x0, 0x0})

29.83760377s ago: executing program 49 (id=9301):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
munmap(&(0x7f000045e000/0x1000)=nil, 0x1000)
mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
munmap(&(0x7f0000e29000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000)
munmap(&(0x7f000060f000/0x4000)=nil, 0x4000)
madvise(&(0x7f0000492000/0x2000)=nil, 0x2000, 0x12)
munmap(&(0x7f0000694000/0x3000)=nil, 0x3000)
mremap(&(0x7f0000807000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil)
mremap(&(0x7f000061c000/0x13000)=nil, 0x13000, 0x4000, 0x3, &(0x7f0000fb0000/0x4000)=nil)
mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil)
madvise(&(0x7f0000a30000/0x3000)=nil, 0x3000, 0x10)
mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil)
mlock2(&(0x7f000072d000/0x1000)=nil, 0x1000, 0x0)
mremap(&(0x7f0000b89000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00006e6000/0x3000)=nil)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(0xffffffffffffffff, 0x6a, 0x4, 0x20000000, 0xff78)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000440)="ea", 0x1}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18, 0x81}, 0x4c800)
setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000000), 0x4)
recvmmsg(r1, &(0x7f0000001140), 0x700, 0x2, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
dup3(r3, r2, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000480)={0x48, 0x0, &(0x7f00000004c0)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000040)={@ptr={0x70742a85, 0x1, &(0x7f00000001c0)=""/243, 0xf3, 0x1, 0x2e}, @fda={0x66646185, 0x0, 0x2, 0x30}, @fda={0x66646185, 0x2, 0x1, 0x3d}}, &(0x7f0000000140)={0x0, 0x28, 0x48}}}, @enter_looper], 0x0, 0x0, 0x0})

29.060363352s ago: executing program 6 (id=9312):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, &(0x7f0000000380)=ANY=[@ANYBLOB='\x00\x00\t'], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001c40)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x1, {[@global=@item_012={0x0, 0x1, 0x9}]}}, 0x0}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)

27.589054886s ago: executing program 8 (id=9327):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c020000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000003000000000a0000205e000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000800000000000000000000000000000700000000000000000000000000000000000000000000000300000000000000070000000000000000000000000000000000000000000000e02700000000000000000000000000002d00000000000000000000000000000084010500ac1414bb000000000000000000000000000000006c00000000000000ac14142c000000000000000000000000000000000000560000000000fdffffff01000000ac141410000000000000000000000000000000003200000000000000fe800000000000000000000000000500023500000000000000000000feffffff00000000ff010000000000000000000000000001000000003c00000002000000ff0200000000000000000000000000010000000001030000000000000000000000000000ff020000000000000000000000000001000004d33c00000002000000ffffffff00000000000000000000000000000000000000000000000003000000000000000a010102000000000000000000000000000000003200000002000000ac141400000000000000000000000000ffffffff0002000000000000000000000300000020010000000000000000000000000001000000003c00000002"], 0x23c}, 0x1, 0x0, 0x0, 0xffffff80}, 0x0)

27.528273297s ago: executing program 8 (id=9328):
ioprio_set$pid(0x1, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r1, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x3f00)

27.527891206s ago: executing program 8 (id=9329):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x8)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r0=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, r0, {0x7, 0x1f, 0x0, 0xc92480, 0x2, 0x0, 0xd, 0x0, 0x0, 0x0, 0x10, 0x5}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101000, 0x0)
lseek(r1, 0x5, 0x4)

27.527386417s ago: executing program 8 (id=9330):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000002c0)=0x20)
openat(0xffffffffffffff9c, 0x0, 0x20842, 0x22)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
rename(&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)='./file1\x00')
tkill(0x0, 0x12)
write(r0, &(0x7f0000000280)="59898001d1571c66d822289244a49866bf5fe4d6819f96b87aa6a78a2856", 0x1e)

27.500333747s ago: executing program 8 (id=9331):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0xa, 0x2})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x52, 0x0, &(0x7f00000002c0)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f612948"})

27.425054238s ago: executing program 6 (id=9332):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0) (async)
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) (async, rerun: 32)
sched_setscheduler(0x0, 0x1, 0x0) (rerun: 32)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1) (async)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r1, 0x0, 0x0) (async)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x104, 0x0}) (async)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000040)={{0x7, 0xf9, 0x8be, 0xffff}, 'syz0\x00', 0x2}) (async, rerun: 32)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0) (rerun: 32)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) (async)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c) (async, rerun: 32)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (rerun: 32)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x9}) (async)
listen(r3, 0x5)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0x2, &(0x7f0000000200)=0xed0e, 0x48) (async)
bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(r3, 0x0) (async, rerun: 64)
ioctl$UI_DEV_CREATE(r2, 0x5501) (async, rerun: 64)
r6 = socket(0x8, 0x2400000001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r6, 0x29, 0x2a, &(0x7f0000034000)={0x3, {{0xa, 0x1, 0x3, @mcast2, 0x10000000}}}, 0x88) (async)
setsockopt$inet6_MCAST_JOIN_GROUP(r6, 0x29, 0x2a, &(0x7f00000003c0)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
getsockopt$inet6_buf(r6, 0x29, 0x10000000000030, &(0x7f0000034000)=""/144, &(0x7f0000e5f000)=0x90) (async, rerun: 32)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, 0x0) (async, rerun: 32)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)

27.29236673s ago: executing program 6 (id=9333):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000003580)={&(0x7f00000003c0)=ANY=[@ANYBLOB="44010000100001000000000000000000fe8000000000000000000000000000bbac1414bb0000000000000000000000000004fff920000001000000001d000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ac14142a000000000000000000000000000000006c000000ac1414bb000000000000000000000000000000000000000000000000000000000000000080ffffff00000000000000000100000000000000fdffffffffffffff0400000000000000000000000000000002000000b316138f04000000000000000000004000000000000000000000000000000002000000000000000025bd7000000000000a00000100000000000000004800030000006500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c0096c7015cff082345"], 0x144}, 0x1, 0x0, 0x0, 0x44}, 0x4810)

27.29194172s ago: executing program 8 (id=9334):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x2000}]}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000080)=[{{&(0x7f0000000800)={0x2, 0x6e20, @multicast1}, 0x10, 0x0}}], 0x1, 0x2000c044)
sendto$inet(r2, &(0x7f0000000c80)="e8", 0x6200, 0x12000000, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000)
add_key(&(0x7f0000000000)='rxrpc_s\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_X86_APIC_BUS_CYCLES_NS(r3, 0x4068aea3, &(0x7f00000000c0)={0xed, 0x0, 0x10})

27.27341863s ago: executing program 50 (id=9334):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x2000}]}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000080)=[{{&(0x7f0000000800)={0x2, 0x6e20, @multicast1}, 0x10, 0x0}}], 0x1, 0x2000c044)
sendto$inet(r2, &(0x7f0000000c80)="e8", 0x6200, 0x12000000, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000)
add_key(&(0x7f0000000000)='rxrpc_s\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_X86_APIC_BUS_CYCLES_NS(r3, 0x4068aea3, &(0x7f00000000c0)={0xed, 0x0, 0x10})

27.27083831s ago: executing program 6 (id=9336):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
r1 = add_key$keyring(&(0x7f0000002280), &(0x7f00000022c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$revoke(0x3, r1)
write$selinux_load(0xffffffffffffffff, 0x0, 0x2046)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x1, 0x3032, r0, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0xa0000004})
epoll_wait(r2, &(0x7f0000004140)=[{}], 0x1, 0x4000005)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000001c0)=ANY=[], 0xc)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x4, &(0x7f00000000c0)={&(0x7f0000000240)=@delpolicy={0x50, 0x27, 0x1, 0x0, 0x0, {{@in=@remote, @in=@remote, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xc0, 0xc, 0x0, 0xee01}, 0x6e6bb7}}, 0x50}}, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f00000005c0), 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f00000000000100", @ANYRES64=0x2710], 0x48}}, 0x0)
dup(r3)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x80000, 0x0)
read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020)

26.334827335s ago: executing program 6 (id=9353):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000003580)={&(0x7f00000003c0)=ANY=[@ANYBLOB="44010000100001000000000000000000fe8000000000000000000000000000bbac1414bb0000000000000000000000000004fff920000001000000001d000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ac14142a000000000000000000000000000000006c000000ac1414bb0000000000000000000000000000000000000000000000000000000000000000000000000000ffff000000000100000000000000fdffffffffffffff0400000000000000000000000000000002000000b316138f04000000000000000000004000000000000000000000000000000002000000000000000025bd7000000000000a00000100000000000000004800030000006500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c0096c7015cff082345"], 0x144}, 0x1, 0x0, 0x0, 0x44}, 0x4810)

26.188183847s ago: executing program 6 (id=9354):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="78010000170001000000000000000000fc0000000000000000000000000000000000000000000180fe8000000000000000000000000000bbac1414bb000000000000000000000000fc00"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000ffffffff00000000000000000000000000000000000000000a"], 0x178}}, 0x0)

26.163270658s ago: executing program 51 (id=9354):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="78010000170001000000000000000000fc0000000000000000000000000000000000000000000180fe8000000000000000000000000000bbac1414bb000000000000000000000000fc00"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000ffffffff00000000000000000000000000000000000000000a"], 0x178}}, 0x0)

23.47051422s ago: executing program 0 (id=9375):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x5, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

23.416500941s ago: executing program 0 (id=9377):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c020000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000003000000000a0000205e000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000800000000000000000000000000000700000000000000000000000000000000000000000000000300000000000000070000000000000000000000000000000000000000000000e02700000000000000000000000000002d00000000000000000000000000000084010500ac1414bb000000000000000000000000000000006c00000000000000ac14142c000000000000000000000000000000000000560000000000fdffffff01000000ac141410000000000000000000000000000000003200000000000000fe800000000000000000000000000500023500000000000000000000feffffff00000000ff010000000000000000000000000001000000003c00000002000000ff0200000000000000000000000000010000000001030000000000000000000000000000ff020000000000000000000000000001000004d33c00000002000000ffffffff00000000000000000000000000000000000000000000000003000000000000000a010102000000000000000000000000000000003200000002000000ac141400000000000000000000000000ffffffff0002000000000000000000000300000020010000000000000000000000000001000000003c00000002"], 0x23c}}, 0x600)

23.362125802s ago: executing program 0 (id=9379):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="78010000170001000000000000000000fc0000000000000000000000000000000000000000000a00fe8000000000000000000000000000bbac1414bb000000000000000000000000fc00"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000ffffffff00000000000000000000000000000000000000000a"], 0x178}}, 0x0)

23.361583152s ago: executing program 0 (id=9380):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x0, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
r1 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r1, &(0x7f0000000200)=@file={0xd570d0466b6018f, './file0\x00'}, 0xa)
listen(r1, 0x0)
r2 = accept$unix(r1, 0x0, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x0)
syz_open_procfs(0x0, &(0x7f00000002c0)='setgroups\x00')
r3 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r3, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000380)=@proc={0x10, 0x0, 0x25dfdbff, 0x1000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000000780)={0x1fc, 0x35, 0x400, 0x70bd28, 0x25dfdbfc, "", [@nested={0x176, 0x80, 0x0, 0x1, [@generic="244954e8f391fab99dae2b2642c4c9b1ad45f76a0f8d58d63ac9ec9cae8fe2a5481b7f6b663ac20236dcb11c352c9b48c7ad22c1dad316f15070c361590f0b1ad9d4de9a3bdee9a9547f9b89716c569692f6ac2ece14c36e4259f21635106908d445aab7d384e1c53651dff5f75541af3ed407d12a554b418cd7d44b2755d64946dde8110c3f507f5f02cfbc13fa7b480379cb77e53da821aedcc171f18a8db46951c6ecca6a4ba3bc4fe77b2dbfa7b43c468ee93388e1619929142070348a3250d148331b8abeabe25228aac0af56fdf28af937553e6aa676a5bf577fa2c7e2e214000855bb4bd3f9", @generic="3ad808726a830e8505598c1c43d09fcaf4c05ae1c7391964ae679f54988752dd907535b733b6ffe73fc4b80decec162eebfdec3f8c2b4142ed8bd749cde016de1a687d484af64a1ca92f0f271760a7ff2fcd459295bc1a1b022a913638e6893e46648bb0e0", @nested={0x4, 0x78}, @typed={0x1d, 0x3f, 0x0, 0x0, @binary="28ecc7df6fe9c917fd2493d7f1dce1cff941a7e684788388d7"}]}, @nested={0x66, 0x23, 0x0, 0x1, [@nested={0x4, 0x71}, @generic="cb53a57251513d6942ca9243a24634a97ed9dc745a547f713778d8bee43cd08b54eabc9c259bae6b49987ba9f7b9ac240798e98b8879f93b3c984437543420a396309dee73a1ee2c8b04ead4f90a9537922bc7b0b05be25d21357c24dca7"]}, @typed={0x4, 0x14a}, @typed={0x8, 0xec, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x22}}]}, 0x1fc}, {&(0x7f0000000980)={0x274, 0x16, 0x1, 0x70bd28, 0x25dfdbfc, "", [@generic="079fdbe0c6", @generic="b0873bd56bbe74e4bd1a1c905094b00cf528c320c04daff935c80389af152aef778e472f09415b7722fc48290b1954f2d8648effcb6f6019a3fe3e2c9fe305d5f3c41cb013cc4f846d6dae33a9127adc772fa633607ae6f893fe1e04233c176785f33fca22e93868fd800c7d0639d59d945c6ab9e8e1b1b9050c53f5193d0e0fc331c7e1959afa712d6dd9c194da0781cc", @generic="dee13068708b057a8c18a43923f1349d1178a0683e19d469342699b1ba7b87c120e031027747adc86cd93973c323540db5d8d24e7a3594aec73ae11537f25845976c63168b576a34b3046f398fb2635c160dc2375b2b4af8d540b4eb7acb835709ad46e85dfa20ad66c7bf5b431efe164630dd3b148ca4356d", @typed={0xe, 0x14, 0x0, 0x0, @str='setgroups\x00'}, @nested={0xa, 0x7d, 0x0, 0x1, [@nested={0x4, 0x41}, @generic="1706"]}, @nested={0x138, 0xd, 0x0, 0x1, [@nested={0x4, 0xb8}, @generic="3bc6fb667df2f4e9f5a5620b9f8970d9c5df4b6166b6760abf115ac7088bb37b9164897f6cf032cf785314caa199334e972e269c7c044534d1e6054491f7e934c4137fb6f647aa4b696ce5a6458dfffaec008ed5cdf05a33870296944b96c5983d74020d0881bd874383c9f2a5", @generic="fc78c8dfe664fa609e943a8681e87f25a12bbd75444f783fc951fe6dfce67f2c2a70329ac15bfaf02f22f4dd0fc7930379eb59a459334894f90480632687b74ee3aa3abf81b15eaf1fb95da2cbbb1c562a8ba46782902c22ad4d1b299c3a727e7e5a05edb74188b4107590abfca7172110160b34db0b92c80703d9755ab388a1068779761bbbe744a9f0a6c152ab80de99a7ff9ff847f43c693519c1f53fa1", @typed={0x14, 0x9a, 0x0, 0x0, @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}}, @nested={0x4, 0x12b}, @typed={0xc, 0x67, 0x0, 0x0, @u64=0x5}]}]}, 0x274}], 0x2, 0x0, 0x0, 0x20000840}, 0x20000100)
sendmsg$netlink(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x20040c04}, 0x0)
pipe2$9p(&(0x7f0000001900)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000a00395032303030"], 0x15)
r6 = dup(r5)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f00000000c0)={0x30, 0x5, 0x0, {0x0, 0x5}}, 0x30)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/file0\x00', &(0x7f0000000040), 0xa44820, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB=',subj_user=!&#/]+]],smackfsfloor=}]\"-,fowner=', @ANYRESDEC=0x0, @ANYRESOCT=r6, @ANYRESDEC=0x0, @ANYRES32=r0, @ANYRESDEC=0x0, @ANYRESOCT=r3, @ANYRESDEC=0x0, @ANYBLOB=',k'])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r7 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
write$FUSE_POLL(r7, 0x0, 0x0)
r8 = socket$unix(0x1, 0x5, 0x0)
chmod(&(0x7f0000000080)='./file0\x00', 0x3a)
setuid(0xffffffffffffffff)
connect$unix(r8, &(0x7f0000000000)=@file={0xd1653077bafa0114, './file0\x00'}, 0xa)
close(r8)
connect$unix(r2, &(0x7f0000000000)=@file={0xd1653077bafa0114, './file0\x00'}, 0xa)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000180)=""/73, 0x49}], 0x1)

22.380256247s ago: executing program 0 (id=9392):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x101400, 0x0)
keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, &(0x7f0000000c80)='@\x81\\\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0xc0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="01000000000000007f00000000000000b9e0060000b80a000000ba000000000f30"], 0x7f})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$AUTOFS_IOC_SETTIMEOUT(0xffffffffffffffff, 0x80049367, &(0x7f0000000280)=0x3)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x40000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x8)
ioctl$KVM_SET_MSRS(r7, 0x5000aea5, &(0x7f0000000080)=ANY=[])
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x8, 0xbc, 0x7, 0x6, 0xeb, 0x0, 0xf, 0x4, 0x3, 0xfe, 0x3, 0x58, 0x90, 0x5, 0x9, 0x7f}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x0, 0x182, 0x4, 0x10, 0xf1, 0x0, 0x7fffffffffffe, 0x5, 0x0, 0x9, 0x0, 0x5, 0x0, 0xbdb], 0x1, 0x3c4210})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

22.171328171s ago: executing program 0 (id=9395):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000540)={0x4c, 0x0, &(0x7f0000000400)=[@reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, &(0x7f0000000500)})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSUUID(r0, 0x80111500, &(0x7f0000000000))
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0xdd52d6c}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

22.170844391s ago: executing program 52 (id=9395):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000540)={0x4c, 0x0, &(0x7f0000000400)=[@reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, &(0x7f0000000500)})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSUUID(r0, 0x80111500, &(0x7f0000000000))
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0xdd52d6c}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

9.796999396s ago: executing program 7 (id=9432):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
r1 = add_key$keyring(&(0x7f0000002280), &(0x7f00000022c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$revoke(0x3, r1)
write$selinux_load(0xffffffffffffffff, 0x0, 0x2046)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x1, 0x3032, r0, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0xa0000004})
epoll_wait(r2, &(0x7f0000004140)=[{}], 0x1, 0x4000005)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000001c0)=ANY=[], 0xc)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x4, &(0x7f00000000c0)={&(0x7f0000000240)=@delpolicy={0x50, 0x27, 0x1, 0x0, 0x0, {{@in=@remote, @in=@remote, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xc0, 0xc, 0x0, 0xee01}, 0x6e6bb7}}, 0x50}}, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f00000000000100", @ANYRES64=0x2710], 0x48}}, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x80000, 0x0)
read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020)

8.067328963s ago: executing program 5 (id=9434):
r0 = creat(&(0x7f0000001380)='./file0\x00', 0x4)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x0}, 0x0)
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="02080000596d0000000001000b"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0xc0686611, &(0x7f0000000180)={0x68, 0x0, 0x18, 0x1000, &(0x7f0000537000/0x1000)=nil})
openat$rnullb(0xffffffffffffff9c, 0x0, 0x8800, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
sendto$packet(r0, &(0x7f0000000200)="881213cb763f99a39a1570c6e2888d66603fdeef178b6940bb992288ac0eb2b7ce4b7c59ad465d9a4bde394fdbabcfb1121c2fe2bac7212e06c01f3d3991b650ce0bcdc9c4d57765ad0bcc2c1f55c21ee4e1d673c4b084685d815250b7ef7d763300b3c1ec8e07fb00ba5ac1a6bf487b9bbec0ee2d643a2e93948b14359813326f3fd99c79fb4c2b0b1971b39ec86e603fb72d348542f37e0576221937830fb24c8e000b6b51e088227d", 0xaa, 0x0, &(0x7f0000000080)={0x11, 0x4, r3, 0x1, 0xc, 0x6, @random="71a81eb21ae6"}, 0x14)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
setsockopt$packet_drop_memb(0xffffffffffffffff, 0x107, 0x2, &(0x7f0000000140)={r3, 0x1, 0x6, @remote}, 0x10)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="180000001600010a00000000000000000c0000000c00008008"], 0x20}}, 0x40816)
sendto$packet(r2, &(0x7f00000000c0)="3f031c000302140006001e4848d6a7a911d7c2290f0089061327c9167c643c4a1b7880610cc9", 0x33, 0x0, &(0x7f0000000540)={0xc9, 0x0, r3, 0x1, 0x6b, 0x6, @multicast}, 0x14)
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000040)='ext4\x00', 0x8000, 0x0)

8.067010992s ago: executing program 7 (id=9435):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
prctl$PR_GET_DUMPABLE(0x3) (async)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
sendfile(r1, r0, 0x0, 0x1ff)

8.007707474s ago: executing program 4 (id=9436):
r0 = socket(0x840000000002, 0x3, 0xff)
setsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000200)={0x4, [0x0, 0x0, 0x0, 0x0]})
sendmmsg$inet(r0, &(0x7f0000000240)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @multicast1}, 0x10, 0x0}}, {{&(0x7f00000004c0)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x2, 0x4004040)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x20102, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r3, 0xc0403d11, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r5, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)='\x00\x00', 0x2}], 0x1}}], 0x1, 0x4400c800)
sendto$inet6(r5, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000, 0x0, &(0x7f000052a000/0x2000)=nil)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/cgroup.procs\x00', 0xb600, 0x20)
syz_clone3(&(0x7f0000004300)={0x200000000, 0x0, 0x0, 0x0, {0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, {r6}}, 0x58)
r7 = getuid()
setreuid(0x0, r7)
mount$binderfs(&(0x7f0000000080), &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000180), 0x10, &(0x7f00000002c0)={[{@stats}, {@stats}, {@max={'max', 0x3d, 0x1}}, {@max={'max', 0x3d, 0x2}}], [{@appraise_type}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@defcontext={'defcontext', 0x3d, 'root'}}, {@uid_gt={'uid>', r7}}, {@appraise}]})

6.237422001s ago: executing program 5 (id=9437):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="fc01000013000100000000000000000000000000000000000000000000000001fc0200000000000000000000000000014e24000d040000090a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="020000010000000000000000000000000000000000000000ffffffffffffffff0000000000003c000300000000000000090000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000feffffff00000000000000000000000044010500e0000002000000000000000000000000000004d6320000000a000000ac1414aa000000000000000000000000053500000303030009000000b4000000070000007f000001000000000000000000000000000004d36c00000000000000fc0100000000000006000000000000000000000000000900010000000080000008000000ac1414aa000000000000000000000000000004d2330000000a000000ac1414bb0000000000000000ddffffff023500000002fa00070000000a00000002000000fe80000000000000000000000000000f000004d43c"], 0x1fc}, 0x1, 0x0, 0x0, 0x11}, 0x0)

6.233530251s ago: executing program 7 (id=9438):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x804)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x801, 0x0)
ioctl$BINDER_GET_EXTENDED_ERROR(r0, 0xc0046209, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r1, 0x45809000)
madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

6.231571471s ago: executing program 4 (id=9439):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000000)=@gcm_128={{0x304}, "5216c05996140c14", "6124c587b4ec150def6e4d07e399a4b0", "5c39e60b", "d6427f5dfdf33925"}, 0x28) (async)
close_range(r0, r0, 0x0) (async)
r1 = signalfd4(r0, &(0x7f0000000040)={[0xb0fc]}, 0x8, 0x80800)
r2 = socket$inet_tcp(0x2, 0x1, 0x0) (async, rerun: 64)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xe4, 0x0, 0x1, 0x201, 0x0, 0x0, {0x7, 0x0, 0x1}, [@CTA_TUPLE_ORIG={0x60, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x14, 0x4, @local}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @local}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}]}, @CTA_NAT_DST={0x34, 0xd, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x15}}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @loopback}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @remote}]}, @CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0x7}, @CTA_SYNPROXY={0x34, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x1000}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0xbe60}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x6}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x5}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0xdd3}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x2000040}, 0x800) (rerun: 64)
write$P9_RWRITE(r1, &(0x7f0000000240)={0xb, 0x77, 0x2, 0x9}, 0xb)
r3 = getpgid(0xffffffffffffffff) (async)
r4 = gettid() (async, rerun: 64)
read$FUSE(0xffffffffffffffff, &(0x7f0000000500)={0x2020, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020) (rerun: 64)
syz_clone3(&(0x7f0000002580)={0x204000080, &(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300)=<r6=>0x0, {0x22}, &(0x7f0000000340)=""/237, 0xed, &(0x7f0000000440)=""/188, &(0x7f0000002540)=[r3, 0xffffffffffffffff, r4, r5, 0xffffffffffffffff], 0x5, {r1}}, 0x58) (async)
sched_setaffinity(r3, 0x8, &(0x7f0000002600)=0x1ff)
madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x16) (async, rerun: 64)
ioctl$PTP_EXTTS_REQUEST2(r1, 0x40103d0b, &(0x7f0000002640)={0x7fffffff}) (async, rerun: 64)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000002680)={0x1f, 0x7, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x9, 0x2}, 0xe)
ioctl$FIBMAP(r0, 0x1, &(0x7f00000026c0)=0x1) (async, rerun: 32)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000002700), 0x4) (rerun: 32)
bind$inet(r1, &(0x7f0000002740)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000002780)={@local, @private=0xa010101, @multicast1}, 0xc) (async, rerun: 32)
syz_open_dev$MSR(&(0x7f00000027c0), 0x9, 0x0) (async, rerun: 32)
r7 = signalfd4(r2, &(0x7f0000002800)={[0xc]}, 0x8, 0x80000)
bind$bt_hci(r7, &(0x7f0000002840)={0x1f, 0xffffffffffffffff, 0x4}, 0x6) (async)
socket$packet(0x11, 0x2, 0x300)
r8 = syz_open_procfs(r6, &(0x7f0000002880)='net/ip_tables_targets\x00') (async)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_tcp_SIOCATMARK(r9, 0x8905, &(0x7f00000028c0)) (async)
r10 = syz_open_procfs(r4, &(0x7f0000002900)='oom_score\x00')
write$P9_RMKNOD(r10, &(0x7f0000002940)={0x14, 0x13, 0x2, {0x4, 0x2, 0x5}}, 0x14) (async)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f00000029c0), r8)
sendmsg$ETHTOOL_MSG_STRSET_GET(r7, &(0x7f0000002d40)={&(0x7f0000002980)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002d00)={&(0x7f0000002b80)={0x174, r11, 0x8, 0x70bd25, 0x25dfdbfc, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x11c, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}, {0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}]}]}, 0x174}, 0x1, 0x0, 0x0, 0x1}, 0x4840)

6.213821942s ago: executing program 5 (id=9440):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x2, &(0x7f0000000140)=[{0x7c}, {0x6, 0x0, 0x0, 0x7ffffffb}]})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000004c0)={'erspan0\x00', <r3=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b041400e0ffe2ff02004788001ca13bb100000208007f604803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14)
r4 = socket$key(0xf, 0x3, 0x2)
mlockall(0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0)
sendmmsg(r4, &(0x7f0000000180), 0x3ef, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0})

4.228423793s ago: executing program 5 (id=9441):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000003580)={&(0x7f00000003c0)=ANY=[@ANYBLOB="44010000100001000000000000000000fe8000000000000000000000000000bbac1414bb0000000000000000000000000004fff920000001000000001d000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ac14142a000000000000000000000000000000006c000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000ffff00000100000000000000fdffffffffffffff0400000000000000000000000000000002000000b316138f04000000000000000000004000000000000000000000000000000002000000000000000025bd7000000000000a00000100000000000000004800030000006500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c0096c7015cff082345"], 0x144}, 0x1, 0x0, 0x0, 0x44}, 0x4810)

4.226453803s ago: executing program 7 (id=9442):
r0 = fsopen(&(0x7f0000000000)='configfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_128={{0x303}, "cbbf09c473ef3ee5", "d62cb2759e70ad75c3b50ef30b007511", "0894cb4c", "2a6f9fea1f1bb653"}, 0x28)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fchdir(r1) (async)
fchdir(r1)
openat$cgroup_type(r1, &(0x7f0000000000), 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='huge=always,huge=within_size,nr_blocks=5']) (async)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='huge=always,huge=within_size,nr_blocks=5'])
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r4, &(0x7f0000000f00)={0x2020}, 0x2020)

4.226111403s ago: executing program 4 (id=9443):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
r1 = add_key$keyring(&(0x7f0000002280), &(0x7f00000022c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$revoke(0x3, r1)
write$selinux_load(0xffffffffffffffff, 0x0, 0x2046)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x1, 0x3032, r0, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0xa0000004})
epoll_wait(r2, &(0x7f0000004140)=[{}], 0x1, 0x4000005)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000001c0)=ANY=[], 0xc)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x4, &(0x7f00000000c0)={&(0x7f0000000240)=@delpolicy={0x50, 0x27, 0x1, 0x0, 0x0, {{@in=@remote, @in=@remote, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xc0, 0xc, 0x0, 0xee01}, 0x6e6bb7}}, 0x50}}, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f00000000000100", @ANYRES64=0x2710], 0x48}}, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x80000, 0x0)
read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020)

2.225757054s ago: executing program 5 (id=9444):
ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = signalfd(r0, &(0x7f0000000040)={[0x401]}, 0x8)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f0000000080)={0x5, 0x0, [{0xa, 0x5, 0x8000, 0x7, 0x1}, {0xc0000000, 0x8, 0xfffffffb, 0x8, 0x3}, {0x80000007, 0x6, 0x3, 0x3, 0x8}, {0x2, 0x8, 0x85c, 0x1, 0x3}, {0x80000000, 0x8e, 0x1000, 0x0, 0x3}]})
ioctl$KVM_SET_DEBUGREGS(r1, 0x4080aea2, &(0x7f0000000100)={[0x0, 0xdddd0000, 0xdddd0000, 0x10000], 0x8, 0x5, 0x1000})
fsetxattr$security_capability(r1, &(0x7f0000000180), &(0x7f00000001c0)=@v2={0x2000000, [{0x3}, {0x5, 0x5}]}, 0x14, 0x1)
clock_gettime(0x0, &(0x7f0000000240)={<r2=>0x0, <r3=>0x0})
sendmsg$can_bcm(r1, &(0x7f0000000340)={&(0x7f0000000200), 0x10, &(0x7f0000000300)={&(0x7f0000000280)={0x1, 0x40, 0x7fffffff, {r2, r3/1000+10000}, {0x77359400}, {0x4}, 0x1, @canfd={{0x2, 0x1, 0x1}, 0x2, 0x2, 0x0, 0x0, "3148db5f48d65a40f64b5152c2a475e412b796b1827bcca0ce4b0e503706afe177adbecc623eacf190e288c3e2e09acb25c1a91d47946c6137ef94031303d880"}}, 0x80}, 0x1, 0x0, 0x0, 0x400c801}, 0x44000)
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x28080, 0x0)
ioctl$F2FS_IOC_DEFRAGMENT(r4, 0xc010f508, &(0x7f00000003c0)={0x6, 0x1000000000000000})
r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000400), 0x129040, 0x0)
ioctl$SNAPSHOT_ATOMIC_RESTORE(r5, 0x3304)
ioctl$SNAPSHOT_ATOMIC_RESTORE(r5, 0x3304)
ioctl$VT_ACTIVATE(r1, 0x5606, 0xc)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r4, 0x40089413, &(0x7f0000000440)=0x6)
ioctl$USBDEVFS_WAIT_FOR_RESUME(r1, 0x5523)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), r1)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000500)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r1, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x28, r6, 0x400, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x401, 0x6f}}}}, ["", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4044001}, 0x0)
r8 = open(&(0x7f0000000600)='./file0\x00', 0x10200, 0x38)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), r8)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000000740)={'syztnl1\x00', &(0x7f00000006c0)={'ip6_vti0\x00', <r10=>0x0, 0x4, 0x48, 0xe, 0x1, 0x5, @mcast2, @mcast1, 0xf, 0x7, 0x9, 0xe}})
getsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f0000000780)={@mcast2, <r11=>0x0}, &(0x7f00000007c0)=0x14)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r8, &(0x7f00000013c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001380)={&(0x7f0000000800)={0xb7c, r9, 0x200, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}]}, @ETHTOOL_A_FEATURES_WANTED={0x32c, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xc}, @ETHTOOL_A_BITSET_MASK={0xd9, 0x5, "b3792c06256cbbef5e92112795a01f6028082cfa35ec321acc130e01e6d310e43b25c5c18bc0658e7728deb54f036dbf653861bfc5d452bdba2a65c749b221eec5453566906224c49872495966bec7d0907ede9a318a9fe6320fba44387d496710a0c144030ac6b63ea1354359db25f2086d2b860ae762e35361b3484d5f2ac255b564b5c547fc8268180904b26baecdfc7b599a5a44cf843c3bf3efec4e4016bb79bc198013458dc9b10d10a5e1ea5344042bf9707e5d6bf1c046311ca60f8671ab722fe5aa238e4cc9562f912e8f4ca6234cbc79"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x8}, @ETHTOOL_A_BITSET_BITS={0x10c, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\\&)%\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, '/dev/snapshot\x00'}]}, {0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x18}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '[/]^+,,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'wlan1\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '(\'+\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xc}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '$[)\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fff}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}]}, @ETHTOOL_A_BITSET_BITS={0x30, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}]}]}, @ETHTOOL_A_BITSET_BITS={0xd0, 0x3, 0x0, 0x1, [{0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x42f9}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'wlan1\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '[%\\\\/!$\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x18, 0x2, 'security.capability\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}]}, {0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x18, 0x2, 'security.capability\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '-.\\$*\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x80000000}, @ETHTOOL_A_BITSET_BITS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}]}, @ETHTOOL_A_FEATURES_WANTED={0x7c, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x78, 0x3, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, '*(+$/(-*-\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x86b9}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9e}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xc509}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_FEATURES_WANTED={0x198, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x94, 0x5, "9e5f5b7cd4d43fe73be9755576ef28288abc6a8894d5e1ffbb82ec1a0691872d7b52b600443ce260a56a59f9e7b259c5dea4d525f722d7f5553b5a9006b857fc01a5a5913f8bb3934ed7f4bbeded36585102672bb6086bbc17b8bc2f66428a3256a350a651a67f878bda49cb922be0a274aa506b17ef799229fd00917f98f82712c1c09c16bfd6023cb42a95aeecb98c"}, @ETHTOOL_A_BITSET_BITS={0xf8, 0x3, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'nl80211\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x18, 0x2, 'security.capability\x00'}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'nl80211\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '}\x95]\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '--#-%\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'nl80211\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80000001}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'nl80211\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x10, 0x2, '$:!{^\'#!)\'@\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, ')\x89$(\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8000}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xfffffff8}]}, @ETHTOOL_A_FEATURES_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_FEATURES_WANTED={0x480, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x94, 0x3, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x18, 0x2, 'security.capability\x00'}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'wlan1\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '@-&*\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '{\xc5\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xc}]}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_NAME={0x18, 0x2, 'security.capability\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'nl80211\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8a}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}]}]}, @ETHTOOL_A_BITSET_VALUE={0xbc, 0x4, "cb8632fb300276a44b74873821ec7d15f8deca5fe6e67a3aad2f2049dcaa65cd08557014adf89ecd0c5ab13b7a26f4e3133b9a521355420a792d8ab4cd5139ac3d92df0882c3e480c2b9bff0be4a13b46c6cb535270a9da218318b65e662c97043bdeec13b39cab8807580a4dff5e7f52d1f8e22f40b02838f4982d47be5e2b30d95e631522b102ace654d1451cbea01451aed09de4620353c26b2d8ca6e5fcb9b898ca3b0d559b20bcc73a6c1e2e0c5b94b44603c70e9ed"}, @ETHTOOL_A_BITSET_MASK={0x67, 0x5, "38711ec2c3dc2aa8ce69bf386171cb762c1f8f17a52be2923de27f600b4ff7f70ae13ea74b093d8fe01ce4640b1c4a4927280a7e91e39956e7c0f9176d7714d8d71271a02511dd5c7b243e4c43c962ac848ff267117b661e7b7aaae63f2911747d4ae4"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_BITS={0x1b4, 0x3, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, '/dev/snapshot\x00'}]}, {0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '$\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, '/dev/snapshot\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '+^\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'nl80211\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xf}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, ']-L\x00'}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x14, 0x2, ':/+(-B:\\\xac\',.::(\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7f}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'nl80211\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8c}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x18, 0x2, 'security.capability\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8000}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xc}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'nl80211\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}]}, @ETHTOOL_A_BITSET_VALUE={0xbd, 0x4, "7664ddc46dce3b3795a762d9054a1603cedd6558c16f59fb3439ad8353473db8b97a1f8f6b82a0367fda7bcab64d109e9540b9fab6e964a450919f79c5383608412e0d91eae5207b07e05d74cb6dc71b9fb90cd127d1f5dbb9c6d277358dcab7415647eea912264cf5516ec372be08594f6e13f4aeb63dc4efb4e25ee0ecd22fe24df871e87cdb4da91182cb8ec39cd73698b2ea89391ff92dd72572af0cc87a40a3c56451a13308519bdc11dd278bdbee15caf933a4bfbada"}, @ETHTOOL_A_BITSET_BITS={0x40, 0x3, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'wlan1\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'nl80211\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_NAME={0x18, 0x2, 'security.capability\x00'}]}]}]}, @ETHTOOL_A_FEATURES_WANTED={0x5c, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x14, 0x5, "d61cf4e4179c36558c6e199e08ca3622"}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_MASK={0x39, 0x5, "92cdadc1558a3bf68eee8ef5ae5f7a244649ae790e31e7a46dd2ba76a9acce07d6bfad1115af4a01835199f6c30f770b04266b763a"}]}, @ETHTOOL_A_FEATURES_WANTED={0x94, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x5}, @ETHTOOL_A_BITSET_MASK={0x86, 0x5, "cd2abd0a5d9e9d35127be7526dc9d909cb5bed137eda4cf5ff379a55e1f74edec5e08be79488c338dfecd76f0536fec823fbf2dac123360d82b9217d7cb6eb639b246cf13e72dd4fa3b8b2466698f2378231917852767fad2992085627240d4db103f4369955895fd209f689be05a63fa1caf9b5a6b1efef588b895e5fffdc200995"}]}, @ETHTOOL_A_FEATURES_HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xb7c}, 0x1, 0x0, 0x0, 0x40800}, 0x200000c1)
ioctl$BTRFS_IOC_SNAP_CREATE(r4, 0x50009401, &(0x7f0000001400)={{r4}, "d51a7d8c3874d4ff9928dd6bc48db9689eafdc82af0d86f1a9635a55128eb7ba66bd95e613ad9a4fd8deb373fbff2f4eadbd62bd8fc93e4d7d9287fbde7b91d24bfb791eca51146ec5c5e535ef4f6630cf7bbefe99d00a3b68c485aaae6c54ee8846ebbfb97b8f46658f634f1605892a9bc6093a82e5455094a191de9b351a974b0f1dffd60cc41e20dd4fd346ada5724f9cbf7147fbd1c4317dc1b507c5452e376cf1afef8c39946af2e9e78b03073167d73dba232f7e1af7a98d70bd2b442187428f201d2bc7a50581eb91e07710456f3bd42978235df434e82c1cf27d4e856cbcb7efd31dc2b21169a825b89a277ad5aaddfafa1b4541e10e3ba55f77535bbda5d437b6ce59def39eb4e2538d4262497bcc6d7c91005e5ef927ba8bce22829ed581d3ffaf81d3885244b98b845ce415ba8171f92be3a41e70645f141db90cc9fb6817c8e6ccc6fdb690ea9a791d07901c59bbd5651172b321878e2568f079c3446fab04979e1f79148d8b62c8f4803b431d0eccf683a40ee5f3905927fd50804a44fc5ddb7ec03a5929800054e10d4533b75cfd8defe985110e0029d0bcf75203fffdaed4a340bfa0359f1c6758ddb97c0125f58778bbc5d263819efb27258ed3524c3fc5b20afc8a433f39bb808f300f0d97bed1d56bc98625b7d06295c222aea148f1251fdc4ee86d243763aa5dd87e7731ad803546d21feadfd1fdee80dd43d80c417abd0cd602eda108f51700621a8b1f138465d59386b508f6a723bb133ce66d114f486dd38e8709e4a449a0c8b05afcddff7a84e2bbd35baf73e0b44b9108722432b5cabcb5812baf7ba3c68a77516466b050ac7539cb7c62020df2210da99230a965ab9b918c4b1bdfd18e29a0c61fb98a894882d4699f191a835a3dd02a30bb67455c83c158ee8f8876ab0ee208d4c69b29fb53c25408fc91272c08be5182ad12fbb5af6a46fe5090018c72110198ceb9100b05444ae40b7056e024a53cbba084cede4a29217a862725c2ec970ed431841546ab8d68de745352cb9e4e0ee4a482f0f64818596c6475d4e45ee21fe844c2e9505a109e75e97c91e1c9c92d66bee7149f38bb0676e2d92f55581bfefc3bbf94b4b66472abcd4c169f42f13ba94bdb296a577e17958007ed92f6e7665e916f437c5600aa7a86322ab55c809f2d199fb18ced8be08cf6d7eeb65f288c038e6a7396d8f75ae1a202d6616c5fae0833bf8e434a291c1f0aa465566eee7b25243108c3a4c34b18193d626f64ab73c6ce3b5e119bc78df42375ff9815bf41235c9f0c63cce7216d0b49953fa677f9d1ba926227b2e3acee811998b849627927e8bf85afd736f86c66400ac5d0e2bc06306dd88a1f92cfadac00f1912341b309b12428dcc43eba7ba28478a50c31946bb0af45509fd50e6933566098ff56aa0c71946c75075719833c216c27e85edfcebde702a9f08fafbadd41594b5ecbee23ee36a2da729c3ca5710afebd28ab673dc1edc9903ef9a3ac674ddc47ae5089f97a2046f2f17d36e7f815c90f4198305783b04b9265c324e1de30900234d3b24cad4fe683abd86bb189e458cbfa3835cd7d4b764999c69963d6ba03397bf77ec18c989521c9003213c62d607893545c8c746c9edc522ccc2fbd63dd2a1fbea751c549c041cc6e223d67042a4a2a1e3165551269c8194e13d1e8af1020b7f8db60810a3fd7617e600ef18f0cbac6f3f5aad14e6a21406482134b38cf346596017691b9b55b5e8831e9c72f5b2f614d726e70f780ac9e1c2c4904192f878815055a07d9ab9812f4dd0afa5b83695651d8571f6d4a1bdf4e556a143eadde38e9f6ae87cdf307ed3b73bb2b33217df09b868fa7bc15ec039316c3cc96cceb55377f99c2d734741ea7d717ffba197b95bd342e7b6b178e0b4be99b5cccfa28f16180741a6d00a5a204390d5e6f125acb623a7033c2ef1f3fb24e4e8bb939b0e7f934718c12ff2dad0c7166b0ed59462bb6a1c99db503eda0e196b21ab3c0565ff9b3edfcb8e9f4dcfda65361e7193aabbfebc1f077d5adccadfa181456bb8973b621bfcfc8a842c0732fb6d4bf107c7f66010f20104e8a017d9d6ab257e57aa9411919dbd9120fe58b7d9c51ada833dfd95dcfb2efcb5022ec7d555fc6c870eea271ce0e7c5b4c93c08a38939959d6fe82e6c0ed69005e7cbfe35f249313cdccd078c117a51c2152d8babcaa1e037dc0f4ef271b6057139abde820bc1cc445bea3a538b3d099d92abd0fb947443cd91ce9a22f490828d3492c100b6e605218d13fcaa6c3e7e01fe624ce26bcc9f3e286d12f3e5c1c16f13552be164fb7ba7125ba8529a6d69d61bb7c57c0588976625c4e36f65f55a23e2651b8d9b48c340896b4b01ceae3a8f46ad6c98ec8e3c201ef8f50379d474b4fb800df8483f2ea4d0e5d0c9910d6fb8186375f84fd6d21b6c2a8839f0b4612420859d60670d7f88c74fe278da7b631178a3390639813cf78cf05ce8e867ab5643bb1bb3aff2fd8c7f1862a2319723098bf4429e45a8911f38e1f08c6e07844749aa79172e8a3ba10cfdae368ca2d4161dcddcdd5ee304edac0c17a490f81c75d86d4ec06f479536814c16b80e1d0bbb69ccca7b050174b269331121530347c38f6570713d277ccc5ee2144a909f5a13bc727360b66f1caa869aa97ea130d03c06d3c8ee36469a82bcc7d7fb70c5024042ca80eea497135ab0dac492ce6bcc2a0f5d23f23572474cb99dbe8f9ce93cac1e6fe69b893cd08c9c6cae32b870172b33f5471255bc30bb46370046aa59eeded53f20e3df4964cb5af49cd405c00f53a33d585ea3d361e09aff61a0fb10a73bf4f7ac086f4ca1e234315c8c543aaa3d1f921e6aa1758692f7283f2ca466f6f9161e2051d2218698387dd471b9aee20fc45ba5d3e3b151384a9b0dfd88e89ba04e7ca5d6532f9203976d0e9037818b742df7a48802cd4aaf71bd9db55222190ace903703db39cad324271911d6fac21dda219210677198839c904ff21928b8010f880909bac2b4eca48d5e1321309531dfaab875a9f7abe9678e16bae8f302f569828f8390168e76920bba49a176464bfc215c9ca060eb6f44fb2e5fdfd8095ed5e048b876893fd91b53b0b3101f66714edf609d718e5e5d9099071a613672158d80e7a2def4fa5928692ae6187bc8f234012085ef4af08717035727416f962b1b78b95dd73b4997a57e6ec796553499a110753741328d2b4d8f331b2a8eb9f0ea8c2b0af8eda5a59bfc2ba901292be28924167880f0c6577e0937658f19670a633a43e5aac5dcbd52d2c4feb1fa1cbc35ebed1cd3c2b8694379e5e90baaa3042766fdee093fc4d7afde96761cfd786cc5ea43d6f6c8b649eb96c94aa8f9f45e122ccfe7b90890c1759d2cae099d6ff1bb789f3793f663b1da42b3dac5f546b30fbc880758bee547e57f22b7a30568db52a852eedb354d1fc2b8c3c856bd31a008b69c519e152354a2561c8153179b88b4566175efe3459ecb2fae51426a2312f3b24026fc8e28e4f83a07a84b417278e9567f1df97977a710f054abab1acc0bccc4efc52cf2a5a151eba625830d99a5784f6afed02e88032563fdfba0d2f142f987abfe7411bf2987fbb1fb8b41a9fdf6219e80b729a8ebdc9c42d5f2e007f111aa17e5b1f5bc215c0add3d359e7d1a47cb98e7c91ca667acc473c00f592611a3e1e45c5985b4ecaaa0063a13b5d7c29645d19f539fd2cbffdefb4aed13e69e8ae63c15f88d60feb7b01872f99b09c8a9b800b3991a30db5c739aa596954dbe7e614ef25725fa0b1ee8d2fb6c516974aaa4348ac4a35e56f5833484d9cc10377b89bc2e28a6087136ebca9ac328db0bd1aac6f3d33698bff4e24835aa0b28ab10cd502c4894dffa1c1942cf91e7ac02cdac27fa2e987790631ef4f0ab4e46dc0b68ea1f3477f009b2db4a0621e156b83d195180361861eaac803b75fd8c5c6f95c107e18810079356e6271e1b174430226a151d8cc27f5fb29f0623320d57377eddd47d75a182c15507725b41bbe23bf2422ff730b27cc324a3321e9ccbb99882f129702302a45bd60b9c1a1543f2d7222929358ee6a0f27bddbb20b8cda6b24ec140ca8d09456ec82b77fc6408f66fc2915ecd06cee4eef7ff25a79c60a56d02fdadbb7965c793be21624c9fa351739a5b7e22c51f9f4d8504c1ee960f6590dba8824dca998b0e259bf941825228d611bf60b2f6deefe40800267394c776ed38a1928ffc63f80e5d119051c31a0ce413bff4f412ac46aa3cdff408b4e8aaabcf45b380a903d06d0f95c697f6142999845e47b5448197b2b27693a0c353916f6ec97aff95596d0430c9018e9d991510b60736e7d4ddaec2c2f54779884e2a37f2628111abb5a76799ca475174a476408dfdfbcdf6fd58a3c1a9b32d761dc7bef0e2075ce9d663debecac8c51c367131d7fdfff99ebb05d9bfd4074ced1696ec5ece279d574e0038fe3dd9467252bbace3ed4207f425e5220b0b017aec6c0a1819da7710b2b2e030f9c53c5b36197aed38abe566c81fcd745821f171a5c5b505658ea7c7a87a0c39ed8b3ed5946dc1fbd6bd47e5edad557add20d6d65578f0a3cc4dd5693067dda7a41083201e9e8020a539553b9a3d4f5471f7c726e700c87b4562a25c1a1cb765931fcb505a2e5d455003d08834076ad5e0441aa054164b9523308c605b5cf2ceae8d1166c9ae5f731a35cd5e263e1951e688feab99b63425ee16237f7ca4c7baec05c4d9512450e7d41a6cafaa23461a768ecaf29fbb8071a9680d2045f6f71b8f0bbfd50edcc5f4c852623d654bb1005eea40c651789606f2efdf7809965e6ccfd6f222542146b94673ebb46fc69dc2d7f4610b43c99a3a7ab86ab7b976f73a297d664336dea7fc5a39c1a7d33f8604e42be3d926efb1fdee521c08797c6ba38ff43c06b598ace73e8eb436ae596c7817a8abe7a34b2000bd2777c4ef231c1da6552d4adf5bd8b3452b0adc281546c5a6c9b82f80b40b831e52e4dea161d0fd85e43456da488462d6c385676bb95a3c6a54fe516fcfcf38ede2419b11bf058071d9859d028cec5d5483f3734f4b310adec4f0b62e408b9814bcc5c9b21e4c667376dab1b596aa47e5d30a362bc34f049ad01e79b1fbd0102d87ab05b38a8055a04d16c106c94504dff11d41a1ddb9b99222bc7328a04c24ce4341f786d25ff1c96078ee5f66995c0e29c7a445a869116207407a608e69392bc785976a173e279d1f45d5bfca1a1828668661a5122ab8e3ec9adc50fe8da8de6196bb7e371e34dface1000f981199fbde5baac38f562b878731291d5c74fba5561c1b84be825aa5e0ef2e4a6ee813fe0f2f7bead4451728a7c009b6d963f28dbc4bcd9f0856309ad324fe390b91442f03c9bcfe7ed6292f7755ea2c9f4de9f17e9b2de167e337b7993a92cf21bb95e625c83f386739e2b158bfeb05f330b8ab29ed23db1cf2e51b51f51f44ae6130c169f85ff70172ce5e3aadc1c28e01efaa883f2452d338e224563078a81f4120140e0fdf1d1e607099caed7ad7525e78455c61789ea4ac5846a38986118813666a8b9168359034368ab80c02a4839c777231a944491d63451726e0a19eb1663d5398773fbab021b4b65801e581404bb3702596cc58ac2da9c493b1a9b926f355fb409efc073f477d2f2073328895af0479cb56554111fc160279a9854a6415cb7f910a8bd222816a5f16fc32f7d49962dc58b6d8f2d21e7e948efb06e85ed5ce2c5f641f0d251d3a5c7eac4bddeb098f9"})
openat$kvm(0xffffffffffffff9c, &(0x7f0000002400), 0x0, 0x0)
r12 = syz_genetlink_get_family_id$tipc2(&(0x7f0000002480), r8)
sendmsg$TIPC_NL_SOCK_GET(r1, &(0x7f0000002780)={&(0x7f0000002440)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000002740)={&(0x7f00000024c0)={0x244, r12, 0xb00, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0x4c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x101}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff9}]}]}, @TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfda}]}, @TIPC_NLA_LINK={0x20, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}]}, @TIPC_NLA_LINK={0x94, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xda}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x97a}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x948}]}]}, @TIPC_NLA_NODE={0x118, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4b, 0x4, {'gcm(aes)\x00', 0x23, "e4637ede1920b705c54f93054e26b273c5f9b2e760a89a0bab8307a465455ae58a1ee8"}}, @TIPC_NLA_NODE_ID={0xb8, 0x3, "93abbaf9cdf47f06b0d4e9a68161605dd466aac6345f738625d5ba65d2ab57dc6029dbbc8d99ab34645a963dee775b8b970ef4a84fdf482cb79e0f0da1a34d334b4c500768b8a6dec38b56ce7602f131818c75fa61cd9147308bbf2f4decf02119d88891d5a8007418303feb0b44736e1bea5881396e3cf0f7dc334bcdd10a36c896407acd80279bfd648ef893eb5ccc79a25f03c730ec0a95e790d93963e70ba3ac9befc292fafa58ae43aab9f80ac912afe1e8"}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}]}, 0x244}, 0x1, 0x0, 0x0, 0x40}, 0x50)
ftruncate(r4, 0x6)

2.225317725s ago: executing program 7 (id=9445):
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
capset(&(0x7f00000000c0)={0x19980330}, &(0x7f0000000180)={0x401, 0x7ff, 0x9, 0x58, 0x1, 0x9})
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
getsockopt$inet6_int(0xffffffffffffffff, 0x3a, 0x1a, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000008500)={0x7ff, {{0x2, 0x4e23, @multicast1}}, {{0x2, 0x4e24, @remote}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000280)=ANY=[@ANYBLOB="090000000000000002004e22e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001f00"/144], 0x90)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
sendmmsg$inet6(r3, &(0x7f0000004700)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0x2b4, @remote, 0xc}, 0x1c, 0x0}}], 0x1, 0x80040c4)
r5 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xccc42, 0xa0)
write$cgroup_pid(r5, &(0x7f00000000c0), 0x12)
write$tcp_mem(r5, &(0x7f0000000080)={0x7, 0x20, 0x1, 0x20, 0x2}, 0x48)
close(r2)
openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
timer_settime(0x0, 0x0, &(0x7f00000000c0)={{}, {0x77359400}}, &(0x7f0000000340))

2.224768585s ago: executing program 4 (id=9446):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
openat$kvm(0xffffff9c, 0x0, 0x800, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socket$inet(0x2, 0x4000000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r3 = dup2(r2, r1)
ioctl$VT_RESIZEX(r3, 0x560a, &(0x7f0000000080)={0x2, 0x4, 0x1, 0xc, 0x3, 0x10})

2.211921555s ago: executing program 4 (id=9447):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="fc01000013000100000000000000000000000000000000000000000000000001fc0200000000000000000000000000014e24000d040000090a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="020000010000000000000000000000000000000000000000ffffffffffffffff0000000000006c000300000000000000090000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000feffffff00000000000000000000000044010500e0000002000000000000000000000000000004d6320000000a000000ac1414aa000000000000000000000000053500000303030009000000b4000000070000007f000001000000000000000000000000000004d36c00000000000000fc0100000000000006000000000000000000000000000900010000000080000008000000ac1414aa000000000000000000000000000004d2330000000a000000ac1414bb0000000000000000ddffffff023500000002fa00070000000a00000002000000fe80000000000000000000000000000f000004d43c"], 0x1fc}, 0x1, 0x0, 0x0, 0x11}, 0x0)

1.33598ms ago: executing program 5 (id=9448):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r0 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000000)=[@uexit={0x0, 0x18, 0x7}, @cpuid={0x2, 0x18, {0x6c, 0x1}}, @uexit={0x0, 0x18, 0x3}, @uexit={0x0, 0x18, 0x8001}], 0x60})
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000100)={[0x6, 0xd821, 0x1, 0x4, 0x124, 0x6532703f, 0x6, 0x0, 0x4, 0x81, 0xe, 0xffffffffffffd2c2, 0x8, 0x4000d, 0x6, 0x9], 0xdddd1000, 0x210})
r1 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x34, 0x8a, 0x83, 0xff}]})
lsm_set_self_attr(0x30, 0x0, 0x8, 0x0)
lsm_get_self_attr(0x64, &(0x7f0000000000)={0x0, 0x0, 0x8b, 0x6b, ""/107}, &(0x7f00000000c0)=0x8b, 0x1)
r2 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}, 0x1, 0x0, 0x0, 0x68840}, 0x4)
clock_gettime(0x0, &(0x7f0000003180))
recvmmsg(r3, &(0x7f0000003080)=[{{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, 0x0}, 0x10001}, {{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x0, &(0x7f0000003040)=[{&(0x7f0000001f40)=""/72, 0x48}, {&(0x7f0000001fc0)=""/4096, 0x1000}, {&(0x7f0000002fc0)=""/66, 0x42}], 0x3}, 0x1}], 0x4, 0x23a0, 0x0)
sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0)
sendmsg$unix(r2, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)=ANY=[], 0xa, 0x800}, 0x4000080)
close(r1)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r5 = getpid()
ioctl$sock_FIOSETOWN(r4, 0x8901, &(0x7f0000000100)=r5)
ptrace$ARCH_SHSTK_DISABLE(0x1e, r5, 0x3, 0x5002)
r6 = socket(0x80000000000000a, 0x2, 0x0)
r7 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
syz_usb_control_io(r7, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r6)
sendmsg$NL80211_CMD_DEL_PMK(r6, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="0b25241f7ec6af19fe7ae69f05af3de067e5d880fdd82fd3d7c81d9032304082b93d2074cef826fcedf6c485f49275f076a9327e9aa31f3d452a05ea8e552058af35b17562c209c355239443a1a2e6c4720ce4b80600d95242ce7625fe8264285d8ea509fd9a955bb424137ffd174c1b6f1a2d65e4236c86989ec2ca19df10022244edcfe0af149523c538a4289b8607b74ab4f420fdc2fc39aa03a1f9650b4899ff8731be0861d983504648e5d9f0e63a26dee511f38404c5fff01ca61c5a04583a8bfa4b26a1c023993db35dce9c204eefdf", @ANYRES16=r8, @ANYBLOB="01002abd7000ffdbdf257c0000000a000600ffffffffffff00000a000600ffffffffffff00000a000600ffffffffffff00000a00060008021100000000000a0006000802110000010000"], 0x50}}, 0x200c0040)

819.429µs ago: executing program 7 (id=9449):
creat(&(0x7f0000001380)='./file0\x00', 0x4)
accept(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x100, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x1)
r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x1c)
r3 = epoll_create1(0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40088a01, &(0x7f0000000000)=0x100)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000240)={0x40000008})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r5, 0x6, 0x9, &(0x7f0000000080)={{0x21, @remote, 0x0, 0x3, 'sh\x00'}, {@private=0xa810101, 0x4, 0x0, 0x0, 0x100000, 0xfffffffe}}, 0x44)
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000040)='ext4\x00', 0x8000, 0x0)

0s ago: executing program 4 (id=9450):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xc8, 0x0, 0xc000000)
r2 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000480), 0x4)
sendmsg$tipc(r2, &(0x7f0000000200)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x1, 0x0, 0x2}}, 0x10, 0x0}, 0x4000000)
recvmmsg(r2, &(0x7f00000008c0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000a40)=""/188, 0xbc}], 0x1, &(0x7f0000000500)=""/87, 0x57}}], 0x1, 0x0, 0x0)
socket(0xa, 0x3, 0x3a)
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

0000000000000 RBX: 00007f32249b6080 RCX: 00007f322478e929
[  488.598879][T21551] RDX: 0000200000000100 RSI: 0000200000000240 RDI: 0000000000000200
[  488.598896][T21551] RBP: 00007f3224810b39 R08: 00002000000002c0 R09: 00002000000002c0
[  488.598913][T21551] R10: 0000200000000280 R11: 0000000000000206 R12: 0000000000000000
[  488.598930][T21551] R13: 0000000000000000 R14: 00007f32249b6080 R15: 00007fff7a25b748
[  488.598951][T21551]  </TASK>
[  488.598961][T21551] memory: usage 307200kB, limit 307200kB, failcnt 30958
[  489.087554][T21551] memory+swap: usage 402980kB, limit 9007199254740988kB, failcnt 0
[  489.095589][T21551] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  489.102615][T21551] Memory cgroup stats for /syz0:
[  489.102746][T21551] cache 297009152
[  489.111433][T21551] rss 49152
[  489.114607][T21551] rss_huge 0
[  489.117867][T21551] shmem 297009152
[  489.121505][T21551] mapped_file 0
[  489.124955][T21551] dirty 0
[  489.128059][T21551] writeback 0
[  489.131599][T21551] workingset_refault_anon 25
[  489.136185][T21551] workingset_refault_file 0
[  489.140783][T21551] swap 115437568
[  489.144436][T21551] swapcached 151552
[  489.148342][T21551] pgpgin 470593
[  489.152049][T21551] pgpgout 398031
[  489.155620][T21551] pgfault 95468
[  489.159645][T21551] pgmajfault 20
[  489.163294][T21551] inactive_anon 146202624
[  489.167659][T21551] active_anon 151011328
[  489.171868][T21551] inactive_file 0
[  489.175524][T21551] active_file 0
[  489.178998][T21551] unevictable 0
[  489.182497][T21551] hierarchical_memory_limit 314572800
[  489.188337][T21551] hierarchical_memsw_limit 9223372036854771712
[  489.194559][T21551] total_cache 297009152
[  489.198733][T21551] total_rss 49152
[  489.202370][T21551] total_rss_huge 0
[  489.206138][T21551] total_shmem 297009152
[  489.210575][T21551] total_mapped_file 0
[  489.214616][T21551] total_dirty 0
[  489.218098][T21551] total_writeback 0
[  489.220508][T21784] overlayfs: failed to clone upperpath
[  489.221919][T21551] total_workingset_refault_anon 25
[  489.221932][T21551] total_workingset_refault_file 0
[  489.237862][T21551] total_swap 115437568
[  489.242334][T21551] total_swapcached 151552
[  489.246752][T21551] total_pgpgin 470593
[  489.250768][T21551] total_pgpgout 398031
[  489.255119][T21551] total_pgfault 95468
[  489.259946][T21551] total_pgmajfault 20
[  489.262491][T21787] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7654'.
[  489.264087][T21551] total_inactive_anon 146202624
[  489.264101][T21551] total_active_anon 151011328
[  489.264112][T21551] total_inactive_file 0
[  489.264121][T21551] total_active_file 0
[  489.264131][T21551] total_unevictable 0
[  489.293619][T21789] fuse: Bad value for 'group_id'
[  489.301262][T21789] fuse: Bad value for 'group_id'
[  489.307661][T21551] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.7568,pid=21555,uid=0
[  489.325431][T21551] Memory cgroup out of memory: Killed process 21555 (syz.0.7568) total-vm:90092kB, anon-rss:936kB, file-rss:52224kB, shmem-rss:0kB, UID:0 pgtables:172kB oom_score_adj:1000
[  489.697745][T21580] syz.0.7568 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  489.795682][T21580] CPU: 1 UID: 0 PID: 21580 Comm: syz.0.7568 Not tainted 6.12.30-syzkaller-g94ce385c22d5 #0 16e511e29439c8b2668c1520ec6e7e54ef5e5f6a
[  489.795738][T21580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  489.795755][T21580] Call Trace:
[  489.795764][T21580]  <TASK>
[  489.795774][T21580]  __dump_stack+0x21/0x30
[  489.795810][T21580]  dump_stack_lvl+0x10c/0x190
[  489.795839][T21580]  ? __cfi_dump_stack_lvl+0x10/0x10
[  489.795868][T21580]  ? ___ratelimit+0x3f7/0x5a0
[  489.795896][T21580]  dump_stack+0x19/0x20
[  489.795923][T21580]  dump_header+0xd7/0x490
[  489.795960][T21580]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  489.795988][T21580]  oom_kill_process+0x4c0/0x7e0
[  489.796011][T21580]  ? sched_clock_cpu+0x75/0x400
[  489.796041][T21580]  out_of_memory+0x7ee/0xbd0
[  489.796063][T21580]  ? __cfi_out_of_memory+0x10/0x10
[  489.796085][T21580]  ? mutex_lock_killable+0x92/0x1c0
[  489.796113][T21580]  ? __cfi_mutex_lock_killable+0x10/0x10
[  489.796146][T21580]  mem_cgroup_out_of_memory+0x279/0x350
[  489.796181][T21580]  ? drain_obj_stock+0xed0/0xed0
[  489.796216][T21580]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  489.796251][T21580]  try_charge_memcg+0x8f7/0xde0
[  489.796281][T21580]  ? __cfi_try_charge_memcg+0x10/0x10
[  489.796309][T21580]  ? __alloc_pages_noprof+0x30d/0x6c0
[  489.796336][T21580]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  489.796363][T21580]  ? __folio_batch_add_and_move+0x2ab/0x370
[  489.796389][T21580]  __mem_cgroup_charge+0xf6/0x410
[  489.796420][T21580]  ? __kasan_check_write+0x18/0x20
[  489.796450][T21580]  ? _raw_spin_lock+0x8c/0x120
[  489.796486][T21580]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  489.796520][T21580]  shmem_alloc_and_add_folio+0x86d/0x1050
[  489.796566][T21580]  ? put_swap_device+0x130/0x130
[  489.796604][T21580]  ? shmem_huge_global_enabled+0x2da/0x360
[  489.796642][T21580]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  489.796678][T21580]  ? __kasan_check_write+0x18/0x20
[  489.796805][T21580]  ? _raw_spin_lock+0x8c/0x120
[  489.796856][T21580]  shmem_get_folio_gfp+0x5f0/0x1380
[  489.796895][T21580]  ? shmem_get_folio+0xc0/0xc0
[  489.796929][T21580]  ? inode_maybe_inc_iversion+0x17d/0x1e0
[  489.796957][T21580]  ? __cfi_inode_maybe_inc_iversion+0x10/0x10
[  489.796987][T21580]  ? inode_to_bdi+0x6d/0x100
[  489.797029][T21580]  shmem_write_begin+0xf4/0x270
[  489.797067][T21580]  generic_perform_write+0x330/0x960
[  489.797101][T21580]  ? __cfi_generic_perform_write+0x10/0x10
[  489.797130][T21580]  ? down_write+0xe9/0x2a0
[  489.797161][T21580]  ? mnt_get_write_access_file+0x1af/0x3b0
[  489.797187][T21580]  ? mnt_put_write_access_file+0xc2/0x100
[  489.797214][T21580]  ? file_update_time+0x1ef/0x220
[  489.797242][T21580]  shmem_file_write_iter+0x105/0x130
[  489.797269][T21580]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  489.797297][T21580]  __kernel_write_iter+0x392/0x830
[  489.797330][T21580]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  489.797359][T21580]  ? __cfi___kernel_write_iter+0x10/0x10
[  489.797391][T21580]  ? get_dump_page+0x160/0x220
[  489.797416][T21580]  ? __asan_memset+0x39/0x50
[  489.797445][T21580]  ? iov_iter_bvec+0xc0/0x180
[  489.797482][T21580]  dump_user_range+0xb06/0xdf0
[  489.797515][T21580]  ? __cfi_dump_emit+0x10/0x10
[  489.797546][T21580]  ? __cfi_dump_user_range+0x10/0x10
[  489.797578][T21580]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  489.797630][T21580]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  489.797662][T21580]  elf_core_dump+0x2cd9/0x3810
[  489.797702][T21580]  ? __cfi_elf_core_dump+0x10/0x10
[  489.797746][T21580]  ? dump_interrupted+0xf0/0xf0
[  489.797785][T21580]  ? filp_open+0x182/0x1d0
[  489.797810][T21580]  ? 0xffffffffff600000
[  489.797831][T21580]  do_coredump+0x1bf7/0x2bd0
[  489.797865][T21580]  ? __cfi_do_coredump+0x10/0x10
[  489.797894][T21580]  ? asm_exc_general_protection+0x2b/0x30
[  489.797931][T21580]  ? __kasan_slab_free+0x6a/0x80
[  489.797965][T21580]  ? kmem_cache_free+0x1c1/0x4c0
[  489.797998][T21580]  get_signal+0x11fd/0x14f0
[  489.798030][T21580]  arch_do_signal_or_restart+0x96/0x720
[  489.798065][T21580]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  489.798100][T21580]  ? fixup_iopl_exception+0xdd/0x2e0
[  489.798135][T21580]  irqentry_exit_to_user_mode+0x4e/0xb0
[  489.798170][T21580]  irqentry_exit+0x16/0x60
[  489.798200][T21580]  exc_general_protection+0x15a/0x1f0
[  489.798226][T21580]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  489.798255][T21580]  asm_exc_general_protection+0x2b/0x30
[  489.798282][T21580] RIP: 0033:0x7f322478e931
[  489.798303][T21580] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  489.798324][T21580] RSP: 002b:0000200000000240 EFLAGS: 00010217
[  489.798346][T21580] RAX: 0000000000000000 RBX: 00007f32249b6080 RCX: 00007f322478e929
[  489.798365][T21580] RDX: 0000200000000100 RSI: 0000200000000240 RDI: 0000000000000200
[  489.798384][T21580] RBP: 00007f3224810b39 R08: 00002000000002c0 R09: 00002000000002c0
[  489.798402][T21580] R10: 0000200000000280 R11: 0000000000000206 R12: 0000000000000000
[  489.798428][T21580] R13: 0000000000000000 R14: 00007f32249b6080 R15: 00007fff7a25b748
[  489.798450][T21580]  </TASK>
[  490.004649][T21580] memory: usage 307172kB, limit 307200kB, failcnt 34964
[  490.325802][T21580] memory+swap: usage 432188kB, limit 9007199254740988kB, failcnt 0
[  490.351918][T21580] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  490.366754][T21814] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7663'.
[  490.368635][T21580] Memory cgroup stats for /syz0:
[  490.375998][T21580] cache 311996416
[  490.420358][T21580] rss 118784
[  490.448617][T21580] rss_huge 0
[  490.453120][T21580] shmem 311996416
[  490.466108][T21580] mapped_file 3457024
[  490.467189][T21828] netlink: 80 bytes leftover after parsing attributes in process `syz.4.7670'.
[  490.478963][T21580] dirty 0
[  490.491031][T21580] writeback 0
[  490.494392][T21580] workingset_refault_anon 26
[  490.499391][T21580] workingset_refault_file 0
[  490.504017][T21580] swap 127987712
[  490.507887][T21580] swapcached 8192
[  490.511942][T21580] pgpgin 485218
[  490.515614][T21580] pgpgout 409017
[  490.519283][T21580] pgfault 97181
[  490.523055][T21580] pgmajfault 20
[  490.526628][T21580] inactive_anon 243683328
[  490.531158][T21580] active_anon 68173824
[  490.535579][T21580] inactive_file 0
[  490.539478][T21580] active_file 0
[  490.559760][T21580] unevictable 0
[  490.576350][T21580] hierarchical_memory_limit 314572800
[  490.581834][T21580] hierarchical_memsw_limit 9223372036854771712
[  490.592722][T21580] total_cache 311996416
[  490.597518][T21580] total_rss 118784
[  490.603307][T21580] total_rss_huge 0
[  490.607509][T21580] total_shmem 311996416
[  490.611701][T21580] total_mapped_file 3457024
[  490.618256][T21580] total_dirty 0
[  490.621770][T21580] total_writeback 0
[  490.629236][T21580] total_workingset_refault_anon 26
[  490.635151][T21580] total_workingset_refault_file 0
[  490.640755][T21580] total_swap 127987712
[  490.644931][T21580] total_swapcached 8192
[  490.650043][T21580] total_pgpgin 485218
[  490.654487][T21580] total_pgpgout 409017
[  490.658826][T21580] total_pgfault 97181
[  490.662981][T21580] total_pgmajfault 20
[  490.674212][T21580] total_inactive_anon 243683328
[  490.681212][T21580] total_active_anon 68173824
[  490.687324][T21580] total_inactive_file 0
[  490.693835][T21580] total_active_file 0
[  490.698247][T21580] total_unevictable 0
[  490.702883][T21580] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.7568,pid=21551,uid=0
[  490.718713][T21580] Memory cgroup out of memory: Killed process 21551 (syz.0.7568) total-vm:90092kB, anon-rss:1064kB, file-rss:53504kB, shmem-rss:0kB, UID:0 pgtables:184kB oom_score_adj:1000
[  490.737269][T21842] /dev/loop0: Can't lookup blockdev
[  491.155495][T21569] syz.0.7568 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  491.209647][T21569] CPU: 1 UID: 0 PID: 21569 Comm: syz.0.7568 Not tainted 6.12.30-syzkaller-g94ce385c22d5 #0 16e511e29439c8b2668c1520ec6e7e54ef5e5f6a
[  491.209689][T21569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  491.209705][T21569] Call Trace:
[  491.209713][T21569]  <TASK>
[  491.209724][T21569]  __dump_stack+0x21/0x30
[  491.209761][T21569]  dump_stack_lvl+0x10c/0x190
[  491.209791][T21569]  ? __cfi_dump_stack_lvl+0x10/0x10
[  491.209818][T21569]  ? ___ratelimit+0x3f7/0x5a0
[  491.209901][T21569]  dump_stack+0x19/0x20
[  491.209928][T21569]  dump_header+0xd7/0x490
[  491.209963][T21569]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  491.209990][T21569]  oom_kill_process+0x4c0/0x7e0
[  491.210017][T21569]  ? sched_clock_cpu+0x75/0x400
[  491.210047][T21569]  out_of_memory+0x7ee/0xbd0
[  491.210069][T21569]  ? __cfi_out_of_memory+0x10/0x10
[  491.210091][T21569]  ? mutex_lock_killable+0x92/0x1c0
[  491.210121][T21569]  ? __cfi_mutex_lock_killable+0x10/0x10
[  491.210152][T21569]  mem_cgroup_out_of_memory+0x279/0x350
[  491.210185][T21569]  ? drain_obj_stock+0xed0/0xed0
[  491.210217][T21569]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  491.210250][T21569]  try_charge_memcg+0x8f7/0xde0
[  491.210278][T21569]  ? __cfi_try_charge_memcg+0x10/0x10
[  491.210305][T21569]  ? __alloc_pages_noprof+0x30d/0x6c0
[  491.210332][T21569]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  491.210358][T21569]  ? __folio_batch_add_and_move+0x2ab/0x370
[  491.210383][T21569]  __mem_cgroup_charge+0xf6/0x410
[  491.210412][T21569]  ? __kasan_check_write+0x18/0x20
[  491.210441][T21569]  ? _raw_spin_lock+0x8c/0x120
[  491.210476][T21569]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  491.210507][T21569]  shmem_alloc_and_add_folio+0x86d/0x1050
[  491.210548][T21569]  ? put_swap_device+0x130/0x130
[  491.210585][T21569]  ? shmem_huge_global_enabled+0x2da/0x360
[  491.210621][T21569]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  491.210656][T21569]  ? __kasan_check_write+0x18/0x20
[  491.210685][T21569]  ? _raw_spin_lock+0x8c/0x120
[  491.210720][T21569]  shmem_get_folio_gfp+0x5f0/0x1380
[  491.210757][T21569]  ? shmem_get_folio+0xc0/0xc0
[  491.210789][T21569]  ? follow_page_pte+0xa5c/0xb90
[  491.210815][T21569]  ? inode_to_bdi+0x6d/0x100
[  491.210849][T21569]  shmem_write_begin+0xf4/0x270
[  491.210887][T21569]  generic_perform_write+0x330/0x960
[  491.210919][T21569]  ? __cfi_generic_perform_write+0x10/0x10
[  491.210947][T21569]  ? down_write+0xe9/0x2a0
[  491.210979][T21569]  ? file_update_time+0xa3/0x220
[  491.211006][T21569]  shmem_file_write_iter+0x105/0x130
[  491.211032][T21569]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  491.211057][T21569]  __kernel_write_iter+0x392/0x830
[  491.211087][T21569]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  491.211115][T21569]  ? __cfi___kernel_write_iter+0x10/0x10
[  491.211145][T21569]  ? get_dump_page+0x160/0x220
[  491.211169][T21569]  ? __asan_memset+0x39/0x50
[  491.211197][T21569]  ? iov_iter_bvec+0xc0/0x180
[  491.211232][T21569]  dump_user_range+0xb06/0xdf0
[  491.211264][T21569]  ? __cfi_dump_emit+0x10/0x10
[  491.211293][T21569]  ? __cfi_dump_user_range+0x10/0x10
[  491.211323][T21569]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  491.211355][T21569]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  491.211389][T21569]  elf_core_dump+0x2cd9/0x3810
[  491.211430][T21569]  ? __cfi_elf_core_dump+0x10/0x10
[  491.211475][T21569]  ? dump_interrupted+0xf0/0xf0
[  491.211505][T21569]  ? filp_open+0x182/0x1d0
[  491.211528][T21569]  ? 0xffffffffff600000
[  491.211548][T21569]  do_coredump+0x1bf7/0x2bd0
[  491.211581][T21569]  ? __cfi_do_coredump+0x10/0x10
[  491.211608][T21569]  ? asm_exc_general_protection+0x2b/0x30
[  491.211644][T21569]  ? __kasan_slab_free+0x6a/0x80
[  491.211679][T21569]  ? kmem_cache_free+0x1c1/0x4c0
[  491.211711][T21569]  get_signal+0x11fd/0x14f0
[  491.211742][T21569]  arch_do_signal_or_restart+0x96/0x720
[  491.211776][T21569]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  491.211809][T21569]  ? fixup_iopl_exception+0xdd/0x2e0
[  491.211854][T21569]  irqentry_exit_to_user_mode+0x4e/0xb0
[  491.211887][T21569]  irqentry_exit+0x16/0x60
[  491.211916][T21569]  exc_general_protection+0x15a/0x1f0
[  491.211942][T21569]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  491.211972][T21569]  asm_exc_general_protection+0x2b/0x30
[  491.211998][T21569] RIP: 0033:0x7f322478e931
[  491.212019][T21569] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  491.212041][T21569] RSP: 002b:0000200000000240 EFLAGS: 00010217
[  491.212064][T21569] RAX: 0000000000000000 RBX: 00007f32249b6080 RCX: 00007f322478e929
[  491.212082][T21569] RDX: 0000200000000100 RSI: 0000200000000240 RDI: 0000000000000200
[  491.212100][T21569] RBP: 00007f3224810b39 R08: 00002000000002c0 R09: 00002000000002c0
[  491.212118][T21569] R10: 0000200000000280 R11: 0000000000000206 R12: 0000000000000000
[  491.212134][T21569] R13: 0000000000000000 R14: 00007f32249b6080 R15: 00007fff7a25b748
[  491.212154][T21569]  </TASK>
[  491.270138][T21569] memory: usage 301288kB, limit 307200kB, failcnt 37904
[  491.710445][T21883] netlink: 80 bytes leftover after parsing attributes in process `syz.1.7689'.
[  491.867093][T21889] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21889 comm=syz.4.7692
[  491.879954][T21889] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21889 comm=syz.4.7692
[  491.892698][T21889] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21889 comm=syz.4.7692
[  491.905500][T21889] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21889 comm=syz.4.7692
[  491.918192][T21889] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21889 comm=syz.4.7692
[  491.930718][T21889] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21889 comm=syz.4.7692
[  491.943500][T21889] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21889 comm=syz.4.7692
[  491.956036][T21889] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21889 comm=syz.4.7692
[  491.968599][T21889] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21889 comm=syz.4.7692
[  491.981197][T21889] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21889 comm=syz.4.7692
[  491.995040][T21569] memory+swap: usage 412104kB, limit 9007199254740988kB, failcnt 0
[  492.003222][T21569] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  492.010189][T21569] Memory cgroup stats for /syz0:
[  492.010341][T21569] cache 294866944
[  492.018991][T21569] rss 102400
[  492.022267][T21569] rss_huge 0
[  492.025521][T21569] shmem 294866944
[  492.029190][T21569] mapped_file 4882432
[  492.033289][T21569] dirty 0
[  492.036282][T21569] writeback 8192
[  492.039864][T21569] workingset_refault_anon 26
[  492.044469][T21569] workingset_refault_file 0
[  492.049060][T21569] swap 127987712
[  492.052634][T21569] swapcached 8192
[  492.056296][T21569] pgpgin 487341
[  492.059848][T21569] pgpgout 415318
[  492.063424][T21569] pgfault 97639
[  492.067067][T21569] pgmajfault 20
[  492.101119][T21895] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7693'.
[  492.138956][T21569] inactive_anon 25575424
[  492.156049][T21897] rust_binder: Got transaction with invalid offset.
[  492.156105][T21897] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  492.185484][T21569] active_anon 267071488
[  492.185536][T21897] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:534
[  492.260397][T21569] inactive_file 0
[  492.261098][T21905] netlink: 80 bytes leftover after parsing attributes in process `syz.1.7698'.
[  492.380007][T21921] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  492.390634][T21569] active_file 0
[  492.395161][T21569] unevictable 0
[  492.398715][T21921] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  492.408028][T21916] tipc: Started in network mode
[  492.413548][T21916] tipc: Node identity 4, cluster identity 4711
[  492.420265][T21916] tipc: Node number set to 4
[  492.452750][T21569] hierarchical_memory_limit 314572800
[  492.490901][T21569] hierarchical_memsw_limit 9223372036854771712
[  492.533561][T21569] total_cache 294866944
[  492.582203][T21569] total_rss 102400
[  492.586183][T21569] total_rss_huge 0
[  492.590033][T21569] total_shmem 294866944
[  492.616532][T21569] total_mapped_file 4882432
[  492.634545][  T305] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  492.643296][T21569] total_dirty 0
[  492.660643][T21569] total_writeback 8192
[  492.680828][T21569] total_workingset_refault_anon 26
[  492.704218][T21569] total_workingset_refault_file 0
[  492.709711][T21569] total_swap 127987712
[  492.714416][T21569] total_swapcached 8192
[  492.718658][T21569] total_pgpgin 487341
[  492.723393][T21569] total_pgpgout 415318
[  492.727603][T21569] total_pgfault 97639
[  492.731883][T21569] total_pgmajfault 20
[  492.735936][T21569] total_inactive_anon 25575424
[  492.741335][T21569] total_active_anon 267071488
[  492.754095][T21569] total_inactive_file 0
[  492.758317][T21569] total_active_file 0
[  492.762323][T21569] total_unevictable 0
[  492.771288][T21569] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.7568,pid=21573,uid=0
[  492.788845][T21569] Memory cgroup out of memory: Killed process 21573 (syz.0.7568) total-vm:90092kB, anon-rss:936kB, file-rss:53504kB, shmem-rss:0kB, UID:0 pgtables:184kB oom_score_adj:1000
[  492.807158][  T305] usb 3-1: Using ep0 maxpacket: 8
[  492.814619][  T305] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  492.826911][  T305] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.839786][  T305] usb 3-1: config 0 descriptor??
[  493.062108][  T305] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  493.084244][  T305] asix 3-1:0.0: probe with driver asix failed with error -71
[  493.095653][  T305] usb 3-1: USB disconnect, device number 21
[  493.375001][T21566] syz.0.7568 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  493.457689][T21566] CPU: 1 UID: 0 PID: 21566 Comm: syz.0.7568 Not tainted 6.12.30-syzkaller-g94ce385c22d5 #0 16e511e29439c8b2668c1520ec6e7e54ef5e5f6a
[  493.457732][T21566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  493.457750][T21566] Call Trace:
[  493.457759][T21566]  <TASK>
[  493.457769][T21566]  __dump_stack+0x21/0x30
[  493.457804][T21566]  dump_stack_lvl+0x10c/0x190
[  493.457832][T21566]  ? __cfi_dump_stack_lvl+0x10/0x10
[  493.457860][T21566]  ? ___ratelimit+0x3f7/0x5a0
[  493.457887][T21566]  dump_stack+0x19/0x20
[  493.457917][T21566]  dump_header+0xd7/0x490
[  493.457951][T21566]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  493.457978][T21566]  oom_kill_process+0x4c0/0x7e0
[  493.458000][T21566]  ? sched_clock_cpu+0x75/0x400
[  493.458028][T21566]  out_of_memory+0x7ee/0xbd0
[  493.458050][T21566]  ? __cfi_out_of_memory+0x10/0x10
[  493.458071][T21566]  ? mutex_lock_killable+0x92/0x1c0
[  493.458100][T21566]  ? __cfi_mutex_lock_killable+0x10/0x10
[  493.458132][T21566]  mem_cgroup_out_of_memory+0x279/0x350
[  493.458164][T21566]  ? drain_obj_stock+0xed0/0xed0
[  493.458197][T21566]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  493.458228][T21566]  try_charge_memcg+0x8f7/0xde0
[  493.458255][T21566]  ? __cfi_try_charge_memcg+0x10/0x10
[  493.458282][T21566]  ? __alloc_pages_noprof+0x30d/0x6c0
[  493.458307][T21566]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  493.458332][T21566]  ? __folio_batch_add_and_move+0x2ab/0x370
[  493.458356][T21566]  __mem_cgroup_charge+0xf6/0x410
[  493.458384][T21566]  ? __kasan_check_write+0x18/0x20
[  493.458412][T21566]  ? _raw_spin_lock+0x8c/0x120
[  493.458447][T21566]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  493.458478][T21566]  shmem_alloc_and_add_folio+0x86d/0x1050
[  493.458518][T21566]  ? put_swap_device+0x130/0x130
[  493.458552][T21566]  ? shmem_huge_global_enabled+0x2da/0x360
[  493.458587][T21566]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  493.458621][T21566]  ? __kasan_check_write+0x18/0x20
[  493.458649][T21566]  ? _raw_spin_lock+0x8c/0x120
[  493.458694][T21566]  shmem_get_folio_gfp+0x5f0/0x1380
[  493.458731][T21566]  ? shmem_get_folio+0xc0/0xc0
[  493.458766][T21566]  ? follow_page_pte+0xa5c/0xb90
[  493.458790][T21566]  ? inode_to_bdi+0x6d/0x100
[  493.458817][T21566]  shmem_write_begin+0xf4/0x270
[  493.458853][T21566]  generic_perform_write+0x330/0x960
[  493.458884][T21566]  ? __cfi_generic_perform_write+0x10/0x10
[  493.458912][T21566]  ? down_write+0xe9/0x2a0
[  493.458942][T21566]  ? file_update_time+0xa3/0x220
[  493.458968][T21566]  shmem_file_write_iter+0x105/0x130
[  493.458993][T21566]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  493.459018][T21566]  __kernel_write_iter+0x392/0x830
[  493.459048][T21566]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  493.459074][T21566]  ? __cfi___kernel_write_iter+0x10/0x10
[  493.459104][T21566]  ? get_dump_page+0x160/0x220
[  493.459126][T21566]  ? __asan_memset+0x39/0x50
[  493.459153][T21566]  ? iov_iter_bvec+0xc0/0x180
[  493.459186][T21566]  dump_user_range+0xb06/0xdf0
[  493.459217][T21566]  ? __cfi_dump_emit+0x10/0x10
[  493.459246][T21566]  ? __cfi_dump_user_range+0x10/0x10
[  493.459276][T21566]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  493.459313][T21566]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  493.459345][T21566]  elf_core_dump+0x2cd9/0x3810
[  493.459384][T21566]  ? __cfi_elf_core_dump+0x10/0x10
[  493.459427][T21566]  ? dump_interrupted+0xf0/0xf0
[  493.459455][T21566]  ? filp_open+0x182/0x1d0
[  493.459478][T21566]  ? 0xffffffffff600000
[  493.459497][T21566]  do_coredump+0x1bf7/0x2bd0
[  493.459529][T21566]  ? __cfi_do_coredump+0x10/0x10
[  493.459557][T21566]  ? asm_exc_general_protection+0x2b/0x30
[  493.459592][T21566]  ? __kasan_slab_free+0x6a/0x80
[  493.459627][T21566]  ? kmem_cache_free+0x1c1/0x4c0
[  493.459658][T21566]  get_signal+0x11fd/0x14f0
[  493.459696][T21566]  arch_do_signal_or_restart+0x96/0x720
[  493.459728][T21566]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  493.459762][T21566]  ? fixup_iopl_exception+0xdd/0x2e0
[  493.459795][T21566]  irqentry_exit_to_user_mode+0x4e/0xb0
[  493.459826][T21566]  irqentry_exit+0x16/0x60
[  493.459854][T21566]  exc_general_protection+0x15a/0x1f0
[  493.459879][T21566]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  493.459906][T21566]  asm_exc_general_protection+0x2b/0x30
[  493.459931][T21566] RIP: 0033:0x7f322478e931
[  493.459950][T21566] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  493.459971][T21566] RSP: 002b:0000200000000240 EFLAGS: 00010217
[  493.459994][T21566] RAX: 0000000000000000 RBX: 00007f32249b6080 RCX: 00007f322478e929
[  493.460012][T21566] RDX: 0000200000000100 RSI: 0000200000000240 RDI: 0000000000000200
[  493.460029][T21566] RBP: 00007f3224810b39 R08: 00002000000002c0 R09: 00002000000002c0
[  493.460047][T21566] R10: 0000200000000280 R11: 0000000000000206 R12: 0000000000000000
[  493.460063][T21566] R13: 0000000000000000 R14: 00007f32249b6080 R15: 00007fff7a25b748
[  493.460083][T21566]  </TASK>
[  493.553903][T21566] memory: usage 274400kB, limit 307200kB, failcnt 41861
[  493.582797][T21928] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7706'.
[  493.735239][T21566] memory+swap: usage 402604kB, limit 9007199254740988kB, failcnt 0
[  494.024317][T21566] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  494.045955][T21566] Memory cgroup stats for /syz0:
[  494.046122][T21566] cache 304398336
[  494.060143][T21566] rss 65536
[  494.063308][T21566] rss_huge 0
[  494.077524][T21566] shmem 304398336
[  494.081326][T21566] mapped_file 8192
[  494.085073][T21566] dirty 0
[  494.109802][  T305] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  494.118742][T21566] writeback 0
[  494.124999][T21566] workingset_refault_anon 30
[  494.130083][T21566] workingset_refault_file 0
[  494.135047][T21566] swap 127983616
[  494.138807][T21566] swapcached 12288
[  494.152856][T21566] pgpgin 501740
[  494.156385][T21566] pgpgout 427407
[  494.160220][T21566] pgfault 98461
[  494.164485][T21566] pgmajfault 24
[  494.168777][T21566] inactive_anon 294256640
[  494.173258][T21566] active_anon 9891840
[  494.178410][T21566] inactive_file 0
[  494.182090][T21566] active_file 0
[  494.188144][T21566] unevictable 0
[  494.191890][T21566] hierarchical_memory_limit 314572800
[  494.197847][T21566] hierarchical_memsw_limit 9223372036854771712
[  494.204628][T21566] total_cache 304398336
[  494.209154][T21566] total_rss 65536
[  494.212905][T21566] total_rss_huge 0
[  494.234781][T21566] total_shmem 304398336
[  494.239323][T21566] total_mapped_file 8192
[  494.243746][T21566] total_dirty 0
[  494.247382][T21566] total_writeback 0
[  494.253616][T21566] total_workingset_refault_anon 30
[  494.260311][  T305] usb 3-1: device descriptor read/64, error -71
[  494.267343][T21566] total_workingset_refault_file 0
[  494.272851][T21566] total_swap 127983616
[  494.277041][T21566] total_swapcached 12288
[  494.281725][T21566] total_pgpgin 501740
[  494.286014][T21566] total_pgpgout 427407
[  494.290804][T21566] total_pgfault 98461
[  494.295470][T21566] total_pgmajfault 24
[  494.299491][T21566] total_inactive_anon 294256640
[  494.305365][T21566] total_active_anon 9891840
[  494.311128][T21566] total_inactive_file 0
[  494.316594][T21566] total_active_file 0
[  494.320803][T21566] total_unevictable 0
[  494.325237][T21566] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.7568,pid=21563,uid=0
[  494.341067][T21566] Memory cgroup out of memory: Killed process 21563 (syz.0.7568) total-vm:90092kB, anon-rss:936kB, file-rss:53504kB, shmem-rss:0kB, UID:0 pgtables:184kB oom_score_adj:1000
[  494.516102][  T305] usb 3-1: device descriptor read/64, error -71
[  494.729347][T21584] syz.0.7568 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  494.782518][T21584] CPU: 0 UID: 0 PID: 21584 Comm: syz.0.7568 Not tainted 6.12.30-syzkaller-g94ce385c22d5 #0 16e511e29439c8b2668c1520ec6e7e54ef5e5f6a
[  494.782567][T21584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  494.782587][T21584] Call Trace:
[  494.782595][T21584]  <TASK>
[  494.782605][T21584]  __dump_stack+0x21/0x30
[  494.782638][T21584]  dump_stack_lvl+0x10c/0x190
[  494.782665][T21584]  ? __cfi_dump_stack_lvl+0x10/0x10
[  494.782692][T21584]  ? ___ratelimit+0x3f7/0x5a0
[  494.782719][T21584]  dump_stack+0x19/0x20
[  494.782744][T21584]  dump_header+0xd7/0x490
[  494.782792][T21584]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  494.782817][T21584]  oom_kill_process+0x4c0/0x7e0
[  494.782840][T21584]  ? sched_clock_cpu+0x75/0x400
[  494.782868][T21584]  out_of_memory+0x7ee/0xbd0
[  494.782889][T21584]  ? __cfi_out_of_memory+0x10/0x10
[  494.782910][T21584]  ? mutex_lock_killable+0x92/0x1c0
[  494.782938][T21584]  ? __cfi_mutex_lock_killable+0x10/0x10
[  494.782970][T21584]  mem_cgroup_out_of_memory+0x279/0x350
[  494.783002][T21584]  ? drain_obj_stock+0xed0/0xed0
[  494.783035][T21584]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  494.783066][T21584]  try_charge_memcg+0x8f7/0xde0
[  494.783093][T21584]  ? __cfi_try_charge_memcg+0x10/0x10
[  494.783118][T21584]  ? __alloc_pages_noprof+0x30d/0x6c0
[  494.783143][T21584]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  494.783168][T21584]  ? __folio_batch_add_and_move+0x2ab/0x370
[  494.783192][T21584]  __mem_cgroup_charge+0xf6/0x410
[  494.783220][T21584]  ? __kasan_check_write+0x18/0x20
[  494.783248][T21584]  ? _raw_spin_lock+0x8c/0x120
[  494.783280][T21584]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  494.783311][T21584]  shmem_alloc_and_add_folio+0x86d/0x1050
[  494.783352][T21584]  ? put_swap_device+0x130/0x130
[  494.783387][T21584]  ? shmem_huge_global_enabled+0x2da/0x360
[  494.783421][T21584]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  494.783454][T21584]  ? __kasan_check_write+0x18/0x20
[  494.783481][T21584]  ? _raw_spin_lock+0x8c/0x120
[  494.783515][T21584]  shmem_get_folio_gfp+0x5f0/0x1380
[  494.783552][T21584]  ? shmem_get_folio+0xc0/0xc0
[  494.783594][T21584]  ? follow_page_pte+0xa5c/0xb90
[  494.783619][T21584]  ? inode_to_bdi+0x6d/0x100
[  494.783646][T21584]  shmem_write_begin+0xf4/0x270
[  494.783682][T21584]  generic_perform_write+0x330/0x960
[  494.783713][T21584]  ? __cfi_generic_perform_write+0x10/0x10
[  494.783740][T21584]  ? down_write+0xe9/0x2a0
[  494.783770][T21584]  ? file_update_time+0xa3/0x220
[  494.783796][T21584]  shmem_file_write_iter+0x105/0x130
[  494.783822][T21584]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  494.783847][T21584]  __kernel_write_iter+0x392/0x830
[  494.783877][T21584]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  494.783903][T21584]  ? __cfi___kernel_write_iter+0x10/0x10
[  494.783932][T21584]  ? get_dump_page+0x160/0x220
[  494.783955][T21584]  ? __asan_memset+0x39/0x50
[  494.783982][T21584]  ? iov_iter_bvec+0xc0/0x180
[  494.784017][T21584]  dump_user_range+0xb06/0xdf0
[  494.784049][T21584]  ? __cfi_dump_emit+0x10/0x10
[  494.784078][T21584]  ? __cfi_dump_user_range+0x10/0x10
[  494.784108][T21584]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  494.784140][T21584]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  494.784173][T21584]  elf_core_dump+0x2cd9/0x3810
[  494.784212][T21584]  ? __cfi_elf_core_dump+0x10/0x10
[  494.784256][T21584]  ? dump_interrupted+0xf0/0xf0
[  494.784284][T21584]  ? filp_open+0x182/0x1d0
[  494.784307][T21584]  ? 0xffffffffff600000
[  494.784328][T21584]  do_coredump+0x1bf7/0x2bd0
[  494.784360][T21584]  ? __cfi_do_coredump+0x10/0x10
[  494.784388][T21584]  ? asm_exc_general_protection+0x2b/0x30
[  494.784424][T21584]  ? __kasan_slab_free+0x6a/0x80
[  494.784457][T21584]  ? kmem_cache_free+0x1c1/0x4c0
[  494.784489][T21584]  get_signal+0x11fd/0x14f0
[  494.784519][T21584]  arch_do_signal_or_restart+0x96/0x720
[  494.784552][T21584]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  494.784592][T21584]  ? fixup_iopl_exception+0xdd/0x2e0
[  494.784626][T21584]  irqentry_exit_to_user_mode+0x4e/0xb0
[  494.784657][T21584]  irqentry_exit+0x16/0x60
[  494.784686][T21584]  exc_general_protection+0x15a/0x1f0
[  494.784712][T21584]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  494.784739][T21584]  asm_exc_general_protection+0x2b/0x30
[  494.784765][T21584] RIP: 0033:0x7f322478e931
[  494.784786][T21584] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  494.784807][T21584] RSP: 002b:0000200000000240 EFLAGS: 00010217
[  494.784830][T21584] RAX: 0000000000000000 RBX: 00007f32249b6080 RCX: 00007f322478e929
[  494.784848][T21584] RDX: 0000200000000100 RSI: 0000200000000240 RDI: 0000000000000200
[  494.784866][T21584] RBP: 00007f3224810b39 R08: 00002000000002c0 R09: 00002000000002c0
[  494.784883][T21584] R10: 0000200000000280 R11: 0000000000000206 R12: 0000000000000000
[  494.784900][T21584] R13: 0000000000000000 R14: 00007f32249b6080 R15: 00007fff7a25b748
[  494.784920][T21584]  </TASK>
[  495.267963][  T305] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  495.273011][T21584] memory: usage 306996kB, limit 307200kB, failcnt 43847
[  495.282688][T21584] memory+swap: usage 431976kB, limit 9007199254740988kB, failcnt 0
[  495.290808][T21584] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  495.297785][T21584] Memory cgroup stats for /syz0:
[  495.297914][T21584] cache 314281984
[  495.306936][T21584] rss 77824
[  495.310409][T21584] rss_huge 0
[  495.313682][T21584] shmem 314281984
[  495.317344][T21584] mapped_file 8192
[  495.321252][T21584] dirty 0
[  495.324511][T21584] writeback 0
[  495.327905][T21584] workingset_refault_anon 33
[  495.332788][T21584] workingset_refault_file 0
[  495.337310][T21584] swap 127979520
[  495.341013][T21584] swapcached 12288
[  495.344929][T21584] pgpgin 512422
[  495.348533][T21584] pgpgout 435673
[  495.352373][T21584] pgfault 98753
[  495.355855][T21584] pgmajfault 27
[  495.359543][T21584] inactive_anon 265650176
[  495.364065][T21584] active_anon 48652288
[  495.368682][T21584] inactive_file 0
[  495.372750][T21584] active_file 0
[  495.376791][T21584] unevictable 0
[  495.380282][T21584] hierarchical_memory_limit 314572800
[  495.385997][T21584] hierarchical_memsw_limit 9223372036854771712
[  495.392401][T21584] total_cache 314281984
[  495.396977][T21584] total_rss 77824
[  495.400760][T21584] total_rss_huge 0
[  495.404562][T21584] total_shmem 314281984
[  495.409162][T21584] total_mapped_file 8192
[  495.413537][T21584] total_dirty 0
[  495.414191][  T305] usb 3-1: device descriptor read/64, error -71
[  495.417106][T21584] total_writeback 0
[  495.428775][T21584] total_workingset_refault_anon 33
[  495.436848][T21584] total_workingset_refault_file 0
[  495.442022][T21584] total_swap 127979520
[  495.446486][T21584] total_swapcached 12288
[  495.450889][T21584] total_pgpgin 512422
[  495.454902][T21584] total_pgpgout 435673
[  495.459418][T21584] total_pgfault 98753
[  495.463482][T21584] total_pgmajfault 27
[  495.467538][T21584] total_inactive_anon 265650176
[  495.472898][T21584] total_active_anon 48652288
[  495.477567][T21584] total_inactive_file 0
[  495.481808][T21584] total_active_file 0
[  495.485816][T21584] total_unevictable 0
[  495.489986][T21584] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.7568,pid=21558,uid=0
[  495.505199][T21584] Memory cgroup out of memory: Killed process 21558 (syz.0.7568) total-vm:90092kB, anon-rss:936kB, file-rss:53504kB, shmem-rss:0kB, UID:0 pgtables:184kB oom_score_adj:1000
[  495.681326][  T305] usb 3-1: device descriptor read/64, error -71
[  495.773492][T21923] syz-executor invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  495.783794][T21923] CPU: 0 UID: 0 PID: 21923 Comm: syz-executor Not tainted 6.12.30-syzkaller-g94ce385c22d5 #0 16e511e29439c8b2668c1520ec6e7e54ef5e5f6a
[  495.783835][T21923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  495.783850][T21923] Call Trace:
[  495.783860][T21923]  <TASK>
[  495.783869][T21923]  __dump_stack+0x21/0x30
[  495.783899][T21923]  dump_stack_lvl+0x10c/0x190
[  495.783923][T21923]  ? __cfi_dump_stack_lvl+0x10/0x10
[  495.783946][T21923]  ? ___ratelimit+0x3f7/0x5a0
[  495.783969][T21923]  dump_stack+0x19/0x20
[  495.783991][T21923]  dump_header+0xd7/0x490
[  495.784021][T21923]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  495.784043][T21923]  oom_kill_process+0x4c0/0x7e0
[  495.784062][T21923]  ? sched_clock_cpu+0x75/0x400
[  495.784086][T21923]  out_of_memory+0x7ee/0xbd0
[  495.784104][T21923]  ? __cfi_out_of_memory+0x10/0x10
[  495.784122][T21923]  ? mutex_lock_killable+0x92/0x1c0
[  495.784148][T21923]  ? __cfi_mutex_lock_killable+0x10/0x10
[  495.784182][T21923]  mem_cgroup_out_of_memory+0x279/0x350
[  495.784245][T21923]  ? drain_obj_stock+0xed0/0xed0
[  495.784278][T21923]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  495.784310][T21923]  try_charge_memcg+0x8f7/0xde0
[  495.784336][T21923]  ? percpu_counter_add_batch+0xfc/0x1b0
[  495.784364][T21923]  ? __cfi_try_charge_memcg+0x10/0x10
[  495.784390][T21923]  ? __alloc_pages_noprof+0x30d/0x6c0
[  495.784416][T21923]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  495.784443][T21923]  __mem_cgroup_charge+0xf6/0x410
[  495.784472][T21923]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  495.784497][T21923]  ? __cfi_filemap_map_pages+0x10/0x10
[  495.784519][T21923]  ? cgroup_rstat_updated+0x132/0x7f0
[  495.784544][T21923]  folio_prealloc+0x67/0x240
[  495.784573][T21923]  do_wp_page+0x1c54/0x3270
[  495.784600][T21923]  ? __cfi_filemap_map_pages+0x10/0x10
[  495.784623][T21923]  ? __cfi_cgroup_rstat_updated+0x10/0x10
[  495.784647][T21923]  ? folio_put+0x90/0x90
[  495.784673][T21923]  ? __cfi__raw_spin_lock+0x10/0x10
[  495.784701][T21923]  ? __pte_offset_map+0x1b0/0x230
[  495.784724][T21923]  ? pte_offset_map_rw_nolock+0xba/0x110
[  495.784748][T21923]  handle_mm_fault+0xff7/0x1b90
[  495.784778][T21923]  ? __cfi_handle_mm_fault+0x10/0x10
[  495.784806][T21923]  ? lock_vma_under_rcu+0x49d/0x530
[  495.784839][T21923]  do_user_addr_fault+0x96c/0x1200
[  495.784867][T21923]  exc_page_fault+0x59/0xc0
[  495.784891][T21923]  asm_exc_page_fault+0x2b/0x30
[  495.784912][T21923] RIP: 0033:0x7f3224784e40
[  495.784929][T21923] Code: 75 d8 4c 89 e7 e8 60 f7 fb ff 48 8b 80 88 00 00 00 48 c7 00 00 00 00 00 48 c7 40 08 00 00 00 00 eb b8 0f 1f 84 00 00 00 00 00 <48> 83 05 38 79 d6 00 04 48 8b 05 39 88 d6 00 66 0f ef c0 48 c7 05
[  495.784946][T21923] RSP: 002b:00007fff7a25b9d0 EFLAGS: 00010246
[  495.784965][T21923] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f32247851cd
[  495.784979][T21923] RDX: 0000000000000000 RSI: 0000000000000018 RDI: 000055555b4437e0
[  495.784993][T21923] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
[  495.785005][T21923] R10: 000055555b4437d0 R11: 0000000000000246 R12: 0000000000000000
[  495.785019][T21923] R13: 000055555b456470 R14: 0000000000072ffc R15: 00007fff7a25bb60
[  495.785036][T21923]  </TASK>
[  495.785044][T21923] memory: usage 307200kB, limit 307200kB, failcnt 46756
[  496.098893][  T305] usb usb3-port1: attempt power cycle
[  496.100676][T21923] memory+swap: usage 394252kB, limit 9007199254740988kB, failcnt 0
[  496.113131][T21923] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  496.123910][T21923] Memory cgroup stats for /syz0:
[  496.124075][T21923] cache 278196224
[  496.145366][T21923] rss 90112
[  496.148869][T21923] rss_huge 0
[  496.159893][T21923] shmem 278196224
[  496.164111][T21923] mapped_file 8192
[  496.168177][T21923] dirty 0
[  496.171536][T21923] writeback 90112
[  496.175613][T21923] workingset_refault_anon 33
[  496.180480][T21923] workingset_refault_file 0
[  496.185299][T21923] swap 124989440
[  496.189227][T21923] swapcached 196608
[  496.194593][T21923] pgpgin 513175
[  496.198149][T21923] pgpgout 445188
[  496.202145][T21963] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7717'.
[  496.204247][T21923] pgfault 98805
[  496.226077][T21923] pgmajfault 27
[  496.235215][T21923] inactive_anon 228212736
[  496.245391][T21923] active_anon 49971200
[  496.253181][T21923] inactive_file 0
[  496.261221][T21923] active_file 0
[  496.268203][T21923] unevictable 0
[  496.275355][T21923] hierarchical_memory_limit 314572800
[  496.286831][T21923] hierarchical_memsw_limit 9223372036854771712
[  496.300730][T21923] total_cache 278196224
[  496.309954][T21923] total_rss 90112
[  496.321541][T21923] total_rss_huge 0
[  496.335378][T21923] total_shmem 278196224
[  496.349110][T21923] total_mapped_file 8192
[  496.364228][T21923] total_dirty 0
[  496.376040][T21923] total_writeback 90112
[  496.389934][T21923] total_workingset_refault_anon 33
[  496.405250][T21923] total_workingset_refault_file 0
[  496.431272][T21923] total_swap 124989440
[  496.435760][T21923] total_swapcached 196608
[  496.440284][T21923] total_pgpgin 513175
[  496.457701][T21923] total_pgpgout 445188
[  496.461773][  T305] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  496.472469][T21923] total_pgfault 98805
[  496.483124][T21923] total_pgmajfault 27
[  496.487280][T21923] total_inactive_anon 228212736
[  496.495143][  T305] usb 3-1: device descriptor read/8, error -71
[  496.502997][T21923] total_active_anon 49971200
[  496.507863][T21923] total_inactive_file 0
[  496.512503][T21923] total_active_file 0
[  496.525866][T21923] total_unevictable 0
[  496.536628][T21923] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.7568,pid=21575,uid=0
[  496.562601][T21923] Memory cgroup out of memory: Killed process 21575 (syz.0.7568) total-vm:90092kB, anon-rss:936kB, file-rss:53504kB, shmem-rss:0kB, UID:0 pgtables:184kB oom_score_adj:1000
[  496.633875][  T305] usb 3-1: device descriptor read/8, error -71
[  496.747516][T21586] syz.0.7568 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  496.799031][T21975] netlink: 80 bytes leftover after parsing attributes in process `syz.0.7722'.
[  496.821483][T21586] CPU: 0 UID: 0 PID: 21586 Comm: syz.0.7568 Not tainted 6.12.30-syzkaller-g94ce385c22d5 #0 16e511e29439c8b2668c1520ec6e7e54ef5e5f6a
[  496.821525][T21586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  496.821541][T21586] Call Trace:
[  496.821550][T21586]  <TASK>
[  496.821560][T21586]  __dump_stack+0x21/0x30
[  496.821594][T21586]  dump_stack_lvl+0x10c/0x190
[  496.821622][T21586]  ? __cfi_dump_stack_lvl+0x10/0x10
[  496.821649][T21586]  ? ___ratelimit+0x3f7/0x5a0
[  496.821675][T21586]  dump_stack+0x19/0x20
[  496.821701][T21586]  dump_header+0xd7/0x490
[  496.821735][T21586]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  496.821761][T21586]  oom_kill_process+0x4c0/0x7e0
[  496.821783][T21586]  ? sched_clock_cpu+0x75/0x400
[  496.821811][T21586]  out_of_memory+0x7ee/0xbd0
[  496.821832][T21586]  ? __cfi_out_of_memory+0x10/0x10
[  496.821853][T21586]  ? mutex_lock_killable+0x92/0x1c0
[  496.821881][T21586]  ? __cfi_mutex_lock_killable+0x10/0x10
[  496.821916][T21586]  mem_cgroup_out_of_memory+0x279/0x350
[  496.821955][T21586]  ? drain_obj_stock+0xed0/0xed0
[  496.821988][T21586]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  496.822020][T21586]  try_charge_memcg+0x8f7/0xde0
[  496.822047][T21586]  ? __cfi_try_charge_memcg+0x10/0x10
[  496.822072][T21586]  ? __alloc_pages_noprof+0x30d/0x6c0
[  496.822097][T21586]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  496.822124][T21586]  __mem_cgroup_charge+0xf6/0x410
[  496.822152][T21586]  ? _raw_spin_lock+0x8c/0x120
[  496.822186][T21586]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  496.822217][T21586]  shmem_alloc_and_add_folio+0x86d/0x1050
[  496.822256][T21586]  ? put_swap_device+0x130/0x130
[  496.822291][T21586]  ? shmem_huge_global_enabled+0x2da/0x360
[  496.822326][T21586]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  496.822358][T21586]  ? __kasan_check_write+0x18/0x20
[  496.822386][T21586]  ? _raw_spin_lock+0x8c/0x120
[  496.822430][T21586]  shmem_get_folio_gfp+0x5f0/0x1380
[  496.822495][T21586]  ? shmem_get_folio+0xc0/0xc0
[  496.822529][T21586]  ? follow_page_pte+0xa5c/0xb90
[  496.822553][T21586]  ? inode_to_bdi+0x6d/0x100
[  496.822580][T21586]  shmem_write_begin+0xf4/0x270
[  496.822616][T21586]  generic_perform_write+0x330/0x960
[  496.822646][T21586]  ? __cfi_generic_perform_write+0x10/0x10
[  496.822673][T21586]  ? down_write+0xe9/0x2a0
[  496.822703][T21586]  ? file_update_time+0xa3/0x220
[  496.822728][T21586]  shmem_file_write_iter+0x105/0x130
[  496.822753][T21586]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  496.822778][T21586]  __kernel_write_iter+0x392/0x830
[  496.822808][T21586]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  496.822833][T21586]  ? __cfi___kernel_write_iter+0x10/0x10
[  496.822863][T21586]  ? get_dump_page+0x160/0x220
[  496.822885][T21586]  ? __asan_memset+0x39/0x50
[  496.822912][T21586]  ? iov_iter_bvec+0xc0/0x180
[  496.822945][T21586]  dump_user_range+0xb06/0xdf0
[  496.822976][T21586]  ? __cfi_dump_emit+0x10/0x10
[  496.823005][T21586]  ? __cfi_dump_user_range+0x10/0x10
[  496.823035][T21586]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  496.823065][T21586]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  496.823098][T21586]  elf_core_dump+0x2cd9/0x3810
[  496.823137][T21586]  ? __cfi_elf_core_dump+0x10/0x10
[  496.823181][T21586]  ? dump_interrupted+0xf0/0xf0
[  496.823208][T21586]  ? filp_open+0x182/0x1d0
[  496.823232][T21586]  ? 0xffffffffff600000
[  496.823252][T21586]  do_coredump+0x1bf7/0x2bd0
[  496.823284][T21586]  ? __cfi_do_coredump+0x10/0x10
[  496.823311][T21586]  ? asm_exc_general_protection+0x2b/0x30
[  496.823346][T21586]  ? __kasan_slab_free+0x6a/0x80
[  496.823378][T21586]  ? kmem_cache_free+0x1c1/0x4c0
[  496.823416][T21586]  get_signal+0x11fd/0x14f0
[  496.823444][T21586]  arch_do_signal_or_restart+0x96/0x720
[  496.823477][T21586]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  496.823510][T21586]  ? fixup_iopl_exception+0xdd/0x2e0
[  496.823543][T21586]  irqentry_exit_to_user_mode+0x4e/0xb0
[  496.823574][T21586]  irqentry_exit+0x16/0x60
[  496.823602][T21586]  exc_general_protection+0x15a/0x1f0
[  496.823627][T21586]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  496.823654][T21586]  asm_exc_general_protection+0x2b/0x30
[  496.823679][T21586] RIP: 0033:0x7f322478e931
[  496.823699][T21586] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  496.823720][T21586] RSP: 002b:0000200000000240 EFLAGS: 00010217
[  496.823742][T21586] RAX: 0000000000000000 RBX: 00007f32249b6080 RCX: 00007f322478e929
[  496.823760][T21586] RDX: 0000200000000100 RSI: 0000200000000240 RDI: 0000000000000200
[  496.823777][T21586] RBP: 00007f3224810b39 R08: 00002000000002c0 R09: 00002000000002c0
[  496.823794][T21586] R10: 0000200000000280 R11: 0000000000000206 R12: 0000000000000000
[  496.823810][T21586] R13: 0000000000000000 R14: 00007f32249b6080 R15: 00007fff7a25b748
[  496.823830][T21586]  </TASK>
[  496.942967][T21586] memory: usage 298224kB, limit 307200kB, failcnt 47994
[  497.011320][  T305] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  497.314443][T21586] memory+swap: usage 415628kB, limit 9007199254740988kB, failcnt 0
[  497.368056][T21586] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  497.455186][T21586] Memory cgroup stats for /syz0:
[  497.455492][T21586] cache 257527808
[  497.498754][T21586] rss 73728
[  497.514271][T21586] rss_huge 0
[  497.517541][T21586] shmem 257527808
[  497.545990][T21586] mapped_file 8192
[  497.626994][T21586] dirty 0
[  497.630017][T21586] writeback 0
[  497.633322][T21586] workingset_refault_anon 63
[  497.696389][T22000] /dev/rnullb0: Can't lookup blockdev
[  497.712759][T21586] workingset_refault_file 0
[  497.717432][T21586] swap 121843712
[  497.723269][T21999] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  497.733906][T21586] swapcached 110592
[  497.784762][T22012] fuse: Bad value for 'user_id'
[  497.798068][  T305] usb 3-1: device not accepting address 25, error -71
[  497.798181][T22012] fuse: Bad value for 'user_id'
[  497.805198][  T305] usb usb3-port1: unable to enumerate USB device
[  497.818036][T22010] binder: Unknown parameter '00000000000453438940'
[  497.827373][T21586] pgpgin 530731
[  497.855177][T21586] pgpgout 467795
[  497.858846][T21586] pgfault 99516
[  497.865739][T21586] pgmajfault 55
[  497.876522][T21586] inactive_anon 161927168
[  497.880921][T21586] active_anon 95645696
[  497.915778][T21586] inactive_file 0
[  497.926350][T21586] active_file 0
[  497.929956][T21586] unevictable 0
[  497.940739][T21586] hierarchical_memory_limit 314572800
[  497.958399][T21586] hierarchical_memsw_limit 9223372036854771712
[  497.989794][T21586] total_cache 257527808
[  498.009423][T21586] total_rss 73728
[  498.110766][T21586] total_rss_huge 0
[  498.126829][T21586] total_shmem 257527808
[  498.161565][T21586] total_mapped_file 8192
[  498.166663][T21586] total_dirty 0
[  498.173574][T21586] total_writeback 0
[  498.181880][T21586] total_workingset_refault_anon 63
[  498.192655][T21586] total_workingset_refault_file 0
[  498.209428][T21586] total_swap 121843712
[  498.222356][T21586] total_swapcached 110592
[  498.236024][T21586] total_pgpgin 530731
[  498.254778][T21586] total_pgpgout 467795
[  498.265568][T21586] total_pgfault 99516
[  498.279133][T21586] total_pgmajfault 55
[  498.287083][T21586] total_inactive_anon 161927168
[  498.316747][T21586] total_active_anon 95645696
[  498.348483][T21586] total_inactive_file 0
[  498.353665][T21586] total_active_file 0
[  498.391873][T21586] total_unevictable 0
[  498.396061][T21586] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.7568,pid=21570,uid=0
[  498.449634][T21586] Memory cgroup out of memory: OOM victim 21570 (syz.0.7568) is already exiting. Skip killing the task
[  498.605878][T22032] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7742'.
[  498.829825][T22040] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  498.830964][T22039] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  499.016153][T22044] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7746'.
[  499.165908][T22049] netlink: 80 bytes leftover after parsing attributes in process `syz.2.7748'.
[  499.304147][T22057] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  499.304195][T22057] rust_binder: Error while translating object.
[  499.320946][T22057] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  499.331699][T22057] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:587
[  499.363588][T22059] veth1_macvtap: left promiscuous mode
[  499.391692][T22059] macsec0: entered allmulticast mode
[  499.521818][T22064] netlink: 80 bytes leftover after parsing attributes in process `syz.1.7754'.
[  499.566534][T22068] tmpfs: Bad value for 'uid'
[  499.572466][T22068] tmpfs: Bad value for 'uid'
[  499.701030][  T611] usb 1-1: new full-speed USB device number 16 using dummy_hcd
[  499.968265][  T611] usb 1-1: not running at top speed; connect to a high speed hub
[  499.986350][  T611] usb 1-1: no configurations
[  499.993085][  T611] usb 1-1: can't read configurations, error -22
[  500.003166][T22093] netlink: 80 bytes leftover after parsing attributes in process `syz.2.7764'.
[  500.150214][  T611] usb 1-1: new full-speed USB device number 17 using dummy_hcd
[  500.241479][   T36] audit: type=1326 audit(2000000288.275:68058): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22110 comm="syz.2.7771" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7effadb8e929 code=0x0
[  500.321219][  T611] usb 1-1: not running at top speed; connect to a high speed hub
[  500.331737][  T611] usb 1-1: no configurations
[  500.336417][  T611] usb 1-1: can't read configurations, error -22
[  500.354706][  T611] usb usb1-port1: attempt power cycle
[  500.675137][  T304] tipc: Subscription rejected, illegal request
[  500.727314][  T611] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  500.760474][  T611] usb 1-1: not running at top speed; connect to a high speed hub
[  500.777128][  T611] usb 1-1: no configurations
[  500.782252][  T611] usb 1-1: can't read configurations, error -22
[  500.930494][  T611] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  500.953326][  T611] usb 1-1: not running at top speed; connect to a high speed hub
[  500.961412][  T611] usb 1-1: no configurations
[  500.966232][  T611] usb 1-1: can't read configurations, error -22
[  500.972977][  T611] usb usb1-port1: unable to enumerate USB device
[  501.390231][  T611] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  501.550537][  T611] usb 3-1: Using ep0 maxpacket: 32
[  501.556874][  T611] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  501.566375][  T611] usb 3-1: config 0 has no interface number 0
[  501.572758][  T611] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  501.584234][  T611] usb 3-1: config 0 interface 85 has no altsetting 0
[  501.592739][  T611] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  501.602598][  T611] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  501.610957][  T611] usb 3-1: Product: syz
[  501.615707][  T611] usb 3-1: Manufacturer: syz
[  501.620607][  T611] usb 3-1: SerialNumber: syz
[  501.629911][  T611] usb 3-1: config 0 descriptor??
[  501.640515][T22140] netlink: 80 bytes leftover after parsing attributes in process `syz.1.7781'.
[  502.068568][  T611] usb 3-1: USB disconnect, device number 26
[  502.431316][T22167] overlayfs: conflicting options: metacopy=off,verity=on
[  502.690421][T22184] fuse: Bad value for 'fd'
[  503.025836][  T477] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  503.196821][  T477] usb 3-1: Using ep0 maxpacket: 32
[  503.203201][  T477] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  503.211712][  T477] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  503.215877][T22220] rust_binder: 22210 RLIMIT_NICE not set
[  503.220616][  T477] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  503.235394][  T477] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  503.245206][  T477] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  503.255124][  T477] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  503.268359][  T477] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  503.278362][  T477] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.290835][  T477] usb 3-1: config 0 descriptor??
[  503.515576][  T477] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 27 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  503.803357][T22231] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7817'.
[  503.816309][   T36] audit: type=1400 audit(2000000291.614:68059): avc:  denied  { remove_name } for  pid=22230 comm="syz.4.7817" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  503.846195][   T36] audit: type=1400 audit(2000000291.633:68060): avc:  denied  { unlink } for  pid=22230 comm="syz.4.7817" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  503.847665][T22233] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  504.251380][T22245] overlayfs: failed to resolve './file0': -2
[  504.271758][T22246] netlink: 25 bytes leftover after parsing attributes in process `syz.0.7821'.
[  504.287613][T22246] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  504.373849][T22262] netlink: 80 bytes leftover after parsing attributes in process `syz.0.7829'.
[  504.407149][T22268] tmpfs: Bad value for 'uid'
[  504.411918][T22268] tmpfs: Bad value for 'uid'
[  504.502483][  T410] usb 3-1: USB disconnect, device number 27
[  504.514445][  T410] usblp0: removed
[  504.588211][T22286] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7837'.
[  504.616990][T22288] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7838'.
[  504.821821][  T611] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  504.954407][T22302] selinux_netlink_send: 55 callbacks suppressed
[  504.954433][T22302] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=28176 sclass=netlink_route_socket pid=22302 comm=syz.1.7844
[  504.994435][  T611] usb 1-1: Using ep0 maxpacket: 16
[  505.002298][  T611] usb 1-1: config 1 interface 0 altsetting 5 bulk endpoint 0x82 has invalid maxpacket 8
[  505.012624][  T611] usb 1-1: config 1 interface 0 altsetting 5 bulk endpoint 0x3 has invalid maxpacket 32
[  505.022893][  T611] usb 1-1: config 1 interface 0 has no altsetting 0
[  505.031436][  T611] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  505.040917][  T611] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  505.049426][  T611] usb 1-1: Product: Т
[  505.053683][  T611] usb 1-1: Manufacturer: ꁉ胻㰴鲙⢃݌륏﨣嗴瞛秠ᨷ⩠裿镸脠⌓ൕ턞獮↚菡⌌孶松뎼☵䘜둎绑톞
[  505.069560][  T611] usb 1-1: SerialNumber: Г
[  505.081139][T22284] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  505.100339][T22284] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  505.506003][  T305] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  505.688260][  T305] usb 3-1: Using ep0 maxpacket: 32
[  505.698170][  T305] usb 3-1: config 12 has an invalid interface number: 70 but max is 0
[  505.721957][  T305] usb 3-1: config 12 has no interface number 0
[  505.728204][  T305] usb 3-1: config 12 interface 70 altsetting 2 endpoint 0x3 has invalid maxpacket 512, setting to 64
[  505.773245][  T305] usb 3-1: config 12 interface 70 altsetting 2 has an invalid descriptor for endpoint zero, skipping
[  505.808429][  T305] usb 3-1: config 12 interface 70 has no altsetting 0
[  505.836053][  T305] usb 3-1: New USB device found, idVendor=1e0e, idProduct=9003, bcdDevice=a7.d6
[  505.846096][  T305] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  505.864980][  T305] usb 3-1: Product: syz
[  505.869249][  T305] usb 3-1: Manufacturer: syz
[  505.890849][  T305] usb 3-1: SerialNumber: syz
[  505.901815][  T305] usb 3-1: Interface #70 referenced by multiple IADs
[  506.126820][  T305] usb 3-1: USB disconnect, device number 28
[  506.286890][  T611] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -71
[  506.310915][  T611] usb 1-1: USB disconnect, device number 20
[  506.404408][T22373] sit0: entered promiscuous mode
[  506.410992][T22373] netlink: 'syz.1.7872': attribute type 1 has an invalid length.
[  506.419345][T22373] netlink: 9 bytes leftover after parsing attributes in process `syz.1.7872'.
[  506.547329][   T36] audit: type=1400 audit(2000000294.177:68061): avc:  denied  { map } for  pid=22383 comm="syz.0.7877" path="/dev/ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  506.570892][   T36] audit: type=1400 audit(2000000294.177:68062): avc:  denied  { execute } for  pid=22383 comm="syz.0.7877" path="/dev/ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  506.800917][T22405] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  506.800943][T22405] rust_binder: Read failure Err(EFAULT) in pid:634
[  507.497866][T22436] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7894'.
[  507.583357][   T36] audit: type=1326 audit(2000000295.150:68063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22398 comm="syz.2.7882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effadb8e929 code=0x7fc00000
[  507.678637][   T36] audit: type=1400 audit(2000000295.234:68064): avc:  denied  { setattr } for  pid=22445 comm="syz.0.7898" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  507.835229][T22464] netlink: 80 bytes leftover after parsing attributes in process `syz.0.7906'.
[  507.862168][T22466] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7907'.
[  507.869209][  T611] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  508.013450][T22477] fuse: Bad value for 'user_id'
[  508.021862][T22477] fuse: Bad value for 'user_id'
[  508.030529][T22479] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  508.030558][T22479] rust_binder: Read failure Err(EFAULT) in pid:270
[  508.039683][  T611] usb 3-1: Using ep0 maxpacket: 32
[  508.062486][  T611] usb 3-1: config 12 has an invalid interface number: 70 but max is 0
[  508.070986][  T611] usb 3-1: config 12 has no interface number 0
[  508.081928][T22486] netlink: 80 bytes leftover after parsing attributes in process `syz.0.7915'.
[  508.083251][  T611] usb 3-1: config 12 interface 70 altsetting 2 endpoint 0x3 has invalid maxpacket 512, setting to 64
[  508.110049][T22488] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7916'.
[  508.110139][  T611] usb 3-1: config 12 interface 70 altsetting 2 has an invalid descriptor for endpoint zero, skipping
[  508.135930][  T611] usb 3-1: config 12 interface 70 has no altsetting 0
[  508.140019][   T36] audit: type=1400 audit(2000000295.665:68065): avc:  denied  { map } for  pid=22489 comm="syz.0.7917" path="/proc/279/task/281/mountinfo" dev="proc" ino=98848 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  508.145619][  T611] usb 3-1: New USB device found, idVendor=1e0e, idProduct=9003, bcdDevice=a7.d6
[  508.182063][  T611] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.190313][  T611] usb 3-1: Product: syz
[  508.194529][  T611] usb 3-1: Manufacturer: syz
[  508.205028][  T611] usb 3-1: SerialNumber: syz
[  508.219291][  T611] usb 3-1: Interface #70 referenced by multiple IADs
[  508.238688][T22498] tipc: Failed to remove unknown binding: 66,1,1/4:3279273102/3279273104
[  508.247345][T22498] tipc: Failed to remove unknown binding: 66,1,1/4:3279273102/3279273104
[  508.456762][  T611] usb 3-1: USB disconnect, device number 29
[  508.459663][   T36] audit: type=1400 audit(2000000295.964:68066): avc:  denied  { append } for  pid=22501 comm="syz.0.7921" name="ptp0" dev="devtmpfs" ino=196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  508.468286][T22502] rust_binder: Write failure EFAULT in pid:289
[  508.858388][T22527] overlayfs: failed to clone upperpath
[  509.027469][T22535] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:316
[  509.044134][T22535] syzkaller0: entered promiscuous mode
[  509.058982][T22535] syzkaller0: entered allmulticast mode
[  509.112007][T22544] rust_binder: Write failure EINVAL in pid:644
[  509.123195][T22545] rust_binder: Write failure EINVAL in pid:316
[  509.226002][T22547] fuse: Unknown parameter 'dont_appraise'
[  510.274156][  T611] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  510.354296][T22560] __nla_validate_parse: 1 callbacks suppressed
[  510.354317][T22560] netlink: 80 bytes leftover after parsing attributes in process `syz.1.7941'.
[  510.436899][  T611] usb 1-1: config 1 has an invalid interface number: 56 but max is 0
[  510.446312][  T611] usb 1-1: config 1 has no interface number 0
[  510.452835][  T611] usb 1-1: config 1 interface 56 altsetting 2 bulk endpoint 0x5 has invalid maxpacket 16
[  510.462886][  T611] usb 1-1: config 1 interface 56 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  510.473079][  T611] usb 1-1: config 1 interface 56 has no altsetting 0
[  510.482707][  T611] usb 1-1: New USB device found, idVendor=10c4, idProduct=8066, bcdDevice=8d.6a
[  510.492288][  T611] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  510.500623][  T611] usb 1-1: Product: syz
[  510.504899][  T611] usb 1-1: Manufacturer: syz
[  510.509692][  T611] usb 1-1: SerialNumber: syz
[  510.515824][T22554] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  510.523410][T22554] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  510.739170][T22574] overlayfs: failed to clone upperpath
[  510.754742][  T305] usb 1-1: USB disconnect, device number 21
[  510.807516][T22587] incfs: Error accessing: ./file0.
[  510.812959][T22587] incfs: mount failed -20
[  510.865805][T22595] netlink: 40 bytes leftover after parsing attributes in process `syz.2.7956'.
[  510.961098][T22606] batadv_slave_1: entered promiscuous mode
[  510.968960][T22605] batadv_slave_1: left promiscuous mode
[  511.278984][T13251] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  511.439317][T13251] usb 1-1: Using ep0 maxpacket: 8
[  511.445797][T13251] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  511.455179][T13251] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  511.464240][T13251] usb 1-1: config 0 descriptor??
[  512.707158][T22722] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7996'.
[  512.849171][T22733] 9pnet_fd: Insufficient options for proto=fd
[  513.035266][T13251] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  513.045848][T13251] asix 1-1:0.0: probe with driver asix failed with error -71
[  513.056969][T13251] usb 1-1: USB disconnect, device number 22
[  513.386214][T22744] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8005'.
[  513.513281][T13251] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  513.673629][T13251] usb 1-1: Using ep0 maxpacket: 32
[  513.680018][T13251] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  513.689659][T13251] usb 1-1: config 0 has no interface number 0
[  513.697721][T13251] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  513.707575][T13251] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  513.716035][T13251] usb 1-1: Product: syz
[  513.720433][T13251] usb 1-1: Manufacturer: syz
[  513.725105][T13251] usb 1-1: SerialNumber: syz
[  513.731029][T13251] usb 1-1: config 0 descriptor??
[  513.736984][T13251] smsc95xx v2.0.0
[  513.952796][T13251] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  513.963733][T13251] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  513.974464][T13251] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  513.986330][T13251] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[  513.995719][T13251] usb 1-1: USB disconnect, device number 23
[  514.280627][T22774] rust_binder: Write failure EFAULT in pid:357
[  514.562772][T22798] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:366
[  514.645335][T22805] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  514.700320][T22804] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  514.794981][T22810] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:370
[  514.815194][T22816] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8030'.
[  514.904729][T22821] rust_binder: Write failure EFAULT in pid:374
[  515.202385][T13251] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  515.245467][T22844] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8041'.
[  515.373437][T13251] usb 1-1: Using ep0 maxpacket: 32
[  515.380004][T13251] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  515.399898][T13251] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  515.410220][T13251] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  515.419630][T13251] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.431612][T13251] usb 1-1: config 0 descriptor??
[  515.871466][T13251] savu 0003:1E7D:2D5A.001F: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[  516.146112][  T611] usb 1-1: USB disconnect, device number 24
[  516.182811][T22891] netlink: 'syz.4.8058': attribute type 4 has an invalid length.
[  516.209021][T22891] binder: Bad value for 'stats'
[  516.415123][T22900] netlink: 80 bytes leftover after parsing attributes in process `syz.1.8062'.
[  516.703170][T22919] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  516.712394][T22919] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  516.743776][T22919] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  516.754575][T22924] bpf: Bad value for 'mode'
[  516.760524][T22919] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  516.955651][T17519] usb 1-1: new low-speed USB device number 25 using dummy_hcd
[  517.128658][T17519] usb 1-1: config 1 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 584, setting to 8
[  517.139638][T17519] usb 1-1: config 1 interface 0 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 8
[  517.150854][T17519] usb 1-1: config 1 interface 0 has no altsetting 0
[  518.625978][   T36] audit: type=1326 audit(2000000305.477:68067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22966 comm="syz.2.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effadb8e929 code=0x7fc00000
[  518.649961][   T36] audit: type=1326 audit(2000000305.477:68068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22966 comm="syz.2.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7effadb8e929 code=0x7fc00000
[  518.673978][   T36] audit: type=1326 audit(2000000305.477:68069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22966 comm="syz.2.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effadb8e929 code=0x7fc00000
[  518.698119][   T36] audit: type=1326 audit(2000000305.477:68070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22966 comm="syz.2.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effadb8e929 code=0x7fc00000
[  518.721861][   T36] audit: type=1326 audit(2000000305.477:68071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22966 comm="syz.2.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effadb8e929 code=0x7fc00000
[  518.745801][   T36] audit: type=1326 audit(2000000305.477:68072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22966 comm="syz.2.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effadb8e929 code=0x7fc00000
[  518.769600][   T36] audit: type=1326 audit(2000000305.477:68073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22966 comm="syz.2.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effadb8e929 code=0x7fc00000
[  518.793907][   T36] audit: type=1326 audit(2000000305.477:68074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22966 comm="syz.2.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effadb8e929 code=0x7fc00000
[  518.817747][   T36] audit: type=1326 audit(2000000305.477:68075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22966 comm="syz.2.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effadb8e929 code=0x7fc00000
[  518.841381][   T36] audit: type=1326 audit(2000000305.477:68076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22966 comm="syz.2.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effadb8e929 code=0x7fc00000
[  519.667233][T22990] overlayfs: failed to clone lowerpath
[  519.734511][T22999] overlayfs: failed to clone upperpath
[  519.836630][T23008] /dev/rnullb0: Can't lookup blockdev
[  519.863735][T23010] netlink: 80 bytes leftover after parsing attributes in process `syz.2.8101'.
[  519.910815][T23015] netlink: 'syz.2.8103': attribute type 30 has an invalid length.
[  519.934926][T23017] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8104'.
[  520.274497][T23038] fuse: Bad value for 'fd'
[  520.303663][T23040] /dev/rnullb0: Can't lookup blockdev
[  520.321940][T23042] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8114'.
[  520.467487][T17519] usb 1-1: New USB device found, idVendor=2453, idProduct=0100, bcdDevice= 0.40
[  520.476618][T17519] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  520.486255][T17519] usb 1-1: can't set config #1, error -71
[  520.492639][T17519] usb 1-1: USB disconnect, device number 25
[  520.961966][T23051] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  521.023525][T23051] rust_binder: Error in use_page_slow: ESRCH
[  521.023549][T23051] rust_binder: use_range failure ESRCH
[  521.029691][T23051] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  521.035328][T23051] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  521.043275][T23051] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:387
[  521.053673][T23051] rust_binder: Write failure EINVAL in pid:387
[  521.865774][T23067] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8124'.
[  522.072563][T23090] 8021q: VLANs not supported on lo
[  522.504161][  T477] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  522.643112][  T477] usb 1-1: device descriptor read/64, error -71
[  522.899658][  T477] usb 1-1: device descriptor read/64, error -71
[  523.156206][  T477] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  523.295205][  T477] usb 1-1: device descriptor read/64, error -71
[  523.470414][T23146] netlink: 228 bytes leftover after parsing attributes in process `syz.1.8152'.
[  523.551806][  T477] usb 1-1: device descriptor read/64, error -71
[  523.613874][T23150] netlink: 'syz.1.8153': attribute type 6 has an invalid length.
[  523.669561][  T477] usb usb1-port1: attempt power cycle
[  523.901668][T23172] tmpfs: Bad value for 'nr_blocks'
[  523.952288][T23182] netlink: 80 bytes leftover after parsing attributes in process `syz.1.8165'.
[  523.975506][T23184] tmpfs: Bad value for 'nr_inodes'
[  523.981548][T23184] netlink: 'syz.1.8166': attribute type 12 has an invalid length.
[  524.032848][  T477] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  524.055329][  T477] usb 1-1: device descriptor read/8, error -71
[  524.194337][  T477] usb 1-1: device descriptor read/8, error -71
[  524.449784][  T477] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  524.472377][  T477] usb 1-1: device descriptor read/8, error -71
[  524.611295][  T477] usb 1-1: device descriptor read/8, error -71
[  524.727855][  T477] usb usb1-port1: unable to enumerate USB device
[  525.765574][T23211] netlink: 80 bytes leftover after parsing attributes in process `syz.1.8178'.
[  525.843291][T23222] netlink: 36 bytes leftover after parsing attributes in process `syz.1.8183'.
[  526.071754][T23228] 9pnet: p9_errstr2errno: server reported unknown error ��p��A���
[  526.115485][T23232] netlink: 80 bytes leftover after parsing attributes in process `syz.0.8188'.
[  526.184877][   T36] kauditd_printk_skb: 58 callbacks suppressed
[  526.184901][   T36] audit: type=1400 audit(2000000312.549:68135): avc:  denied  { write } for  pid=23241 comm="syz.4.8191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  526.214347][T23242] kvm: vcpu 512: requested lapic timer restore with starting count register 0x390=1531215282 (3062430564 ns) > initial count (1473793136 ns). Using initial count to start timer.
[  526.268030][   T36] audit: type=1400 audit(2000000312.623:68136): avc:  denied  { relabelfrom } for  pid=23239 comm="syz.0.8190" name="UNIX" dev="sockfs" ino=101534 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  526.314206][T23246] binder: Unknown parameter 'uid>18446744073709551615'
[  526.374406][T23248] cgroup: Unknown subsys name './binderfs/binder1'
[  526.393868][   T13] Bluetooth: hci0: Frame reassembly failed (-84)
[  526.402057][   T13] Bluetooth: hci0: Frame reassembly failed (-84)
[  526.460655][T23269] netlink: 80 bytes leftover after parsing attributes in process `syz.1.8198'.
[  527.103345][   T36] audit: type=1326 audit(2000000313.409:68137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23168 comm="syz.2.8160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effadb8e929 code=0x7fc00000
[  527.238227][T23297] netlink: 80 bytes leftover after parsing attributes in process `syz.2.8209'.
[  528.060819][T23313] futex_wake_op: syz.2.8215 tries to shift op by 144; fix this program
[  528.282844][   T36] audit: type=1326 audit(2000000314.513:68138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23304 comm="syz.1.8212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6798e929 code=0x7fc00000
[  528.329826][T23321] netlink: 80 bytes leftover after parsing attributes in process `syz.1.8219'.
[  528.565670][   T53] Bluetooth: hci0: command 0x1003 tx timeout
[  528.565684][T18142] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  528.773164][T23389] overlayfs: missing 'workdir'
[  528.875669][  T410] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  529.046717][  T410] usb 1-1: Using ep0 maxpacket: 32
[  529.058723][  T410] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  529.067501][  T410] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  529.089579][  T410] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  529.098620][  T410] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  529.121613][  T410] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  529.131441][  T410] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  529.153848][  T410] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  529.172669][  T410] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  529.184894][  T410] usb 1-1: config 0 descriptor??
[  529.408400][  T410] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 30 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  529.428157][  T410] usb 1-1: USB disconnect, device number 30
[  529.437202][  T410] usblp0: removed
[  529.483799][T23419] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  529.506629][T23419] rust_binder: Error while translating object.
[  529.506737][T23419] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  529.517449][T23419] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:440
[  529.698000][T23436] binder: Unknown parameter 'fScon�����etext'
[  529.823737][   T36] audit: type=1400 audit(2000000315.944:68139): avc:  denied  { setopt } for  pid=23451 comm="syz.2.8272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  529.828690][T23457] rust_binder: Fixups oob 154 158 203 174
[  529.844967][   T36] audit: type=1400 audit(2000000315.944:68140): avc:  denied  { read } for  pid=23451 comm="syz.2.8272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  529.849803][T23457] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EINVAL }
[  529.871635][T23457] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  529.880444][T23457] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:449
[  529.913894][   T36] audit: type=1326 audit(2000000316.038:68141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23454 comm="syz.1.8273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6798e929 code=0x7ffc0000
[  529.946883][   T36] audit: type=1326 audit(2000000316.038:68142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23454 comm="syz.1.8273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6798e929 code=0x7ffc0000
[  529.970651][   T36] audit: type=1326 audit(2000000316.038:68143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23454 comm="syz.1.8273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f0b6798e929 code=0x7ffc0000
[  529.994775][   T36] audit: type=1326 audit(2000000316.038:68144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23454 comm="syz.1.8273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6798e929 code=0x7ffc0000
[  530.535287][T23488] binder: Unknown parameter 'E�u[I�t\I��6���g�y�e�&}e
[  530.535287][T23488] ƥ�Q����i����h�&_��'
[  530.896366][  T477] usb 1-1: new low-speed USB device number 31 using dummy_hcd
[  531.079017][  T477] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  531.093189][  T477] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  531.120706][  T477] usb 1-1: New USB device found, idVendor=046d, idProduct=c52f, bcdDevice= 0.00
[  531.129823][  T477] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  531.142382][  T477] usb 1-1: config 0 descriptor??
[  531.453718][T23550] overlay: ./file0 is not a directory
[  531.470987][T23550] /dev/rnullb0: Can't lookup blockdev
[  531.579229][  T477] logitech-djreceiver 0003:046D:C52F.0020: unknown main item tag 0x0
[  531.591083][  T477] logitech-djreceiver 0003:046D:C52F.0020: unknown main item tag 0x0
[  531.612684][  T477] logitech-djreceiver 0003:046D:C52F.0020: hidraw0: USB HID v0.00 Device [HID 046d:c52f] on usb-dummy_hcd.0-1/input0
[  531.805726][  T477] usb 1-1: USB disconnect, device number 31
[  532.618916][   T13] bridge_slave_1: left allmulticast mode
[  532.624854][   T13] bridge_slave_1: left promiscuous mode
[  532.631016][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  532.638812][   T13] bridge_slave_0: left allmulticast mode
[  532.644962][   T13] bridge_slave_0: left promiscuous mode
[  532.650732][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  532.660171][ T3111] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  532.800129][   T13] tipc: Left network mode
[  532.823910][ T3111] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  532.846477][ T3111] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  532.856439][T23598] netlink: 80 bytes leftover after parsing attributes in process `syz.1.8325'.
[  532.858866][ T3111] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  532.880804][ T3111] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  532.881107][   T36] kauditd_printk_skb: 12 callbacks suppressed
[  532.881128][   T36] audit: type=1400 audit(2000000318.816:68157): avc:  denied  { create } for  pid=23597 comm="syz.2.8324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  532.891282][ T3111] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.927727][   T13] veth1_macvtap: left promiscuous mode
[  532.933576][   T13] veth0_vlan: left promiscuous mode
[  532.949224][ T3111] usb 1-1: config 0 descriptor??
[  533.163262][T23611] 9pnet_fd: Insufficient options for proto=fd
[  533.207990][T23623] overlay: Unknown parameter 'mask'
[  533.236310][T23628] netlink: 80 bytes leftover after parsing attributes in process `syz.1.8335'.
[  533.398020][ T3111] usbhid 1-1:0.0: can't add hid device: -71
[  533.404391][ T3111] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  533.429972][ T3111] usb 1-1: USB disconnect, device number 32
[  533.433928][T23658] netlink: 80 bytes leftover after parsing attributes in process `syz.1.8345'.
[  533.490982][T23664] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8348'.
[  533.633628][T23682] fuse: Unknown parameter 'group_md'
[  533.765358][T23685] bridge0: port 1(bridge_slave_0) entered blocking state
[  533.773192][T23685] bridge0: port 1(bridge_slave_0) entered disabled state
[  533.780536][T23685] bridge_slave_0: entered allmulticast mode
[  533.787346][T23685] bridge_slave_0: entered promiscuous mode
[  533.799857][T23685] bridge0: port 2(bridge_slave_1) entered blocking state
[  533.807993][T23685] bridge0: port 2(bridge_slave_1) entered disabled state
[  533.815431][T23685] bridge_slave_1: entered allmulticast mode
[  533.822723][T23685] bridge_slave_1: entered promiscuous mode
[  533.895546][T23685] bridge0: port 2(bridge_slave_1) entered blocking state
[  533.902781][T23685] bridge0: port 2(bridge_slave_1) entered forwarding state
[  533.910243][T23685] bridge0: port 1(bridge_slave_0) entered blocking state
[  533.917322][T23685] bridge0: port 1(bridge_slave_0) entered forwarding state
[  534.020932][T23698] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8360'.
[  534.172139][   T45] bridge_slave_1: left allmulticast mode
[  534.177957][   T45] bridge_slave_1: left promiscuous mode
[  534.183821][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  534.192441][   T45] bridge_slave_0: left allmulticast mode
[  534.198223][   T45] bridge_slave_0: left promiscuous mode
[  534.204259][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  534.209858][T23707] rust_binder: Error while translating object.
[  534.211416][T23707] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  534.217944][T23707] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:495
[  534.310820][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  534.314537][T23717] rust_binder: Write failure EFAULT in pid:499
[  534.327301][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  534.343437][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.350769][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  534.360898][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.367984][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  534.375940][T23716] fuse: Bad value for 'fd'
[  534.392885][   T45] tipc: Left network mode
[  534.405182][   T45] veth1_macvtap: left promiscuous mode
[  534.413982][   T45] veth0_vlan: left promiscuous mode
[  534.567161][T23685] veth0_vlan: entered promiscuous mode
[  534.597634][T23685] veth1_macvtap: entered promiscuous mode
[  534.670945][T23746] FAULT_INJECTION: forcing a failure.
[  534.670945][T23746] name failslab, interval 1, probability 0, space 0, times 0
[  534.689410][T23746] CPU: 1 UID: 0 PID: 23746 Comm: syz.4.8378 Not tainted 6.12.30-syzkaller-g94ce385c22d5 #0 16e511e29439c8b2668c1520ec6e7e54ef5e5f6a
[  534.689452][T23746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  534.689466][T23746] Call Trace:
[  534.689474][T23746]  <TASK>
[  534.689483][T23746]  __dump_stack+0x21/0x30
[  534.689516][T23746]  dump_stack_lvl+0x10c/0x190
[  534.689542][T23746]  ? __cfi_dump_stack_lvl+0x10/0x10
[  534.689569][T23746]  ? selinux_file_open+0x457/0x610
[  534.689604][T23746]  ? __cfi_selinux_file_open+0x10/0x10
[  534.689640][T23746]  dump_stack+0x19/0x20
[  534.689665][T23746]  should_fail_ex+0x3d9/0x530
[  534.689694][T23746]  should_failslab+0xac/0x100
[  534.689729][T23746]  kmem_cache_alloc_node_noprof+0x45/0x3b0
[  534.689758][T23746]  ? __alloc_skb+0x10c/0x370
[  534.689798][T23746]  __alloc_skb+0x10c/0x370
[  534.689831][T23746]  tcp_stream_alloc_skb+0x43/0x370
[  534.689867][T23746]  tcp_sendmsg_locked+0xd12/0x4ee0
[  534.689895][T23746]  ? kstrtouint_from_user+0xfb/0x150
[  534.689922][T23746]  ? x64_sys_call+0xe69/0x2ee0
[  534.689955][T23746]  ? __cfi_tcp_sendmsg_locked+0x10/0x10
[  534.689978][T23746]  ? __kasan_check_write+0x18/0x20
[  534.690010][T23746]  ? proc_fail_nth_write+0x17e/0x210
[  534.690036][T23746]  ? __cfi_tcp_sendmsg+0x10/0x10
[  534.690068][T23746]  tcp_sendmsg+0x3e/0xe0
[  534.690089][T23746]  ? __cfi_tcp_sendmsg+0x10/0x10
[  534.690111][T23746]  inet_sendmsg+0xb7/0x120
[  534.690137][T23746]  __sys_sendto+0x588/0x6f0
[  534.690160][T23746]  ? __cfi___sys_sendto+0x10/0x10
[  534.690185][T23746]  ? __kasan_check_write+0x18/0x20
[  534.690214][T23746]  ? __cfi_ksys_write+0x10/0x10
[  534.690246][T23746]  __x64_sys_sendto+0xe9/0x100
[  534.690269][T23746]  x64_sys_call+0x2c2c/0x2ee0
[  534.690299][T23746]  do_syscall_64+0x58/0xf0
[  534.690319][T23746]  ? clear_bhb_loop+0x50/0xa0
[  534.690346][T23746]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  534.690372][T23746] RIP: 0033:0x7fe20cf8e929
[  534.690392][T23746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  534.690413][T23746] RSP: 002b:00007fe20dea9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  534.690439][T23746] RAX: ffffffffffffffda RBX: 00007fe20d1b5fa0 RCX: 00007fe20cf8e929
[  534.690457][T23746] RDX: ffffffffffffff7f RSI: 0000200000000300 RDI: 0000000000000003
[  534.690474][T23746] RBP: 00007fe20dea9090 R08: 0000000000000000 R09: fffffffffffffff7
[  534.690491][T23746] R10: 0000000004000080 R11: 0000000000000246 R12: 0000000000000001
[  534.690506][T23746] R13: 0000000000000000 R14: 00007fe20d1b5fa0 R15: 00007fff69cc56f8
[  534.690526][T23746]  </TASK>
[  535.109724][   T36] audit: type=1326 audit(2000000320.902:68158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23752 comm="syz.0.8380" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f322478e929 code=0x0
[  535.431834][   T36] audit: type=1400 audit(2000000321.201:68159): avc:  denied  { execute } for  pid=23761 comm="syz.1.8382" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  535.613353][T23777] netlink: 80 bytes leftover after parsing attributes in process `syz.4.8386'.
[  535.863178][   T36] audit: type=1326 audit(2000000321.594:68160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23797 comm="syz.1.8394" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f74dcf8e929 code=0x0
[  536.030435][T23806] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8396'.
[  536.052421][T23808] netlink: 80 bytes leftover after parsing attributes in process `syz.0.8397'.
[  536.149138][   T36] audit: type=1400 audit(2000000321.865:68161): avc:  denied  { write } for  pid=23814 comm="syz.0.8400" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  536.170676][   T36] audit: type=1400 audit(2000000321.865:68162): avc:  denied  { open } for  pid=23814 comm="syz.0.8400" path="/181/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  536.230813][ T3111] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  536.391240][ T3111] usb 2-1: Using ep0 maxpacket: 32
[  536.397681][ T3111] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  536.405966][ T3111] usb 2-1: config 0 has no interface number 0
[  536.412105][ T3111] usb 2-1: config 0 interface 184 has no altsetting 0
[  536.420493][ T3111] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  536.429678][ T3111] usb 2-1: New USB device strings: Mfr=227, Product=1, SerialNumber=3
[  536.438385][ T3111] usb 2-1: Product: syz
[  536.442601][ T3111] usb 2-1: Manufacturer: syz
[  536.447254][ T3111] usb 2-1: SerialNumber: syz
[  536.452933][ T3111] usb 2-1: config 0 descriptor??
[  536.458924][ T3111] smsc75xx v1.0.0
[  536.645566][T23831] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8406'.
[  536.669751][T23833] netlink: 80 bytes leftover after parsing attributes in process `syz.2.8407'.
[  536.773787][   T36] audit: type=1326 audit(2000000322.445:68163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23792 comm="syz.4.8393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20cf8e929 code=0x7fc00000
[  536.814190][   T36] audit: type=1326 audit(2000000322.492:68164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23910 comm="syz.4.8411" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe20cf8e929 code=0x0
[  537.107438][ T3111] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  537.118641][ T3111] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  537.122735][T23929] /dev/sg0: Can't lookup blockdev
[  537.245384][   T36] audit: type=1400 audit(2000000322.885:68165): avc:  denied  { rename } for  pid=23937 comm="syz.0.8420" name="file0" dev="incremental-fs" ino=1057 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  537.406292][T23946] rust_binder: Error in use_page_slow: ESRCH
[  537.406354][T23946] rust_binder: use_range failure ESRCH
[  537.412516][T23946] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  537.418207][T23946] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  537.426302][T23946] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:553
[  537.453763][   T36] audit: type=1400 audit(2000000323.091:68166): avc:  denied  { create } for  pid=23947 comm="syz.0.8424" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_route_socket permissive=1
[  537.459748][T23948] rust_binder: Write failure EFAULT in pid:555
[  537.975334][   T45] bridge_slave_1: left allmulticast mode
[  537.987948][   T45] bridge_slave_1: left promiscuous mode
[  537.993742][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  538.001533][   T45] bridge_slave_0: left allmulticast mode
[  538.007321][   T45] bridge_slave_0: left promiscuous mode
[  538.013295][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  538.188342][   T45] veth1_macvtap: left promiscuous mode
[  538.422778][T23972] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  538.423629][T23973] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  538.739777][T23979] __nla_validate_parse: 4 callbacks suppressed
[  538.739802][T23979] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8437'.
[  538.779662][T23981] binder: Bad value for 'stats'
[  538.800259][T23983] netlink: 80 bytes leftover after parsing attributes in process `syz.0.8439'.
[  539.062740][ T3111] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000010: -71
[  539.074553][  T477] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  539.075876][ T3111] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to write HW_CFG: -71
[  539.092586][ T3111] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  539.102293][ T3111] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[  539.114002][ T3111] usb 2-1: USB disconnect, device number 51
[  539.267152][  T477] usb 1-1: Using ep0 maxpacket: 32
[  539.277671][  T477] usb 1-1: too many configurations: 253, using maximum allowed: 8
[  539.286371][  T477] usb 1-1: config 12 has an invalid interface number: 70 but max is 0
[  539.294723][  T477] usb 1-1: config 12 has an invalid descriptor of length 214, skipping remainder of the config
[  539.305384][  T477] usb 1-1: config 12 has no interface number 0
[  539.310620][T23994] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[  539.311800][  T477] usb 1-1: config 12 interface 70 altsetting 2 has an endpoint descriptor with address 0x31, changing to 0x1
[  539.331856][  T477] usb 1-1: config 12 interface 70 altsetting 2 endpoint 0x1 has invalid maxpacket 62807, setting to 64
[  539.343105][  T477] usb 1-1: config 12 interface 70 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  539.356776][  T477] usb 1-1: config 12 interface 70 has no altsetting 0
[  539.364937][  T477] usb 1-1: config 12 has an invalid interface number: 70 but max is 0
[  539.373442][  T477] usb 1-1: config 12 has an invalid descriptor of length 214, skipping remainder of the config
[  539.383920][  T477] usb 1-1: config 12 has no interface number 0
[  539.390280][  T477] usb 1-1: config 12 interface 70 altsetting 2 has an endpoint descriptor with address 0x31, changing to 0x1
[  539.402042][  T477] usb 1-1: config 12 interface 70 altsetting 2 endpoint 0x1 has invalid maxpacket 62807, setting to 64
[  539.413707][  T477] usb 1-1: config 12 interface 70 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  539.427620][  T477] usb 1-1: config 12 interface 70 has no altsetting 0
[  539.435273][  T477] usb 1-1: config 12 has an invalid interface number: 70 but max is 0
[  539.443908][  T477] usb 1-1: config 12 has an invalid descriptor of length 214, skipping remainder of the config
[  539.454369][  T477] usb 1-1: config 12 has no interface number 0
[  539.460687][  T477] usb 1-1: config 12 interface 70 altsetting 2 has an endpoint descriptor with address 0x31, changing to 0x1
[  539.472506][  T477] usb 1-1: config 12 interface 70 altsetting 2 endpoint 0x1 has invalid maxpacket 62807, setting to 64
[  539.483794][  T477] usb 1-1: config 12 interface 70 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  539.496805][  T477] usb 1-1: config 12 interface 70 has no altsetting 0
[  539.504852][  T477] usb 1-1: config 12 has an invalid interface number: 70 but max is 0
[  539.511771][T24004] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  539.515924][  T477] usb 1-1: config 12 has an invalid descriptor of length 214, skipping remainder of the config
[  539.534427][  T477] usb 1-1: config 12 has no interface number 0
[  539.540821][  T477] usb 1-1: config 12 interface 70 altsetting 2 has an endpoint descriptor with address 0x31, changing to 0x1
[  539.552721][  T477] usb 1-1: config 12 interface 70 altsetting 2 endpoint 0x1 has invalid maxpacket 62807, setting to 64
[  539.564001][  T477] usb 1-1: config 12 interface 70 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  539.577041][  T477] usb 1-1: config 12 interface 70 has no altsetting 0
[  539.584535][  T477] usb 1-1: config 12 has an invalid interface number: 70 but max is 0
[  539.592799][  T477] usb 1-1: config 12 has an invalid descriptor of length 214, skipping remainder of the config
[  539.603310][T24007] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  539.603458][  T477] usb 1-1: config 12 has no interface number 0
[  539.604268][T24006] rust_binder: Write failure EINVAL in pid:46
[  539.616345][  T477] usb 1-1: config 12 interface 70 altsetting 2 has an endpoint descriptor with address 0x31, changing to 0x1
[  539.634145][  T477] usb 1-1: config 12 interface 70 altsetting 2 endpoint 0x1 has invalid maxpacket 62807, setting to 64
[  539.645343][  T477] usb 1-1: config 12 interface 70 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  539.658448][  T477] usb 1-1: config 12 interface 70 has no altsetting 0
[  539.666155][  T477] usb 1-1: config 12 has an invalid interface number: 70 but max is 0
[  539.674457][  T477] usb 1-1: config 12 has an invalid descriptor of length 214, skipping remainder of the config
[  539.684962][  T477] usb 1-1: config 12 has no interface number 0
[  539.691182][  T477] usb 1-1: config 12 interface 70 altsetting 2 has an endpoint descriptor with address 0x31, changing to 0x1
[  539.702834][  T477] usb 1-1: config 12 interface 70 altsetting 2 endpoint 0x1 has invalid maxpacket 62807, setting to 64
[  539.713937][  T477] usb 1-1: config 12 interface 70 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  539.726966][  T477] usb 1-1: config 12 interface 70 has no altsetting 0
[  539.734678][  T477] usb 1-1: config 12 has an invalid interface number: 70 but max is 0
[  539.742939][  T477] usb 1-1: config 12 has an invalid descriptor of length 214, skipping remainder of the config
[  539.753374][  T477] usb 1-1: config 12 has no interface number 0
[  539.759672][  T477] usb 1-1: config 12 interface 70 altsetting 2 has an endpoint descriptor with address 0x31, changing to 0x1
[  539.771545][  T477] usb 1-1: config 12 interface 70 altsetting 2 endpoint 0x1 has invalid maxpacket 62807, setting to 64
[  539.771922][T24011] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8448'.
[  539.782816][  T477] usb 1-1: config 12 interface 70 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  539.808972][  T477] usb 1-1: config 12 interface 70 has no altsetting 0
[  539.817161][  T477] usb 1-1: config 12 has an invalid interface number: 70 but max is 0
[  539.820459][T24013] rust_binder: Write failure EINVAL in pid:53
[  539.825524][  T477] usb 1-1: config 12 has an invalid descriptor of length 214, skipping remainder of the config
[  539.842385][  T477] usb 1-1: config 12 has no interface number 0
[  539.848722][  T477] usb 1-1: config 12 interface 70 altsetting 2 has an endpoint descriptor with address 0x31, changing to 0x1
[  539.862062][  T477] usb 1-1: config 12 interface 70 altsetting 2 endpoint 0x1 has invalid maxpacket 62807, setting to 64
[  539.873475][  T477] usb 1-1: config 12 interface 70 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  539.886557][  T477] usb 1-1: config 12 interface 70 has no altsetting 0
[  539.894999][  T477] usb 1-1: New USB device found, idVendor=1e0e, idProduct=9003, bcdDevice=a7.d6
[  539.904197][  T477] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=2
[  539.912335][  T477] usb 1-1: Product: syz
[  539.916652][  T477] usb 1-1: Manufacturer: syz
[  539.921312][  T477] usb 1-1: SerialNumber: syz
[  540.044165][T24027] overlayfs: failed to clone upperpath
[  540.081354][T24033] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8457'.
[  540.148648][  T477] usb 1-1: USB disconnect, device number 33
[  540.410407][T24064] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  540.714302][   T36] kauditd_printk_skb: 11 callbacks suppressed
[  540.714325][   T36] audit: type=1400 audit(2000000326.140:68178): avc:  denied  { setattr } for  pid=24068 comm="syz.0.8468" name="PPPOL2TP" dev="sockfs" ino=104279 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  540.794162][T24085] FAULT_INJECTION: forcing a failure.
[  540.794162][T24085] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  540.808050][T24085] CPU: 0 UID: 0 PID: 24085 Comm: syz.0.8473 Not tainted 6.12.30-syzkaller-g94ce385c22d5 #0 16e511e29439c8b2668c1520ec6e7e54ef5e5f6a
[  540.808094][T24085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  540.808110][T24085] Call Trace:
[  540.808118][T24085]  <TASK>
[  540.808127][T24085]  __dump_stack+0x21/0x30
[  540.808161][T24085]  dump_stack_lvl+0x10c/0x190
[  540.808187][T24085]  ? __cfi_dump_stack_lvl+0x10/0x10
[  540.808215][T24085]  dump_stack+0x19/0x20
[  540.808239][T24085]  should_fail_ex+0x3d9/0x530
[  540.808287][T24085]  should_fail+0xf/0x20
[  540.808311][T24085]  should_fail_usercopy+0x1e/0x30
[  540.808338][T24085]  _copy_from_user+0x22/0xb0
[  540.808370][T24085]  evdev_ioctl_handler+0x6bc/0x1e50
[  540.808405][T24085]  ? evdev_fasync+0x70/0x70
[  540.808435][T24085]  ? selinux_file_ioctl+0x6e0/0x1360
[  540.808474][T24085]  ? vfs_write+0x8ba/0xe80
[  540.808503][T24085]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  540.808536][T24085]  ? __cfi_vfs_write+0x10/0x10
[  540.808564][T24085]  ? __kasan_check_write+0x18/0x20
[  540.808592][T24085]  ? mutex_unlock+0x8b/0x240
[  540.808621][T24085]  ? __fget_files+0x2c5/0x340
[  540.808671][T24085]  ? __fget_files+0x2c5/0x340
[  540.808705][T24085]  evdev_ioctl+0x2b/0x40
[  540.808734][T24085]  ? __cfi_evdev_ioctl+0x10/0x10
[  540.808763][T24085]  __se_sys_ioctl+0x135/0x1b0
[  540.808796][T24085]  __x64_sys_ioctl+0x7f/0xa0
[  540.808827][T24085]  x64_sys_call+0x1878/0x2ee0
[  540.808857][T24085]  do_syscall_64+0x58/0xf0
[  540.808876][T24085]  ? clear_bhb_loop+0x50/0xa0
[  540.808903][T24085]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  540.808927][T24085] RIP: 0033:0x7f322478e929
[  540.808948][T24085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.808968][T24085] RSP: 002b:00007f3225579038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  540.808995][T24085] RAX: ffffffffffffffda RBX: 00007f32249b5fa0 RCX: 00007f322478e929
[  540.809013][T24085] RDX: 0000200000000100 RSI: 0000000080104592 RDI: 0000000000000003
[  540.809029][T24085] RBP: 00007f3225579090 R08: 0000000000000000 R09: 0000000000000000
[  540.809045][T24085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  540.809060][T24085] R13: 0000000000000000 R14: 00007f32249b5fa0 R15: 00007fff7a25b748
[  540.809079][T24085]  </TASK>
[  541.386900][   T36] audit: type=1400 audit(2000000326.767:68179): avc:  denied  { accept } for  pid=24102 comm="syz.1.8480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  541.425109][   T36] audit: type=1400 audit(2000000326.767:68180): avc:  granted  { setsecparam } for  pid=24102 comm="syz.1.8480" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  541.784678][T24132] netlink: 80 bytes leftover after parsing attributes in process `syz.2.8489'.
[  541.806742][T24134] tmpfs: Unknown parameter 'u���0x0000000000000000'
[  541.831856][T24136] tmpfs: Unknown parameter 'no|ȣ&�x�Ntw�1��'swap'
[  542.196591][T24156] netlink: 80 bytes leftover after parsing attributes in process `syz.2.8498'.
[  542.482391][T24161] overlayfs: failed to clone upperpath
[  542.601851][T24163] overlayfs: missing 'lowerdir'
[  543.231289][T24180] netlink: 80 bytes leftover after parsing attributes in process `syz.0.8507'.
[  543.261018][T24182] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  543.261050][T24182] rust_binder: Error while translating object.
[  543.272683][T24182] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  543.280413][T24182] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:600
[  543.874639][ T3111] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  544.045760][ T3111] usb 2-1: Using ep0 maxpacket: 16
[  544.052651][ T3111] usb 2-1: config 4 has an invalid interface number: 140 but max is 0
[  544.061156][ T3111] usb 2-1: config 4 has no interface number 0
[  544.067827][ T3111] usb 2-1: config 4 interface 140 has no altsetting 0
[  544.076378][ T3111] usb 2-1: New USB device found, idVendor=04b4, idProduct=6830, bcdDevice=68.3b
[  544.085869][ T3111] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.094240][ T3111] usb 2-1: Product: syz
[  544.098433][ T3111] usb 2-1: Manufacturer: syz
[  544.103165][ T3111] usb 2-1: SerialNumber: syz
[  544.110488][ T3111] ums-cypress 2-1:4.140: USB Mass Storage device detected
[  544.214809][T24198] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:604
[  544.255147][   T36] audit: type=1400 audit(2000000329.451:68181): avc:  denied  { view } for  pid=24203 comm="syz.0.8517" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  544.325299][   T36] audit: type=1326 audit(2000000329.507:68182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24208 comm="syz.0.8518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322478e929 code=0x7ffc0000
[  544.329345][T19901] usb 2-1: USB disconnect, device number 52
[  544.351190][   T36] audit: type=1326 audit(2000000329.507:68183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24208 comm="syz.0.8518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322478e929 code=0x7ffc0000
[  544.381797][   T36] audit: type=1326 audit(2000000329.517:68184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24208 comm="syz.0.8518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f322478e929 code=0x7ffc0000
[  544.406229][   T36] audit: type=1326 audit(2000000329.517:68185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24208 comm="syz.0.8518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322478e929 code=0x7ffc0000
[  544.432503][T24214] netlink: 80 bytes leftover after parsing attributes in process `syz.4.8519'.
[  544.441618][   T36] audit: type=1326 audit(2000000329.517:68186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24208 comm="syz.0.8518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322478e929 code=0x7ffc0000
[  544.656969][T24225] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8523'.
[  544.666678][T24225] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8523'.
[  544.794259][T24239] netlink: 80 bytes leftover after parsing attributes in process `syz.2.8528'.
[  544.817206][T24241] netlink: 1 bytes leftover after parsing attributes in process `syz.2.8529'.
[  544.993841][T24258] netlink: 80 bytes leftover after parsing attributes in process `syz.2.8537'.
[  545.267601][T24265] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  545.507624][   T36] audit: type=1326 audit(2000000330.621:68187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24275 comm="syz.1.8545" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f74dcf8e929 code=0x0
[  545.508166][T24277] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[  545.578795][T24289] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8550'.
[  545.683821][T24293] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4240, size: 18446744073709550742)
[  545.683867][T24293] rust_binder: Error while translating object.
[  545.696134][T24293] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  545.702360][T24293] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:631
[  545.927273][T13251] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  546.023448][  T477] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  546.098353][T13251] usb 2-1: Using ep0 maxpacket: 16
[  546.104855][T13251] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  546.113768][T13251] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  546.123909][T13251] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  546.134751][T13251] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  546.143904][T13251] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  546.151946][T13251] usb 2-1: Product: syz
[  546.156128][T13251] usb 2-1: Manufacturer: syz
[  546.160728][T13251] usb 2-1: SerialNumber: syz
[  546.183795][  T477] usb 1-1: Using ep0 maxpacket: 16
[  546.190198][  T477] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  546.201295][  T477] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  546.214273][  T477] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  546.223398][  T477] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  546.232829][  T477] usb 1-1: config 0 descriptor??
[  546.596410][T13251] usb 2-1: 0:2 : does not exist
[  546.667592][T24297] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  546.676374][T24297] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  546.686495][   T36] audit: type=1400 audit(2000000331.724:68188): avc:  denied  { map } for  pid=24296 comm="syz.0.8553" path="socket:[105468]" dev="sockfs" ino=105468 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  546.752784][  T477] usbhid 1-1:0.0: can't add hid device: -71
[  546.758888][  T477] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  546.768052][  T477] usb 1-1: USB disconnect, device number 34
[  547.039466][T13251] usb 2-1: 1:0: cannot get min/max values for control 4 (id 1)
[  547.051688][T13251] usb 2-1: USB disconnect, device number 53
[  547.873263][T24315] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8559'.
[  547.981505][T24325] overlayfs: failed to clone upperpath
[  548.053100][T24330] can0: slcan on ttyS3.
[  548.132146][T24330] can0 (unregistered): slcan off ttyS3.
[  548.216901][T24354] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8569'.
[  548.226410][T24349] overlay: Unknown parameter 'fowner<00000000000000000000'
[  548.277365][T24361] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=10496 sclass=netlink_xfrm_socket pid=24361 comm=syz.0.8570
[  548.439203][T24370] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  548.439242][T24370] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:644
[  548.448738][T24370] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  548.457928][T24370] rust_binder: Read failure Err(EFAULT) in pid:644
[  548.879082][T24379] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  548.886153][T24379] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:134
[  548.970386][T24390] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8578'.
[  549.062546][   T36] audit: type=1400 audit(2000000333.951:68189): avc:  denied  { remount } for  pid=24399 comm="syz.4.8583" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  549.072440][T24402] netlink: 'syz.2.8584': attribute type 1 has an invalid length.
[  549.095267][T24400] bridge0: port 3(veth1_macvtap) entered blocking state
[  549.102322][T24400] bridge0: port 3(veth1_macvtap) entered disabled state
[  549.109519][T24400] veth1_macvtap: entered allmulticast mode
[  549.116611][T24400] veth1_macvtap: left allmulticast mode
[  549.233687][  T305] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  549.392016][T24427] fuse: Bad value for 'fd'
[  549.401810][  T305] usb 1-1: Using ep0 maxpacket: 8
[  549.408958][  T305] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  549.422055][  T305] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  549.432583][  T305] usb 1-1: New USB device found, idVendor=056a, idProduct=0002, bcdDevice= 0.00
[  549.442728][  T305] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  549.452552][  T305] usb 1-1: config 0 descriptor??
[  550.037348][T24456] 9p: Unknown Cache mode or invalid value ;j��~.r�M���0�9���]�~ށ��a����΋�!B���\�nz�\A
/�	
[  550.105018][  T305] usbhid 1-1:0.0: can't add hid device: -71
[  550.111256][  T305] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  550.121730][  T305] usb 1-1: USB disconnect, device number 35
[  550.353124][ T3111] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  550.505332][T24475] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=24475 comm=syz.4.8613
[  550.513485][ T3111] usb 2-1: Using ep0 maxpacket: 32
[  550.518854][T24476] input: syz0 as /devices/virtual/input/input39
[  550.528353][ T3111] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  550.540678][ T3111] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  550.551026][ T3111] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  550.561152][ T3111] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.569950][ T3111] usb 2-1: config 0 descriptor??
[  550.577991][ T3111] hub 2-1:0.0: USB hub found
[  550.686296][T24484] fuse: Unknown parameter 'fm?0x0000000000000007'
[  550.693037][T24484] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  550.700392][T24484] rust_binder: Write failure EINVAL in pid:649
[  550.701350][T24484] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  550.788031][T24495] /dev/rnullb0: Can't open blockdev
[  550.797346][ T3111] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  550.928906][T24508] tmpfs: Unknown parameter 'nosw'
[  550.983862][  T305] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  551.039191][T24510] __nla_validate_parse: 3 callbacks suppressed
[  551.039217][T24510] netlink: 1 bytes leftover after parsing attributes in process `syz.2.8626'.
[  551.145539][  T305] usb 1-1: Using ep0 maxpacket: 16
[  551.151884][  T305] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11
[  551.161248][  T305] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  551.171538][  T305] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  551.182261][  T305] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  551.192278][  T305] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  551.202325][  T305] usb 1-1: config 1 interface 0 has no altsetting 0
[  551.209394][  T305] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  551.218576][  T305] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  551.230755][  T305] ums-sddr09 1-1:1.0: USB Mass Storage device detected
[  551.241374][ T3111] hid-generic 0003:046D:C31C.0021: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.1-1/input0
[  551.449454][  T305] scsi host1: usb-storage 1-1:1.0
[  551.561239][T13251] usb 2-1: USB disconnect, device number 54
[  551.662450][T13251] usb 1-1: USB disconnect, device number 36
[  552.228241][T24557] binder: Binderfs stats mode cannot be changed during a remount
[  552.266613][T24568] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  552.284035][T24566] rust_binder: Error in use_page_slow: ESRCH
[  552.284068][T24566] rust_binder: use_range failure ESRCH
[  552.290916][T24566] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  552.296505][T24566] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  552.305430][T24566] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:156
[  552.376482][T24591] netlink: 80 bytes leftover after parsing attributes in process `syz.2.8655'.
[  552.505904][T24614] binder: Unknown parameter 'sta'
[  552.544251][T24618] netlink: 80 bytes leftover after parsing attributes in process `syz.2.8666'.
[  552.705053][T13251] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  552.865423][T13251] usb 2-1: Using ep0 maxpacket: 8
[  552.871810][T13251] usb 2-1: config index 0 descriptor too short (expected 5924, got 36)
[  552.880367][T13251] usb 2-1: config 250 has an invalid interface number: 228 but max is -1
[  552.889143][T13251] usb 2-1: config 250 has 1 interface, different from the descriptor's value: 0
[  552.898875][T13251] usb 2-1: config 250 has no interface number 0
[  552.905209][T13251] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  552.916818][T13251] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  552.927437][T13251] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid maxpacket 15571, setting to 1024
[  552.939348][T13251] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 1024
[  552.949975][T13251] usb 2-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  552.963513][T13251] usb 2-1: config 250 interface 228 has no altsetting 0
[  552.971873][T13251] usb 2-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  552.981010][T13251] usb 2-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  552.989344][T13251] usb 2-1: Product: syz
[  552.993528][T13251] usb 2-1: SerialNumber: syz
[  553.000785][T13251] hub 2-1:250.228: bad descriptor, ignoring hub
[  553.007199][T13251] hub 2-1:250.228: probe with driver hub failed with error -5
[  553.209291][T24635] netlink: 228 bytes leftover after parsing attributes in process `syz.2.8673'.
[  553.220419][T24635] netlink: 228 bytes leftover after parsing attributes in process `syz.2.8673'.
[  553.224406][T13251] usblp 2-1:250.228: usblp0: USB Bidirectional printer dev 55 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  553.293079][T24649] netlink: 80 bytes leftover after parsing attributes in process `syz.2.8677'.
[  553.330186][T24647] SELinux: failed to load policy
[  553.349764][T24658] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8680'.
[  553.492948][T24667] rust_binder: Write failure EINVAL in pid:169
[  553.507871][    C0] usblp0: nonzero read bulk status received: -71
[  553.539301][ T3111] usb 2-1: USB disconnect, device number 55
[  553.551049][ T3111] usblp0: removed
[  553.605954][T24677] netlink: 80 bytes leftover after parsing attributes in process `syz.0.8686'.
[  553.653235][T24683] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8689'.
[  553.904660][T24691] binder: Binderfs stats mode cannot be changed during a remount
[  554.053162][T24705] netlink: 80 bytes leftover after parsing attributes in process `syz.0.8696'.
[  554.092396][T24707] rust_binder: Write failure EFAULT in pid:172
[  554.188426][T24720] loop8: detected capacity change from 0 to 7
[  554.628072][T24770] /dev/nbd1: Can't lookup blockdev
[  554.676494][T24772] rust_binder: Error while translating object.
[  554.676529][T24772] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  554.682966][T24772] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:189
[  554.746941][T13251] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  554.919122][T13251] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  554.929339][T13251] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  554.939779][T13251] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  554.949412][T13251] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  554.957511][T13251] usb 1-1: Product: ᰉ
[  554.961830][T13251] usb 1-1: Manufacturer: 悰贅ꇿ壮⸛럚⦞춅ܒ䮩厽爸ᩫ黹頳娅ᶕⷠ꼌ᆖ蠦㪉㘴肛졏체替ᳺ췅ᓫ鋶럔黻쟃⛪ᅣ碴槕쟛剸᠍ꈂ汛늞쫼९䃉⏝╜듢怟鶀ᮓ끨ꝃ誠뎟㻁沫➟矿吢嚪웖᭷佃ꕰ顨쵱߬혎鶬洦〸싷䋂
[  554.988364][T13251] usb 1-1: SerialNumber: ۮ庡룬䲓鮶갫張椏ՠῒ哽桊쐻뙉᷄쎨굱룠떴쮌꒪ረ﹛륺툁綖ᩜ
[  555.046280][  T305] usb 2-1: new full-speed USB device number 56 using dummy_hcd
[  555.207938][  T305] usb 2-1: config 1 interface 0 has no altsetting 0
[  555.216157][  T305] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  555.226265][  T305] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.234364][  T305] usb 2-1: Product: syz
[  555.238572][  T305] usb 2-1: Manufacturer: syz
[  555.243244][  T305] usb 2-1: SerialNumber: syz
[  555.440312][T24768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  555.448987][T24768] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  555.459111][T24768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  555.467943][T24768] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  555.477904][  T305] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 56 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  555.479030][T24768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  555.491807][  T305] usb 2-1: USB disconnect, device number 56
[  555.500698][T24768] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  555.519045][T13251] usb 1-1: 0:2 : does not exist
[  555.524694][  T305] usblp0: removed
[  555.529873][T13251] usb 1-1: USB disconnect, device number 37
[  555.542878][T18031] udevd[18031]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  555.837417][  T305] usb 2-1: new full-speed USB device number 57 using dummy_hcd
[  555.851748][T24795] fuse: Bad value for 'group_id'
[  555.856841][T24795] fuse: Bad value for 'group_id'
[  555.999001][  T305] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  556.009216][  T305] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  556.019806][  T305] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  556.028920][  T305] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  556.036996][  T305] usb 2-1: Product: syz
[  556.041248][  T305] usb 2-1: Manufacturer: syz
[  556.045879][  T305] usb 2-1: SerialNumber: syz
[  556.071207][T24797] 9pnet_fd: Insufficient options for proto=fd
[  556.269810][  T305] usb 2-1: 0:2 : does not exist
[  556.276891][  T305] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[  556.288715][  T305] usb 2-1: USB disconnect, device number 57
[  556.304167][T18031] udevd[18031]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  556.329249][ T3111] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  556.490872][ T3111] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  556.502140][ T3111] usb 1-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[  556.511250][ T3111] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.520302][ T3111] usb 1-1: config 0 descriptor??
[  556.826283][T24818] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  556.826641][T24818] rust_binder: Error while translating object.
[  556.833864][T24818] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  556.840426][T24818] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:195
[  556.912832][T24821] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0
[  556.929876][T24821] rust_binder: Write failure EINVAL in pid:198
[  556.930219][T24821] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0
[  556.943945][T24821] rust_binder: Write failure EINVAL in pid:198
[  556.958297][ T3111] playstation 0003:054C:0BA0.0022: hidraw0: USB HID v0.00 Device [HID 054c:0ba0] on usb-dummy_hcd.0-1/input0
[  557.169040][ T3111] playstation 0003:054C:0BA0.0022: Failed to retrieve feature with reportID 18: -71
[  557.180090][ T3111] playstation 0003:054C:0BA0.0022: Failed to retrieve DualShock4 pairing info: -71
[  557.191327][ T3111] playstation 0003:054C:0BA0.0022: Failed to get MAC address from DualShock4
[  557.200568][ T3111] playstation 0003:054C:0BA0.0022: Failed to create dualshock4.
[  557.210134][ T3111] playstation 0003:054C:0BA0.0022: probe with driver playstation failed with error -71
[  557.222468][ T3111] usb 1-1: USB disconnect, device number 38
[  557.743084][T24837] rust_binder: Write failure EINVAL in pid:718
[  557.757428][T24839] ./cgroup: Can't lookup blockdev
[  557.888898][T24846] serio: Serial port ttynull
[  559.087376][ T3111] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  559.247699][ T3111] usb 2-1: Using ep0 maxpacket: 32
[  559.254612][ T3111] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  559.262892][ T3111] usb 2-1: config 0 has no interface number 0
[  559.270852][ T3111] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  559.280243][ T3111] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  559.288259][ T3111] usb 2-1: Product: syz
[  559.292514][ T3111] usb 2-1: Manufacturer: syz
[  559.297133][ T3111] usb 2-1: SerialNumber: syz
[  559.302471][ T3111] usb 2-1: config 0 descriptor??
[  559.309047][ T3111] smsc95xx v2.0.0
[  559.387539][   T36] audit: type=1400 audit(2000000343.604:68190): avc:  denied  { unmount } for  pid=21112 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  559.594975][T24882] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  559.737417][ T3111] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  559.748667][ T3111] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  560.317591][T24905] /dev/sr0: Can't lookup blockdev
[  560.379997][   T36] audit: type=1400 audit(2000000344.530:68191): avc:  denied  { lock } for  pid=24909 comm="syz.0.8771" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  560.390300][T24910] rust_binder: Write failure EINVAL in pid:746
[  560.641423][T24854] rust_binder: Write failure EFAULT in pid:217
[  560.715657][ T3111] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  560.742333][ T3111] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[  560.752633][ T3111] usb 2-1: USB disconnect, device number 58
[  560.753494][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[  561.129254][T24950] __nla_validate_parse: 2 callbacks suppressed
[  561.129278][T24950] netlink: 104 bytes leftover after parsing attributes in process `syz.2.8785'.
[  561.145313][T24950] 9pnet_fd: Insufficient options for proto=fd
[  561.388230][T24953] binder: Bad value for 'max'
[  561.594122][T24965] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  561.594145][T24965] rust_binder: Error while translating object.
[  561.602850][T24965] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  561.609047][T24965] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:761
[  561.640282][T24969] fuse: Bad value for 'fd'
[  561.641961][   T36] audit: type=1400 audit(2000000345.709:68192): avc:  denied  { setcurrent } for  pid=24967 comm="syz.0.8791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  561.700945][   T36] audit: type=1400 audit(2000000345.765:68193): avc:  denied  { create } for  pid=24972 comm="syz.1.8793" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  561.831070][T24990] netlink: 36 bytes leftover after parsing attributes in process `syz.1.8801'.
[  561.929377][T25003] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=25003 comm=syz.1.8806
[  561.942785][T25003] rust_binder: Write failure EINVAL in pid:244
[  561.956140][T25005] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  561.962517][T25005] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  561.971196][T25005] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:246
[  561.995347][T25008] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  562.013141][T25008] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  562.241056][ T3111] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  562.383911][ T3111] usb 2-1: device descriptor read/64, error -71
[  562.432287][T25025] futex_wake_op: syz.2.8814 tries to shift op by -1; fix this program
[  562.475629][T25031] xfrm0: mtu less than device minimum
[  562.636628][ T3111] usb 2-1: device descriptor read/64, error -71
[  562.690675][T25034] rust_binder: Error while translating object.
[  562.690708][T25034] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  562.696948][T25034] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:769
[  562.841955][T19901] hid (null): invalid report_size 1217476583
[  562.858266][T19901] hid-generic 06E8:0008:0007.0023: unknown main item tag 0x1
[  562.866257][T19901] hid-generic 06E8:0008:0007.0023: invalid report_size 1217476583
[  562.874261][T19901] hid-generic 06E8:0008:0007.0023: item 0 4 1 7 parsing failed
[  562.883122][T19901] hid-generic 06E8:0008:0007.0023: probe with driver hid-generic failed with error -22
[  562.893229][ T3111] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  562.946820][T18142] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  563.032248][ T3111] usb 2-1: device descriptor read/64, error -71
[  563.096995][T25054] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  563.159188][T25060] binder: Bad value for 'defcontext'
[  563.288937][ T3111] usb 2-1: device descriptor read/64, error -71
[  563.298379][T25075] tipc: Enabling of bearer <ib:pimreg> rejected, media not registered
[  563.334618][T25077] netlink: 80 bytes leftover after parsing attributes in process `syz.0.8830'.
[  563.406628][ T3111] usb usb2-port1: attempt power cycle
[  563.529806][T25089] 9pnet_fd: Insufficient options for proto=fd
[  563.620156][T13251] usb 1-1: new full-speed USB device number 39 using dummy_hcd
[  563.759179][T13251] usb 1-1: device descriptor read/64, error -71
[  563.780537][ T3111] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  563.802918][ T3111] usb 2-1: device descriptor read/8, error -71
[  563.942023][ T3111] usb 2-1: device descriptor read/8, error -71
[  564.015704][T13251] usb 1-1: device descriptor read/64, error -71
[  564.197447][ T3111] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  564.219937][ T3111] usb 2-1: device descriptor read/8, error -71
[  564.272297][T13251] usb 1-1: new full-speed USB device number 40 using dummy_hcd
[  564.358934][ T3111] usb 2-1: device descriptor read/8, error -71
[  564.411329][T13251] usb 1-1: device descriptor read/64, error -71
[  564.475526][ T3111] usb usb2-port1: unable to enumerate USB device
[  564.667832][T13251] usb 1-1: device descriptor read/64, error -71
[  564.785640][T13251] usb usb1-port1: attempt power cycle
[  565.148942][T13251] usb 1-1: new full-speed USB device number 41 using dummy_hcd
[  565.173044][T13251] usb 1-1: device descriptor read/8, error -71
[  565.239388][T25127] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  565.239415][T25127] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:254
[  565.260665][T25129] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  565.321347][T13251] usb 1-1: device descriptor read/8, error -71
[  565.587246][T13251] usb 1-1: new full-speed USB device number 42 using dummy_hcd
[  565.609706][T13251] usb 1-1: device descriptor read/8, error -71
[  565.706448][T25148] tmpfs: Unknown parameter 'nossap'
[  565.752133][T13251] usb 1-1: device descriptor read/8, error -71
[  565.795652][T25163] kvm: emulating exchange as write
[  565.876763][T13251] usb usb1-port1: unable to enumerate USB device
[  566.111455][  T611] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  566.271451][  T611] usb 2-1: Using ep0 maxpacket: 32
[  566.277738][  T611] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  566.286199][  T611] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  566.294848][  T611] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  566.303873][  T611] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  566.313908][  T611] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  566.323618][  T611] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  566.336649][  T611] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  566.345791][  T611] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  566.354600][  T611] usb 2-1: config 0 descriptor??
[  566.575144][  T611] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 63 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  567.138082][T25205] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=25205 comm=syz.2.8878
[  567.340670][T17519] usb 2-1: USB disconnect, device number 63
[  567.345339][T25211] netlink: 80 bytes leftover after parsing attributes in process `syz.1.8881'.
[  567.358616][T17519] usblp0: removed
[  567.409924][T25209] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.410008][T25213] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[  567.417237][T25209] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.428431][T25213] SELinux: failed to load policy
[  567.437110][T25209] bridge_slave_0: entered allmulticast mode
[  567.446714][T25209] bridge_slave_0: entered promiscuous mode
[  567.453339][T25209] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.460456][T25209] bridge0: port 2(bridge_slave_1) entered disabled state
[  567.467564][T25209] bridge_slave_1: entered allmulticast mode
[  567.474272][T25209] bridge_slave_1: entered promiscuous mode
[  567.535993][   T36] audit: type=1400 audit(2000000351.227:68194): avc:  denied  { setattr } for  pid=25221 comm="syz.1.8884" name="KEY" dev="sockfs" ino=112255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  567.549281][T25209] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.566040][T25209] bridge0: port 2(bridge_slave_1) entered forwarding state
[  567.573342][T25209] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.580423][T25209] bridge0: port 1(bridge_slave_0) entered forwarding state
[  567.602924][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.611409][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  567.622160][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.629300][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  567.639192][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.646305][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  567.675093][T25209] veth0_vlan: entered promiscuous mode
[  567.686721][T25209] veth1_macvtap: entered promiscuous mode
[  567.868111][T25233] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8888'.
[  567.896450][T17519] usb 2-1: new full-speed USB device number 64 using dummy_hcd
[  568.035819][T17519] usb 2-1: device descriptor read/64, error -71
[  568.174397][T13251] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  568.291972][T17519] usb 2-1: device descriptor read/64, error -71
[  568.334781][T13251] usb 3-1: Using ep0 maxpacket: 8
[  568.341222][T13251] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  568.350734][T13251] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  568.360467][T13251] usb 3-1: config 0 descriptor??
[  568.548541][T17519] usb 2-1: new full-speed USB device number 65 using dummy_hcd
[  568.688188][T17519] usb 2-1: device descriptor read/64, error -71
[  568.925558][T25241] bridge0: port 1(bridge_slave_0) entered blocking state
[  568.933580][T25241] bridge0: port 1(bridge_slave_0) entered disabled state
[  568.940904][T25241] bridge_slave_0: entered allmulticast mode
[  568.948171][T25241] bridge_slave_0: entered promiscuous mode
[  568.954996][T17519] usb 2-1: device descriptor read/64, error -71
[  568.955388][T25241] bridge0: port 2(bridge_slave_1) entered blocking state
[  568.968954][T25241] bridge0: port 2(bridge_slave_1) entered disabled state
[  568.976253][T25241] bridge_slave_1: entered allmulticast mode
[  568.982790][T25241] bridge_slave_1: entered promiscuous mode
[  569.068504][T25241] bridge0: port 2(bridge_slave_1) entered blocking state
[  569.075760][T25241] bridge0: port 2(bridge_slave_1) entered forwarding state
[  569.083146][T25241] bridge0: port 1(bridge_slave_0) entered blocking state
[  569.090204][T25241] bridge0: port 1(bridge_slave_0) entered forwarding state
[  569.098398][T17519] usb usb2-port1: attempt power cycle
[  569.120114][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  569.128341][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  569.139254][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  569.146401][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  569.156118][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  569.163283][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  569.196446][T25241] veth0_vlan: entered promiscuous mode
[  569.209890][T25241] veth1_macvtap: entered promiscuous mode
[  569.467963][T17519] usb 2-1: new full-speed USB device number 66 using dummy_hcd
[  569.490486][T17519] usb 2-1: device descriptor read/8, error -71
[  569.629447][T17519] usb 2-1: device descriptor read/8, error -71
[  569.867744][T13251] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  569.878760][T13251] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[  569.890327][T17519] usb 2-1: new full-speed USB device number 67 using dummy_hcd
[  569.898280][T13251] asix 3-1:0.0: probe with driver asix failed with error -71
[  569.906983][T13251] usb 3-1: USB disconnect, device number 30
[  569.928867][T17519] usb 2-1: device descriptor read/8, error -71
[  570.067807][T17519] usb 2-1: device descriptor read/8, error -71
[  570.107616][T25252] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8897'.
[  570.128032][T25256] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8898'.
[  570.184816][T17519] usb usb2-port1: unable to enumerate USB device
[  570.250268][T25267] kvm: user requested TSC rate below hardware speed
[  570.789879][T25280] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8907'.
[  571.178519][ T3111] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  571.338876][ T3111] usb 2-1: Using ep0 maxpacket: 32
[  571.346576][ T3111] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  571.359072][ T3111] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  571.371300][ T3111] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  571.381739][ T3111] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  571.390557][ T3111] usb 2-1: config 0 descriptor??
[  571.404110][ T3111] hub 2-1:0.0: USB hub found
[  571.614928][ T3111] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  571.902633][T25319] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:59
[  571.975056][T25321] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8922'.
[  572.007593][T25324] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:63
[  572.046684][ T3111] hid-generic 0003:046D:C31C.0024: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.1-1/input0
[  572.258201][  T305] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  572.375980][ T3111] usb 2-1: USB disconnect, device number 68
[  572.420300][  T305] usb 7-1: unable to read config index 0 descriptor/start: -61
[  572.428096][  T305] usb 7-1: can't read configurations, error -61
[  572.568210][  T305] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  572.730702][  T305] usb 7-1: unable to read config index 0 descriptor/start: -61
[  572.739442][  T305] usb 7-1: can't read configurations, error -61
[  572.746282][  T305] usb usb7-port1: attempt power cycle
[  572.811220][T25328] SELinux: security_context_str_to_sid () failed with errno=-22
[  573.113465][  T305] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  573.136783][  T305] usb 7-1: unable to read config index 0 descriptor/start: -61
[  573.144615][  T305] usb 7-1: can't read configurations, error -61
[  573.284544][  T305] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  573.308064][  T305] usb 7-1: unable to read config index 0 descriptor/start: -61
[  573.315921][  T305] usb 7-1: can't read configurations, error -61
[  573.322696][  T305] usb usb7-port1: unable to enumerate USB device
[  573.833180][T25342] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  574.147410][T25352] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8934'.
[  574.150608][  T611] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  574.321648][  T611] usb 3-1: Using ep0 maxpacket: 32
[  574.324655][T25361] binder: Bad value for 'max'
[  574.328048][  T611] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  574.344076][  T611] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  574.354226][  T611] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  574.363533][  T611] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  574.375188][  T611] usb 3-1: config 0 descriptor??
[  574.387487][  T611] hub 3-1:0.0: USB hub found
[  574.602281][  T611] hub 3-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  574.848941][T25375] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8943'.
[  574.879183][T25377] rust_binder: Write failure EFAULT in pid:314
[  575.046080][  T611] hid-generic 0003:046D:C31C.0025: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.2-1/input0
[  575.313793][T25396] SELinux: security_context_str_to_sid () failed with errno=-22
[  575.322027][T25396] SELinux: security_context_str_to_sid () failed with errno=-22
[  575.329799][  T305] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  575.369407][T19901] usb 3-1: USB disconnect, device number 31
[  575.482708][T25408] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  575.497405][  T305] usb 2-1: Using ep0 maxpacket: 32
[  575.503981][  T305] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  575.509737][T25410] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8954'.
[  575.512681][  T305] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  575.530409][  T305] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  575.539407][  T305] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  575.549218][  T305] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  575.559035][  T305] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  575.572102][  T305] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  575.581333][  T305] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.590891][  T305] usb 2-1: config 0 descriptor??
[  575.596071][T25414] fuse: Bad value for 'group_id'
[  575.601177][T25414] fuse: Bad value for 'group_id'
[  575.689862][  T611] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  575.813615][  T305] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 69 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  575.850207][  T611] usb 7-1: Using ep0 maxpacket: 8
[  575.856955][  T611] usb 7-1: unable to get BOS descriptor or descriptor too short
[  575.865990][  T611] usb 7-1: config 7 has an invalid interface number: 187 but max is 1
[  575.874614][  T611] usb 7-1: config 7 has an invalid interface number: 88 but max is 1
[  575.884643][  T611] usb 7-1: config 7 has no interface number 0
[  575.891050][  T611] usb 7-1: config 7 has no interface number 1
[  575.898067][  T611] usb 7-1: config 7 interface 187 altsetting 2 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[  575.910206][  T611] usb 7-1: config 7 interface 187 altsetting 2 endpoint 0xA has an invalid bInterval 39, changing to 9
[  575.921921][  T611] usb 7-1: config 7 interface 187 altsetting 2 has a duplicate endpoint with address 0x1, skipping
[  575.934268][  T611] usb 7-1: config 7 interface 88 altsetting 6 has an endpoint descriptor with address 0xAA, changing to 0x8A
[  575.946313][  T611] usb 7-1: config 7 interface 88 altsetting 6 has a duplicate endpoint with address 0x8A, skipping
[  575.958102][  T611] usb 7-1: config 7 interface 88 altsetting 6 endpoint 0xF has an invalid bInterval 71, changing to 10
[  575.970190][  T611] usb 7-1: config 7 interface 88 altsetting 6 endpoint 0xF has invalid maxpacket 41661, setting to 1024
[  575.981940][  T611] usb 7-1: config 7 interface 187 has no altsetting 0
[  575.988924][  T611] usb 7-1: config 7 interface 88 has no altsetting 0
[  575.998933][  T611] usb 7-1: string descriptor 0 read error: -22
[  576.005425][  T611] usb 7-1: New USB device found, idVendor=05e0, idProduct=2008, bcdDevice=41.b1
[  576.014832][  T611] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.037663][  T305] usb 2-1: USB disconnect, device number 69
[  576.047177][  T305] usblp0: removed
[  576.060632][T25434] SELinux: failed to load policy
[  576.068116][T25434] tipc: Started in network mode
[  576.073131][T25434] tipc: Node identity ac14142f, cluster identity 4711
[  576.080155][T25434] tipc: New replicast peer: 0.0.0.0
[  576.085977][T25434] tipc: Enabled bearer <udp:syz2>, priority 10
[  576.092751][T25434] netlink: 'syz.2.8962': attribute type 4 has an invalid length.
[  576.100739][T25434] netlink: 17 bytes leftover after parsing attributes in process `syz.2.8962'.
[  576.112807][T25434] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00aa
[  576.303613][  T611] usb 7-1: USB disconnect, device number 16
[  576.401316][T25449] netlink: 80 bytes leftover after parsing attributes in process `syz.6.8966'.
[  576.434073][T25451] binder: Unknown parameter 'max.00000000000017'
[  576.457644][T25453] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  576.461087][T25453] rust_binder: Write failure EFAULT in pid:90
[  576.501850][T25461] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:55
[  576.508208][T25460] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:55
[  576.536387][T25464] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0
[  576.553660][T25464] rust_binder: Write failure EINVAL in pid:59
[  576.611174][T25470] netlink: 80 bytes leftover after parsing attributes in process `syz.6.8975'.
[  576.684752][T25475] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  576.684785][T25475] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  576.691456][T25475] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  576.705474][T25475] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  576.711989][T25475] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  576.732361][T25475] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  576.739255][T25475] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  576.748482][T25475] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  576.755067][T25475] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  576.762404][T25475] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  576.769924][T25476] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  576.906508][T25488] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  577.037694][   T12] bridge_slave_1: left allmulticast mode
[  577.066913][   T12] bridge_slave_1: left promiscuous mode
[  577.073051][T25492] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:102
[  577.078429][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  577.096823][   T12] bridge_slave_0: left allmulticast mode
[  577.102650][   T12] bridge_slave_0: left promiscuous mode
[  577.108336][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  577.159607][T25497] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  577.198909][   T45] Bluetooth: hci0: Frame reassembly failed (-84)
[  577.239108][   T12] veth1_macvtap: left promiscuous mode
[  577.244765][   T12] veth0_vlan: left promiscuous mode
[  577.285327][T13251] tipc: Node number set to 2886997039
[  577.362801][T25491] bridge0: port 1(bridge_slave_0) entered blocking state
[  577.370039][T25491] bridge0: port 1(bridge_slave_0) entered disabled state
[  577.377296][T25491] bridge_slave_0: entered allmulticast mode
[  577.386101][T25491] bridge_slave_0: entered promiscuous mode
[  577.393066][T25491] bridge0: port 2(bridge_slave_1) entered blocking state
[  577.400614][T25491] bridge0: port 2(bridge_slave_1) entered disabled state
[  577.407931][T25491] bridge_slave_1: entered allmulticast mode
[  577.414575][T25491] bridge_slave_1: entered promiscuous mode
[  577.489396][T25491] bridge0: port 2(bridge_slave_1) entered blocking state
[  577.496580][T25491] bridge0: port 2(bridge_slave_1) entered forwarding state
[  577.503874][T25491] bridge0: port 1(bridge_slave_0) entered blocking state
[  577.510962][T25491] bridge0: port 1(bridge_slave_0) entered forwarding state
[  577.534838][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  577.542574][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  577.553182][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  577.560263][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  577.570759][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  577.577970][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  577.612538][T25491] veth0_vlan: entered promiscuous mode
[  577.629531][T25491] veth1_macvtap: entered promiscuous mode
[  577.637116][T25518] netlink: 80 bytes leftover after parsing attributes in process `syz.2.8990'.
[  577.680591][T25525] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 0
[  577.687818][T25525] rust_binder: Write failure EINVAL in pid:86
[  578.052528][  T477] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  578.246428][  T477] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  578.257640][  T477] usb 8-1: config 27 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  578.269752][  T477] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  578.280850][  T477] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  578.291187][  T477] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  578.300319][  T477] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  578.310977][  T477] usb 8-1: invalid MIDI out EP 0
[  578.323309][T17558] udevd[17558]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:27.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  578.341457][  T477] snd-usb-audio 8-1:27.0: probe with driver snd-usb-audio failed with error -22
[  578.438176][   T12] bridge_slave_1: left allmulticast mode
[  578.443906][   T12] bridge_slave_1: left promiscuous mode
[  578.449833][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  578.457677][   T12] bridge_slave_0: left allmulticast mode
[  578.463504][   T12] bridge_slave_0: left promiscuous mode
[  578.469155][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  578.561934][T25539] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  578.570782][T25539] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  578.588290][  T477] usb 8-1: USB disconnect, device number 6
[  578.613027][   T12] veth1_macvtap: left promiscuous mode
[  578.618686][   T12] veth0_vlan: left promiscuous mode
[  578.671069][T25552] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  578.671112][T25552] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:11
[  578.693270][T25542] bridge0: port 1(bridge_slave_0) entered blocking state
[  578.709762][T25542] bridge0: port 1(bridge_slave_0) entered disabled state
[  578.717369][T25542] bridge_slave_0: entered allmulticast mode
[  578.723676][T25542] bridge_slave_0: entered promiscuous mode
[  578.730972][T25542] bridge0: port 2(bridge_slave_1) entered blocking state
[  578.738240][T25542] bridge0: port 2(bridge_slave_1) entered disabled state
[  578.745346][T25542] bridge_slave_1: entered allmulticast mode
[  578.751869][T25542] bridge_slave_1: entered promiscuous mode
[  578.809889][T25542] bridge0: port 2(bridge_slave_1) entered blocking state
[  578.817338][T25542] bridge0: port 2(bridge_slave_1) entered forwarding state
[  578.824717][T25542] bridge0: port 1(bridge_slave_0) entered blocking state
[  578.832879][T25542] bridge0: port 1(bridge_slave_0) entered forwarding state
[  578.854681][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  578.862443][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  578.876806][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  578.883991][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  578.893288][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  578.900526][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  578.918879][T17519] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  578.933862][T25542] veth0_vlan: entered promiscuous mode
[  578.946509][T25542] veth1_macvtap: entered promiscuous mode
[  579.078764][T17519] usb 3-1: Using ep0 maxpacket: 16
[  579.084066][T25564] netlink: 72 bytes leftover after parsing attributes in process `syz.5.9004'.
[  579.085364][T17519] usb 3-1: config 0 has an invalid descriptor of length 100, skipping remainder of the config
[  579.099225][T25564] can0: slcan on ttyS3.
[  579.106397][T17519] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  579.129178][T17519] usb 3-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d
[  579.138573][T17519] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  579.148328][T17519] usb 3-1: Product: syz
[  579.152654][T17519] usb 3-1: Manufacturer: syz
[  579.157830][T17519] usb 3-1: SerialNumber: syz
[  579.169798][T17519] usb 3-1: config 0 descriptor??
[  579.197008][T25563] can0 (unregistered): slcan off ttyS3.
[  579.368020][   T53] Bluetooth: hci0: command 0x1003 tx timeout
[  579.374583][T18142] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  579.535416][T25605] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  579.544664][T25605] rust_binder: Write failure EINVAL in pid:343
[  579.568172][T17519] usb 3-1: USB disconnect, device number 32
[  579.637865][T25610] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 18446744073709550742)
[  579.637901][T25610] rust_binder: Error while translating object.
[  579.650748][T25610] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  579.657456][T25610] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:345
[  579.816450][T19901] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  579.987482][T19901] usb 8-1: Using ep0 maxpacket: 32
[  579.994110][T19901] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  580.002608][T19901] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  580.011441][T19901] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  580.021009][T19901] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  580.031212][T19901] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  580.041525][T19901] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  580.055661][T19901] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  580.064994][T19901] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.074216][T19901] usb 8-1: config 0 descriptor??
[  580.349687][T19901] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  580.407903][  T304] bridge_slave_1: left allmulticast mode
[  580.414070][  T304] bridge_slave_1: left promiscuous mode
[  580.420136][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.428074][  T304] bridge_slave_0: left allmulticast mode
[  580.434013][  T304] bridge_slave_0: left promiscuous mode
[  580.439817][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  580.567854][T17519] usb 8-1: USB disconnect, device number 7
[  580.578479][T17519] usblp0: removed
[  580.593495][T25624] rust_binder: Write failure EINVAL in pid:348
[  580.616212][  T304] veth1_macvtap: left promiscuous mode
[  580.628394][  T304] veth0_vlan: left promiscuous mode
[  580.699986][T25622] bridge0: port 1(bridge_slave_0) entered blocking state
[  580.707197][T25622] bridge0: port 1(bridge_slave_0) entered disabled state
[  580.714413][T25622] bridge_slave_0: entered allmulticast mode
[  580.720947][T25622] bridge_slave_0: entered promiscuous mode
[  580.730186][T25622] bridge0: port 2(bridge_slave_1) entered blocking state
[  580.738555][T25622] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.746335][T25622] bridge_slave_1: entered allmulticast mode
[  580.749531][T25640] netlink: 80 bytes leftover after parsing attributes in process `syz.1.9022'.
[  580.753291][T25622] bridge_slave_1: entered promiscuous mode
[  580.854044][T25644] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9024'.
[  580.867896][T25622] bridge0: port 2(bridge_slave_1) entered blocking state
[  580.875054][T25622] bridge0: port 2(bridge_slave_1) entered forwarding state
[  580.882408][T25622] bridge0: port 1(bridge_slave_0) entered blocking state
[  580.889606][T25622] bridge0: port 1(bridge_slave_0) entered forwarding state
[  580.921908][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  580.937800][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.951082][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  580.958192][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  580.982354][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  580.989497][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  581.049477][T25622] veth0_vlan: entered promiscuous mode
[  581.064399][T25622] veth1_macvtap: entered promiscuous mode
[  581.183292][T25663] netlink: 80 bytes leftover after parsing attributes in process `syz.3.9030'.
[  581.315159][T25679] netlink: 12 bytes leftover after parsing attributes in process `syz.7.9035'.
[  581.578762][T25698] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:21
[  581.579121][T25698] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  581.588846][T25698] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:21
[  582.157673][ T3111] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  582.332859][ T3111] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  582.350102][ T3111] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  582.362599][ T3111] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  582.397587][ T3111] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.400518][T25723] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0
[  582.418206][ T3111] usb 4-1: config 0 descriptor??
[  582.428677][T25723] rust_binder: Write failure EINVAL in pid:143
[  582.432394][T25723] rust_binder: Write failure EFAULT in pid:143
[  582.538095][T25728] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  582.574102][T25728] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:43
[  582.676864][T25734] netlink: 80 bytes leftover after parsing attributes in process `syz.2.9052'.
[  582.736726][T25743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  582.759480][T25743] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  582.775427][T25743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  582.788754][T25743] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  582.802531][T25743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  582.824500][T25748] rust_binder: Write failure EINVAL in pid:150
[  582.827993][T25751] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  582.844359][T25743] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  582.858606][T25751] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  582.868252][ T3111] holtek_kbd 0003:04D9:A055.0026: item fetching failed at offset 0/3
[  582.886025][ T3111] holtek_kbd 0003:04D9:A055.0026: probe with driver holtek_kbd failed with error -22
[  582.983063][T25759] netlink: 'syz.2.9059': attribute type 4 has an invalid length.
[  582.998888][   T36] audit: type=1400 audit(2000000365.689:68195): avc:  denied  { listen } for  pid=25758 comm="syz.2.9059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  583.019671][   T46] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  583.050089][   T36] audit: type=1400 audit(2000000365.717:68196): avc:  denied  { read write } for  pid=25491 comm="syz-executor" name="loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  583.078665][   T36] audit: type=1400 audit(2000000365.717:68197): avc:  denied  { read write } for  pid=25209 comm="syz-executor" name="loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  583.100706][  T477] usb 4-1: USB disconnect, device number 13
[  583.105890][   T36] audit: type=1400 audit(2000000365.717:68198): avc:  denied  { open } for  pid=25209 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  583.135162][T25770] netlink: 80 bytes leftover after parsing attributes in process `syz.2.9063'.
[  583.138034][   T36] audit: type=1400 audit(2000000365.717:68199): avc:  denied  { open } for  pid=25491 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  583.172525][   T36] audit: type=1400 audit(2000000365.717:68200): avc:  denied  { ioctl } for  pid=25491 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  583.200479][   T36] audit: type=1400 audit(2000000365.717:68201): avc:  denied  { ioctl } for  pid=25209 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  583.655418][   T46] usb 2-1: device not accepting address 70, error -71
[  583.737092][   T36] audit: type=1400 audit(2000000366.381:68202): avc:  denied  { set_context_mgr } for  pid=25808 comm="syz.1.9076" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  583.738042][T25809] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  583.757845][   T36] audit: type=1400 audit(2000000366.381:68203): avc:  denied  { call } for  pid=25808 comm="syz.1.9076" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  583.758174][T25809] rust_binder: Error while translating object.
[  583.769217][   T36] audit: type=1400 audit(2000000366.381:68204): avc:  denied  { transfer } for  pid=25808 comm="syz.1.9076" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  583.797455][T25809] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  583.815602][T25809] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:371
[  584.093646][T25821] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  584.413394][  T305] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  584.584500][  T305] usb 8-1: Using ep0 maxpacket: 16
[  584.591862][  T305] usb 8-1: unable to get BOS descriptor or descriptor too short
[  584.600521][  T305] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  584.611108][  T305] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  584.620056][  T305] usb 8-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 4, skipping
[  584.631415][  T305] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  584.646254][  T305] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  584.655359][  T305] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  584.663418][  T305] usb 8-1: Product: syz
[  584.667696][  T305] usb 8-1: Manufacturer: syz
[  584.672355][  T305] usb 8-1: SerialNumber: syz
[  584.826941][T25831] rust_binder: Write failure EINVAL in pid:35
[  584.829467][T25831] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=25831 comm=syz.3.9085
[  584.902344][  T305] usb 8-1: 0:2 : does not exist
[  584.909450][  T305] usb 8-1: USB disconnect, device number 8
[  584.986867][T25837] rust_binder: Write failure EFAULT in pid:384
[  585.225945][  T305] usb 8-1: new full-speed USB device number 9 using dummy_hcd
[  585.247531][   T46] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[  585.398307][  T305] usb 8-1: not running at top speed; connect to a high speed hub
[  585.407013][  T305] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  585.408915][   T46] usb 2-1: config index 0 descriptor too short (expected 45, got 36)
[  585.417588][  T305] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  585.425914][   T46] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  585.435112][  T305] usb 8-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 4, skipping
[  585.446800][   T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  585.458659][  T305] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  585.469916][   T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  585.486263][  T305] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  585.492887][   T46] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  585.502614][  T305] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  585.515443][   T46] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  585.523582][  T305] usb 8-1: Product: syz
[  585.533082][   T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  585.538156][  T305] usb 8-1: Manufacturer: 㳔膡奤홻盌㺧涖쁤遻⪾䣵℟ᬬ뒇蟋崞鯐䤖⡇䋠귒Ꙋ弄앀鴂舙ޘ郞醢߻鱝쿕涋뺨乬齕ᬾҺ꼸Ꮇ駶䱡⁥谏﬍밞㾱逞拏뾵列㓈濤몳ም뉘裃濠ᩜ쮹幚뛍常῕罚榀牴㷊ᆷꎱﵢᲵ뼸笚ꑌ﹑ꬽ
[  585.547967][   T46] usb 2-1: config 0 descriptor??
[  585.572626][  T305] usb 8-1: SerialNumber: syz
[  585.801944][T25827] rust_binder: Error while translating object.
[  585.801984][T25827] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  585.808400][T25827] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:74
[  585.821426][  T305] usb 8-1: 0:2 : does not exist
[  585.843215][  T305] usb 8-1: USB disconnect, device number 9
[  585.851510][T18031] udevd[18031]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  586.012768][   T46] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  586.020255][   T46] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  586.027758][   T46] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  586.035177][   T46] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  586.042945][   T46] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  586.050411][   T46] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  586.057871][   T46] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  586.065346][   T46] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  586.072813][   T46] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  586.080211][   T46] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  586.087691][   T46] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  586.095271][   T46] plantronics 0003:047F:FFFF.0027: No inputs registered, leaving
[  586.104576][   T46] plantronics 0003:047F:FFFF.0027: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  586.188062][  T477] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  586.297447][   T10] usb 2-1: USB disconnect, device number 72
[  586.349789][  T477] usb 4-1: unable to get BOS descriptor or descriptor too short
[  586.358404][  T477] usb 4-1: config 1 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  586.371493][  T477] usb 4-1: config 1 interface 0 has no altsetting 0
[  586.382515][  T477] usb 4-1: language id specifier not provided by device, defaulting to English
[  586.387805][T25848] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:76
[  586.395896][  T477] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  586.417515][  T477] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  586.426191][  T477] usb 4-1: Product: syz
[  586.430603][  T477] usb 4-1: Manufacturer: syz
[  586.435596][  T477] usb 4-1: SerialNumber: syz
[  586.866227][T25855] netlink: 80 bytes leftover after parsing attributes in process `syz.1.9093'.
[  587.255791][  T477] usb 4-1: USB disconnect, device number 14
[  587.291510][T25880] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  587.291544][T25880] rust_binder: Error while translating object.
[  587.302827][T25880] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  587.309585][T25880] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:198
[  587.589348][   T12] bridge_slave_1: left allmulticast mode
[  587.605077][   T12] bridge_slave_1: left promiscuous mode
[  587.610855][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  587.618645][   T12] bridge_slave_0: left allmulticast mode
[  587.624432][   T12] bridge_slave_0: left promiscuous mode
[  587.630112][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  587.767295][   T12] veth1_macvtap: left promiscuous mode
[  587.773127][   T12] veth0_vlan: left promiscuous mode
[  587.851787][T25882] bridge0: port 1(bridge_slave_0) entered blocking state
[  587.859049][T25882] bridge0: port 1(bridge_slave_0) entered disabled state
[  587.866224][T25882] bridge_slave_0: entered allmulticast mode
[  587.872890][T25882] bridge_slave_0: entered promiscuous mode
[  587.880310][T25882] bridge0: port 2(bridge_slave_1) entered blocking state
[  587.887430][T25882] bridge0: port 2(bridge_slave_1) entered disabled state
[  587.894712][T25882] bridge_slave_1: entered allmulticast mode
[  587.901082][T25882] bridge_slave_1: entered promiscuous mode
[  587.958076][T25882] bridge0: port 2(bridge_slave_1) entered blocking state
[  587.965244][T25882] bridge0: port 2(bridge_slave_1) entered forwarding state
[  587.972606][T25882] bridge0: port 1(bridge_slave_0) entered blocking state
[  587.979693][T25882] bridge0: port 1(bridge_slave_0) entered forwarding state
[  588.002095][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  588.009554][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  588.028067][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  588.035202][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  588.045282][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[  588.052429][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  588.061006][T25889] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9107'.
[  588.096902][T25882] veth0_vlan: entered promiscuous mode
[  588.109136][T25882] veth1_macvtap: entered promiscuous mode
[  588.149136][T25897] rust_binder: Error while translating object.
[  588.149165][T25897] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  588.156340][T25897] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:201
[  588.174808][T25899] rust_binder: Write failure EINVAL in pid:57
[  588.187805][T25899] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  588.200767][T25904] netlink: 80 bytes leftover after parsing attributes in process `syz.8.9104'.
[  588.326956][  T477] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[  588.486564][T17519] usb 9-1: new high-speed USB device number 52 using dummy_hcd
[  588.494247][  T477] usb 2-1: Using ep0 maxpacket: 32
[  588.500762][  T477] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  588.511773][  T477] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  588.522130][  T477] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  588.531396][T13251] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  588.539088][  T477] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  588.550842][  T477] usb 2-1: config 0 descriptor??
[  588.558918][T25923] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  588.563389][  T477] hub 2-1:0.0: USB hub found
[  588.566768][T25923] rust_binder: Write failure EINVAL in pid:216
[  588.668292][T17519] usb 9-1: Using ep0 maxpacket: 16
[  588.681405][T17519] usb 9-1: config 1 interface 0 altsetting 5 bulk endpoint 0x82 has invalid maxpacket 32
[  588.691634][T17519] usb 9-1: config 1 interface 0 has no altsetting 0
[  588.699771][T17519] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  588.709073][T17519] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  588.717718][T17519] usb 9-1: Product: ᐁ
[  588.722299][T17519] usb 9-1: Manufacturer: ᠁
[  588.727195][T17519] usb 9-1: SerialNumber: Х
[  588.732180][T13251] usb 4-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  588.745443][T25908] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[  588.747703][T13251] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  588.764973][T25928] netlink: 'syz.2.9121': attribute type 4 has an invalid length.
[  588.765471][T13251] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  588.773430][T25928] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.9121'.
[  588.786356][  T477] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  588.803426][T13251] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  588.813447][T13251] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  588.825085][T25917] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  589.206868][T17519] usblp 9-1:1.0: usblp0: USB Bidirectional printer dev 52 if 0 alt 5 proto 2 vid 0x0525 pid 0xA4A8
[  589.224216][T17519] usb 9-1: USB disconnect, device number 52
[  589.232512][  T477] hid-generic 0003:046D:C31C.0028: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.1-1/input0
[  589.244701][T17519] usblp0: removed
[  589.545080][T19901] usb 2-1: USB disconnect, device number 73
[  589.563507][T25931] netlink: 80 bytes leftover after parsing attributes in process `syz.2.9122'.
[  589.768956][T25940] tmpfs: Bad value for 'huge'
[  589.776282][T25941] tmpfs: Bad value for 'huge'
[  589.788742][T25938] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:6
[  590.154759][T25973] binder: Bad value for 'stats'
[  590.192563][   T36] kauditd_printk_skb: 3 callbacks suppressed
[  590.192583][   T36] audit: type=1400 audit(2000000372.414:68208): avc:  denied  { map } for  pid=25974 comm="syz.8.9136" path="socket:[118676]" dev="sockfs" ino=118676 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  590.239858][  T410] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[  590.300988][T25971] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  590.413110][  T410] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  590.432691][  T410] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  590.442165][  T410] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  590.456081][  T410] usb 2-1: config 0 descriptor??
[  590.720889][   T10] usb 9-1: new high-speed USB device number 53 using dummy_hcd
[  590.881277][   T10] usb 9-1: Using ep0 maxpacket: 32
[  590.887786][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  590.899068][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  590.900659][  T410] koneplus 0003:1E7D:2E22.0029: unknown global tag 0xd
[  590.909305][   T10] usb 9-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  590.918679][  T410] koneplus 0003:1E7D:2E22.0029: item 0 4 1 13 parsing failed
[  590.925826][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  590.933330][  T410] koneplus 0003:1E7D:2E22.0029: parse failed
[  590.942527][   T10] usb 9-1: config 0 descriptor??
[  590.951523][  T410] koneplus 0003:1E7D:2E22.0029: probe with driver koneplus failed with error -22
[  590.955004][   T10] hub 9-1:0.0: USB hub found
[  591.118682][T19901] usb 2-1: USB disconnect, device number 74
[  591.168467][   T10] hub 9-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  591.602843][   T10] hid-generic 0003:046D:C31C.002A: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.8-1/input0
[  591.929032][  T410] usb 9-1: USB disconnect, device number 53
[  591.955956][T26008] rust_binder: Error while translating object.
[  591.955992][T26008] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  591.962328][T26008] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:259
[  592.228274][   T10] usb 3-1: new low-speed USB device number 33 using dummy_hcd
[  592.377948][   T10] usb 3-1: device descriptor read/64, error -71
[  592.468392][T26020] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1549 sclass=netlink_route_socket pid=26020 comm=syz.1.9152
[  592.510892][T26024] netlink: 80 bytes leftover after parsing attributes in process `syz.1.9154'.
[  592.645188][   T10] usb 3-1: device descriptor read/64, error -71
[  592.656911][T13251] aiptek 4-1:17.0: Aiptek using 400 ms programming speed
[  592.672387][T13251] input: Aiptek as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.0/input/input42
[  592.700785][T26033] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9157'.
[  592.720166][  T477] usb 9-1: new high-speed USB device number 54 using dummy_hcd
[  592.733772][T26035] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  592.822385][T26039] binder: Bad value for 'stats'
[  592.832668][T13251] usb 4-1: USB disconnect, device number 15
[  592.838691][    C0] aiptek 4-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  592.891072][  T477] usb 9-1: Using ep0 maxpacket: 16
[  592.897650][  T477] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  592.908094][  T477] usb 9-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  592.918625][   T10] usb 3-1: new low-speed USB device number 34 using dummy_hcd
[  592.928287][  T477] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  592.939394][  T477] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  592.949483][  T477] usb 9-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  592.960629][  T477] usb 9-1: config 1 interface 1 has no altsetting 0
[  592.969317][  T477] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  592.978508][  T477] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  592.986673][  T477] usb 9-1: Product: syz
[  592.991130][  T477] usb 9-1: Manufacturer: syz
[  592.995784][  T477] usb 9-1: SerialNumber: syz
[  593.105032][   T10] usb 3-1: device descriptor read/64, error -71
[  593.219477][T26049] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[  593.229785][T26051] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[  593.247815][  T477] usb 9-1: 2:1 : no or invalid class specific endpoint descriptor
[  593.256431][  T477] usb 9-1: 2:1 : format type 9 is not supported yet
[  593.270193][  T477] usb 9-1: USB disconnect, device number 54
[  593.282211][T18031] udevd[18031]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  593.331297][T26053] netlink: 80 bytes leftover after parsing attributes in process `syz.3.9163'.
[  593.361494][   T10] usb 3-1: device descriptor read/64, error -71
[  593.485262][   T10] usb usb3-port1: attempt power cycle
[  593.518298][   T36] audit: type=1400 audit(2000000375.529:68209): avc:  denied  { lock } for  pid=26060 comm="syz.3.9166" path="socket:[120000]" dev="sockfs" ino=120000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  593.544045][T26066] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9167'.
[  593.853193][   T10] usb 3-1: new low-speed USB device number 35 using dummy_hcd
[  593.875759][   T10] usb 3-1: device descriptor read/8, error -71
[  594.014748][   T10] usb 3-1: device descriptor read/8, error -71
[  594.270194][   T10] usb 3-1: new low-speed USB device number 36 using dummy_hcd
[  594.303549][   T10] usb 3-1: device descriptor read/8, error -71
[  594.324995][T26082] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  594.451838][   T10] usb 3-1: device descriptor read/8, error -71
[  594.470522][T26085] netlink: 100 bytes leftover after parsing attributes in process `syz.8.9173'.
[  594.480563][T26085] netlink: 57 bytes leftover after parsing attributes in process `syz.8.9173'.
[  594.549396][T26092] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9177'.
[  594.581176][   T10] usb usb3-port1: unable to enumerate USB device
[  594.644424][T26103] input: syz1 as /devices/virtual/input/input43
[  594.653031][T26103] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  594.653064][T26103] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:464
[  594.663847][T26105] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  594.796608][T26112] rust_binder: Failed to allocate buffer. len:4200, is_oneway:false
[  594.796635][T26111] rust_binder: Error while translating object.
[  594.796650][T26112] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  594.803310][T26111] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  594.811629][T26112] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:471
[  594.818378][T26111] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:471
[  594.858241][   T10] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[  594.904771][T26118] netlink: 80 bytes leftover after parsing attributes in process `syz.1.9184'.
[  595.030444][   T10] usb 4-1: config 0 has no interfaces?
[  595.037746][   T10] usb 4-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[  595.047018][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  595.055164][   T10] usb 4-1: Product: syz
[  595.059373][   T10] usb 4-1: Manufacturer: syz
[  595.064111][   T10] usb 4-1: SerialNumber: syz
[  595.069519][   T10] usb 4-1: config 0 descriptor??
[  595.543110][T26096] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  595.551991][T26096] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  595.565597][   T10] usb 4-1: USB disconnect, device number 16
[  595.619573][T26135] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  595.664449][T26143] netlink: 80 bytes leftover after parsing attributes in process `syz.1.9194'.
[  595.828503][T26150] binder: Binderfs stats mode cannot be changed during a remount
[  595.879443][T26152] netlink: 'syz.8.9198': attribute type 6 has an invalid length.
[  596.034349][T26162] rust_binder: Error while translating object.
[  596.034389][T26162] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  596.041583][T26162] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:277
[  596.058360][T26165] rust_binder: Error while translating object.
[  596.068433][T26165] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  596.074756][T26165] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:71
[  596.099114][T26168] netlink: 80 bytes leftover after parsing attributes in process `syz.8.9203'.
[  596.148028][   T36] audit: type=1400 audit(2000000377.989:68210): avc:  denied  { execute } for  pid=26169 comm="syz.8.9204" path="/dev/binderfs/binder0" dev="binder" ino=79 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  596.379241][T26187] kvm: kvm [26186]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc2) = 0xffffffffffff6253
[  596.506777][   T36] audit: type=1400 audit(2000000378.326:68211): avc:  denied  { getattr } for  pid=26193 comm="syz.8.9212" path="cgroup:[4026532309]" dev="nsfs" ino=4026532309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  596.508526][T26194] tipc: Started in network mode
[  596.536303][T26194] tipc: Node identity 56800a021f82, cluster identity 4711
[  596.543912][T26194] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  596.566157][T26195] syzkaller0: entered promiscuous mode
[  596.571724][T26195] syzkaller0: entered allmulticast mode
[  596.577808][T26195] tipc: Resetting bearer <eth:syzkaller0>
[  596.584512][T26193] tipc: Resetting bearer <eth:syzkaller0>
[  596.597650][T26193] tipc: Disabling bearer <eth:syzkaller0>
[  596.976228][   T45] bridge_slave_1: left allmulticast mode
[  596.982357][   T45] bridge_slave_1: left promiscuous mode
[  596.988280][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  596.996963][   T45] bridge_slave_0: left allmulticast mode
[  597.005712][   T45] bridge_slave_0: left promiscuous mode
[  597.011640][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  597.025880][T26217] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  597.061925][T26219] rust_binder: Error while translating object.
[  597.068458][T26219] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  597.075747][T26219] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:108
[  597.139675][   T45] veth1_macvtap: left promiscuous mode
[  597.166503][   T45] veth0_vlan: left promiscuous mode
[  597.213825][T26217] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  597.275669][T26202] bridge0: port 1(bridge_slave_0) entered blocking state
[  597.289302][T26202] bridge0: port 1(bridge_slave_0) entered disabled state
[  597.297321][T26202] bridge_slave_0: entered allmulticast mode
[  597.303871][T26202] bridge_slave_0: entered promiscuous mode
[  597.313714][T26202] bridge0: port 2(bridge_slave_1) entered blocking state
[  597.321022][T26202] bridge0: port 2(bridge_slave_1) entered disabled state
[  597.328430][T26202] bridge_slave_1: entered allmulticast mode
[  597.334860][T26202] bridge_slave_1: entered promiscuous mode
[  597.463767][T26202] bridge0: port 2(bridge_slave_1) entered blocking state
[  597.470982][T26202] bridge0: port 2(bridge_slave_1) entered forwarding state
[  597.478330][T26202] bridge0: port 1(bridge_slave_0) entered blocking state
[  597.485395][T26202] bridge0: port 1(bridge_slave_0) entered forwarding state
[  597.517584][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  597.525490][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  597.537855][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  597.545082][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  597.555494][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[  597.558197][T26247] FAULT_INJECTION: forcing a failure.
[  597.558197][T26247] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  597.562583][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  597.576839][T26247] CPU: 1 UID: 0 PID: 26247 Comm: syz.2.9232 Not tainted 6.12.30-syzkaller-g94ce385c22d5 #0 16e511e29439c8b2668c1520ec6e7e54ef5e5f6a
[  597.576878][T26247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  597.576895][T26247] Call Trace:
[  597.576905][T26247]  <TASK>
[  597.576916][T26247]  __dump_stack+0x21/0x30
[  597.576957][T26247]  dump_stack_lvl+0x10c/0x190
[  597.576987][T26247]  ? __cfi_dump_stack_lvl+0x10/0x10
[  597.577020][T26247]  dump_stack+0x19/0x20
[  597.577048][T26247]  should_fail_ex+0x3d9/0x530
[  597.577082][T26247]  should_fail+0xf/0x20
[  597.577110][T26247]  should_fail_usercopy+0x1e/0x30
[  597.577144][T26247]  _copy_to_user+0x24/0xa0
[  597.577181][T26247]  simple_read_from_buffer+0xed/0x160
[  597.577212][T26247]  proc_fail_nth_read+0x19e/0x210
[  597.577241][T26247]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  597.577270][T26247]  ? bpf_lsm_file_permission+0xd/0x20
[  597.577301][T26247]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  597.577327][T26247]  vfs_read+0x27b/0xb60
[  597.577372][T26247]  ? __cfi_lru_add_drain_cpu+0x10/0x10
[  597.577400][T26247]  ? __cfi_vfs_read+0x10/0x10
[  597.577430][T26247]  ? __kasan_check_write+0x18/0x20
[  597.577657][T26247]  ? mutex_lock+0x92/0x1c0
[  597.577692][T26247]  ? __cfi_mutex_lock+0x10/0x10
[  597.577720][T26247]  ? __fget_files+0x2c5/0x340
[  597.577750][T26247]  ksys_read+0x141/0x250
[  597.577779][T26247]  ? __fget_files+0x2c5/0x340
[  597.577816][T26247]  ? __cfi_ksys_read+0x10/0x10
[  597.577864][T26247]  ? __kasan_check_read+0x15/0x20
[  597.577896][T26247]  __x64_sys_read+0x7f/0x90
[  597.577928][T26247]  x64_sys_call+0x2638/0x2ee0
[  597.577966][T26247]  do_syscall_64+0x58/0xf0
[  597.577989][T26247]  ? clear_bhb_loop+0x50/0xa0
[  597.578019][T26247]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  597.578049][T26247] RIP: 0033:0x7f4fe478d33c
[  597.578075][T26247] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  597.578099][T26247] RSP: 002b:00007f4fe5655030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  597.578128][T26247] RAX: ffffffffffffffda RBX: 00007f4fe49b5fa0 RCX: 00007f4fe478d33c
[  597.578160][T26247] RDX: 000000000000000f RSI: 00007f4fe56550a0 RDI: 0000000000000004
[  597.578178][T26247] RBP: 00007f4fe5655090 R08: 0000000000000000 R09: 0000000000000000
[  597.578196][T26247] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  597.578213][T26247] R13: 0000000000000000 R14: 00007f4fe49b5fa0 R15: 00007ffd500553f8
[  597.578235][T26247]  </TASK>
[  597.659395][   T36] audit: type=1400 audit(2000000379.355:68212): avc:  denied  { map } for  pid=26250 comm="syz.2.9234" path="/dev/vhost-vsock" dev="devtmpfs" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  597.707899][T26202] veth0_vlan: entered promiscuous mode
[  597.894696][T26202] veth1_macvtap: entered promiscuous mode
[  597.916286][T17519] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  597.932538][T26256] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  598.057519][   T36] audit: type=1326 audit(2000000379.776:68213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26268 comm="syz.9.9240" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f147998e929 code=0x40000000
[  598.097761][T17519] usb 4-1: Using ep0 maxpacket: 32
[  598.104593][T17519] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[  598.113213][T17519] usb 4-1: config 0 has no interface number 0
[  598.120349][T17519] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  598.131469][T17519] usb 4-1: config 0 interface 85 has no altsetting 0
[  598.139679][T17519] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  598.152896][T17519] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  598.170947][T26271] can0: slcan on ttyS3.
[  598.171930][T17519] usb 4-1: Product: syz
[  598.182581][T17519] usb 4-1: Manufacturer: syz
[  598.193355][T17519] usb 4-1: SerialNumber: syz
[  598.205371][T17519] usb 4-1: config 0 descriptor??
[  598.247580][T26271] can0 (unregistered): slcan off ttyS3.
[  598.309790][T26282] x_tables: duplicate underflow at hook 1
[  598.323656][T26282] rust_binder: Write failure EINVAL in pid:130
[  598.324974][T26282] rust_binder: Write failure EINVAL in pid:130
[  598.475642][T26299] __nla_validate_parse: 3 callbacks suppressed
[  598.475668][T26299] netlink: 80 bytes leftover after parsing attributes in process `syz.8.9243'.
[  598.824165][T26316] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  599.441199][T26324] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  599.580205][T26331] netlink: 12 bytes leftover after parsing attributes in process `syz.9.9251'.
[  599.615771][T26333] netlink: 80 bytes leftover after parsing attributes in process `syz.9.9252'.
[  599.748974][T26341] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  599.749638][T26341] rust_binder: Error while translating object.
[  599.756508][T26341] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  599.762937][T26341] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:313
[  599.775512][T26341] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=26341 comm=syz.2.9255
[  599.857720][T26343] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  599.858016][T26343] rust_binder: Failed to allocate buffer. len:65376, is_oneway:true
[  599.865311][T26343] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  599.873706][T26343] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:315
[  599.885236][T26343] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  599.902576][T26345] rust_binder: Failed to allocate buffer. len:65376, is_oneway:true
[  599.902632][T26345] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  599.910993][T26345] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:315
[  599.978980][T19901] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[  600.128630][T19901] usb 10-1: device descriptor read/64, error -71
[  600.385183][T19901] usb 10-1: device descriptor read/64, error -71
[  600.631139][  T410] usb 9-1: new high-speed USB device number 55 using dummy_hcd
[  600.641760][T19901] usb 10-1: new high-speed USB device number 29 using dummy_hcd
[  600.732954][T17519] usb 4-1: USB disconnect, device number 17
[  600.747783][   T36] audit: type=1400 audit(2000000382.292:68214): avc:  denied  { ioctl } for  pid=26351 comm="syz.3.9259" path="socket:[122318]" dev="sockfs" ino=122318 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  600.780756][T19901] usb 10-1: device descriptor read/64, error -71
[  600.791484][  T410] usb 9-1: Using ep0 maxpacket: 8
[  600.799196][  T410] usb 9-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  600.808410][  T410] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  600.817212][  T410] usb 9-1: config 0 descriptor??
[  601.048025][T19901] usb 10-1: device descriptor read/64, error -71
[  601.166089][  T477] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  601.170973][T19901] usb usb10-port1: attempt power cycle
[  601.336631][  T477] usb 3-1: Using ep0 maxpacket: 32
[  601.349029][  T477] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  601.360399][  T477] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  601.370667][  T477] usb 3-1: config 0 interface 0 has no altsetting 0
[  601.377457][  T477] usb 3-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00
[  601.386648][  T477] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  601.395958][  T477] usb 3-1: config 0 descriptor??
[  601.469161][  T410] asix 9-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  601.495626][  T410] asix 9-1:0.0: probe with driver asix failed with error -61
[  601.561179][T19901] usb 10-1: new high-speed USB device number 30 using dummy_hcd
[  601.583612][T19901] usb 10-1: device descriptor read/8, error -71
[  601.663441][T26370] overlayfs: conflicting lowerdir path
[  601.722790][T19901] usb 10-1: device descriptor read/8, error -71
[  601.834603][  T477] hid-steam 0003:28DE:1205.002B: unknown main item tag 0x0
[  601.842367][  T477] hid-steam 0003:28DE:1205.002B: unknown main item tag 0x0
[  601.851655][  T477] hid-steam 0003:28DE:1205.002B: : USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.2-1/input0
[  601.858905][T26373] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  601.862649][T26373] rust_binder: Error while translating object.
[  601.874654][T26373] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  601.881703][T26373] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:121
[  601.924740][  T477] hid-steam 0003:28DE:1205.002B: Steam Controller 'XXXXXXXXXX' connected
[  601.946195][  T477] input: Steam Deck as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:28DE:1205.002B/input/input44
[  601.960680][  T477] input: Steam Deck Motion Sensors as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:28DE:1205.002B/input/input45
[  601.978501][T19901] usb 10-1: new high-speed USB device number 31 using dummy_hcd
[  601.979772][  T477] hid-steam 0003:28DE:1205.002C: unknown main item tag 0x0
[  601.995582][  T477] hid-steam 0003:28DE:1205.002C: unknown main item tag 0x0
[  602.007991][  T477] hid-steam 0003:28DE:1205.002C: hidraw0: USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.2-1/input0
[  602.014639][T19901] usb 10-1: device descriptor read/8, error -71
[  602.109024][  T477] usb 3-1: USB disconnect, device number 37
[  602.172107][T19901] usb 10-1: device descriptor read/8, error -71
[  602.288256][T19901] usb usb10-port1: unable to enumerate USB device
[  602.342230][  T477] hid-steam 0003:28DE:1205.002B: Steam Controller 'XXXXXXXXXX' disconnected
[  602.698824][T26386] netlink: 25 bytes leftover after parsing attributes in process `syz.2.9271'.
[  602.961604][T19901] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  603.124291][  T328] bridge_slave_1: left allmulticast mode
[  603.130022][  T328] bridge_slave_1: left promiscuous mode
[  603.135784][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[  603.144162][  T328] bridge_slave_0: left allmulticast mode
[  603.144622][T19901] usb 3-1: unable to get BOS descriptor or descriptor too short
[  603.150137][  T328] bridge_slave_0: left promiscuous mode
[  603.150296][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[  603.160854][T19901] usb 3-1: config 63 has an invalid interface number: 66 but max is 0
[  603.179273][T19901] usb 3-1: config 63 has an invalid descriptor of length 0, skipping remainder of the config
[  603.189525][T19901] usb 3-1: config 63 has no interface number 0
[  603.195778][T19901] usb 3-1: config 63 interface 66 has no altsetting 0
[  603.209481][T19901] usb 3-1: New USB device found, idVendor=174f, idProduct=8a31, bcdDevice=39.f4
[  603.218836][T19901] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.226926][T19901] usb 3-1: Product: syz
[  603.231976][T19901] usb 3-1: Manufacturer: syz
[  603.236602][T19901] usb 3-1: SerialNumber: syz
[  603.300355][  T328] veth1_macvtap: left promiscuous mode
[  603.303759][T17519] usb 10-1: new full-speed USB device number 32 using dummy_hcd
[  603.306415][  T328] veth0_vlan: left promiscuous mode
[  603.387359][T26392] bridge0: port 1(bridge_slave_0) entered blocking state
[  603.394559][T26392] bridge0: port 1(bridge_slave_0) entered disabled state
[  603.402083][T26392] bridge_slave_0: entered allmulticast mode
[  603.408885][T26392] bridge_slave_0: entered promiscuous mode
[  603.415785][T26392] bridge0: port 2(bridge_slave_1) entered blocking state
[  603.422905][T26392] bridge0: port 2(bridge_slave_1) entered disabled state
[  603.430226][T26392] bridge_slave_1: entered allmulticast mode
[  603.437493][T26392] bridge_slave_1: entered promiscuous mode
[  603.464586][T19901] usb 3-1: Found UVC 0.07 device syz (174f:8a31)
[  603.471192][T19901] usb 3-1: No valid video chain found.
[  603.476060][T17519] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  603.481882][T19901] usb 3-1: USB disconnect, device number 38
[  603.496280][T17519] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  603.510807][T17519] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  603.520490][T17519] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  603.530637][T17519] usb 10-1: config 0 descriptor??
[  603.569089][T26392] bridge0: port 2(bridge_slave_1) entered blocking state
[  603.576507][T26392] bridge0: port 2(bridge_slave_1) entered forwarding state
[  603.584040][T26392] bridge0: port 1(bridge_slave_0) entered blocking state
[  603.591791][T26392] bridge0: port 1(bridge_slave_0) entered forwarding state
[  603.625852][T10294] bridge0: port 1(bridge_slave_0) entered disabled state
[  603.633286][T10294] bridge0: port 2(bridge_slave_1) entered disabled state
[  603.644627][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  603.652293][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  603.662417][T10294] bridge0: port 2(bridge_slave_1) entered blocking state
[  603.669530][T10294] bridge0: port 2(bridge_slave_1) entered forwarding state
[  603.679643][  T477] usb 9-1: USB disconnect, device number 55
[  603.745806][T26392] veth0_vlan: entered promiscuous mode
[  603.766294][T26392] veth1_macvtap: entered promiscuous mode
[  603.974906][T17519] savu 0003:1E7D:2D5A.002D: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.9-1/input0
[  604.397469][T17519] usb 10-1: USB disconnect, device number 32
[  604.501149][  T477] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  604.661410][  T477] usb 1-1: Using ep0 maxpacket: 8
[  604.668206][  T477] usb 1-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x7F, changing to 0xF
[  604.680035][  T477] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  604.692626][  T477] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  604.702253][  T477] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  604.710336][  T477] usb 1-1: Product: syz
[  604.714532][  T477] usb 1-1: Manufacturer: syz
[  604.719254][  T477] usb 1-1: SerialNumber: syz
[  604.954503][T26415] netlink: 12 bytes leftover after parsing attributes in process `syz.9.9282'.
[  605.089567][T26419] netlink: 'syz.9.9284': attribute type 4 has an invalid length.
[  605.097856][T26419] lo: entered promiscuous mode
[  605.104707][T26418] lo: left promiscuous mode
[  605.362804][T26432] netlink: 12 bytes leftover after parsing attributes in process `syz.9.9291'.
[  605.388672][T26434] netlink: 'syz.9.9292': attribute type 4 has an invalid length.
[  605.396654][T26434] netlink: 3657 bytes leftover after parsing attributes in process `syz.9.9292'.
[  605.506010][T19901] usb 9-1: new high-speed USB device number 56 using dummy_hcd
[  605.523761][   T36] audit: type=1400 audit(2000000386.754:68215): avc:  denied  { relabelto } for  pid=26436 comm="syz.9.9293" name="20" dev="tmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  605.562259][   T36] audit: type=1400 audit(2000000386.801:68216): avc:  denied  { write } for  pid=26202 comm="syz-executor" name="20" dev="tmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  605.590171][   T36] audit: type=1400 audit(2000000386.801:68217): avc:  denied  { remove_name } for  pid=26202 comm="syz-executor" name="binderfs" dev="tmpfs" ino=125 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  605.617921][   T36] audit: type=1400 audit(2000000386.801:68218): avc:  denied  { rmdir } for  pid=26202 comm="syz-executor" name="20" dev="tmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  605.666460][T19901] usb 9-1: Using ep0 maxpacket: 32
[  605.673200][T19901] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  605.684265][T19901] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  605.694512][T19901] usb 9-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  605.704055][T19901] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  605.713569][T19901] usb 9-1: config 0 descriptor??
[  605.720109][T19901] hub 9-1:0.0: USB hub found
[  605.757216][T10294] bridge_slave_1: left allmulticast mode
[  605.762974][T10294] bridge_slave_1: left promiscuous mode
[  605.768866][T10294] bridge0: port 2(bridge_slave_1) entered disabled state
[  605.777196][T10294] bridge_slave_0: left allmulticast mode
[  605.782929][T10294] bridge_slave_0: left promiscuous mode
[  605.788897][T10294] bridge0: port 1(bridge_slave_0) entered disabled state
[  605.838378][  T477] cdc_ncm 1-1:1.0: bind() failure
[  605.845073][  T477] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71
[  605.853420][  T477] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71
[  605.865015][  T477] usb 1-1: USB disconnect, device number 43
[  605.916837][T26438] bridge0: port 1(bridge_slave_0) entered blocking state
[  605.924734][T26438] bridge0: port 1(bridge_slave_0) entered disabled state
[  605.932179][T26438] bridge_slave_0: entered allmulticast mode
[  605.935332][T19901] hub 9-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  605.939307][T26438] bridge_slave_0: entered promiscuous mode
[  605.953553][T26438] bridge0: port 2(bridge_slave_1) entered blocking state
[  605.960800][T26438] bridge0: port 2(bridge_slave_1) entered disabled state
[  605.968138][T26438] bridge_slave_1: entered allmulticast mode
[  605.974568][T26438] bridge_slave_1: entered promiscuous mode
[  605.985041][T10294] tipc: Disabling bearer <udp:syz2>
[  605.990400][T10294] tipc: Left network mode
[  606.044101][T10294] veth1_macvtap: left promiscuous mode
[  606.049886][T10294] veth0_vlan: left promiscuous mode
[  606.131065][T26438] bridge0: port 2(bridge_slave_1) entered blocking state
[  606.138242][T26438] bridge0: port 2(bridge_slave_1) entered forwarding state
[  606.145576][T26438] bridge0: port 1(bridge_slave_0) entered blocking state
[  606.152689][T26438] bridge0: port 1(bridge_slave_0) entered forwarding state
[  606.181401][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  606.189023][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  606.200304][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  606.207497][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  606.217592][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  606.225313][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  606.260169][T26438] veth0_vlan: entered promiscuous mode
[  606.276443][T26438] veth1_macvtap: entered promiscuous mode
[  606.365399][T19901] usbhid 9-1:0.0: can't add hid device: -71
[  606.371561][T19901] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  606.394065][T19901] usb 9-1: USB disconnect, device number 56
[  606.415004][T26448] rust_binder: Failed to allocate buffer. len:112, is_oneway:false
[  606.561143][T26455] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9299'.
[  606.594632][T26457] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[  606.834192][T26460] bridge0: port 1(bridge_slave_0) entered blocking state
[  606.841370][T26460] bridge0: port 1(bridge_slave_0) entered disabled state
[  606.849080][T26460] bridge_slave_0: entered allmulticast mode
[  606.855766][T26460] bridge_slave_0: entered promiscuous mode
[  606.863178][T26460] bridge0: port 2(bridge_slave_1) entered blocking state
[  606.870555][T26460] bridge0: port 2(bridge_slave_1) entered disabled state
[  606.877951][T26460] bridge_slave_1: entered allmulticast mode
[  606.884513][T26460] bridge_slave_1: entered promiscuous mode
[  607.221740][T10294] bridge_slave_1: left allmulticast mode
[  607.227496][T10294] bridge_slave_1: left promiscuous mode
[  607.233295][T10294] bridge0: port 2(bridge_slave_1) entered disabled state
[  607.241794][T10294] bridge_slave_0: left allmulticast mode
[  607.247734][T10294] bridge_slave_0: left promiscuous mode
[  607.253904][T10294] bridge0: port 1(bridge_slave_0) entered disabled state
[  607.376350][T26460] bridge0: port 2(bridge_slave_1) entered blocking state
[  607.383497][T26460] bridge0: port 2(bridge_slave_1) entered forwarding state
[  607.390874][T26460] bridge0: port 1(bridge_slave_0) entered blocking state
[  607.397933][T26460] bridge0: port 1(bridge_slave_0) entered forwarding state
[  607.422065][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[  607.429753][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[  607.439755][T10294] veth1_macvtap: left promiscuous mode
[  607.445937][T10294] veth0_vlan: left promiscuous mode
[  607.512442][  T328] bridge0: port 1(bridge_slave_0) entered blocking state
[  607.519837][  T328] bridge0: port 1(bridge_slave_0) entered forwarding state
[  607.537622][  T328] bridge0: port 2(bridge_slave_1) entered blocking state
[  607.545069][  T328] bridge0: port 2(bridge_slave_1) entered forwarding state
[  607.573985][T26460] veth0_vlan: entered promiscuous mode
[  607.585876][T26460] veth1_macvtap: entered promiscuous mode
[  607.943439][  T305] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  607.991612][T26510] tipc: Started in network mode
[  607.997213][T26510] tipc: Node identity 4, cluster identity 4711
[  608.003498][T26510] tipc: Node number set to 4
[  608.027082][T26514] fuse: Bad value for 'fd'
[  608.103779][  T305] usb 7-1: Using ep0 maxpacket: 32
[  608.112200][  T305] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  608.123989][  T305] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  608.134474][  T305] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  608.149853][  T305] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.151352][T26523] netlink: 12 bytes leftover after parsing attributes in process `syz.8.9322'.
[  608.164941][  T305] usb 7-1: config 0 descriptor??
[  608.174816][  T305] hub 7-1:0.0: USB hub found
[  608.195847][   T36] audit: type=1400 audit(2000000389.261:68219): avc:  denied  { execute } for  pid=26524 comm="syz.0.9323" path="/dev/vhost-vsock" dev="devtmpfs" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  608.241873][T26529] /dev/md0: Can't lookup blockdev
[  608.390162][  T305] hub 7-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  608.499678][T17519] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  608.660984][T17519] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  608.670904][T17519] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  608.684908][T17519] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  608.694190][T17519] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  608.702368][T17519] usb 1-1: SerialNumber: syz
[  608.709165][T17519] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22
[  608.820787][  T305] usbhid 7-1:0.0: can't add hid device: -71
[  608.826913][  T305] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  608.852695][  T305] usb 7-1: USB disconnect, device number 17
[  609.246844][T26540] fuse: Bad value for 'fd'
[  609.377872][T26545] input: syz0 as /devices/virtual/input/input46
[  609.462386][   T46] usb 1-1: USB disconnect, device number 44
[  609.463356][T26549] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9333'.
[  609.679305][T10294] bridge_slave_1: left allmulticast mode
[  609.683664][T26556] overlayfs: missing 'lowerdir'
[  609.685024][T10294] bridge_slave_1: left promiscuous mode
[  609.685135][T10294] bridge0: port 2(bridge_slave_1) entered disabled state
[  609.704325][T10294] bridge_slave_0: left allmulticast mode
[  609.706003][T26556] SELinux:  policydb version 517395248 does not match my version range 15-33
[  609.713406][T10294] bridge_slave_0: left promiscuous mode
[  609.722296][T26556] SELinux: failed to load policy
[  609.730424][T10294] bridge0: port 1(bridge_slave_0) entered disabled state
[  609.731019][T26557] SELinux:  policydb version 517395248 does not match my version range 15-33
[  609.747154][T26557] SELinux: failed to load policy
[  609.926196][T26573] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9343'.
[  609.944952][T26553] bridge0: port 1(bridge_slave_0) entered blocking state
[  609.954266][T26553] bridge0: port 1(bridge_slave_0) entered disabled state
[  609.958374][T26578] netlink: 80 bytes leftover after parsing attributes in process `syz.4.9344'.
[  609.961490][T26553] bridge_slave_0: entered allmulticast mode
[  609.977430][T26553] bridge_slave_0: entered promiscuous mode
[  609.985003][T26553] bridge0: port 2(bridge_slave_1) entered blocking state
[  609.993409][T26553] bridge0: port 2(bridge_slave_1) entered disabled state
[  609.999405][T26583] binder: Unknown parameter 'fscontext?}'
[  610.001057][T26553] bridge_slave_1: entered allmulticast mode
[  610.014561][T26553] bridge_slave_1: entered promiscuous mode
[  610.021044][T10294] tipc: Left network mode
[  610.032481][T10294] veth1_macvtap: left promiscuous mode
[  610.045520][T10294] veth0_vlan: left promiscuous mode
[  610.046090][T26588] rust_binder: Write failure EFAULT in pid:28
[  610.189936][T26553] bridge0: port 2(bridge_slave_1) entered blocking state
[  610.204156][T26553] bridge0: port 2(bridge_slave_1) entered forwarding state
[  610.211505][T26553] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.219312][T26553] bridge0: port 1(bridge_slave_0) entered forwarding state
[  610.251121][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  610.259185][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  610.271790][  T328] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.279846][  T328] bridge0: port 1(bridge_slave_0) entered forwarding state
[  610.290354][  T328] bridge0: port 2(bridge_slave_1) entered blocking state
[  610.297641][  T328] bridge0: port 2(bridge_slave_1) entered forwarding state
[  610.332285][T26553] veth0_vlan: entered promiscuous mode
[  610.345842][T26553] veth1_macvtap: entered promiscuous mode
[  610.402405][T19901] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  610.574652][T19901] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  610.592884][T19901] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  610.602763][T19901] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  610.612083][T19901] usb 1-1: config 0 descriptor??
[  610.753433][T26604] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.760724][T26604] bridge0: port 1(bridge_slave_0) entered disabled state
[  610.768311][T26604] bridge_slave_0: entered allmulticast mode
[  610.774764][T26604] bridge_slave_0: entered promiscuous mode
[  610.781864][T26604] bridge0: port 2(bridge_slave_1) entered blocking state
[  610.789076][T26604] bridge0: port 2(bridge_slave_1) entered disabled state
[  610.796210][T26604] bridge_slave_1: entered allmulticast mode
[  610.803018][T26604] bridge_slave_1: entered promiscuous mode
[  610.873010][T26604] bridge0: port 2(bridge_slave_1) entered blocking state
[  610.880416][T26604] bridge0: port 2(bridge_slave_1) entered forwarding state
[  610.888302][T26604] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.895434][T26604] bridge0: port 1(bridge_slave_0) entered forwarding state
[  611.053488][T19901] usbhid 1-1:0.0: can't add hid device: -71
[  611.059653][T19901] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  611.068571][T19901] usb 1-1: USB disconnect, device number 45
[  611.204899][T10294] bridge_slave_1: left allmulticast mode
[  611.210601][T10294] bridge_slave_1: left promiscuous mode
[  611.216294][T10294] bridge0: port 2(bridge_slave_1) entered disabled state
[  611.224018][T10294] bridge_slave_0: left allmulticast mode
[  611.229897][T10294] bridge_slave_0: left promiscuous mode
[  611.235717][T10294] bridge0: port 1(bridge_slave_0) entered disabled state
[  611.315408][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[  611.322890][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[  611.348378][  T328] bridge0: port 1(bridge_slave_0) entered blocking state
[  611.355574][  T328] bridge0: port 1(bridge_slave_0) entered forwarding state
[  611.365406][  T328] bridge0: port 2(bridge_slave_1) entered blocking state
[  611.372490][  T328] bridge0: port 2(bridge_slave_1) entered forwarding state
[  611.399325][T26604] veth0_vlan: entered promiscuous mode
[  611.411950][T26604] veth1_macvtap: entered promiscuous mode
[  611.607365][T26627] syz.0.9363: attempt to access beyond end of device
[  611.607365][T26627] loop0: rw=0, sector=0, nr_sectors = 1 limit=0
[  611.620663][T26627] exFAT-fs (loop0): unable to read boot sector
[  611.626925][T26627] exFAT-fs (loop0): failed to read boot sector
[  611.633344][T26627] exFAT-fs (loop0): failed to recognize exfat type
[  611.729290][T10294] veth1_macvtap: left promiscuous mode
[  611.736943][T10294] veth0_vlan: left promiscuous mode
[  611.824379][   T10] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  611.952814][  T305] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  611.985957][   T10] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  611.996239][   T10] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  612.006095][   T10] usb 8-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  612.020551][   T10] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  612.030087][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  612.038850][   T10] usb 8-1: Product: syz
[  612.043186][   T10] usb 8-1: Manufacturer: syz
[  612.047801][   T10] usb 8-1: SerialNumber: syz
[  612.123566][  T305] usb 6-1: Using ep0 maxpacket: 8
[  612.131428][  T305] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  612.140819][  T305] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.150805][  T305] usb 6-1: config 0 descriptor??
[  612.674289][T26637] SELinux:  policydb version 905587468 does not match my version range 15-33
[  612.683309][T26637] SELinux: failed to load policy
[  613.220805][   T10] cdc_ncm 8-1:1.0: bind() failure
[  613.226485][T26623] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  613.236978][   T10] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found
[  613.241800][T26623] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  613.246021][   T10] cdc_ncm 8-1:1.1: bind() failure
[  613.343808][  T477] usb 8-1: USB disconnect, device number 10
[  613.366897][T26664] netlink: 12 bytes leftover after parsing attributes in process `syz.7.9376'.
[  613.401408][T26670] netlink: 80 bytes leftover after parsing attributes in process `syz.0.9379'.
[  613.433900][T26672] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65381 sclass=netlink_route_socket pid=26672 comm=syz.0.9380
[  613.448220][   T36] audit: type=1400 audit(2000000394.172:68220): avc:  denied  { write } for  pid=26671 comm="syz.0.9380" name="file0" dev="tmpfs" ino=173 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  613.471422][   T36] audit: type=1400 audit(2000000394.172:68221): avc:  denied  { open } for  pid=26671 comm="syz.0.9380" path="/30/file0" dev="tmpfs" ino=173 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  613.823758][  T305] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  613.836791][  T305] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[  613.839740][T26689] rust_binder: Write failure EINVAL in pid:29
[  613.848053][  T305] asix 6-1:0.0: probe with driver asix failed with error -71
[  613.866704][  T305] usb 6-1: USB disconnect, device number 38
[  614.183650][T26695] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9388'.
[  614.212138][   T36] audit: type=1404 audit(2000000394.892:68222): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  614.245679][   T36] audit: type=1400 audit(2000000394.920:68223): avc:  denied  { read } for  pid=26696 comm="syz.4.9389" dev="nsfs" ino=4026532590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  614.283982][   T36] audit: type=1400 audit(2000000394.948:68224): avc:  denied  { read write } for  pid=26438 comm="syz-executor" name="loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  614.310330][   T36] audit: type=1400 audit(2000000394.957:68225): avc:  denied  { create } for  pid=26698 comm="syz.4.9390" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=0
[  614.341064][   T36] audit: type=1400 audit(2000000395.004:68226): avc:  denied  { read write } for  pid=26438 comm="syz-executor" name="loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  614.371620][   T36] audit: type=1400 audit(2000000395.032:68227): avc:  denied  { unlink } for  pid=26392 comm="syz-executor" name="file0" dev="tmpfs" ino=173 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=0
[  614.414199][T26703] audit: audit_backlog=65 > audit_backlog_limit=64
[  614.418402][   T36] audit: type=1400 audit(2000000395.060:68228): avc:  denied  { read write } for  pid=26553 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  614.679225][  T328] bridge_slave_1: left allmulticast mode
[  614.685046][  T328] bridge_slave_1: left promiscuous mode
[  614.691015][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[  614.698594][  T328] bridge_slave_0: left allmulticast mode
[  614.704434][  T328] bridge_slave_0: left promiscuous mode
[  614.710165][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[  614.903332][  T328] tipc: Left network mode
[  615.021744][  T328] veth1_macvtap: left promiscuous mode
[  615.027393][  T328] veth0_vlan: left promiscuous mode
[  618.833432][   T36] kauditd_printk_skb: 131 callbacks suppressed
[  618.833452][   T36] audit: type=1400 audit(2000000399.204:68358): avc:  denied  { read write } for  pid=26759 comm="syz.4.9414" name="binder1" dev="binder" ino=34 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=0
[  618.853643][T26763] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9412'.
[  618.878857][   T36] audit: type=1400 audit(2000000399.223:68359): avc:  denied  { execmem } for  pid=26758 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
[  618.906929][   T36] audit: type=1400 audit(2000000399.223:68360): avc:  denied  { create } for  pid=26760 comm="syz.5.9412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=0
[  618.931731][   T36] audit: type=1400 audit(2000000399.223:68361): avc:  denied  { read write } for  pid=26760 comm="syz.5.9412" name="binder1" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=0
[  618.960380][   T36] audit: type=1400 audit(2000000399.223:68362): avc:  denied  { create } for  pid=26760 comm="syz.5.9412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=0
[  618.982973][   T36] audit: type=1400 audit(2000000399.223:68363): avc:  denied  { create } for  pid=26760 comm="syz.5.9412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=0
[  619.007151][   T36] audit: type=1400 audit(2000000399.223:68364): avc:  denied  { create } for  pid=26760 comm="syz.5.9412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=0
[  619.027802][   T36] audit: type=1400 audit(2000000399.223:68365): avc:  denied  { create } for  pid=26760 comm="syz.5.9412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=0
[  619.048923][   T36] audit: type=1400 audit(2000000399.223:68366): avc:  denied  { create } for  pid=26760 comm="syz.5.9412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  619.069406][   T36] audit: type=1400 audit(2000000399.251:68367): avc:  denied  { read write } for  pid=26759 comm="syz.4.9414" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[  624.571441][   T36] kauditd_printk_skb: 57 callbacks suppressed
[  624.571462][   T36] audit: type=1400 audit(2000000404.573:68425): avc:  denied  { read write } for  pid=26604 comm="syz-executor" name="loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  625.361592][   T36] audit: type=1400 audit(2000000405.322:68426): avc:  denied  { execmem } for  pid=26801 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
[  625.393998][   T36] audit: type=1400 audit(2000000405.322:68427): avc:  denied  { create } for  pid=26804 comm="syz.4.9429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=0
[  625.415495][   T36] audit: type=1400 audit(2000000405.322:68428): avc:  denied  { read write } for  pid=26438 comm="syz-executor" name="loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  625.439998][   T36] audit: type=1400 audit(2000000405.340:68429): avc:  denied  { read write } for  pid=26808 comm="syz.4.9430" name="binder1" dev="binder" ino=34 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=0
[  625.463621][   T36] audit: type=1400 audit(2000000405.340:68430): avc:  denied  { create } for  pid=26808 comm="syz.4.9430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  625.483548][   T36] audit: type=1400 audit(2000000405.340:68431): avc:  denied  { create } for  pid=26808 comm="syz.4.9430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[  625.504616][   T36] audit: type=1400 audit(2000000405.340:68432): avc:  denied  { read } for  pid=26808 comm="syz.4.9430" dev="nsfs" ino=4026532590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  625.526593][   T36] audit: type=1400 audit(2000000405.340:68433): avc:  denied  { read } for  pid=26808 comm="syz.4.9430" name="binder0" dev="binder" ino=33 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=0
[  625.551808][   T36] audit: type=1400 audit(2000000405.340:68434): avc:  denied  { create } for  pid=26808 comm="syz.4.9430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  628.735728][T26827] netlink: 'syz.5.9434': attribute type 27 has an invalid length.
[  628.766334][T26827] bridge0: port 2(bridge_slave_1) entered disabled state
[  628.773642][T26827] bridge0: port 1(bridge_slave_0) entered disabled state
[  630.559766][   T36] kauditd_printk_skb: 33 callbacks suppressed
[  630.559788][   T36] audit: type=1400 audit(2000000410.176:68468): avc:  denied  { execmem } for  pid=26834 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
[  630.594311][   T36] audit: type=1400 audit(2000000410.176:68469): avc:  denied  { create } for  pid=26835 comm="syz.5.9437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=0
[  630.615290][   T36] audit: type=1400 audit(2000000410.186:68470): avc:  denied  { write } for  pid=26838 comm="syz.7.9438" name="binder0" dev="binder" ino=27 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=0
[  630.638706][   T36] audit: type=1400 audit(2000000410.195:68471): avc:  denied  { read write } for  pid=26553 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  630.663090][   T36] audit: type=1400 audit(2000000410.195:68472): avc:  denied  { read } for  pid=26840 comm="syz.5.9440" name="binder0" dev="binder" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=0
[  630.686104][   T36] audit: type=1400 audit(2000000410.195:68473): avc:  denied  { read } for  pid=26840 comm="syz.5.9440" dev="nsfs" ino=4026532294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  630.707679][   T36] audit: type=1400 audit(2000000410.195:68474): avc:  denied  { create } for  pid=26840 comm="syz.5.9440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  630.727540][   T36] audit: type=1400 audit(2000000410.195:68475): avc:  denied  { create } for  pid=26840 comm="syz.5.9440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[  630.748348][   T36] audit: type=1400 audit(2000000410.195:68476): avc:  denied  { create } for  pid=26840 comm="syz.5.9440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=0
[  630.768002][   T36] audit: type=1400 audit(2000000410.204:68477): avc:  denied  { read write } for  pid=26553 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  636.733262][   T36] kauditd_printk_skb: 27 callbacks suppressed
[  636.733284][   T36] audit: type=1400 audit(2000000415.948:68505): avc:  denied  { execmem } for  pid=26865 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
[  636.763187][   T36] audit: type=1400 audit(2000000415.957:68506): avc:  denied  { read write } for  pid=26866 comm="syz.5.9448" name="binder1" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=0
[  636.787080][   T36] audit: type=1400 audit(2000000415.957:68507): avc:  denied  { read write } for  pid=26868 comm="syz.7.9449" name="uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=0
[  636.812638][   T36] audit: type=1400 audit(2000000415.957:68508): avc:  denied  { name_bind } for  pid=26866 comm="syz.5.9448" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=0
[  636.835921][   T36] audit: type=1400 audit(2000000415.957:68509): avc:  denied  { mounton } for  pid=26868 comm="syz.7.9449" path="/25/file0" dev="tmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=0
[  636.870545][   T36] audit: type=1400 audit(2000000415.957:68510): avc:  denied  { read write } for  pid=26867 comm="syz.4.9450" name="binder1" dev="binder" ino=34 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=0
[  636.900905][   T36] audit: type=1400 audit(2000000415.957:68511): avc:  denied  { create } for  pid=26867 comm="syz.4.9450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  636.957735][   T36] audit: type=1400 audit(2000000415.957:68512): avc:  denied  { create } for  pid=26867 comm="syz.4.9450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=0
[  636.991102][   T36] audit: type=1400 audit(2000000415.957:68513): avc:  denied  { create } for  pid=26867 comm="syz.4.9450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  637.032574][   T36] audit: type=1400 audit(2000000415.985:68514): avc:  denied  { write } for  pid=281 comm="syz-executor" path="pipe:[2982]" dev="pipefs" ino=2982 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=0
[  637.208255][T10294] bridge_slave_1: left allmulticast mode
[  637.214129][T10294] bridge_slave_1: left promiscuous mode
[  637.219889][T10294] bridge0: port 2(bridge_slave_1) entered disabled state
[  637.227621][T10294] bridge_slave_0: left allmulticast mode
[  637.233386][T10294] bridge_slave_0: left promiscuous mode
[  637.239056][T10294] bridge0: port 1(bridge_slave_0) entered disabled state
[  637.546830][T10294] veth1_macvtap: left promiscuous mode
[  637.552393][T10294] veth0_vlan: left promiscuous mode
[  638.294933][T10294] bridge_slave_1: left allmulticast mode
[  638.301230][T10294] bridge_slave_1: left promiscuous mode
[  638.307351][T10294] bridge0: port 2(bridge_slave_1) entered disabled state
[  638.315053][T10294] bridge_slave_0: left allmulticast mode
[  638.321079][T10294] bridge_slave_0: left promiscuous mode
[  638.327365][T10294] bridge0: port 1(bridge_slave_0) entered disabled state
[  638.336727][T10294] bridge_slave_1: left allmulticast mode
[  638.342872][T10294] bridge_slave_1: left promiscuous mode
[  638.348705][T10294] bridge0: port 2(bridge_slave_1) entered disabled state
[  638.356841][T10294] bridge_slave_0: left allmulticast mode
[  638.362795][T10294] bridge_slave_0: left promiscuous mode
[  638.368485][T10294] bridge0: port 1(bridge_slave_0) entered disabled state
[  638.744244][T10294] veth1_macvtap: left promiscuous mode
[  638.749891][T10294] veth0_vlan: left promiscuous mode