last executing test programs:

8.219434098s ago: executing program 3 (id=1384):
openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x71fec0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e)
keyctl$link(0x8, 0x0, 0x0)
r1 = openat$incfs(r0, &(0x7f00000001c0)='.pending_reads\x00', 0x2280, 0x10)
open$dir(&(0x7f0000000540)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4100, 0x0)
renameat2(r1, 0x0, r0, &(0x7f0000000340)='./file1\x00', 0x7)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)}]}}], 0x1, 0xc0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'sit0\x00', <r6=>0x0})
sendto$packet(r5, &(0x7f00000002c0)="05031600d3fc140000004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x86dd, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
ioctl$GIO_CMAP(0xffffffffffffffff, 0x4b70, 0x0)
creat(&(0x7f0000010280)='./file0\x00', 0x182)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
mount$fuseblk(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f0000000240), 0x28440e4, &(0x7f0000000280)={{'fd', 0x3d, r7}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@default_permissions}, {@default_permissions}, {@default_permissions}]}})
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f3, &(0x7f0000000000)={'erspan0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x7800, 0x10, 0x9, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x67, 0x0, 0x0, 0x29, 0x0, @remote, @loopback}}}})
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
r8 = syz_open_dev$loop(&(0x7f0000000140), 0x7236, 0x80044)
ioctl$LOOP_SET_BLOCK_SIZE(r8, 0x4c09, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x5, 0x7, 0x4000000000000e51, 0xfffffffffffffffe, 0x5479, 0x1035, 0x200000000006, 0x0, 0x5, 0xfffffffffffffffc, 0xffffffff, 0xbf4, 0xfff, 0x808000000000005, 0x800000068], 0x2000, 0x80cd4})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

8.120546411s ago: executing program 3 (id=1385):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)={0x30, 0x13, 0x1, 0x2, 0x25dfdbf6, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\x13\x00\x00'}, @typed={0x8, 0x3fff, 0x0, 0x0, @fd}, @nested={0x10, 0x1a, 0x0, 0x1, [@nested={0x9, 0x0, 0x0, 0x1, [@generic="cec654a2c5"]}]}]}, 0x30}], 0x1}, 0x0) (async)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000280)={0x1, &(0x7f0000000100)=[{0x6, 0xfc, 0x0, 0x7fff0000}]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x83, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
close(0x4) (async)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f00009c8000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, 0x0}], 0x1, 0x6e, 0x0, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000000)=0x20)
ftruncate(r5, 0xf09)
getsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0x7, &(0x7f0000000000)=0x1, &(0x7f0000000040)=0x4) (async)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x1c0102, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
close_range(r1, 0xffffffffffffffff, 0x0)

7.982250006s ago: executing program 3 (id=1386):
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f0000000140)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)}]}}], 0x1, 0xc0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x8, 0x7, 0x4000000000000e51, 0xfffffffffffffffe, 0x5479, 0x1035, 0x200000000006, 0x0, 0x5, 0xfffffffffffffffc, 0xffffffff, 0xbf4, 0xfff, 0x808000000000005, 0x800000068], 0x2000, 0x80cd4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7.938299217s ago: executing program 3 (id=1387):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x101901, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0x971})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000700)={0x1, 0x0, [{0x0, 0x2, 0x1, 0x0, @adapter={0x10, 0x62e98893, 0x7ff, 0x9, 0x2}}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_usb_connect$uac2(0x5, 0x7b, &(0x7f0000000040)={{0x12, 0x1, 0x111, 0x0, 0x0, 0x0, 0x20, 0x1a86, 0x752d, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x69, 0x3, 0x1, 0x80, 0x80, 0x9, {0x8, 0xb, 0x41, 0x1, 0x1, 0x6, 0x20, 0x2e}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x20, 0x0, {{0x9, 0x24, 0x1, 0x4, 0x8, 0x9, 0x2}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0x5, 0xc9, 0x5, {0x8, 0x25, 0x1, 0x181, 0x3f, 0x3, 0x2}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x400, 0x1, 0x1, 0xe, {0x8, 0x25, 0x1, 0x3, 0xf, 0x3, 0x69}}}}}}}}]}}, 0x0)
r3 = syz_ublk_setup_io_uring(0x33ba, &(0x7f00000000c0)={0x0, 0x98e7, 0x40, 0x2, 0x226}, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0))
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xefff}, 0x6)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf)
syz_usb_connect$uac2(0x0, 0x7b, &(0x7f0000000080)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x2b73, 0x13, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x69, 0x3, 0x1, 0xb, 0x20, 0x40, {0x8, 0xb, 0x0, 0x1, 0x1, 0x4, 0x20, 0x81}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x20, 0x0, {{0x9, 0x24, 0x1, 0x5, 0xb, 0x9, 0xc}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x200, 0x5, 0x5, 0x9, {0x8, 0x25, 0x1, 0x80, 0xc, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0xd, 0x3, 0x40, {0x8, 0x25, 0x1, 0x83, 0x6c, 0x4, 0xb6}}}}}}}}]}}, 0x0)
ioctl$TCFLSH(r5, 0x400455c8, 0x0)
syz_ublk_setup_io_uring(0x2e04, &(0x7f0000000200)={0x0, 0x43a5, 0x4, 0x0, 0x4a, 0x0, r3}, &(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300))

4.408470219s ago: executing program 3 (id=1418):
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NFNL_MSG_CTHELPER_DEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x58, 0x2, 0x9, 0x401, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFCTH_TUPLE={0x38, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @private=0xa010100}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x20}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xfff}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40}, 0x8000080)
r1 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000000000105804105000000000000109022d00010700000009040005050300000009210002080122940309058103"], 0x0)
syz_usb_control_io(r1, &(0x7f00000004c0)={0x2c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYRESHEX=r1], 0x0, 0x0}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000001c0)={'\x00', 0x824403d2e3bc09e9})
syz_usb_connect$uac1(0x5, 0x108, &(0x7f0000000500)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x8, 0x1235, 0x8201, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xf6, 0x3, 0x1, 0x1, 0x30, 0x9, "", {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x4, 0x2c}, [@selector_unit={0x7, 0x24, 0x5, 0x2, 0xff, '*O'}, @extension_unit={0x9, 0x24, 0x8, 0x3, 0xf349, 0x9, "9717"}, @mixer_unit={0x9, 0x24, 0x4, 0x6, 0xb, "36a380c5"}, @output_terminal={0x9, 0x24, 0x3, 0x1, 0x303, 0x6, 0x3, 0x5}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_ext={0x9, 0x24, 0x2, 0x1, 0x7, 0x9, 0x97, 0x0, 0xff}, @format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x55e, 0x4, 0xbb, 0x6}, @as_header={0x7, 0x24, 0x1, 0x9, 0x3}, @format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0xd, 0x7, 0x6, 0x8}, @format_type_i_ext={0x9, 0x24, 0x2, 0x1, 0x5, 0x2, 0x0, 0x3}]}, {{0x9, 0x5, 0x1, 0x9, 0x400, 0x33, 0x3, 0x4, {0x7, 0x25, 0x1, 0x0, 0xa1, 0xbef7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x4, 0x4, 0x3, 0x5, "b771"}, @format_type_ii_discrete={0x11, 0x24, 0x2, 0x2, 0x2, 0x81, 0x4, "f6ea0ae82457fd8d"}, @format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x3, 0x3, 0xfb, 0x6, "9c2b", 'Bh'}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x6, 0x2, 0x72, 0xfe, "", "999876"}, @format_type_i_ext={0x9, 0x24, 0x2, 0x1, 0x6, 0xc9, 0x1, 0x9, 0x8}, @format_type_i_discrete={0xc, 0x24, 0x2, 0x1, 0x0, 0x2, 0x8, 0x9, "2ac37860"}]}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x9, 0x3, 0x0, {0x7, 0x25, 0x1, 0x4, 0x7, 0x1}}}}}}}}]}}, &(0x7f0000000880)={0xa, &(0x7f0000000640)={0xa, 0x6, 0x110, 0x7, 0x5, 0x2, 0x40, 0xe9}, 0x5, &(0x7f0000000680)={0x5, 0xf, 0x5}, 0x4, [{0x4, &(0x7f00000006c0)=@lang_id={0x4, 0x3, 0x83e}}, {0x4, &(0x7f0000000700)=@lang_id={0x4, 0x3, 0x180c}}, {0xe3, &(0x7f0000000740)=@string={0xe3, 0x3, "1cd4be6731fabe71003abfce0122da57c77db0a8d940208e494fb63116a2e2054e2b2b2fabd0a8c77a7b6dc1a83bd7f5b735d2558e40f896b342e27d069291e4452cf4d31bdd665982bc7e1fca71210709eaa6c2249ef48f15cd3af9043650dd766da4d7a7db01e67d2f9a08029eb12ee3fc45d4178e4a83e44c339c84abf45c74570686162d6b9bc5f35a3263f12be0a8b38611a6a6edfaffc1acb73f99584018386e61bc97802fb818c3010ab9d5a03ce6a95af71b387cebe02187a8965ed9e15deb568168db3e9e7c895799cc7ddcb7af0dc38176e4dd12cc372f2be9b85042"}}, {0x4, &(0x7f0000000840)=@lang_id={0x4, 0x3, 0x2801}}]})
syz_usb_control_io$hid(r1, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x7, 0x1, 0x2, 0x10, 0x3f0, 0x4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x0, 0x0, 0xd2, "", [{{0x9, 0x4, 0x0, 0xdc, 0x2, 0x0, 0x0, 0x0, 0xff, "", {{{0x9, 0x5, 0x1, 0x2, 0x10, 0x6, 0x3, 0x20}}}}}]}}]}}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})

2.639775946s ago: executing program 3 (id=1431):
syz_usb_connect$uac2(0x0, 0x7b, &(0x7f0000000000)=ANY=[@ANYRES8=0x0], &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x4, [{0xdc, &(0x7f0000000140)=@string={0xdc, 0x3, "65630d9485622fdd207a4e15c5a81b8298cc3b2a7ed49d3df419067374b42a84dc3cfafd19a1c565caf3733b8e47a27de0f0635b6f7e5467460dd8cb8f5f38ec11875d22f6985cea48946bf8a704a01abaa6e0bb80ff36829c512cac3e588d5efa26954016ab38458fab303a075e9122d98bb223fd690cf8cca171c3435a66068e841ef759525081a80f9e539510626276f1a0cd1e9e0976a719437bf845e5dd3a6a7c2a3538140cb034e7288308bf74ca40d05a6a1472b2120bbd1ca17583ccfe6c06d4cdd30bd004a4af54a4796589716fcb6af363356bc11a"}}, {0x28, &(0x7f0000000240)=@string={0x28, 0x3, "6aee4f6e74c831433b622f8b103edb4b6309d7223b95c8e537c64238d09af37f95da780e79c2"}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x827}}, {0xa6, &(0x7f00000002c0)=@string={0xa6, 0x3, "15f45966da749e9d78b60eafcc4a9b8f0a0447742782b46773469b35d771b1a2f1c800bc09621d515dfcb3b51a4c1be32096e8512fd97ca1d7dc42ba505a95bffe5d8f5b2c74905f8a8d4612fa1edb96e51ea93701da47da9b603248a5139acec7e60f3b80c807fe4524b335d174de5b9cafda79111ee48f2dc925d24b1d819d8febb8cce3f81490c4bd2f3394e6e32521befa70a3ed70a6c900902ed52425794db7ae9b"}}]})
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xde, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x90, 0x0, "", [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x6, 0x0, {0x9, 0x21, 0x25, 0x0, 0x1, {0x22, 0x28}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xa, 0x8, 0xc2}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
lseek(r1, 0x1, 0x1)
getdents64(r1, &(0x7f00000020c0)=""/54, 0x36)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$UI_BEGIN_FF_UPLOAD(r2, 0xc06855c8, &(0x7f00000000c0)={0x3, 0x0, {0x51, 0x5, 0x2, {0x9, 0x7ff}, {0xdbb, 0x1}, @cond=[{0x1, 0x1, 0x6, 0x6, 0x43, 0x9}, {0xd, 0x508, 0x9, 0x4, 0x3, 0x5}]}, {0x57, 0x10, 0x14, {0x2fb4, 0x200}, {0x3, 0xfffa}, @rumble={0x2, 0x1}}})
syz_usb_control_io(r0, &(0x7f0000000480)={0x2c, &(0x7f00000000c0)={0x0, 0x30, 0x28, {0x28, 0xe, "c706291d6cbcb6ee151807c9013e0fbdc09670e197f77a7f2c48bcb200083f406fd7efdccf8b"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
creat(&(0x7f0000000080)='./file0\x00', 0x30)

2.553300989s ago: executing program 1 (id=1434):
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
read(r1, &(0x7f0000000540)=""/158, 0x9e)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_MMIO(r0, 0x20, &(0x7f00000004c0)="9266b789d2a124c788f903c38e5f6d010600de5d1cb86feb", 0x0, 0x18)
ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000140)={{&(0x7f0000ffb000/0x1000)=nil, 0x1000}, 0x0, 0x100000000000000})

2.50909516s ago: executing program 0 (id=1436):
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc2fc}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000000)=[@timestamp, @window={0x3, 0x800, 0x5}, @window={0x3, 0x87}, @mss={0x2, 0x800fff}], 0x4)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)='&D', 0x2, 0x4004804, 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x20b, 0x2})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000007c0)=[@text32={0x20, 0x0, 0x61}], 0x1, 0x55, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2.430121083s ago: executing program 1 (id=1437):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
getgroups(0x2, &(0x7f0000000000)=[<r1=>0x0, <r2=>0x0])
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000001c0)=ANY=[@ANYRES8=r1, @ANYRES8=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c678e6f757000040000", @ANYRES8=r3])
read$FUSE(r3, &(0x7f000000c200)={0x2020, 0x0, <r4=>0x0, <r5=>0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000100)={0x50, 0x0, r4, {0x7, 0x2b, 0x0, 0x50480240, 0x0, 0x61c6, 0x7, 0xa15, 0x0, 0x0, 0x10, 0x2}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f0000004200)="0aca6c6a1bafd2989666a6014bd5e9e63945bda64c1239d970f0d349110c18fe029ac3e29dc9ff9ead2ed3cef0fe77ef8348a82d3da186ce2140d53dfeb34dc1e128dca5a5225db8052bd348c2d1a3de224233032fff8b85c85885c90e9d0c205001db3dfc55d17a7dab1761c1733c465113c056d3bcbaf6a52dbda820a1db5e7d777f6c716e5f60b04cc1c6a362d891cb08fa109c5a00e427f8636059d934f255021cf13d2bc9cff93f049018b8e48f6480d324f08eb83655d3eb5a379ec18c861f596db17bcc23ada65f26a02c4c0c9e3167cc582e93661cdd0dc7581ac1958d9cd08104af251d87d8b5d82150b8cc4ca6d23475f259a8b7d69839cf728a6c478eec56135bdfc6428a318cf2b838d16984d0498d33ac41fe67361bdf5752db6a5ae32979463b60ad6b99527affdcb2b4a0f23b2f140c981b00c99cd25d563ff6c3308b048371eb2e599880a2b67ef9a2282947dbb23a3f1944193a801187f206587a52ee7a33032a842b31fcc0db079c554c97a09e3812aea45702099ab648888d08ae48a187a5acee7b9a2edbc320c64514554e540286053dd2acb9f9ec83435f43193b45b324c8406cdf976bc7607cf9385e99bf5f5205110d0c27abcac49e7ec7deef560f953d2c64bfd014ddcb1b2cbccbe401a312436799235807f4fdf52a9f894656fcbe1e971163e8d743450c49875379522df77d5e8910df837701d135f4589d4d15355e1638eff568a18a0d6217a11acf8fdf0fed0216635215d248aff37d85b62edbc989bc6d4757e6347ec971ae2b1e0d194e6c11dd8f7c108219569e157eceb7c14a288aad98a24de9a81f9ba1dd5271c17adfdf41f3393789c30f9345f6ad4ad1a6bf46640f69f7c038c4fec6652853a3f4fece3c3d15bfdea15f37e961a03de54181724801808a3a9030ba4650ce6fa9e6822c794d7b9da548a2eab977ab0c08b2d985957d5cd70ec677637219c6ca7c7c4d0a7a7ca38c1862583735b46b3addfd1c72cf7f63f11bd85ed59b9ba94db5c2fbd48461ab735b439a992e3a4462545e042e3c863199c006ef3a3be4473b24b782f86a3c1dca9848283bc47f4322273681efa1c8c413dc81a459e4e755846a094971708eb7f428aa67d0c81ce7f33d856e13a342b05eb403af7b4cab191c4ab9d650158808ec74d04f4b765e513b94f10345322e48485d29eb8b1408d7776f98e3625a20220e94789476affdbd19b44bac6bd2fa2b0ba10e93582178a3ef4938dcda25bc6245621b1ced780ca089010e8e51493c1ac7747e949b67fe6e3858e60a1e45a657c080fdc0bcbfcac2ba9d027f02ce30cc7440ce71eac66bb2eb264dcb1306a6054fde6640ca51ec4ccaf500a87f073b58ab286daeefd8d3ec7ee882551f7b6a36ab79a8e10d1d3c234ffaa33e95026025cc39a057efe7823dcb689131b1e83572b4dd1f49097580976c046424618fd6047d46928087d483df952738448d164c9288b15a4982493bf7ebc1976d0942846c8310556732b4cabff937a51e926caa37ae54dea339c2a2a8d73be2ca3a39edcb4ef8bd58a3c4c98c48b9f37a1424b6a54919921d4429611d0dd585d1d357c3c1ad1cf68f36907f8d9c28a14ec2cf2510fe54510111ddd7a67fb8d2f449227da397c32b8dca19971ab9d76e1f6ce0c54c9de1cb1daa1936b62f838170b8b6e7f34168a099619a113c83347ce2c0f6086855385062b6e074b68391e59430236f9ec687a265072f7a40efbef3cfe5bc1cfb364d87a597507811d2bf6af59e20fcf4703caa63285decabcc367ccfb8e27efecb14db8b1167938f457d4117c62f440d807b5482bb223b4b14e9526f9ede33631cdf9fcab53b3fbebc9344ab130d793dad610f2fe41ef388acaebd6cf26aedf7c7c6aaee956cf92c14583bd45b189d43f7b44419df1e0adecc8fbedb357656b7649721f81c2207ebb37e3ae21bdce8c982cbbdec012c7fe587161ff741610fb8ea5883c758527873ca2197b5f1058083c40203cc4dbdf7f4f1388f2309d22a6a1767137703296ad3aeabdbb3529a290da9c6cc5631b2f1ad25c766e3cbd8d9f588bafd17495f572bf1cfe1e8b5bb22130963cca8832f846300bb6dc0baec85b500e1a48fdd14cf0442fe4d441821d7e46fb5e2220c96bfb16ab8ca883a4477bc756dfc6622f320a648cfb57f9de9aef33f9986c6517d1a7eb59348541d6d3494ebe7bc1ed4a86f06411491d176da36de8c8a8d8ea28928bda63fe863277e4325b756421d4d2042428250ed526e538fb930671e9ad517aac494a58aecbc908b512016fe4d8f60b576e230b3206a0c7bd4fef717a8cda0029d13ecc3c8f8686f717adc1440353c236aa71f842839c5ce92c83fbfb57b221271aa6f4029219c3c2ed7a3a53d8ff065ce30d403c95cf69e7963d5bfb63bccb5b28ca125f0d7094072273ce3108093d0ff83ab98393b8e9a87117f4933a8c8ecf353931da3b8dacb20685a65dd865bd6031cd2b0b7e237901c782c6e6ea8742e89dbb01eb925dd6e74c53bd28d3c424cee35eb29823f2138b92516075e00342fa4dbc5b27675a651032c8ffb3da6c5349d0f9b2779778d0cfa1c8d4cc34d4fe95fc435e4768e93d56d2c142f25df1b9afa7d103486842372b36261b96b7b3acc0e78ff20a535ed515ace0cf3300168a7ef42d6bd511c019d0ccd7599ba70cbabc95f34a052fe9d6f97b49dc1cde40d5ebf305797d7d572a61cd38a0cf85f28c5d018648b769327bd9559722d5422754f26c9e5439b42bedf34e31bbc845b99ce315eeeb0383fb3ae021084cedcd843b86831c78441ccc0d2c23de528e53cff785816a3a3d99b4a4684df9546a285203bb615eb480fa8385e90226b27b39a7d50c83babf5ba890da1a8848ba372971347dc34b76370544feb183b9292043f2ef072b69bcff45b1917c073222d50bd585f2173bdae673198b95b67f8387f6d2b2934597c5ce165fd420ddcc01d29d71d532b5d127afc98657845230e363cbb9ecc05b247996ecbfce0e8215ec7dc5e9be115de2e7ebe8fe3e191f455d244ad1ce75c828a2adbbe509589f389936e62dfd1ecdef105162d357cfb22412b64570dcb04fe18bbbe5518985d7316a75a19a16a482105b7fac923e1eefd780d036ccc39e3cc53d2002ccd10004be1694be4110fb062110e1a44ba88acfa282d9c7cdae0cb55f48f7caa3c324d9f52265d21606a20779accdc9f69dd0fc49e4bc2c49891e526561569abe5673533c8a9b6a3004c809d3f7452b02787047d4442df3f4cc5d47e5aa73b7994c113541ea312970f2e741d4fd50a83f5a0293fbd56d619aa4bb3b491606642fcb922b5ccd6bedb442e450609343e18f61abb3a4b2fc69e06a72edc7bcba0da06da3e80f59b737f088d01f0dbcad89003b505fe29bdc8118e3fbcdb90a4f464e0e70d20f093790ae1b9f6f8a904a268cb4bb116404de1bd4c3f9522c36893a902a3a90f52670b7ff2074815329f3fe2c8ccfabe2d812394e6b0e34741abece71b7db0fbf0a80e6c13bc7bba89a4ee01cad9dd76e49cd91690db6fe402640db8b3523c49bcf611a9da991123edcb64ef505906d8ab4b8586e631828402105f045cff3681f2f36e3713be5bcb6af157278b194a51f04d04507231aa6f4d77b4065f2a97894c201b23f7b5f79b029c74fc4c57fff87c03e01210674417c1297155ca7a7fbe855fdcf65561619ffca0099fa08ddc8ddd7f713b2b0c6af0fcc4bd4cba9e9f47debdc6d9e6e2dce63fec20efc51e15d013fadba2707a449dbfd025f1a7c329282c797b2071afb37a89f8d58c1e3b4f06586f00a433161373548b699fabd92771346a25ff10789ca89cbf00f92248c6b8468f22aa4cf7ba90aea16a3cc2b1ee598609dfbe75fb8e11c5003ad0c9ac7205cd35552a53703f06e465633f9653cd670952feb9e77db960ea18914235af757e75204d1f74de9829dfac217d87aecc1c80066426f12e52883bfcd982e54bfdae8ef55f3b70f78bae9e6a1e24388c642cba3b3215602294bb7d68bb6f8e0b24c0b6e99df504c30beb2a7f47b02f9af6511eda25407c30dfdee39ec8db32d93e1e09472474883a87b7b4664bef06d5c0a43793237187acaaa9654f74e5d3bf1ce389befc139fba61378e7b66b4b0d87334732592ebd0e4989373ca541b92d003e67e0292256c256344dbf03ad24540f11cdc174b45d3781c1da793a460ba671373a0fa082ba63f5418733c9907d360c9bc54ba0e2b374de7965a87316df1c7af17164e1b6dfe32d71fb5ba641bb8d6cd6299473f37e44a69e90a87cd2f8a486a0db4eb104bf87d9f7cc87dc294e6debec7e5819f3f26bdf4cac91f8ee94a826df99da39a4bd6d476943428e3f5009546ee569d6273f7ecb115538c6ce8fe150249c89452c2f0cf0796208a216fc2cb55e1b6c892778f15e7f8b78e6e97093572a29ca3600c72feb4e1ef42a225da695b3111777f3833e306f2a90b8ed6095127b0f13be495a3321bf8201955d40f6b486904a4e1f4c9965563d30277b30cb0d1ef375338a25314fc5abce41f1e95118e89455af9e786cdc460e4e48fda5f21cece9b4e5276523d6919e165df5efe59aff13067d3ef0e82259305942b5f25e831dcb72f5c7fa67ceba7678078d8311aefdc91916f8c1db2ac61188b46825707dd26d29aec734df8bebd7474277908b2ba9e77daea20c395253b3cc876e5dcac960556072bec36e14da26c335b509a38dbf3037d620f4765e63b946ef8ada1729b1323acc8b5e436f3967ab7cc033ccb7d0c9cc74d3a3faa2ff2afb1cd571e3749cb0203e70756273fc6a4d80cf646d551f3a801ca513ac587f0ddc8c58870d817ea2671b2ef30be91a45dc730c6636e7de2ec235044b837ed9861dc89e4df342cff52a29ae6b8d5817fe31bb3a74d0202efca5d94b4d232f3dff885bf52f8d43097d069ce81220e8578c630d496b01fc60562bfbfda22fce6ce68564ab31d1a3d38af2d7b73a970b9b30f6c48dc38991da402491b2d643e0f5e71bb9c0aa834006ddf24b7dbb180f68751535d8cc34823ba3d1ddfbfeb6a15655118d4e1e11b255b998006906017ad9978d6cf4a45a669eabf653363391e77a82a9da14d184a50f1421eeb61411e859cf6f98ab0846ed5345b63e3ad004d1ffd1e48e6574ba7d832f7ad1345b8df27f7707245b335ddff2e4ca1430ec44af208e633c25678b3cfee96424ca026b159bb18c1bdc51db6c66e8788e5aadce1d3e531c9b02edc65b846763ee64113c0cd0d23824c4baf3516e2c8e5192afb9fcd390e51b3bcdcc0a49f932a6907b38713e2229aaa9abc5305420f50a2016429012e835407dee7d8d0b8404655620c3df407e7be2a5a1e668341dd91224509ffd48db6861f558d098954f83aeb6e426099cc4291da311c37bd46c8d80c3ea975e0db6ce12dbdae9116bf08909431fd5483f7cb3076d33a900d56c26d6f151386abb32ea335f5337683201a1ce5d9df25c5df29a375d2680827e182b1aa0813ee7f9d273d7ce1b86194a8cf48d630a5be0b947245c1ee0a0645500ce2ced6dade1b63c0e7572260cce25636778d79ef11ed5e3c42835c8e53a6d26cf85293050cedee2a116e5f38b9cae91a503ec9e0cf784d9cfdccedf95971540ec37926eb43b27cbff1d96b83f80018e6afec70523b6672111a47f9922db34da15d7ca3cc3a77f1abe7221b72d43d2cb4c23fd2bff6cd5ef6b31b6a4c65babcdc918b0d99fad656e471a20a8f4b66d6e37877da1a8b7fb7a8692d6d578ff953b18deebea1353f915102e4d2064dcf8eb0965a2f4c2eeda70b4177dedd7597797ec76bb72ee422ec4d16e494ed77c9bd843ee01885cc3aba1f77806e8f501b856935494918ef83379ac5ae1e06697606053a8c5c880975d1f085c93f2adb1bd2c6ae07c29bbb245cac4726a20a2f61ded013722eee8878933a90319cc8cab7a2bc69dbc79767ba18fcdd8f9ba7de44e9f0575994b28aa9e3e7b4c1f2ce0eee264dfefe3e1600cd969683551894d28b690122093105133b22ee04a50f4883274cb929beb1bb45444ca5d470c0ac611c4990eefea25526f590b269ad40d23842c5b5996c1cb393dbff28a7e2f7cf04ac30fbc2d29ece6708fad830bc523fa52d2ebbfda27379e8c48d085b260a2dfc2e8d7e1a94a245b518612bfc9ca0260c8fdede5298bf584e5d71fc131f5eb6ad2dd7bfd42a77f523eb0aaa787003fb71b9a64fa783e918595af0413fcc0d7818a514c055a48ba9b1bbc6c974f7cb55c3af3edf117835d169e5e2b31e4278d0419b23625ae004171eb2ef8c231a61331886234b402886b4993ca6376f8664134cead1bea142bbed5d46e3bb71b0f8a4cec0c79a9b5f6c823128d02063967a5363b6bd6e242fa3fd21953fdb57725f1eda22984bcff8e40f2076fc0a462706dc2bd95dc447a2aec2a8a4808f2930ff1353348942e28204af42141fa120c8e5fa9c225d16f3624deb2ce178fdf594db504159bbf475e8bee281e3c8ebb29b404b3fbd13dea76df5aee05ad6a85054b838e149d0ebfabe61dcbda6c3494e170e75633843a01e2458b526ac5424177d6bc4706a09694be1c372cc79cf7c4d82ff4e62489d1fc7819d749710035a6fac239d716b57a1af1346c1e8420dc8ae46fd18245160d43a40c564bf11f0232bfd1fed67ba1aebce120ee93a0a000570b808d9fcd60b622c59ad53ef535c1db7de15b52ed2540708eb5baa7195e1a86990b6611ad5c50127f7e876f8031856e9a2c0566f357d6c75e6ca5f217d428602fa7c8f7fb9f3abbefee76d88b3b08c3be2f0d093ce96c6a00f3a157dc0a05e1fc5d8de583c25e09c77348f5825fcd4631396f3e8c26f5c1432784eb8c377fb520d28aedcaa5addfda6eed11da4d2cc91c2e3c3728c763c9d58283af32d00aa1910011a552adabee99d1387d14e582cf68fea46b729eddd0d3ad8eb9125d5fb060f4d6f70a166cc3ce9b02a7bc65200399fc2a47b90039ac23afb853925195e8079da20cbffea72365158fbd94a6e0a654f6c09a8032fb26df99913c2300e03428ab3cd1b3f7aee15460732d445b4797673b47a93a325b2e5157106ade0959be9c4562d5a4292a9ac94940c66375e559f34e57a1158b5d77a5dc9515bdab63799627301f19398d84c7afde812100a65a1642e9515a30434d344b380a92eeb2013a0f63cba648c37095bfd985c607b120f1769a79f1fd7c03f09f966b72945606ade67f9aaa631948bb82f9ae3f89ecf6db12c02d174f62ad6e1b60f4819ae19f4979e0f9dcf51bedf4b1bd1de73bc2adb1923544ede6dbd40ed4c559cf1f079f5dc8986691540e13f5a2505cc0923ca8fe2608ec92b95dbb5facc320e43b2049b79eb02618f6fab08b7e9dbe00fcd69b338b1bb6a9beae531972e16a19d94bd2273c4d042eca34dd7c5aebfbf16552681ad4e243824a9c5d0d8b8d3aba4c102fb76c216c230c2ec34838a0817b03a04480c61c899b2e442bcf2567d4e73000d9c9d4d0acb712df0183fc288634cfde234b94fdbbc0b7e66ea5b6437f312167b1ea93e2a6b2105308d8198a2d4054ba2ff2855250e0e6c952364056e2d3d09e5a2c578837d6521ffb82780f169d07f2f032b34d62f2712a77a56175017257ea1caea41acbbc520b429bd4e3ec3f9a6eafce46731dd3396f1ce1a6198927fd2dbefb3f77c9173be0934747ca47b98c6548c8cd07249d9715414b8a8ddc8430575d8b8903d3923089282a3ccead6e11044c67f3d5d8ed8cc0c0331f2dc09e1bae77ab55307e6445ad382451eff64faca8a4c0cba7cfa2fc9b087afb040e594115c35ce1dbec69ef1e5af8003339afda5faa1be1a3da7c5cb84273009c32d300fba7d222d2dc783241a9414ee30c8bd7e655c09a7f50dfb249ae9b15284b971503f6ce8866a1b36f993acf28d387da88c8defd323d1cd91d4eb46ff87458269a134675556b067a1b71829b7706ba58c93a919884089dc333c9b5d8279dbcc20071991762d2569c8ff5f21783e2961228b2006f8805750c0f9f4f9dc3df86dae1ab98af22122966a6ba04ccbb2bdf90e91e1f2595b979b6934fe132eda34cec0f83132f3867a197a6dfd0d43528bd56613732704bb62b12f4ede7439b2150384fa04db658fda2ddf97ab571f02d150c50c95009d0aa2e553019ac1cf9bbaf15474bf66d69224913b11080badb47d4a085fa13e965de6e95b7aa6e07bb212774d0240738cc07ccc1670d33c100cead3fb99c3f32fdd97c9b16956b1c22a90cd5c7aa0d920dae9e2b149fb5f9870129a0e97d1edba0dbf8fc4fcca6c65c639dd3eaa8803b1e9e601907e086ed1079ff6bc6de941c91df0634ce3730b8035bfdfa699304666920bfb092354da1f0bdd28c9023bd2e152e931e82eeabb86b0323c789daac94422eb7855f18775917e12feb85019e2e017303002ff8e04513ae0fb03f334a76addd8fcbd69ed25931f44044eeffb5d66cab5a22b21e85324946ab15408dd5d68b17727d2e4779bc378750eaa6ef6e943966c0dc4d066c6b8b8945023a0fc49f81a9c15a35d350e3d741652b8a8014b3649dcfd028f25c0b38b7cc14f7e375acfd3960af2eefc49ac6589f38791c9c0b0ea4e55992274052eed15cb8de213794636c4db2385eb9bcfc28f8a97e7c7ac949cd519ab62d1ab10d855a7ac6acda00b78d35d80a9ab4b7099603782384c461dee90abcc14a539779435cf0677eb0b6ff7e47488667788f9b0fd7d5e0cf53aee5ca0071fa30c062da3c44e79096e24594c6e202b7cdbdc49be2ddac8058c7ded15f07d4c413886fdd7017b9fedb86e39917fd1e81b294675bde06c8fac0dbce7f4b90b3859c66f9f6fec640c6781728a8b347da28b4360924ef68c3c740ed5ddbf013720c6de54d9bce5232864f9e80a652cd778641c327876b2a3e1049355a58fb5054aa17064e97142d64be9daf5d1b162566a009c69133f60e3d4c2a53c153185c659d16236fcc1690eed8c6c2e4f8b172eec457a9407003ddad723e3b183e81b17ddbe46ba368ab3e3ff574d9e3fb82e102ab46d7f608e235d064ea963fdf1622ed7278a27fd8210ad39c3acd9069abba71ca051b64561683068ca6a1be906c196ddde1839b3897d5af8fee51614d73e51511b03a5763f3ed3e64bf7293118dc321cf5e940a2829c6b8550083d66d31680fb55af098d9ccebde9882f818c29f4cbb55c26a97c359d8606bff3744ff3efc22e8d34e67b7c97b567483963c574bd1dac8c46c911c48b6e29e73e52f8c9385729a73b70d2ebba9e744247d9003a962fd607686e6c5972b59616acfe327d8b736f38c703832d7690c6474641bf87538e785353c1fd7df1b5ecb1200eed8c5857abd16c26ae72d0147de475b0c4bc98dbff530b334c9c50607bd46ddbcb1ffebf7513cc842e4cdd6c8c00a284e81cb531a04f75210add4f73db3da9783694fc541cd470368c8776973f02835dc355ef54ca90a580a45a2df6137c43b151ade1e51bc879e7fb43141541bfab79b3eaf0eab323c7147ecce6eb3eb3eb02a204755cdcc7405ad903b91fa4d297262cf77fe395a18e269ec36bd534d4939e78719d7c312ce5205979b2fb92fbf9e1d1effb0f663b9361893fcb11bfd66c92af3394e899876990883e9f5374b5642c68e8468498612e3848d367598c2cb0806b7f0c7f4b004dde2b4cc50161a4d293f2ec89c4cd35a767736f9282f848b9d1cdf405f61abcb3e50ff4092d2afb86fdceeec4791d892546e29495f97876cd8015f193113f1b8584a9ff3f32650e29126b81254961e677b6f67023295567f574364b7320313db988616ac123368179beaabb5a56257f0b6df8f6956324ac31d3e8db83dc994425ad80e235051af62ec79a6dc4bfa36283af72af26136c8f5eeb32e1fa1b9e21a228a2a12aed39e717e8f404334d8367ef3edceab1f3e250ab9dc1e89f9b84e658d38806f4d4a09ff07ca539077a5a496699a9d7d4aafa78120eb90f404c2a6ae00aa1c813b25cb6ff9dab8b66b1dd83c80c1225aa24a47df3cbff7f6842d9486bbcd4179150e1bcad3caa604ac1db71aac913c9d3cbc154182187e2aeb852011b22e40b25f9cb31ab7f458a11b1836085c4a99a633215684e7fc70646ee2158faf8329c320a3bc050cdbbac216a18a88af2dd1bb4d648110c5c90f7f5948128eafbe36c01ea709ca8b5fb8ad9eb7384feb7055220aed45690664b0312052792a5b9dfc90a1248995cf68f80b7822fa577724ad143b1d987d2fae7992d3ad270e6b1fc4f1bb3130f134607e8129a6b1442ac05f114062be3604d7cf1595022f49e7cc55282f0f666ad6ff3b03d692c2a66fc2eb5fd0751e4514229861e2343d43162dcbdec156aa5f2c5f9aafaf470f17e5ed688b3516647b9a1a220e843791ddda20fcc444ef63ba31fc27e62fee4676f097f3fecc625755b26ad48dc7ceec1920443c6c466c7bb36e91082f115f4e563a562af1ce5cf37c45bb2da72ab39ecf00e0349eed7e87994b6670e8bde4f4f9142cb99f6bf36eb41bb4dc72b6c6a6686b63fa21c167b1ba5ff481abcc2ca29905d6b75eff932296d75a90080f3a727690eab0e804aa95b545f55107d308f4cd9884d75c28388151a72e82291f79eb52921718903a8bf029a3e7c0ce28f204926dc221f78711a08834a917a0843d8249ca317c7154b88a5a10a09d7477fcf2d6296725bb6a69c2739964a768cd6ae51d7e7de63bb17fe7fabebb0ee46c285c683a41203d059a5c89024a7f3c59915121921000075ed397d30ada6d56e6caa685cb98cc0bf279fa2d96408611ae7e43c3bf70f73148c6615f20060b5c337c6555a3bdb1870bededac9eff951cf1c7fd4f0046d7661789bcfd56fe6198b502e01f90333ad6e9354db449435d0506526bb0c65595dead87be428eb1b988906de152f9a7f126ede6b933c2de1f7d20ec3e64c7468906fba2bdea8b300bab203542dec13a90e4195b3f7da1b669bfe9e8989440b24807ffd44d9e3d61e098caaa029a7063d25604cbacc5f2b3671a163b80a440948230ae90dc3bd7fd46b667cc7d6dba2f53775e9a2180ced0e1cdc6e1275e741607d6dfe40f91ec81602f9bc7c26c322b82114949fd17a9284dd2918326b7880f42db6e468b80f980db98e31ad57be1f131407a0d099cbad9eff25916048e4210c0eb0b68d4d11cc1545cb46114b3969ad0d7a6570b7571c877ed8060cf8b736f8c82ddb64d19fc29af3453f0efe33c68c21c7c8c054707790cf5c056d0ba408d077fb65cef8fb071398ce35cc95c48ba546230f4dd60ad633f81478c87019736044783599a17d4dafd30cc6f4278cae2384763ff2ef395b8e7265ebf0453cef5c98e62a0e48ad422af17a4eee1acc10a51a3fb6e98594309e4976f71027dfe7a9593cdb6860cba745f2346c8d4868b07f381d3c137b396780545e0ea331e586b176821e45f67761fd8b4c6cbbecfd34b72201f6145a6b06eaa8fa9872a54734acbccad497390ff69f676c496258479aa06d9fd1ecec02a01216fd66554afbd5e728608f4572a4d485e57ff5bfc3df", 0x2000, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x90, 0x0, 0xfffffffffffffffc, {0x0, 0x0, 0x0, 0x0, 0x400, 0x0, {0xfffffffffffffffe, 0xffffffffffffffff, 0x0, 0xffffffffffffff28, 0x3, 0x0, 0x0, 0x0, 0x100000, 0xc000, 0x1, r5, 0x0, 0xfffffffc}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r3, &(0x7f000000a200)="c1fd43b601662701272af37a7deda072caa09faa11b0a4ef2825e87f09fb6bc3dfd84ddd853b18203bbf08b1af6066c78b4714a789a8f3605f5920e7afc5b0a04271cebce72a797abd5b9e4a44fdcc150e6ef0e8c3d4360e74275818df26243f28cac3d84e264fd0c77d4bccbc466e7244b247d9dcee026df89aefc958d84a55d4d6922d96ce0349fe28efd6b83d15b7b08143a721c4a677b72362a49eeb15ec5b5f8569bad585e30a62ab149e7e4c7f49af9560fd52ea5730135dc3ea3f6a9a3ae6286e99e1520a43b8813ca6aad1adbb30b2459f90699e2ba3a6335ddcace3737ed8f5f21e027ac2b224389bf0c8c005ac8d8c3ae188679d34da0a2c20a910487d3c91b18770fa5ee483a3f09b882960f12e7d2eb9015895ce80b37f74a305a50deb146b1c3430f31d28e6f827b9c7070bc880d251ddb09e0e70a0512ed2600256332c43a5deaecb01f089333fc3b6721f6ed5b41f9971b7c63f57b5afa8042f5beb1ac1274676dc5406b5828247123bb7be795baee59d779bbde227c90d0a5d863936d434f2ce7a45f9b650600f32827b92e2d828915f0411f765ed82dd012561ed29b09950b96f8e490f1448dbd5e45bdc92a2a36aa67e5e9396b6376f82aa6915eac4144a102de786563e44a0486353324752b16f8c7aad3346e18ee295af54f3c1658f9b124116a2fdac79353b095cf667dd941c3cba141b3ac8982eed42e7db649c9d49a59378216bf4323ff4c2f2992994d4144b74866a2426e19a2dc8dbf4643f97a214fc9c448512316d76c4116c3ae600dfb98cf85472da661745b638438dbf15d8dd87a8ba35205a65ba5bf79cf941454f8c788dc2eeccea412add734798c82e9c86122a91dff778edcd309c05fdca66176e9bc4d410b0ee4627eb889443b574ce205c7f4d6d428e909952712ec3dfc89552279b2da87b010051a451377a0c51a34ebba25c3b62ba98eb6f1549b0fee6a7c5e0c7a72835388803a0a8342bb9f2733224c92a50dd25a9b335f243f2d8c68142aa1db1de2f899a56c623a32f8a74c16db56983eb83f6469316f2fc14860c075236a3ba40e8c265909b8fc6b03c6378269f6629bab81418789cd748d8b786f47ab8f13b0caa5ecd79dbea61330be6de5804f5c211cef78f555e7b2093f4a836cdb8a2cfa261be14e0f59d075f58e97ba16cb130f062a2261df244c57d6f477d761262b2e755c96bad3898894e80b23fae71fc31b2895513a11b0cf07551ca87325592dd10549b7d92da1cb07119fe970b8cc3aacc386ab64d32b308679593256d2fcd1f9e9b15ee93ef859e7268be776053182460e83fb873711226ec9aa5c35b15fbfa12ea0abfc7465b300bd8445c831ae77d2aab7d4bc3ba5f218fda9e90eacde1ac5119eb30073a6f291727cb94fc87a3d3013f3ebb1cd259067c571bd3c57eacce716e61f86bf4041bacadd6c676e17fb3cf89c4984aec78216854a68044bb6efcdff12897c3e1b2c10cec019722623f477a512c4e5eef74a6d1ab7a735905373ca3a0b18c3eaa523c86238fba77e45aa07c1b96fa1e3ceb04e5f4742536b687ebf989918f6805cda9611ab9ed10ee33cda71a95be2da0d2c21d2295fdb334dc2057942382dc7d0f70300df3df84cf9a18f042c11243a347569771f9b82404e13684324fb06d867641c87d6d70ad15e90240f901d04a8b8c7fdfb8b84aefee1606f14a2a6995e6b8aaee1b372cd586a6daf28ad7d8ef644c58fa72f0b2f847eef72e18f1a4374c4fa3d604a9bfec6a1a4fefdfaa848279693208dfbc1dbb97b44c4f034090606e0ad312cdfb6a8f68dae7312b064c68813eb41992559ca63d88a8e90711c838f220a4da5bc7d82ec0af83da059bdccdb524a59ad26e43413f131e7703eb82158293a331456ce728c28923bf9ae644a331a667c2932ae1f11a9f9b893f802796ad029c40496c9bc49cdf41a40da1092b404da660e80f33a6012a407805e70f9a180105cd0401ed01a9f6edef4e2479e1579ea365d843c197279e3c79ae56a107dfaba6af80ed9a24d535d19827596ca2b14bf4b110fae4820fc8d0570a64ae08e315da0091f766bceb1fc990465ecb84a2d72efcb9a269816863b72f8d0869b20c14bd72f909fc3ebbf2ba2f98ce3fd7eb54b738692916eeb98ab9ea04ce3e740817dc9ac6561c71d3bc15358ebbb3027294f66eb890577f8a63ecd23beacd93c3b1498d5eefd8b68ebab3536653d5839713b07f79ebb2a6106c009cc535a2173cde3ccc65676bcae513145db5bf08546e8810fb4d193266d491fb9121935138a74c52149959a0c270cd6e244dd7cb140fcf6bf0e7536220f798bf32cda564ebde025a92617f3195e549a491a45446ff0ebfd3b047775af339e59a8da0db6223339325c6f493baa5f2c71b5710a975def3e3919a24a52351acc12e5a2ab6c171705bad0e6afd0ad2b6dd6feaedc9924fdba533fc958fab9a980b775eb4c93a499413073cf09826381b8054f9f09f4a0dfa63ac2f6cb22d001ff277ec7f493bc54d2d1d34a6dad62cd7bccab2ecd419c90087f6945311460b87daad605ff8519aba1d8311a5e565dd26655577aa13da31e01cacbb7e10e720a486e9cc450b8a21d23aeab42838d81dc05f5be0474ab81b806fe71b888323037f3262179e451f765e419bddf7b7a99b40bcc226986efbd3765b66e56a3500de4b18b676361510bd35b3a9c6b8c08222cf7a73c4cda972190f839c2d01a4c171a803c0a77d2769c892b2f0191d2fa01d7d5ca53573e47e93ca9b56b8f0d684d5458d505ad8383f22e19024da06bf6abf30ed663cfb33e202be17bb951e9ea30cfcf65675d2fc64aa51e07237fe8391549185fac5822daa92e73778e080b1304dd757f9035092a729b9a0122d1c07d60336f18a9e46ebeced1041de2e2e8a5de6f4a814d5179bddfcdeda88888cb9ce322a516af3be2b7cf371e9193cb40e66cd41dd94e37f14c6e6469e8fa6c57a4fa3125fb6819b84e276768a7354dd3e2692a77a4a60af85bec0325d0aae72a5f4f7bf9468f1d35147910a55af546e4e3634fe2d8efe116606bf84c0e9c4d442ec8f99fe6c1cc90b99a8d1e53322b26b66928fd01738fa70c0aff84b4f02946c6fa684bd617667857cd751a3ad3d324f9574af78eec6c8c51c25e01cb0ef129199f5a3b3b29e32a34c4ef14c810c2e69e06158f02033e15f1ec00419a91c1450338956a188fac918fb73692491baaf5976ca392c139ba0e551de260dfd6c733b572215f2af0aacc5709b0d4a3b36d23f5882c5644bb455075c5c48bd50492b395d14c36393019fa9eab8a211d71d173754663ea2af1ebdf9751006792609d4db47824d95d68583c922c04af3cdfb58f37b6f958a4b35cbd74a30a393be192fb46bfe4e722c3634c94fbf4829f25dc0b8b07cd16cf4c7e924eb02ae8d675539d32b5d9a54a43811eb98e2db317c67d5bc62901582cbb128542d6be3bc9a5b5b8a8827f2eab15e82b28b411edf67d786b76feed9e7d5ffbc86fbdb19ed80a4f5dcebd631719f8734c398938047011a251370e40d5929e9b4426081029b1339ccb08bb0dbcbb4eedd53792e43a046abc1d5c1dc8c1749052233e18e25593daee94f77f327de61867f1e791b797cc5ee43f8109cb0654d8742ece8512c322442f63dff88702ba047e8370a1b7304536ee7cf465a0a19d965fd03543b991449d6a1a98be5ec3867314c688c5c487e59a6bb05291fda479827172bf3db615c20ea022ff7b16020299220b7c45a7181c1eda48c9a5fa7624843d112c52d99d0b27e168eeadbcd3c60b3f366175decc8c91c64a0a16d3a2e38244dd8d2de806ad741e2256075efcb0466360acaa3f65611789a821c30a13d4b60e44173be9e288dda7d7aae2f8341d9a85104170631c942eef22c10e903bf70b0ed36831d536a0cd65c11a209e37a76f3f54deb326735bec5a532431a81f303af5e9d03717a93a3da18317c459aee8db08b9f0b3331d29770fe7fc4266c15a4294c9c435a38296cd880dcedb34f63037f2a8e3ada9ead3e52abd69e5779905f82a607f70e351d2167bf1b599cfb9314a37df876bd5f2acff82f1773c512ffd308179e47b26946ebcce112273e12895145ec88c701269c93f32a5ab2bc16acd57e997d140d18c2cbed2601a05ec33a63e7edbcca673f71eecab66af5287d7d5a1dad68771ed612d29ef8ab23ef0211b4bbed6f981cd24d652f355d94f6003b01cf3d803a6e36b470402c05816aa2cd747f293300bbe891854d932df7809c7809c2cc3d06c693981e7bc21e89aa3ea8f8829c85185e4ecfd2e293bfa2b88cae2c9e4722b9cfee01911a502d59360532528661eadf2150e26a2992871f562d6fed4a36867b2521b1778c4ce955f5980b9dd9ede42fc4a1394491ebf1c1fb0d794cb8c28b103d76b2e70b0337877a222d7f3cd61f353baf7bc9e23d80f8e5b4459937d75f869c179dd9b948a70b9ba37386532790bac12f2f342fc4f2afd8a45f109331d5daf3344ade893029e322e8b7f3bdb5a49987116b31b2bd6d5bab789ca061ea42f7647c88488f734150e161e5aea78639c5bf9c2fb88da321cbfd379b38cbe6e14af979f238685e2c0ff51629cd228602dbaceff8a214cdc66528cdea114691ef619a8c9a0f9cdb7e08c5bcfc2bfd29e39af38f5db4821c648cc3d976cc455a6e6498c92511b407f3349284901562a912c5af25ff792b9c6c5dfb73519336c7d4a87e49debce7a441b7a29706173e4e4e8dacee63a06ab85dd359b508bc8a0f7002832fae10a0a38efaa475846c4205aebe777334788c3e4652086e26dcdddad991b0ce5256e113bac692d442f524d7e292b86eaf0dd8380ccd78b1489dd2ef6beaf2eb9b08b50bb2a5ff3ba8df3b226baf79a0739d8a60cf815cb347399ac4adb2cea533d3f0ce160a563f8d401e5a6100578e4c8178a7e70663e135edc645cdec2f0588fc99a0cb60dd8788e02554ade370960ce562c210e826a1eba767a09b10f46ebbe6c9166e24286331d2ff025c57a10c7b64c506d0a68642171ad965a001700561fcac2e3f548fd58d32bab5f38b36e62f5546129cea35ce856052e3e480fc639640a5301dd700c8e8d0bd6ac790910fcf2b4f159cc1531aa1c9e37b541520450dde638942081201ae8a580f28cf50530190a45f45468753a122b364be7dad79044ec8b9977d583bc0ac3ec7b9fae192397ce8693310f301c18c2cab5208b369e63c5ac18d0266834e218bb71f308c2c2f2df4a6ccadb3788860a2c733a9252b877ea1c1e849a38a328310bafae9614a6e161170c6fcbe9bd8c4177de1fd18f56805c91fb382aad767891556ff8e1b5f3ab8c18b4fa3053c981c12fa2ea017bb7596158ca533d0dd95a95d0b392222609f6ea336711a9dc50393bc41fac0d429540ad70757f2086bf1bea0132a609ea0bdeea0cef93d8b2a0d59189bffec05281e97b4722291005e9ca7e755be9070f405ab0d6c9546a5ebda2e62adcc621c2b1f6b07cd1e617d50469ef2c71647a47ef98ffbc71505e188cef3e5c774c0987664b6989794d7ca186804ccc6296da3adf22feb351792f1a9cff77413703744bf4f21212920d6a8fa1800da7a38fef7160a50f5b895e7b76f3fd830fcb9a25f3b3ccfd082a1712237e4ca665085aa1c5aa413bce813f1b7ca66105de94babb7b4a05029cc3759d00191fd9bfa0f996cc703403dd6ed2b33f2743a788041f279b767efc3730500000000000000aaa7418a59fff7e40d02e618172f6e0abe08c855348f3cba40c8592a0521ed1e41524f20abccb2bf0ebb933e59b7036eff5a66279d578e6b2fd6c4140b33adc67f7083110d815ac55b4833ec0504488265b3ff2bdacec17c91bea9d6bdd931bf056d6e9790e472d874a5a3946b200493c9874d057aa6be3a1ca4da6fbb88a9d853aaa7c8ccabc83582caa65078bbe7b04625d139ed9860080d185bd9798d613ca3014713eb9e36bdeb73f14ac3fc7b2f8f594404f56dd937c0a7e865fa98e858cb0af661cbe12f15c928c4c45a982e24cd322320a96ccd54656b2c7876a5d717e42d3df13189b95ddc2b5a928dbda9ee02c30352045d02cbd854af821300f198b1ce1ea8e45c969020e5c7670fbd9b7227cfd3c809fac1df2eb18c199b27e969f32052376b450003b7ff6332ee1d9fce1b5947b72575ec6541b992fbc76f0e03fc1bb9a0df5ee3de0f34125c311d2ddb67962cf9a8230efff82c25c896621082a587139e997e0532962e84ad697a1a2b80d997c2a268ecca8b7d1095530b332ef368270bf31a75b777a7cfe8c8d324a8c558d3c65f801deac6822842f85f10a641b71ad7e5fb05f64eb3033507dc3a2e9ec02d667ef36c551f69c438e8b6c3927733d83e94f035ef3da230b759df5f5d1964815b176478c4ed94402dc8265e589171df165094a2e4e75614fc6febb8484f28ec8c1252b2d933852573926837e1edf9da0da3f91697b290c3ee5a44fcab3b10095b78b5df3701431cab31750e211d442a77dbc5e2d4d0e67bf329f9103414abd4f3879511375c8800f52f8a17ae6887214bf8634bd99075ab073540f04ff675d32190a3d1152ceee32e30719cd883a82185f89f071c02df443cf7046dce8a6ddc472ed63945faef588acf57985c7ecffa438f5427fb851ebc6a4c577a33895a8fc4628286a48d3bbcda1b769aa3194869e148ba457932fa6f2e4640e2755940e2f5a6a67796b5f88ac10f389b409c0c57bd4bf0cbe0fac2fd2f58ec498d19c43952e4522b51931712eb4002b7b208c02c4e06df99fa8e93e4b9e8b0d7a57e63aacdafb19db0fd422f8e89d1275b49963bd82b490f9e4d24cfe9700e98c73b31fdcf7b7d30d73e9bf6bd86439dc8b63171d53ca7caa860c60777436099db544164d4e4a81a483ffd5ef2980110f461529c057c40f2ee63b71a8eb2d87919726bda25a8fa2f242d3ff7bf0726d8a11d141eb87d2733f1faf456f2eccbe4c3a856702a80ba7e36cd8ef8e064e16e61eedda4478d2edaf0445e2247a76e25b4b5c68720b87bba69b4171983d95a5a764f42fa6f23466096d9a097edf84952023a4541110456b93ea558c2059156c287fc6cde7c74abd90ec539a5f43c2a641b1a34cffa2538ba565d0b57513b8c1b3df541d02d6d5a0aa2f96200dbbf64ab7c0adb868cce23ca607db6d6dd18f956185c983a90c8b4a7ec630178376ac400c61c77fcbacb979e2e07115db8a034a00ffb136f91c0b16c6d796f524f9ce6a0b72c378c8939b56bb83ca0f3d09da2b82b4d3457b568878d019f54f9cddd514a601d4edfae582f1a2674892bacf6eaba66124c797e1ebf91e1b5f12e520404d213b12770966d5c5f3435169f8867faed0107d2cd4cf0638e4f1c488122da7516820cc3d12cdc9f663778455352d2be1d8d3cd611808304554bde601e4ec4c9aa50ec22648b12f45c8d84bdcfc85f95ba0afe254df5d8b40d53adf1d4fe1dc3744bd486e3eb14775f4f4c333f751975a4a8b5bfa497850633aff3ff98deb53d1b515a08c4c474bcce46149dfd5bece51d1dfb6eaf593f8ee037404a5ce5edc2887006059cd3743448ab977899f10540b5a5eac1b9d4346654e4eb0200858b5b92525399a87859859269d3b0fa4c2159dc807548368ff701076606378b44cee2839f05ad94f659270af868cd674b44729bbb8eb2f697101bf4fb4f96d07dabaeb5b6a1cc884423fcac3d3805bffb3c8de3e801d641436ca6b1f50aabce4c7b3b1a24eb6977d5a8c84d6cce8ec9ee93d3062a4bd78ff916fbba7ab228838bd61f25759c6ac8650adbe2b346e65681dbafbb934358ca2b1b854bf42f42404a15caf99b785f132b9a20413b2d9d353220656ae271883ca9733430db09b5e8578e9d4fff032b0ee792f429791089d93876a30100a35c420a0686c125005242551df27673e0826a1c38bc028c104e0f958ae1ffb2d5221fd1a36e598065eed6a449567b41c027b6faa461d3aeee8dfb6285661af7fdcfa484fee654b633342eb122fe72d5d68ea4cfc988cabb0df39b8cbd064d489fcbc90bf313f3a29797d479a8fc12cf5b9ead0907a2dca568bc0f40d0fa4a9c3758f9bfd1ac3662a9f04260ef0d2b86a02d23759b210f38830c4a224649186b6e4b87c6b457217c86f502521940caf1e5b2eadb72951a790c94dd74b929232947b01cefd5a1483e127b1b6d216317b581455f9cf96876af837e5f88cc38a46eb2fb6cd7fcc6fce1a264167b86723829ffffc413bb0000000000000032dd6219a95418314b1e071dd59d0e96083e02cb8778069ed54137ce98bd702dead8fc74992d7743d1450faf7de44c2d59ff2dd339b80d3449e9bda5b3a564f01aeefe300165bf3b00d811c7ae866cb1a0a1b87400c2941841cd2d6953308f1a963f1c6d4486e7e45daabf0b066ad8884f4577534d3c9f3d3f3bbe8a1a3088d9b95da1fc901573e26f5b86c7a868429b9b634c9e35dfd0534563160912a43c64bacc8ea1ced7bc1b77a28716700e501905c9e81e190241e0edbf4f894aee4047c5b5fb58a3db4afaf76790690fdc1289236fbfc5f6cff540eb82de8044d17658fb054b198cc288cc43aa5d805a51cadac3e75c8fd82ad015a04932cb6f6b53aa4e8d9d84018ff8db0f756d6b5db4e06a689b52fe8471b9230c2dd14d042c1fea45c3d2452351a4222421366610d80785f7e47474d4ad58116313813d4db3176d93c4e29e5c7562806879ddc75b9cfcf38d6aed015c0f4d52302a51215187bfe254d6065bd142cc9b9e03f32ebc9686ad0d0cb3fcf0afa320a15f37cf591600636a4ef84c756c0d42ab98bc2479f0d5d230359f622447101844430a7555a4cbc702b55a4a6ed964cf399a1a493e40555f622da1643073a786a3425d95090b9b0e20521187e9e20d35f4e061e6201e67e844d88457f751e5519dd30df9251f1ce2836e0bf61eef8fc6ed22e4887186316566278bec46af3823ed53e3e18ca5741124dc53cadb5ff0846cc1c6b9c072be6dea187e8336eb6b6b7029ef79ff3b2999938cc59aafa1618fc4556ce3c81f99414d5d79538a83ee9d8a9ad0b9e57060d4be9c53266f418455d760f423a1642e9edfccede29d21891d7421ad0f1cefe472d0ef84965575419871374727bf5f1dc72057a18ed4d7e0a2ddd6d105eb2cc3718609814c2968f27465b00fb4b4a64359629722320583a05644693e6fcadde0efc12e66a0c8e48311f0550ab8fbc1556b69bb2a5a0c03f1a59d67046d7acd5beb9f7f9ae6eb18580431624d63ffe294ea5497a65ec3891f4c70b26b7b17a9f82145e5d5156d6b3355ad249bb66168bbb745d00c40d6ef42d52a032cf62caeeaec31f4c85ac403cbb0c6756953f0ddbf79da0cfa6ccc1c40de43bc4a10a700b98322e671225e80e663d30192ff5611c44c095351bb69a4e14c11a3d5b0b53e78954699760516134f3148e71a2b0bb04b24bb1a2c2b503f56249e0a2c638ff40e7c2c7d50ef7196fc9893e18c0ac3fc5a4c0d23ee08080f984dc643854b54df4a638af29dc5df79f905c4133ce263f3b2bb55fa7d56fa82795687e6ee5c68cc13d71e44367ea8670409cf2231990cc6d06e5aae2fc3af1537b33b42775b40bba3aa417016fb9dd89f90a89196c104017a68f7527b8b958e38f9646832a7790045fe394ce41bcbd1cbcbe52cd7e56cec7b2856e448fa5d7e837798b899f05a2c2fbe6d9f1a7b193bbf7c70444d6a37810d4d19d359f9cd6b8a6ef2230b735f8bebe0ccec94e44ed95234bfa4a36a2f0ee9fd5ca73d697344d28436e0fab81e73f447bb144a70aaf96acf6ff52c4737e7a4debcd285bdb54e363d842bc9a7d180c16f010fe4078b41c4c3e565c3edd64e61f995ab0086dbdc026dc1825b8c45ed96edd8d2bd9daa699e5da333274d6bee2097c004462848cd16849f95cd2252c4c87058a821ed977ed751b77b0a8fc0966bf3a30c26d49f3185782a7d314e89f039a15ede458538f1ada8eb836a36bb5d82c402e3feebd37e7b7c667a1c82edc8720072789fa5f388039daa731ce74dbd5aa8965b7ee99f6c271035239ca1c34cdc3c57bd8510dee08f74cda37095b1b098997998fa267e0be15de474b2c737936cacccb4ba44112570bbd13f870b55f3763f77724b586d6e26c3e72b20bb13272f2ee331bcabd4a79980a8d2965c20da2a3918c855215fecce95d29bec58f522d3d6d2852c4ac080fffcb3ee7fb98591f99b7cfb7bb124cc20078030756aee8fd284df06cd5f07c13fd56e5381b19e0a3a9f412a8d27428cb6af0078e4dc8ce4836630360a5c3b98ff5e6cbac1d9d29de9838a84d4722ceea3765be3df9984cf139770f3fb986b9cc9185ab787f54be33d46c54de74d94d13f74ec70cfbe1605c00db79fa8de64cd834090a35c80759f83c8fbefcf9a276dde8a8498d084b4619578eccdda2651a475f73367bda96894bb36eb868035251694cbb745feb150555ada09909497ff1d9c8aee7a35b7c8b2fc64ff483f4fd3491ed52304e6010b9bf2af8c5b8e162a383a0bf0bf108ca78f5086132b2b1a29581f323841c2f189509898d932436e5c1e693ed91f0524da026fecaa2b7efab54aeef120be61de457171c58811e0ca8a7600e0ac249aa579d78d2e2b1d6f41a3da4676b6690ca0249251f5b48b9a3820ac5b25a52cc01bc331c24039b6f4bfab72d5838a35629259930dea936f8c60b4f1b189db1fd1b5e7e6c8a842707ad6756d098a9ab543cde3e1d1161983ea91b7322ee2a713be3bad369d8112fdc7f1ac7b5122d55dc5ae443e10db711ddd6619ffbf96068e28911b1f54388413a17958d61ca07465b54699a1351915300cb826d3bf7f4f217bba0ed3195cbd077b67167b9a03040afc237f3bb36edd9fed33d7d6e7c9493fec34be6543880b0b442d8351496f2e8d60d4d984cca743983c0afab9cdedd5a9d774a121e91230d359c27a3d7b4db38ce73db747af3ca06470901f2605c031a7c9b7d1bbb1e838d36a4d39b039e80bcddfaecca906705fe8c844e93d5aee494dc62c7b4fcb6abe09acf925ef422dc09185b53e960795c56500b43faa6e89720aeee724532f89e60e20b12cd4f832b95189bf45b96aa7af10cf8298b44278de1c67e2d71d811240a7aa2d1d6de22e5b8cef4a1f309de3b81c5a028aabdabddc9637974c2dc19b60458f0954bc751b7ae628ac602eb7c52c7fac0c1621ee7757fc5b002ad7e8fb66fc7da0896547abf01ee091c0cfe1d0fc66e6e03599bb2aa7608a72c30203af5eac3915a0b6616b6119c4a09654de2f56e53296d1f8487cd7ec36c86894bab72ec3ce61208f848432d45a27cafcfbf2a2c56b58e017c76ac7e943aff0b4acaf84dfb343d93efb29c518a9d552c36a3e44c6ea948673bc2aa71c5a873d1d301a9c8b02f19c086f922f0b3e4f7d14e8a59c017809188e2e1b4dc6b55fb8ad82b1c04460b5ff2e9b8f47d3e833599519b79ac6d9ab282db4a55654f60396d2e72bf8e2ebbc8c742913359edadfcbda00", 0x2000, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x90, 0x0, 0x3, {0xfffffffffffffffd, 0x1000000000000000, 0x975a, 0x40000000000305, 0x2, 0xd, {0x4, 0x5, 0x4, 0xfe2b25e, 0x1ffffffffffffffe, 0x0, 0x6, 0x4, 0x3, 0x4000, 0x3, r5, r6, 0x4, 0x5417}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
setresgid(r2, r6, r1)
setregid(0x0, 0x0)
r7 = dup2(r0, r0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xb}}, 0x3}, 0x1c)
connect$inet6(r8, &(0x7f0000000280)={0xa, 0x4e22, 0x7, @empty, 0x2}, 0x1c)
faccessat2(r7, &(0x7f0000000880)='\x00', 0x1, 0x1100)
syz_usb_connect(0x4, 0x3f, &(0x7f0000000080)=ANY=[@ANYRESDEC=r2], 0x0)

2.399687683s ago: executing program 2 (id=1438):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x20182, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) (async)
writev(r0, &(0x7f00000008c0)=[{&(0x7f00000001c0)="2e9b3d0007e03dd65193dfb6c575963f886411", 0x13}, {&(0x7f0000000000)='\x00\x00Y`}f\"', 0x7}], 0x2) (async)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='ns\x00') (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002100), 0xffffffffffffffff)
ioctl$F2FS_IOC_SET_COMPRESS_OPTION(r0, 0x4002f516, &(0x7f00000003c0)={0x97, 0x9a}) (async)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002140)=ANY=[@ANYRESDEC, @ANYRES16=r3, @ANYBLOB="0100feffffff000000002a000000180001801400020064756d6d7930"], 0x2c}}, 0x0)
ioctl$OCFS2_IOC_UNRESVSP64(r1, 0x4030582b, &(0x7f00000020c0)={0x2, 0x1, 0x3, 0x0, 0x102, 0x48be})
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x4, 0x0, @private1, 0x9}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, 0x0, 0x40) (async)
write$binfmt_misc(r4, &(0x7f0000000040), 0xfe46) (async)
getdents64(r1, &(0x7f0000000500)=""/166, 0xa6) (async)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000002540)=ANY=[@ANYRES32=r0], 0x0) (async)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r7 = dup(r6)
sendmsg$inet(r7, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10, &(0x7f00000024c0), 0x0, &(0x7f0000000200)=ANY=[@ANYRESHEX=r2], 0x40}, 0x0) (async)
socket$netlink(0x10, 0x3, 0xb) (async)
ioctl$BTRFS_IOC_SYNC(r6, 0x9408, 0x0) (async)
readlinkat(r7, &(0x7f0000000180)='./file0\x00', &(0x7f0000000300)=""/9, 0x9)
syz_usb_control_io$hid(r5, &(0x7f0000002080)={0x24, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0}, 0x0) (async)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r8, 0x40345410, &(0x7f00000083c0)={{0x1, 0x0, 0x2, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r8, 0x80605414, &(0x7f0000000500))
timerfd_create(0x0, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
read$FUSE(r9, &(0x7f0000000040)={0x2020}, 0x2020)

2.310027576s ago: executing program 2 (id=1439):
socket$netlink(0x10, 0x3, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000880)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@remote, 0x4e23, 0x6, 0x4e22, 0x0, 0x2, 0x20, 0x20, 0x1d}, {0x7, 0x7, 0x5, 0x95d, 0xfffffffffffffffb, 0x2, 0x0, 0x5c2}, {0xe, 0x5, 0xb1b}, 0x401, 0x0, 0x2, 0x1, 0x2, 0x2}, {{@in6=@empty, 0x4d4, 0x2a}, 0x39573c4e467c4e, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3502, 0x4, 0x0, 0x40, 0x9, 0x30, 0x7}}, 0xe8)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b95}, 0x37, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x4, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1, 0x8, 0xd, 0x0, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0xa, 0x81, 0x8a, 0x79, 0x2, 0x8, 0x0, 0x91, 0x4, 0x4, 0x16, 0x8, 0x7fffffff, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x4, 0x2, 0x2, 0x2, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x0, 0x400080, 0x1, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0xc7c, 0x4, 0x0, 0xfffffff8, 0x4, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x1, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000000, 0x6, 0x438, 0x2, 0x9, 0x92, 0x7ffdffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x9, 0x8, 0x3fc, 0x4000006, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x4e, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x2, 0x400, 0x3e55, 0x4005, 0xd3, 0x8, 0x97f7, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x6, 0x8922, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x5, 0x9, 0x6, 0x10000, 0xfffffffd, 0x5, 0x1], [0xa774, 0x6, 0x5, 0x1afa, 0xbfc, 0xb, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x7, 0x1e, 0x9, 0x81, 0x3, 0x4, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x100009, 0xc, 0x5, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x5, 0x3, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x1, 0x26d, 0x6, 0xffff7ff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x6, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xb, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/pm_wakeup_irq', 0x6000, 0x1c)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x31}}, 0x2, 0x2, 0x4}}, 0x2e)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
socket(0x9, 0x4, 0x4)
r6 = dup(r5)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x50, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

2.078009124s ago: executing program 2 (id=1440):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
syz_usb_connect$uac3(0x3, 0x85, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8e4, 0x17f, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x73, 0x3, 0x1, 0xa, 0xb0, 0xf, {0x8, 0xb, 0x0, 0x2, 0x1, 0x26, 0x30, 0x9e}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x6, 0xf, 0x7}, [@selector_unit={0x5, 0x24, 0xc, 0x7}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x120, 0x4, 0xa, 0x14, {0xa, 0x25, 0x25, 0x5, 0x50, 0xff6f}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x10, 0x6, 0xe2, 0x1, {0xa, 0x25, 0x25, 0x2, 0xd, 0x1}}}}}}}}]}}, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x2})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$x86(r7, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$x86(r5, &(0x7f0000000080)={0x0, &(0x7f00000001c0)=[@wrmsr={0x65, 0x20, {0x40000000, 0x3}}, @wrmsr={0x65, 0x20, {0x40000001, 0x3f}}], 0x40})
ioctl$KVM_SET_CPUID2(r8, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x40000001, 0x4, 0x3, 0x31237648, 0x6, 0x2, 0x80}]})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000200)={[0x7, 0x40, 0x800000003, 0x719, 0x409, 0x8, 0x80, 0x11, 0x9, 0x8000000000000000, 0x2, 0x0, 0x3, 0x2, 0x4, 0xffffffffffffffff], 0x0, 0x194d40})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = syz_clone(0x2000100, 0x0, 0x0, 0x0, 0x0, 0x0)
r10 = syz_pidfd_open(r9, 0x0)
ioctl$F2FS_IOC_DECOMPRESS_FILE(r10, 0xf517, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r11 = dup3(r3, r3, 0x0)
r12 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r12, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r12, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r11, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r11, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}, @fd={0x66642a85, 0x0, r2}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

1.923401429s ago: executing program 1 (id=1441):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r1 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x8, 0x172f, 0x38, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x90, 0x8, "", [{{0x9, 0x4, 0x0, 0x3, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x81, 0x40, 0x1, {0x22, 0x28}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x3, 0xbd, 0x4}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f00000000c0)={0x2c, &(0x7f0000000040)={0x20, 0x22, 0x28, {0x28, 0x21, "c263138526792c3cbdeace918d0fb74237cc6e446c4e88e78881ce2a52973661d67a0c554438"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000080)=0x1, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004f00)=[{{&(0x7f0000000140)={0xa, 0x4e23, 0x6, @local, 0x6}, 0x1c, 0x0}}], 0x1, 0x240c80c0) (async, rerun: 32)
r2 = socket$inet6_udp(0xa, 0x2, 0x0) (async, rerun: 32)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
getsockopt(r3, 0x111, 0x1, 0x0, &(0x7f0000000080))
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, &(0x7f00000011c0)=ANY=[@ANYBLOB="8704040000000000fc02000000619cc0694d00000000000000ed"], 0x28) (async)
syz_usb_connect$uac1(0x1, 0xd7, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x8, 0x582, 0x27, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc5, 0x3, 0x1, 0x7f, 0x10, 0xf8, "", {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x6, 0x2e}, [@processing_unit={0x7, 0x24, 0x7, 0x5, 0x3, 0x6}, @extension_unit={0xb, 0x24, 0x8, 0x5, 0x9, 0x0, "e5786904"}, @mixer_unit={0x6, 0x24, 0x4, 0x6, 0x9, "cf"}, @input_terminal={0xc, 0x24, 0x2, 0x4, 0x203, 0xfc, 0x9, 0x9, 0x40, 0x9}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_ext={0x9, 0x24, 0x2, 0x1, 0x0, 0x6, 0x4, 0x6, 0x1}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x9, 0x3, 0x6, 0x9, "ec82", '\v'}, @format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x7, 0x2, 0x5, 0x6, "c7", "51d47a"}, @format_type_ii_discrete={0x10, 0x24, 0x2, 0x2, 0x3, 0x572, 0x2, "aac62ef94e10d1"}]}, {{0x9, 0x5, 0x1, 0x9, 0x200, 0x4, 0x7, 0x8, {0x7, 0x25, 0x1, 0xc, 0x6, 0x2}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xa, 0x24, 0x2, 0x1, 0x6, 0x4, 0x81, 0x59, "aafa"}, @as_header={0x7, 0x24, 0x1, 0x4, 0xff, 0x6}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0x5, 0xff, 0x10, {0x7, 0x25, 0x1, 0x8, 0x9, 0x5}}}}}}}}]}}, &(0x7f00000003c0)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x250, 0xf8, 0xa1, 0x5, 0x8}, 0xa3, &(0x7f0000000140)={0x5, 0xf, 0xa3, 0x5, [@generic={0x68, 0x10, 0x2, "bdf3f69f97a231778b8bdee32133343e0d3e8b76c95c5bad974776e4a6cf37d716d553e969c882ff9169af691bf61f12e44a687a4484a816dbff58c7ca0a6fddbfa6013f43d63895b434981568dd38ac00dc13d76d3daf91d01f06c13ec2b124a68ccaec3f"}, @ptm_cap={0x3}, @ssp_cap={0x14, 0x10, 0xa, 0x4, 0x2, 0x10001, 0xf000, 0x5, [0xff0000, 0xff00cf]}, @wireless={0xb, 0x10, 0x1, 0xc, 0x0, 0xa, 0x0, 0xfff, 0x9}, @ssp_cap={0x14, 0x10, 0xa, 0xa7, 0x2, 0x9, 0xf, 0xffff, [0xc000, 0xa0]}]}, 0x4, [{0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x380a}}, {0x73, &(0x7f0000000240)=@string={0x73, 0x3, "ba248cbcb4ac29c4104d590239b84ac7762e3203a3dbe4c329775159713a8786d6a4928c30de7713fc61fda0704a047073e6124a6d4bbef3463b7557233efddbecdd31cb8ad16edba980ab887e58be7e6a2105df58ee8b81f645e74f1a78b0601ecb352d0dc77b50746be541fc4b672b0a"}}, {0x47, &(0x7f00000002c0)=@string={0x47, 0x3, "ae72032aa1ce348c150e39a9695ff1d8e727c0e73c5763038aa0a6d8d6060a32ea014d98ede49ee1f5dd947824b4132507ce8af922e8c6c7af0a5ecfd18692c796bd78d2b2"}}, {0x78, &(0x7f0000000340)=@string={0x78, 0x3, "58492b5b58715dad132b1cbf15910528b61d8d9f45127a4d1f4ab97be65dd4ef77bc1d4387a1f78ca019887346214185ddfd30db761cc76deb27419faa9fae97fc222d35e2e8da8a284adb8ece1bd1d4e92a2040d3777af6d2c36bffdc8c35852cdce5205d3ef972dfb23efe48bc00e481379697effa"}}]})

1.54269065s ago: executing program 0 (id=1442):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001600010a00000000000000000c0000000c0000800800", @ANYRES64=r2], 0x20}}, 0x40816)
ftruncate(r1, 0x4)
copy_file_range(r1, 0x0, r0, 0x0, 0xffffffffa003e459, 0x700000000000000)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0x11)
ioctl$TCSETSF2(r4, 0x402c542d, &(0x7f0000000080)={0x3, 0x24, 0x3, 0x3, 0x0, "2fcb7fd9aae1a7903acf8dee10941011092800", 0xe, 0x8})

1.442611014s ago: executing program 0 (id=1443):
r0 = fsopen(&(0x7f0000000140)='configfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x87)
r2 = socket(0x10, 0x803, 0x0)
sendto(r2, &(0x7f0000000740)="120000003000e7ef8b000000a100c7b1ee57", 0x12, 0x2404c810, 0x0, 0x0)
fchdir(r1)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c0000004900010000000000000000000aff80ffffff00000000000014000180200100005827af5aa534d6815c2e93f10c0002"], 0x3c}}, 0x0)
fremovexattr(r3, &(0x7f0000000000)=@known='system.posix_acl_default\x00')
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_buf(r6, 0x6, 0x1a, 0x0, &(0x7f0000001080))
sendmmsg(r5, &(0x7f0000006840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20040801)
listen(r4, 0x401)
r7 = syz_usb_connect$uac3(0x3, 0x97, &(0x7f0000000040)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x10, 0x103d, 0x100, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x85, 0x3, 0x1, 0xd8, 0x10, 0xc, {0x8, 0xb, 0x1, 0x2, 0x1, 0x1, 0x30, 0x2}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x10, 0xa, 0x7}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0xe, 0x0, 0x3, {0xa, 0x25, 0x25, 0x7fffffff, 0xc, 0x180}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {[@as_header={0x17, 0x24, 0x1, 0x6, 0x8000, 0x7, 0x2, 0x6, 0x4a, 0x9, 0x10}]}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x7f, 0x4, 0x0, {0xa, 0x25, 0x25, 0x400, 0x8f, 0x2}}}}}}}}]}}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x1113, r8, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r8, 0x4008ae73, &(0x7f0000000180)={0x1000, 0x122f})
syz_usb_control_io$uac3(r7, &(0x7f0000000000)={0x14, 0x0, &(0x7f0000000340)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io$uac3(r7, &(0x7f0000000100)={0x14, &(0x7f0000000300)=ANY=[@ANYBLOB="9aed3c"], 0x0}, 0x0)

1.442148594s ago: executing program 2 (id=1444):
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x11, 0xffffffffffffffff, 0x0)
userfaultfd(0x1)
ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, &(0x7f0000000a00)={0x3, 0x0, 0x11, 0x1b, 0x13, &(0x7f0000000600)})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @local})
write$cgroup_devices(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)
close(r2)
close(0x4)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x24020000)
syz_clone(0xf21e8000, 0x0, 0xa, 0x0, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r7, 0x107, 0xd, &(0x7f0000000040)=@req={0x8c, 0x5, 0xec, 0x7}, 0x10)
sendmmsg$sock(r7, &(0x7f00000003c0)=[{{&(0x7f0000000080)=@nfc={0x27, 0x0, 0xffffffffffffffff, 0x7}, 0x80, 0x0}}], 0x1, 0x40001)
sendmsg$netlink(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="2000000076001f0327bd7000fbdbdf2508000000a5df3fde823973a4d56ad6e85e772cd7f2e565bf1fe5fd31b01c27aae63722a0c71cad98980d9f0c828cf720514a6fa5f3d17d6f700813b9b5b5a16981fa9e3d73d5582415c769f5c782f83a0d369420c11789f164f59586d13521ff749b8595cede0027cefb836b6e45d217b2b46b9d35a93d7ba1dc4c092be2cadc5f63af2b48a85be3e35a67c6abd4b6a3b34d60c83986794a1c644ecb194f0125966099a0665f4d5f63b33120076710a2a93402e063e45ea9d5cd56484af5f7ed8c2123c8d06fd13a70102c25431e962d70", @ANYRES32, @ANYBLOB="08000100", @ANYRES32=r4, @ANYBLOB], 0x20}], 0x1, 0x0, 0x0, 0x400c814}, 0x0)
read(r0, &(0x7f0000000540)=""/144, 0x90)
ioctl$OCFS2_IOC_UNRESVSP(0xffffffffffffffff, 0x40305829, &(0x7f0000000200)={0x2, 0x1, 0x11, 0x6, 0x2, 0x3})
ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)

1.390254725s ago: executing program 2 (id=1445):
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0xb001}, 0x4)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x3, 0xfe, 0x0, 0x0, 0x0, 0xfe, 0x1, 0x9, 0xff, 0x1f, 0x0, 0xfffffffffffffffc}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x9}, {0x49, 0x0, 0x8, 0x20, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1000000}], 0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304})
mknodat$null(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8, 0x103)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r6, &(0x7f00000021c0)={0x2020, 0x0, <r7=>0x0}, 0xfffffe14)
write$FUSE_INIT(r6, &(0x7f0000000040)={0x50, 0x0, r7, {0x7, 0x1f, 0x8, 0xffffffffd24b2432, 0x83, 0xffff, 0x0, 0xabe6, 0x0, 0x0, 0x80, 0x8001}}, 0x50)
utimes(&(0x7f0000000100)='./file0\x00', &(0x7f0000000080))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x60000, 0x4)

883.804531ms ago: executing program 0 (id=1446):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000772904202404019957c2010203010902240001000010000904430002317d5500090502020002020000090582020002"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000005c0)={0x44, &(0x7f0000000280)={0x0, 0x30, 0x4, "b36c31e5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r1 = syz_ublk_setup_io_uring(0x20, &(0x7f0000000040)={0x0, 0x0, 0x1000}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000540)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_ublk_add_dev(r1, r2, r3, r4, &(0x7f0000000180)={0x2e, 0x0, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, <r5=>0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f00000000c0)=@new_dev={0x3, 0xf14, 0x0, 0x0, 0x1000, 0xffffffff, 0x0, 0x0, 0x100}}}, &(0x7f0000000280)=<r6=>0x0) (async)
r7 = syz_usb_connect$rtl8150(0x3, 0x3f, &(0x7f00000003c0)={{0x12, 0x1, 0x110, 0xff, 0xff, 0x0, 0x40, 0xbda, 0x8150, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x5, 0x80, 0x0, "", {{0x9, 0x4, 0x0, 0x7f, 0x3, 0xff, 0x11, 0x1, 0x5, "", {{0x9, 0x5, 0x81, 0x2, 0x40, 0x6, 0x9, 0x4}, {0x9, 0x5, 0x2, 0x2, 0x20, 0x2, 0x57, 0x6e}, {0x9, 0x5, 0x83, 0x3, 0x240, 0x3, 0x82, 0x8}}}}}}]}}, 0x0)
syz_usb_control_io$rtl8150(r7, &(0x7f0000000580)={0x14, 0x0, &(0x7f0000000480)={0x0, 0x3, 0x3}}, 0x0)
syz_usb_control_io$rtl8150(r7, &(0x7f0000002980)={0x14, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0003030000000003"]}, 0x0)
syz_usb_disconnect(r0)
syz_usb_control_io$rtl8150(r7, 0x0, 0x0) (async)
syz_usb_control_io$rtl8150(r7, 0x0, &(0x7f0000004280)={0x2c, 0x0, 0x0, 0x0, 0x0, &(0x7f0000004240)={0x40, 0x5, 0x2, "2bd8"}})
dup(0xffffffffffffffff) (async)
r8 = syz_usb_connect$uac3(0x0, 0x106, &(0x7f0000000840)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x20, 0x582, 0x582, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xf4, 0x3, 0x1, 0x7, 0x80, 0x0, {0x8, 0xb, 0x0, 0x2, 0x1, 0x25, 0x30, 0x10}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x9, 0x63, 0x5}, [@output_terminal={0x13, 0x24, 0x3, 0x2, 0x403, 0x2, 0x2, 0x1, 0x3, 0x7, 0x14, 0x5}, @power_domain={0x9, 0x24, 0x10, 0xf, 0x8, 0x1, 0x4}, @extension_unit={0x11, 0x24, 0xa, 0x4, 0x3, [0x1, 0x2, 0x3]}, @multiply_unit={0xb, 0x24, 0xd, 0x7, 0x5, 0x5, 0x9}, @power_domain={0xe, 0x24, 0x10, 0x3, 0x5, 0x9, 0x80, "e3f16173ee"}, @output_terminal={0x13, 0x24, 0x3, 0x4, 0x404, 0x3, 0x1, 0x6, 0xee4de1, 0x7, 0xff, 0x8}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {[@format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x6, 0x6, 0x9, 0x3}, @format_type_i_ext={0x9, 0x24, 0x2, 0x1, 0x74, 0x1, 0x2, 0xff, 0xfe}, @format_type_i_ext={0x9, 0x24, 0x2, 0x1, 0xff, 0x5, 0xf7, 0x6, 0x6}]}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0xc4, 0x10, 0x1, {0xa, 0x25, 0x25, 0x8, 0x40, 0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {[@format_type_ii_discrete={0x11, 0x24, 0x2, 0x2, 0x1f, 0x8001, 0x5, "eb8884cae001cd1c"}]}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x5, 0x5, 0x9e, {0xa, 0x25, 0x25, 0x7, 0x0, 0x1}}}}}}}}]}}, &(0x7f0000000b40)={0xa, &(0x7f0000000980)={0xa, 0x6, 0x110, 0x7f, 0x10, 0x4c, 0x40, 0x9}, 0x71, &(0x7f00000009c0)={0x5, 0xf, 0x71, 0x6, [@ssp_cap={0x20, 0x10, 0xa, 0x9, 0x5, 0xf62, 0xf, 0x0, [0xc0ff, 0x7f8030, 0xff00c0, 0xff3f3f, 0xff00c0]}, @ssp_cap={0x20, 0x10, 0xa, 0xc, 0x5, 0x1000000, 0xff00, 0x7, [0xc000, 0xf0, 0x30, 0xff0000, 0xcf]}, @ext_cap={0x7, 0x10, 0x2, 0xe, 0x8, 0xe, 0x2}, @ss_container_id={0x14, 0x10, 0x4, 0xfd, "e87edfb7aafd4cd007400e66cefe8afb"}, @ext_cap={0x7, 0x10, 0x2, 0x1c, 0x8, 0x5, 0xf801}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x4, 0x1, 0xb2, 0xbc0a}]}, 0x1, [{0xc8, &(0x7f0000000a40)=@string={0xc8, 0x3, "f076a5f11e6a6aa5c0881aca0a453be018dcba83abfe84e3ef5821dbb381cdce54f8a8246a0db4662115fa40eae95ca0fb56377678d9fc6cff6b67f7ccb01a06592231395e243e2c3a07187055059cece90a6f18804fb9c7ba382c461a0b0c53002f50bdedabba6fab20084858913a2ab394d8cd127d1cafdf7c694ae34888180789d9aa4dc9b96aee1403ce2342be5c02cde6e87d084ede87fd615e59e7b1d71a531c01b2b033cf34eb5fa648d21191a55c766e0055806d46ab60b94a95ef6c53f902c340d4"}}]})
syz_usb_control_io$uac3(r8, &(0x7f0000000c00)={0x14, &(0x7f0000000b80)={0x20, 0x2, 0x1c, {0x1c, 0x3, "3234f61cb124641c9e9280853df6e3744dcebcbe443c990bbaac"}}, &(0x7f0000000bc0)={0x0, 0x3, 0x2, @string={0x2}}}, &(0x7f0000000f80)={0x44, &(0x7f0000000c40)={0x40, 0x31, 0xfa, "03cc2a89b352b63952768c1d7dabce563cb657a84940d13734f1bab06b7605bc630c6d93bd59556fab96ca6bbcddf2de8a7b0c6d6f2a17c8210f51815dcf68e06b27e7ff9be0c533dc33b9f02c9b092bca1ebc7acf08bbb37571fba7a9015689aa1e1904f593816871c281aee7a2f8858fab4ada39d899f6ae3d087e27a5dcbbcedee3c9bb029d898bad8c86f31ce76f9811efca317c35167354d231640a602b28109906788c43256418ce320f4322b993b409961927f8df0d85785f6d004029dce826451a1904d6e211c2197da5acb340cd9a21daef91269ec5d735290743d58d98d8dd7f6f4ff7a5773d116a398124bf82c59072cffc9cf110"}, &(0x7f0000000d40)={0x0, 0xa, 0x1, 0xf7}, &(0x7f0000000d80)={0x0, 0x8, 0x1, 0x2}, &(0x7f0000000dc0)={0x20, 0x81, 0x1, '^'}, &(0x7f0000000e00)={0x20, 0x82, 0x1, "b6"}, &(0x7f0000000e40)={0x20, 0x83, 0x3, "9bc0ad"}, &(0x7f0000000e80)={0x20, 0x84, 0x3, "67c39d"}, &(0x7f0000000ec0)={0x20, 0x85, 0x3, "3771b5"}}) (async)
syz_usb_control_io(r7, &(0x7f00000011c0)={0x2c, &(0x7f0000000f40)={0x20, 0x22, 0x36, {0x36, 0x6, "a07e25433c3d0eb7235f099fdd5a689d2940fa2e1636a693067868b6c0c6b84069ece99acd16900795933124d2cca3bdc223e2c8"}}, &(0x7f0000001000)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x41d}}, &(0x7f0000001040)={0x0, 0xf, 0x86, {0x5, 0xf, 0x86, 0x4, [@ptm_cap={0x3}, @generic={0x5f, 0x10, 0x1, "def09ec1f35237a701d909828450a1da1bcd4145df2f593c9d0f1b185190a8dacbf175dc2d8097d645426513f4be85cdbe1aaf014001cdfda294877a6a78d9e3f0c46e865a429f8fff862c3a9eba5134182bfefcaceac843a67bc137"}, @wireless={0xb, 0x10, 0x1, 0x2, 0x60, 0x37, 0xfb, 0x3a, 0xf8}, @ss_container_id={0x14, 0x10, 0x4, 0x1, "15a1837e1a8d4f4588f31f246a3419b7"}]}}, 0x0, 0x0}, &(0x7f0000001640)={0x84, &(0x7f0000001200)={0x40, 0x11, 0x68, "a49b2955625123b9f5885dec0b3c18bd187251efa76697dacb182cc66f718a80dee6126c6753cfac7a8526c97c50e368c3c40132b8538a397ecb86b1e1f0d836834ce34df227f31571246c2ac43e3539c1b6f67957e57f2607c3f5c4e3fa5ef82ca905086e1fd178"}, 0x0, &(0x7f00000012c0)={0x0, 0x8, 0x1, 0x31}, &(0x7f0000001300)={0x20, 0x0, 0x4, {0x2, 0x3}}, &(0x7f0000001340)={0x20, 0x0, 0x8, {0x0, 0x20, [0xf0f0]}}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0)={0x40, 0x17, 0x6, @broadcast}, 0x0, &(0x7f0000001540)={0x40, 0x1a, 0x2, 0x5}, &(0x7f0000001580)={0x40, 0x1c, 0x1, 0x10}, 0x0, 0x0}) (async)
syz_clone(0x1228000, 0x0, 0xfffffffffffffdad, 0x0, 0x0, 0x0) (async)
r9 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x211000, 0x1000}, 0x20) (async)
fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, 0x0, 0x0, 0xffffffffffffffff)
sendmsg$netlink(r9, 0x0, 0x4000080) (async)
r10 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$inet6_buf(r10, 0x29, 0x6, 0x0, 0x0) (async)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r11)
sendmsg$TIPC_CMD_SET_LINK_PRI(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="0100000000000000000001000000000000000c410000004c0014ffffffee62726f6164636173742d6c696e6b00000000"], 0x68}}, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0) (async)
syz_ublk_setup_queues(r1, r6, &(0x7f0000000200)={0x0, 0x1807, 0x13200, 0x0, 0xb2}, &(0x7f00000005c0)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0xf0b6, 0x200, 0x3, 0x3ab}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x7682, 0x20000, 0x0, 0x2000008}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x97bb, 0x10, 0x2, 0x902c4, 0x0, r1}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x3a0a, 0x100, 0x1, 0x218, 0x0, r1}}], 0x4, &(0x7f0000001540)={0x2e, 0x6, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x1, {0x6}, 0x0, r5, '\x00', {0x3, 0x48b, 0x0, 0x0}}, 0x0)

385.282427ms ago: executing program 2 (id=1447):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) (async)
setpgid(r0, r0) (async)
ptrace$pokeuser(0x6, r0, 0x0, 0xe9a) (async)
syz_usb_connect$uac1(0x5, 0x9c, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0})

274.873861ms ago: executing program 1 (id=1448):
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f0000000140)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)}]}}], 0x1, 0xc0)
pidfd_send_signal(0xffffffffffffffff, 0x2d, 0x0, 0x1000000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x503100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x8, 0x7, 0x4000000000000e51, 0xfffffffffffffffe, 0x5479, 0x1035, 0x200000000006, 0x0, 0x5, 0xfffffffffffffffc, 0xffffffff, 0xbf4, 0xfff, 0x808000000000005, 0x800000068], 0x2000, 0x80cd4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

266.952211ms ago: executing program 1 (id=1449):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x2982, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303000000000000000000000100000800010001"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)={0x20, 0x3, 0x3, 0x5, 0x0, 0x0, {0x2}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffb, 0x100}}]}, 0x20}, 0x1, 0x0, 0x0, 0x94f7cfd7d57de2ec}, 0x0)
close(0x3)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x1, 0x4, 0x101, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFULA_CFG_CMD={0x5, 0x1, 0x2}, @NFULA_CFG_CMD={0x5, 0x1, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x44080)

214.066843ms ago: executing program 1 (id=1450):
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80, 0x8)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @none, 0x0, 0x2}, 0xe)
listen(r0, 0xa1)
write$tun(0xffffffffffffffff, 0x0, 0x107c)
r1 = syz_io_uring_complete(0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000000)={'#! ', './file0', [{0x20, ':'}, {0x20, '^-#%*.@--{])-\x89]'}, {0x20, '.),'}, {}, {}, {}, {0x20, '\x87{,\x1c*'}], 0xa, "ea831442cf041d2c764af93205c7cabaaddf682b35dabc3eb0cc597295f1d8b551b3cb31e1e0d847074470af7787f095473c31a3b4c47ccef976cd86f5e601f818c8eb9dc25adcb2674771a22c7c07a1e196b4dc24793c465f3e4fad369a0ce4bef31d374d03387bc4da722e4dc7dcdbcae6bcf79e059bd364e8deb7bebfe3f997cdd56314cec7fc4454ff1fbad7a6d30b2340413103685e27ac6924c4ad9fdb394e54fef7c26ae82dcadf7768a22d48df7d87d7e2b52c781f76cff72a52be9dbc5a5899f8730629ef64648d5841b24d0d8dd47b303f3e93075bbd9e4a6b9f10e2cc2b462b0de31c6d"}, 0x113)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000200)={0x1, 0x8, 0x9, 0x37, 0x7, 0x4, 0x9}, 0xc)
syz_usb_connect$uac3(0x3, 0xa5, &(0x7f0000000140)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x4b4, 0x931b, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x93, 0x3, 0x1, 0x7f, 0x60, 0x11, {0x8, 0xb, 0x0, 0x3, 0x1, 0x1, 0x30, 0xd3}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x9, 0x2f, 0x77e}, [@selector_unit={0x5, 0x24, 0xc, 0x8}, @processing_unit={0xd, 0x24, 0x9, 0x3, 0x3, [0x0, 0x1]}, @output_terminal={0x13, 0x24, 0x3, 0x1, 0x304, 0x4, 0x3, 0x1, 0x8, 0x1, 0xfffa, 0x1}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x4, 0x1, 0x29, {0xa, 0x25, 0x25, 0x40004, 0x5, 0x15}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x8, 0x80, 0x3, {0xa, 0x25, 0x25, 0x2000001, 0xb, 0x200}}}}}}}}]}}, 0x0)

67.830898ms ago: executing program 0 (id=1451):
memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x3)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

0s ago: executing program 0 (id=1452):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000006780), r0)
sendmsg$TIPC_NL_MON_GET(r0, &(0x7f0000006ac0)={0x0, 0x0, &(0x7f0000006a80)={&(0x7f00000067c0)={0x14, r1, 0x1, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x8000)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000043000100000000000000000002004000140001"], 0x28}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x80, r1, 0x180, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0x6c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x40}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x4000}, 0x80)

0s ago: executing program 0 (id=1453):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
poll(0xfffffffffffffffd, 0x0, 0x8)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x2})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x42082)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, &(0x7f0000000040)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_STOP(r5, 0x54a1)
r6 = dup3(r4, r3, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_handle={0x77682a85, 0x100, 0x2}, @fd={0x66642a85, 0x0, r2}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

313][  T323] hid-generic 0006:FFFF65E8:7FFFFFFF.002A: unknown main item tag 0x0
[  152.595071][  T323] hid-generic 0006:FFFF65E8:7FFFFFFF.002A: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  152.613382][ T3391] fido_id[3391]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  152.953468][ T3390] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  152.962012][ T3390] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  152.970909][  T373] hub 3-1:0.0: hub_ext_port_status failed (err = -71)
[  152.971015][  T323] usb 3-1: USB disconnect, device number 69
[  153.089572][   T36] audit: type=1326 audit(150.663:11859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3404 comm="syz.0.1102" exe="/root/ci2-android-6-12-rust/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb52d99ce59 code=0x0
[  153.148432][   T36] audit: type=1400 audit(150.729:11860): avc:  denied  { associate } for  pid=3408 comm="syz.1.1101" name="core" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  153.174852][   T36] audit: type=1400 audit(150.748:11861): avc:  denied  { read } for  pid=3409 comm="syz.3.1103" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  153.306260][   T36] audit: type=1400 audit(150.879:11862): avc:  denied  { map } for  pid=3418 comm="syz.3.1106" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  153.659720][ T3422] FAULT_INJECTION: forcing a failure.
[  153.659720][ T3422] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  153.673057][ T3422] CPU: 0 UID: 0 PID: 3422 Comm: syz.2.1107 Not tainted syzkaller #0 29c6904b08c3b1e8518f4116e2e8016f6159917e
[  153.673080][ T3422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  153.673087][ T3422] Call Trace:
[  153.673092][ T3422]  <TASK>
[  153.673103][ T3422]  __dump_stack+0x21/0x30
[  153.673122][ T3422]  dump_stack_lvl+0x140/0x1c0
[  153.673136][ T3422]  ? __cfi_dump_stack_lvl+0x10/0x10
[  153.673151][ T3422]  dump_stack+0x19/0x20
[  153.673164][ T3422]  should_fail_ex+0x3d7/0x530
[  153.673175][ T3422]  should_fail_alloc_page+0xec/0x110
[  153.673189][ T3422]  __alloc_pages_noprof+0x1c0/0x7e0
[  153.673203][ T3422]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  153.673217][ T3422]  ? mas_walk+0x3f7/0x650
[  153.673231][ T3422]  pte_alloc_one+0x92/0x530
[  153.673247][ T3422]  ? __cfi_pte_alloc_one+0x10/0x10
[  153.673257][ T3422]  ? rwsem_read_trylock+0x274/0x5b0
[  153.673273][ T3422]  ? downgrade_write+0x460/0x460
[  153.673288][ T3422]  __pte_alloc+0x79/0x440
[  153.673298][ T3422]  ? down_read+0x7f/0xe0
[  153.673311][ T3422]  ? __cfi___pte_alloc+0x10/0x10
[  153.673321][ T3422]  mfill_atomic_zeropage+0x755/0xc80
[  153.673332][ T3422]  ? __cfi_mfill_atomic_zeropage+0x10/0x10
[  153.673357][ T3422]  userfaultfd_ioctl+0x2a4e/0x4860
[  153.673369][ T3422]  ? __ia32_compat_sys_ioctl+0x920/0x920
[  153.673382][ T3422]  ? __cfi_userfaultfd_ioctl+0x10/0x10
[  153.673398][ T3422]  ? _parse_integer+0x2e/0x40
[  153.673414][ T3422]  ? ioctl_has_perm+0x39a/0x500
[  153.673425][ T3422]  ? proc_fail_nth_write+0x184/0x220
[  153.673439][ T3422]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  153.673453][ T3422]  ? selinux_file_ioctl+0x732/0x1480
[  153.673468][ T3422]  ? vfs_write+0x9a4/0xf90
[  153.673479][ T3422]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  153.673495][ T3422]  ? __cfi_vfs_write+0x10/0x10
[  153.673566][ T3422]  ? __kasan_check_write+0x18/0x20
[  153.673582][ T3422]  ? mutex_unlock+0x90/0x240
[  153.673602][ T3422]  ? __cfi_mutex_unlock+0x10/0x10
[  153.673617][ T3422]  ? __fget_files+0x2c5/0x340
[  153.673630][ T3422]  ? __fget_files+0x2c5/0x340
[  153.673642][ T3422]  ? bpf_lsm_file_ioctl+0xd/0x20
[  153.673655][ T3422]  ? security_file_ioctl+0x3e/0x110
[  153.673671][ T3422]  ? __cfi_userfaultfd_ioctl+0x10/0x10
[  153.673682][ T3422]  __se_sys_ioctl+0x132/0x1b0
[  153.673696][ T3422]  __x64_sys_ioctl+0x7f/0xa0
[  153.673714][ T3422]  x64_sys_call+0x1878/0x2ee0
[  153.673730][ T3422]  do_syscall_64+0x57/0xf0
[  153.673743][ T3422]  ? clear_bhb_loop+0x50/0xa0
[  153.673758][ T3422]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  153.673770][ T3422] RIP: 0033:0x7f494f59ce59
[  153.673781][ T3422] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  153.673790][ T3422] RSP: 002b:00007f495038d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  153.673802][ T3422] RAX: ffffffffffffffda RBX: 00007f494f815fa0 RCX: 00007f494f59ce59
[  153.673810][ T3422] RDX: 0000200000000140 RSI: 00000000c020aa04 RDI: 0000000000000003
[  153.673817][ T3422] RBP: 00007f495038d090 R08: 0000000000000000 R09: 0000000000000000
[  153.673824][ T3422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.673831][ T3422] R13: 00007f494f816038 R14: 00007f494f815fa0 R15: 00007ffd6749a148
[  153.673839][ T3422]  </TASK>
[  153.987940][ T3425] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  154.001846][ T3425] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  154.028608][ T3425] SELinux: ebitmap start bit (1048576) is beyond the end of the bitmap (1472)
[  154.038299][ T3425] SELinux: failed to load policy
[  154.448891][   T36] audit: type=1400 audit(151.949:11863): avc:  denied  { read } for  pid=3434 comm="syz.2.1112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  154.496188][   T36] audit: type=1400 audit(151.986:11864): avc:  denied  { create } for  pid=3436 comm="syz.2.1113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  154.585132][ T3440] rust_binder: Write failure EFAULT in pid:660
[  154.593640][ T3443] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  154.608811][ T3443] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.188226][ T3454] FAULT_INJECTION: forcing a failure.
[  155.188226][ T3454] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  155.201540][ T3454] CPU: 0 UID: 0 PID: 3454 Comm: syz.3.1120 Not tainted syzkaller #0 29c6904b08c3b1e8518f4116e2e8016f6159917e
[  155.201569][ T3454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  155.201580][ T3454] Call Trace:
[  155.201587][ T3454]  <TASK>
[  155.201594][ T3454]  __dump_stack+0x21/0x30
[  155.201620][ T3454]  dump_stack_lvl+0x140/0x1c0
[  155.201634][ T3454]  ? __cfi_dump_stack_lvl+0x10/0x10
[  155.201648][ T3454]  ? __kasan_check_write+0x18/0x20
[  155.201660][ T3454]  dump_stack+0x19/0x20
[  155.201673][ T3454]  should_fail_ex+0x3d7/0x530
[  155.201683][ T3454]  should_fail_alloc_page+0xec/0x110
[  155.201696][ T3454]  __alloc_pages_noprof+0x1c0/0x7e0
[  155.201710][ T3454]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  155.201724][ T3454]  ? __lruvec_stat_mod_folio+0x13f/0x1a0
[  155.201738][ T3454]  __folio_alloc_noprof+0x14/0x80
[  155.201752][ T3454]  shmem_mfill_atomic_pte+0x276/0x9e0
[  155.201764][ T3454]  ? __pte_alloc+0x1ae/0x440
[  155.201775][ T3454]  ? __cfi_shmem_mfill_atomic_pte+0x10/0x10
[  155.201787][ T3454]  mfill_atomic_zeropage+0x5da/0xc80
[  155.201797][ T3454]  ? __cfi_mfill_atomic_zeropage+0x10/0x10
[  155.201808][ T3454]  userfaultfd_ioctl+0x2a4e/0x4860
[  155.201820][ T3454]  ? __ia32_compat_sys_ioctl+0x920/0x920
[  155.201832][ T3454]  ? __cfi_userfaultfd_ioctl+0x10/0x10
[  155.201843][ T3454]  ? _parse_integer+0x2e/0x40
[  155.201859][ T3454]  ? ioctl_has_perm+0x39a/0x500
[  155.201869][ T3454]  ? proc_fail_nth_write+0x184/0x220
[  155.201883][ T3454]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  155.201897][ T3454]  ? selinux_file_ioctl+0x732/0x1480
[  155.201912][ T3454]  ? vfs_write+0x9a4/0xf90
[  155.201921][ T3454]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  155.201936][ T3454]  ? __cfi_vfs_write+0x10/0x10
[  155.201945][ T3454]  ? __kasan_check_write+0x18/0x20
[  155.201955][ T3454]  ? mutex_unlock+0x90/0x240
[  155.201967][ T3454]  ? __cfi_mutex_unlock+0x10/0x10
[  155.201981][ T3454]  ? __fget_files+0x2c5/0x340
[  155.201994][ T3454]  ? __fget_files+0x2c5/0x340
[  155.202005][ T3454]  ? bpf_lsm_file_ioctl+0xd/0x20
[  155.202019][ T3454]  ? security_file_ioctl+0x3e/0x110
[  155.202033][ T3454]  ? __cfi_userfaultfd_ioctl+0x10/0x10
[  155.202044][ T3454]  __se_sys_ioctl+0x132/0x1b0
[  155.202056][ T3454]  __x64_sys_ioctl+0x7f/0xa0
[  155.202067][ T3454]  x64_sys_call+0x1878/0x2ee0
[  155.202077][ T3454]  do_syscall_64+0x57/0xf0
[  155.202087][ T3454]  ? clear_bhb_loop+0x50/0xa0
[  155.202099][ T3454]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  155.202111][ T3454] RIP: 0033:0x7f13c299ce59
[  155.202121][ T3454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  155.202130][ T3454] RSP: 002b:00007f13c392c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  155.202143][ T3454] RAX: ffffffffffffffda RBX: 00007f13c2c15fa0 RCX: 00007f13c299ce59
[  155.202151][ T3454] RDX: 0000200000000140 RSI: 00000000c020aa04 RDI: 0000000000000003
[  155.202158][ T3454] RBP: 00007f13c392c090 R08: 0000000000000000 R09: 0000000000000000
[  155.202165][ T3454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.202172][ T3454] R13: 00007f13c2c16038 R14: 00007f13c2c15fa0 R15: 00007ffd189a7228
[  155.202181][ T3454]  </TASK>
[  155.796237][ T3467] sit0: entered promiscuous mode
[  155.802538][ T3467] netlink: 'syz.0.1124': attribute type 1 has an invalid length.
[  155.819081][ T3467] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1124'.
[  155.840318][  T373] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[  155.985794][   T36] audit: type=1326 audit(153.384:11865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  156.001595][  T373] usb 3-1: unable to get BOS descriptor or descriptor too short
[  156.010487][   T36] audit: type=1326 audit(153.384:11866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  156.019092][  T373] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  156.043053][   T36] audit: type=1326 audit(153.384:11867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  156.057600][  T373] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  156.086406][  T373] usb 3-1: too many endpoints for config 1 interface 1 altsetting 76: 188, using maximum allowed: 30
[  156.094107][   T36] audit: type=1326 audit(153.384:11868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  156.099424][  T373] usb 3-1: config 1 interface 1 altsetting 76 has 0 endpoint descriptors, different from the interface descriptor's value: 188
[  156.192040][  T373] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  156.203003][  T373] usb 3-1: config 1 interface 1 has no altsetting 0
[  156.212912][  T373] usb 3-1: string descriptor 0 read error: -22
[  156.219194][  T373] usb 3-1: New USB device found, idVendor=21b4, idProduct=0081, bcdDevice= 0.40
[  156.228257][  T373] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.458555][  T323] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[  156.508042][ T3464] SELinux: ebitmap start bit (1048576) is beyond the end of the bitmap (1472)
[  156.529870][ T3464] SELinux: failed to load policy
[  156.535784][  T373] usb 3-1: 2:0: failed to get current value for ch 0 (-71)
[  156.547757][  T373] usb 3-1: 2:0: cannot get min/max values for control 2 (id 2)
[  156.570924][  T373] usb 3-1: USB disconnect, device number 70
[  156.629064][  T323] usb 2-1: Using ep0 maxpacket: 8
[  156.635656][  T323] usb 2-1: config 0 interface 0 altsetting 144 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.647420][  T323] usb 2-1: config 0 interface 0 altsetting 144 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.666832][  T323] usb 2-1: config 0 interface 0 has no altsetting 0
[  156.674177][  T323] usb 2-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[  156.683499][  T323] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.695477][  T323] usb 2-1: config 0 descriptor??
[  157.132516][  T323] smartjoyplus 0003:6666:8804.002B: unknown main item tag 0xe
[  157.152988][  T323] smartjoyplus 0003:6666:8804.002B: item fetching failed at offset 4/5
[  157.174049][  T323] smartjoyplus 0003:6666:8804.002B: parse failed
[  157.193621][  T323] smartjoyplus 0003:6666:8804.002B: probe with driver smartjoyplus failed with error -22
[  157.343356][ T3480] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.358250][ T3480] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.360112][ T3497] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.398699][ T3480] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.399518][ T3497] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.415129][ T3480] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.439429][  T323] usb 2-1: USB disconnect, device number 82
[  157.569419][ T3502] FAULT_INJECTION: forcing a failure.
[  157.569419][ T3502] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  157.587292][ T3502] CPU: 0 UID: 0 PID: 3502 Comm: syz.1.1134 Not tainted syzkaller #0 29c6904b08c3b1e8518f4116e2e8016f6159917e
[  157.587318][ T3502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  157.587329][ T3502] Call Trace:
[  157.587336][ T3502]  <TASK>
[  157.587343][ T3502]  __dump_stack+0x21/0x30
[  157.587369][ T3502]  dump_stack_lvl+0x140/0x1c0
[  157.587390][ T3502]  ? __cfi_dump_stack_lvl+0x10/0x10
[  157.587411][ T3502]  ? check_stack_object+0x12b/0x150
[  157.587429][ T3502]  dump_stack+0x19/0x20
[  157.587448][ T3502]  should_fail_ex+0x3d7/0x530
[  157.587464][ T3502]  should_fail+0xf/0x20
[  157.587478][ T3502]  should_fail_usercopy+0x1e/0x30
[  157.587494][ T3502]  _copy_to_user+0x24/0xa0
[  157.587512][ T3502]  simple_read_from_buffer+0xed/0x160
[  157.587533][ T3502]  proc_fail_nth_read+0x1aa/0x220
[  157.587555][ T3502]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  157.587575][ T3502]  ? bpf_lsm_file_permission+0xd/0x20
[  157.587595][ T3502]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  157.587615][ T3502]  vfs_read+0x289/0xcb0
[  157.587630][ T3502]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  157.587654][ T3502]  ? __cfi_vfs_read+0x10/0x10
[  157.587669][ T3502]  ? __kasan_check_write+0x18/0x20
[  157.587688][ T3502]  ? mutex_lock+0x97/0x1d0
[  157.587707][ T3502]  ? __cfi_mutex_lock+0x10/0x10
[  157.587725][ T3502]  ? __fget_files+0x2c5/0x340
[  157.587745][ T3502]  ksys_read+0x145/0x260
[  157.587761][ T3502]  ? __cfi_ksys_read+0x10/0x10
[  157.587777][ T3502]  ? __kasan_check_read+0x15/0x20
[  157.587792][ T3502]  __x64_sys_read+0x7f/0x90
[  157.587808][ T3502]  x64_sys_call+0x2638/0x2ee0
[  157.587824][ T3502]  do_syscall_64+0x57/0xf0
[  157.587839][ T3502]  ? clear_bhb_loop+0x50/0xa0
[  157.587858][ T3502]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  157.587876][ T3502] RIP: 0033:0x7fec8e35d68e
[  157.587891][ T3502] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  157.587906][ T3502] RSP: 002b:00007fec8f281fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  157.587924][ T3502] RAX: ffffffffffffffda RBX: 00007fec8f2826c0 RCX: 00007fec8e35d68e
[  157.587937][ T3502] RDX: 000000000000000f RSI: 00007fec8f2820a0 RDI: 0000000000000004
[  157.587948][ T3502] RBP: 00007fec8f282090 R08: 0000000000000000 R09: 0000000000000000
[  157.587960][ T3502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.587970][ T3502] R13: 00007fec8e616038 R14: 00007fec8e615fa0 R15: 00007ffea93d9598
[  157.587984][ T3502]  </TASK>
[  157.835686][  T373] usb 3-1: new low-speed USB device number 71 using dummy_hcd
[  157.943130][ T3511] usb usb7: usbfs: process 3511 (syz.1.1136) did not claim interface 4 before use
[  158.015726][  T373] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  158.023329][  T373] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  158.034324][  T373] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  158.046782][  T373] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  158.058392][  T373] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  158.070209][  T373] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  158.077677][  T373] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  158.089640][  T373] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  158.107312][  T373] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  158.121498][  T373] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  158.133877][  T373] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  158.141280][  T373] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  158.153357][  T373] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  158.165457][  T373] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  158.177024][  T373] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  158.190802][  T373] usb 3-1: string descriptor 0 read error: -22
[  158.197330][  T373] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  158.206843][  T373] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.334448][  T323] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[  158.423928][   T36] kauditd_printk_skb: 14916 callbacks suppressed
[  158.423947][   T36] audit: type=1326 audit(155.664:26785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  158.456521][  T373] usb 3-1: USB disconnect, device number 71
[  158.465324][   T36] audit: type=1326 audit(155.673:26786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  158.490794][   T36] audit: type=1326 audit(155.673:26787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  158.515547][   T36] audit: type=1326 audit(155.673:26788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  158.544933][ T3526] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=276 sclass=netlink_tcpdiag_socket pid=3526 comm=syz.0.1142
[  158.546029][   T36] audit: type=1326 audit(155.673:26789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  158.561596][  T323] usb 2-1: unable to get BOS descriptor or descriptor too short
[  158.590083][   T36] audit: type=1326 audit(155.673:26790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  158.612545][  T323] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  158.625202][  T323] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  158.632887][   T36] audit: type=1326 audit(155.673:26791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  158.634382][  T323] usb 2-1: too many endpoints for config 1 interface 1 altsetting 76: 188, using maximum allowed: 30
[  158.659341][   T36] audit: type=1326 audit(155.673:26792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  158.694984][   T36] audit: type=1326 audit(155.673:26793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  158.705392][  T323] usb 2-1: config 1 interface 1 altsetting 76 has 0 endpoint descriptors, different from the interface descriptor's value: 188
[  158.719804][   T36] audit: type=1326 audit(155.673:26794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3476 comm="syz.3.1127" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c299ce59 code=0x50000
[  158.754625][  T323] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  158.785698][  T323] usb 2-1: config 1 interface 1 has no altsetting 0
[  158.802487][  T323] usb 2-1: string descriptor 0 read error: -22
[  158.810731][ T3531] tipc: Enabled bearer <udp:syz2>, priority 10
[  158.811250][  T323] usb 2-1: New USB device found, idVendor=21b4, idProduct=0081, bcdDevice= 0.40
[  158.835392][  T323] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.946801][ T3533] No source specified
[  159.111343][ T3520] SELinux: ebitmap start bit (1048576) is beyond the end of the bitmap (1472)
[  159.125152][ T3520] SELinux: failed to load policy
[  159.131411][  T323] usb 2-1: 2:0: failed to get current value for ch 0 (-71)
[  159.141238][  T323] usb 2-1: 2:0: cannot get min/max values for control 2 (id 2)
[  159.175206][  T323] usb 2-1: USB disconnect, device number 83
[  159.442992][  T373] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[  159.602855][  T373] usb 4-1: Using ep0 maxpacket: 8
[  159.609089][  T373] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 239, changing to 11
[  159.620347][  T373] usb 4-1: New USB device found, idVendor=056a, idProduct=00c6, bcdDevice= 0.00
[  159.629418][  T373] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.638106][  T373] usb 4-1: config 0 descriptor??
[  159.866248][ T3557] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  159.874815][ T3557] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  159.943939][  T323] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[  159.997704][  T829] tipc: Node number set to 1697541503
[  160.003882][ T3559] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2816 sclass=netlink_route_socket pid=3559 comm=syz.2.1155
[  160.078295][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.085474][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.092345][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.099663][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.106643][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.113557][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.115538][  T323] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.120544][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.138262][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.140597][  T323] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  160.146534][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.155258][  T323] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  160.164588][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.175522][  T323] usb 2-1: New USB device found, idVendor=054c, idProduct=09cc, bcdDevice= 0.00
[  160.181673][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.191163][  T323] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.197700][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.209463][  T323] usb 2-1: config 0 descriptor??
[  160.212662][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.224484][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.231460][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.238589][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.245808][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.252709][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.259716][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.266667][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.274271][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.281320][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.288248][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.295223][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.298207][ T3544] netlink: 'syz.3.1150': attribute type 32 has an invalid length.
[  160.302369][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.317581][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.324452][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.331412][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.338328][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.345236][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.352207][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.359113][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.366027][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.373020][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.379949][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.386860][  T373] wacom 0003:056A:00C6.002C: unknown main item tag 0x0
[  160.394753][  T373] wacom 0003:056A:00C6.002C: hidraw0: USB HID v0.04 Device [HID 056a:00c6] on usb-dummy_hcd.3-1/input0
[  160.414118][  T373] usb 4-1: USB disconnect, device number 73
[  160.540829][  T337] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[  160.646624][  T323] playstation 0003:054C:09CC.002D: unknown main item tag 0x0
[  160.654089][  T323] playstation 0003:054C:09CC.002D: unknown main item tag 0x0
[  160.661657][  T323] playstation 0003:054C:09CC.002D: unknown main item tag 0x0
[  160.669265][  T323] playstation 0003:054C:09CC.002D: unknown main item tag 0x0
[  160.676688][  T323] playstation 0003:054C:09CC.002D: unknown main item tag 0x0
[  160.684129][  T337] usb 3-1: device descriptor read/64, error -71
[  160.690435][  T323] playstation 0003:054C:09CC.002D: unknown main item tag 0x0
[  160.698546][  T323] playstation 0003:054C:09CC.002D: hidraw0: USB HID vff.fd Device [HID 054c:09cc] on usb-dummy_hcd.1-1/input0
[  160.859346][  T323] playstation 0003:054C:09CC.002D: Invalid reportID received, expected 18 got 66
[  160.868746][  T323] playstation 0003:054C:09CC.002D: Failed to retrieve DualShock4 pairing info: -22
[  160.878078][  T323] playstation 0003:054C:09CC.002D: Failed to get MAC address from DualShock4
[  160.886956][  T323] playstation 0003:054C:09CC.002D: Failed to create dualshock4.
[  160.895331][  T323] playstation 0003:054C:09CC.002D: probe with driver playstation failed with error -22
[  160.956551][  T337] usb 3-1: device descriptor read/64, error -71
[  161.079620][ T3551] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  161.088825][ T3551] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  161.097338][  T373] usb 2-1: USB disconnect, device number 84
[  161.169606][ T3585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  161.178326][ T3585] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  161.222975][  T337] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[  161.359461][ T3588] overlayfs: conflicting lowerdir path
[  161.361531][  T337] usb 3-1: device descriptor read/64, error -71
[  161.414873][  T829] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[  161.553409][  T829] usb 4-1: device descriptor read/64, error -71
[  161.617362][  T337] usb 3-1: device descriptor read/64, error -71
[  161.647496][ T3594] ublk_ctrl_add_dev: dev id not match 4294967295 32769
[  161.735185][  T337] usb usb3-port1: attempt power cycle
[  161.820083][  T829] usb 4-1: device descriptor read/64, error -71
[  161.958464][  T373] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[  162.075674][  T829] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[  162.107651][  T337] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[  162.119734][  T373] usb 2-1: unable to get BOS descriptor or descriptor too short
[  162.130060][  T337] usb 3-1: device descriptor read/8, error -71
[  162.130387][  T373] usb 2-1: string descriptor 0 read error: -22
[  162.142625][  T373] usb 2-1: New USB device found, idVendor=1235, idProduct=8002, bcdDevice= 0.40
[  162.151815][  T373] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.163817][  T373] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  162.214251][  T829] usb 4-1: device descriptor read/64, error -71
[  162.268603][  T337] usb 3-1: device descriptor read/8, error -71
[  162.297921][ T3596] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  162.306557][ T3596] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  162.389421][  T373] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -71
[  162.392255][  T508] udevd[508]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  162.400640][  T373] usb 2-1: USB disconnect, device number 85
[  162.491371][  T829] usb 4-1: device descriptor read/64, error -71
[  162.523355][  T337] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[  162.545713][  T337] usb 3-1: device descriptor read/8, error -71
[  162.608710][  T829] usb usb4-port1: attempt power cycle
[  162.684213][  T337] usb 3-1: device descriptor read/8, error -71
[  162.800622][  T337] usb usb3-port1: unable to enumerate USB device
[  162.865050][ T3598] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  162.873639][ T3598] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  162.971005][  T829] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[  162.993358][  T829] usb 4-1: device descriptor read/8, error -71
[  163.132022][  T829] usb 4-1: device descriptor read/8, error -71
[  163.269470][  T337] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[  163.386687][  T829] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[  163.409188][  T829] usb 4-1: device descriptor read/8, error -71
[  163.439974][  T337] usb 2-1: Using ep0 maxpacket: 32
[  163.446364][  T337] usb 2-1: config 0 has an invalid interface number: 188 but max is 0
[  163.454927][  T337] usb 2-1: config 0 has no interface number 0
[  163.461319][  T337] usb 2-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  163.473717][  T337] usb 2-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  163.482995][  T337] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.491689][  T337] usb 2-1: Product: syz
[  163.499960][  T337] usb 2-1: Manufacturer: syz
[  163.504609][  T337] usb 2-1: SerialNumber: syz
[  163.514684][  T337] usb 2-1: config 0 descriptor??
[  163.520380][ T3603] raw-gadget.4 gadget.1: fail, usb_ep_enable returned -22
[  163.548103][  T829] usb 4-1: device descriptor read/8, error -71
[  163.657415][ T3622] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1178'.
[  163.664049][  T829] usb usb4-port1: unable to enumerate USB device
[  163.742171][ T3603] raw-gadget.4 gadget.1: fail, usb_ep_enable returned -22
[  163.753190][  T337] asix 2-1:0.188: probe with driver asix failed with error -71
[  163.764726][  T337] usb 2-1: USB disconnect, device number 86
[  163.908958][  T373] usb 3-1: new full-speed USB device number 76 using dummy_hcd
[  163.935926][ T3642] netlink: 'syz.0.1183': attribute type 27 has an invalid length.
[  163.957849][ T3644] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  163.967139][ T3644] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  164.069940][  T373] usb 3-1: unable to get BOS descriptor set
[  164.076276][  T373] usb 3-1: not running at top speed; connect to a high speed hub
[  164.084764][  T373] usb 3-1: config 1 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  164.097716][  T373] usb 3-1: config 1 interface 0 has no altsetting 0
[  164.105894][  T373] usb 3-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[  164.115090][  T373] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.123114][  T373] usb 3-1: Product: syz
[  164.127355][  T373] usb 3-1: Manufacturer: syz
[  164.131967][  T373] usb 3-1: SerialNumber: syz
[  164.354826][  T373] usb 3-1: USB disconnect, device number 76
[  164.500145][ T3661] FAULT_INJECTION: forcing a failure.
[  164.500145][ T3661] name failslab, interval 1, probability 0, space 0, times 0
[  164.515068][ T3661] CPU: 0 UID: 0 PID: 3661 Comm: syz.3.1190 Not tainted syzkaller #0 29c6904b08c3b1e8518f4116e2e8016f6159917e
[  164.515101][ T3661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  164.515113][ T3661] Call Trace:
[  164.515119][ T3661]  <TASK>
[  164.515127][ T3661]  __dump_stack+0x21/0x30
[  164.515156][ T3661]  dump_stack_lvl+0x140/0x1c0
[  164.515178][ T3661]  ? __cfi_dump_stack_lvl+0x10/0x10
[  164.515199][ T3661]  dump_stack+0x19/0x20
[  164.515219][ T3661]  should_fail_ex+0x3d7/0x530
[  164.515256][ T3661]  should_failslab+0xac/0x100
[  164.515277][ T3661]  kmem_cache_alloc_node_noprof+0x45/0x420
[  164.515297][ T3661]  ? dup_task_struct+0xc1/0xd80
[  164.515320][ T3661]  ? kasan_save_alloc_info+0x40/0x50
[  164.515346][ T3661]  ? __kasan_kmalloc+0x96/0xb0
[  164.515367][ T3661]  ? __kmalloc_cache_noprof+0x23c/0x470
[  164.515386][ T3661]  dup_task_struct+0xc1/0xd80
[  164.515408][ T3661]  ? __kasan_check_write+0x18/0x20
[  164.515466][ T3661]  ? _raw_spin_lock_irq+0x93/0x120
[  164.515493][ T3661]  ? copy_process+0x32a0/0x32a0
[  164.515514][ T3661]  ? __kasan_check_write+0x18/0x20
[  164.515531][ T3661]  copy_process+0x55a/0x32a0
[  164.515589][ T3661]  ? __cfi_copy_process+0x10/0x10
[  164.515611][ T3661]  ? __kmalloc_cache_noprof+0x23c/0x470
[  164.515630][ T3661]  ? __kasan_check_write+0x18/0x20
[  164.515649][ T3661]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  164.515672][ T3661]  vhost_task_create+0x1f7/0x400
[  164.515692][ T3661]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  164.515715][ T3661]  ? __cfi_vhost_task_create+0x10/0x10
[  164.515735][ T3661]  ? __cfi_vhost_task_fn+0x10/0x10
[  164.515755][ T3661]  ? __kasan_check_write+0x18/0x20
[  164.515773][ T3661]  ? mutex_lock+0x97/0x1d0
[  164.515793][ T3661]  ? __cfi_mutex_lock+0x10/0x10
[  164.515813][ T3661]  ? kernel_text_address+0xa9/0xe0
[  164.515838][ T3661]  kvm_mmu_post_init_vm+0x161/0x300
[  164.515864][ T3661]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[  164.515890][ T3661]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  164.515914][ T3661]  ? kstrtoull+0x13b/0x1e0
[  164.515938][ T3661]  ? kstrtouint+0x78/0xf0
[  164.515961][ T3661]  ? ioctl_has_perm+0x1bc/0x500
[  164.515977][ T3661]  ? __asan_memcpy+0x5a/0x80
[  164.515994][ T3661]  ? ioctl_has_perm+0x408/0x500
[  164.516012][ T3661]  ? has_cap_mac_admin+0xd0/0xd0
[  164.516030][ T3661]  ? __kasan_check_write+0x18/0x20
[  164.516045][ T3661]  ? mutex_lock_killable+0x97/0x1d0
[  164.516068][ T3661]  ? __cfi_mutex_lock_killable+0x10/0x10
[  164.516089][ T3661]  ? proc_fail_nth_write+0x184/0x220
[  164.516115][ T3661]  kvm_vcpu_ioctl+0xa48/0x1000
[  164.516135][ T3661]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  164.516154][ T3661]  ? __cfi_vfs_write+0x10/0x10
[  164.516173][ T3661]  ? __kasan_check_write+0x18/0x20
[  164.516191][ T3661]  ? mutex_unlock+0x90/0x240
[  164.516213][ T3661]  ? __cfi_mutex_unlock+0x10/0x10
[  164.516234][ T3661]  ? __fget_files+0x2c5/0x340
[  164.516256][ T3661]  ? __fget_files+0x2c5/0x340
[  164.516276][ T3661]  ? bpf_lsm_file_ioctl+0xd/0x20
[  164.516299][ T3661]  ? security_file_ioctl+0x3e/0x110
[  164.516324][ T3661]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  164.516342][ T3661]  __se_sys_ioctl+0x132/0x1b0
[  164.516367][ T3661]  __x64_sys_ioctl+0x7f/0xa0
[  164.516388][ T3661]  x64_sys_call+0x1878/0x2ee0
[  164.516407][ T3661]  do_syscall_64+0x57/0xf0
[  164.516425][ T3661]  ? clear_bhb_loop+0x50/0xa0
[  164.516447][ T3661]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  164.516464][ T3661] RIP: 0033:0x7f13c299ce59
[  164.516480][ T3661] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  164.516504][ T3661] RSP: 002b:00007f13c392c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  164.516525][ T3661] RAX: ffffffffffffffda RBX: 00007f13c2c15fa0 RCX: 00007f13c299ce59
[  164.516550][ T3661] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  164.516563][ T3661] RBP: 00007f13c392c090 R08: 0000000000000000 R09: 0000000000000000
[  164.516576][ T3661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.516589][ T3661] R13: 00007f13c2c16038 R14: 00007f13c2c15fa0 R15: 00007ffd189a7228
[  164.516604][ T3661]  </TASK>
[  164.527627][ T3664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  164.926368][ T3664] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  164.981755][ T3664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  164.990782][ T3664] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  164.999365][ T3664] SELinux:  policydb magic number 0x86 does not match expected magic number 0xf97cff8c
[  165.009125][ T3664] SELinux: failed to load policy
[  165.014943][ T3664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  165.023547][ T3664] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  165.177348][  T373] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[  165.214286][ T3674] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1196'.
[  165.337231][  T373] usb 2-1: Using ep0 maxpacket: 32
[  165.343847][  T373] usb 2-1: unable to get BOS descriptor or descriptor too short
[  165.351739][  T373] usb 2-1: too many configurations: 236, using maximum allowed: 8
[  165.360416][  T373] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.370749][  T373] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  165.384403][  T373] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.394545][  T373] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  165.408121][  T373] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.418251][  T373] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  165.431889][  T373] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.442040][  T373] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  165.455771][  T373] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.465927][  T373] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  165.479719][  T373] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.489877][  T373] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  165.503998][  T373] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.514186][  T373] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  165.529508][  T373] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.539621][  T373] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  165.554057][  T373] usb 2-1: New USB device found, idVendor=0582, idProduct=0456, bcdDevice= 0.41
[  165.563201][  T373] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.571212][  T373] usb 2-1: Product: syz
[  165.575602][  T373] usb 2-1: Manufacturer: syz
[  165.580230][  T373] usb 2-1: SerialNumber: syz
[  165.660240][ T3683] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  165.668895][ T3683] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  165.934125][  T337] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[  166.064996][ T3687] erofs: (device loop3): erofs_read_superblock: cannot find valid erofs superblock
[  166.087309][   T36] kauditd_printk_skb: 3439 callbacks suppressed
[  166.087327][   T36] audit: type=1400 audit(162.869:30234): avc:  denied  { create } for  pid=3689 comm="syz.3.1202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  166.114283][  T337] usb 3-1: Using ep0 maxpacket: 32
[  166.120509][  T337] usb 3-1: config 32 has an invalid interface number: 85 but max is 0
[  166.128725][  T337] usb 3-1: config 32 has no interface number 0
[  166.134896][  T337] usb 3-1: config 32 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  166.146090][  T337] usb 3-1: config 32 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0
[  166.156625][  T337] usb 3-1: config 32 interface 85 has no altsetting 0
[  166.165793][  T337] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  166.174851][  T337] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.182851][  T337] usb 3-1: Product: syz
[  166.187012][  T337] usb 3-1: Manufacturer: syz
[  166.191616][  T337] usb 3-1: SerialNumber: syz
[  166.232132][ T3694] FAULT_INJECTION: forcing a failure.
[  166.232132][ T3694] name failslab, interval 1, probability 0, space 0, times 0
[  166.245023][ T3694] CPU: 0 UID: 0 PID: 3694 Comm: syz.0.1203 Not tainted syzkaller #0 29c6904b08c3b1e8518f4116e2e8016f6159917e
[  166.245054][ T3694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  166.245065][ T3694] Call Trace:
[  166.245072][ T3694]  <TASK>
[  166.245079][ T3694]  __dump_stack+0x21/0x30
[  166.245110][ T3694]  dump_stack_lvl+0x140/0x1c0
[  166.245133][ T3694]  ? __cfi_dump_stack_lvl+0x10/0x10
[  166.245157][ T3694]  dump_stack+0x19/0x20
[  166.245176][ T3694]  should_fail_ex+0x3d7/0x530
[  166.245191][ T3694]  should_failslab+0xac/0x100
[  166.245208][ T3694]  __kmalloc_cache_node_noprof+0x46/0x430
[  166.245224][ T3694]  ? kasan_save_track+0x4f/0x80
[  166.245241][ T3694]  ? __get_vm_area_node+0x14d/0x3d0
[  166.245263][ T3694]  ? __kasan_slab_alloc+0x73/0x90
[  166.245280][ T3694]  ? kmem_cache_alloc_node_noprof+0x1ca/0x420
[  166.245294][ T3694]  ? dup_task_struct+0xc1/0xd80
[  166.245313][ T3694]  __get_vm_area_node+0x14d/0x3d0
[  166.245332][ T3694]  __vmalloc_node_range_noprof+0x30e/0x1480
[  166.245352][ T3694]  ? copy_process+0x55a/0x32a0
[  166.245371][ T3694]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[  166.245396][ T3694]  ? kasan_save_alloc_info+0x40/0x50
[  166.245416][ T3694]  ? __kasan_slab_alloc+0x73/0x90
[  166.245431][ T3694]  ? arch_dup_task_struct+0x5b/0xe0
[  166.245452][ T3694]  ? __asan_memcpy+0x5a/0x80
[  166.245471][ T3694]  dup_task_struct+0x5d6/0xd80
[  166.245487][ T3694]  ? copy_process+0x55a/0x32a0
[  166.245504][ T3694]  ? _raw_spin_lock_irq+0x93/0x120
[  166.245522][ T3694]  ? copy_process+0x32a0/0x32a0
[  166.245541][ T3694]  ? __kasan_check_write+0x18/0x20
[  166.245555][ T3694]  copy_process+0x55a/0x32a0
[  166.245575][ T3694]  ? __cfi_copy_process+0x10/0x10
[  166.245591][ T3694]  ? __kmalloc_cache_noprof+0x23c/0x470
[  166.245606][ T3694]  ? __kasan_check_write+0x18/0x20
[  166.245620][ T3694]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  166.245638][ T3694]  vhost_task_create+0x1f7/0x400
[  166.245653][ T3694]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  166.245674][ T3694]  ? __cfi_vhost_task_create+0x10/0x10
[  166.245690][ T3694]  ? __cfi_vhost_task_fn+0x10/0x10
[  166.245705][ T3694]  ? __kasan_check_write+0x18/0x20
[  166.245718][ T3694]  ? mutex_lock+0x97/0x1d0
[  166.245735][ T3694]  ? __cfi_mutex_lock+0x10/0x10
[  166.245751][ T3694]  ? kernel_text_address+0xa9/0xe0
[  166.245771][ T3694]  kvm_mmu_post_init_vm+0x161/0x300
[  166.245791][ T3694]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[  166.245816][ T3694]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  166.245834][ T3694]  ? kstrtoull+0x13b/0x1e0
[  166.245853][ T3694]  ? kstrtouint+0x78/0xf0
[  166.245871][ T3694]  ? ioctl_has_perm+0x1bc/0x500
[  166.245885][ T3694]  ? __asan_memcpy+0x5a/0x80
[  166.245904][ T3694]  ? ioctl_has_perm+0x408/0x500
[  166.245917][ T3694]  ? has_cap_mac_admin+0xd0/0xd0
[  166.245931][ T3694]  ? __kasan_check_write+0x18/0x20
[  166.245947][ T3694]  ? mutex_lock_killable+0x97/0x1d0
[  166.245966][ T3694]  ? __cfi_mutex_lock_killable+0x10/0x10
[  166.245983][ T3694]  ? proc_fail_nth_write+0x184/0x220
[  166.246004][ T3694]  kvm_vcpu_ioctl+0xa48/0x1000
[  166.246020][ T3694]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  166.246034][ T3694]  ? __cfi_vfs_write+0x10/0x10
[  166.246049][ T3694]  ? __kasan_check_write+0x18/0x20
[  166.246062][ T3694]  ? mutex_unlock+0x90/0x240
[  166.246080][ T3694]  ? __cfi_mutex_unlock+0x10/0x10
[  166.246099][ T3694]  ? __fget_files+0x2c5/0x340
[  166.246116][ T3694]  ? __fget_files+0x2c5/0x340
[  166.246132][ T3694]  ? bpf_lsm_file_ioctl+0xd/0x20
[  166.246150][ T3694]  ? security_file_ioctl+0x3e/0x110
[  166.246170][ T3694]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  166.246183][ T3694]  __se_sys_ioctl+0x132/0x1b0
[  166.246200][ T3694]  __x64_sys_ioctl+0x7f/0xa0
[  166.246218][ T3694]  x64_sys_call+0x1878/0x2ee0
[  166.246234][ T3694]  do_syscall_64+0x57/0xf0
[  166.246249][ T3694]  ? clear_bhb_loop+0x50/0xa0
[  166.246266][ T3694]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  166.246282][ T3694] RIP: 0033:0x7fb52d99ce59
[  166.246295][ T3694] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  166.246307][ T3694] RSP: 002b:00007fb52e925028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  166.246324][ T3694] RAX: ffffffffffffffda RBX: 00007fb52dc15fa0 RCX: 00007fb52d99ce59
[  166.246336][ T3694] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  166.246345][ T3694] RBP: 00007fb52e925090 R08: 0000000000000000 R09: 0000000000000000
[  166.246356][ T3694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.246368][ T3694] R13: 00007fb52dc16038 R14: 00007fb52dc15fa0 R15: 00007ffcdf42a9b8
[  166.246381][ T3694]  </TASK>
[  166.246440][ T3694] syz.0.1203: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[  166.626854][  T337] usb 3-1: USB disconnect, device number 77
[  166.646425][ T3694] ,cpuset=syz0,mems_allowed=0
[  166.720109][ T3694] CPU: 1 UID: 0 PID: 3694 Comm: syz.0.1203 Not tainted syzkaller #0 29c6904b08c3b1e8518f4116e2e8016f6159917e
[  166.720137][ T3694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  166.720149][ T3694] Call Trace:
[  166.720155][ T3694]  <TASK>
[  166.720163][ T3694]  __dump_stack+0x21/0x30
[  166.720192][ T3694]  dump_stack_lvl+0x140/0x1c0
[  166.720215][ T3694]  ? __cfi_dump_stack_lvl+0x10/0x10
[  166.720239][ T3694]  dump_stack+0x19/0x20
[  166.720261][ T3694]  warn_alloc+0x1e7/0x2c0
[  166.720283][ T3694]  ? __kasan_kmalloc+0x28/0xb0
[  166.720303][ T3694]  ? __cfi_warn_alloc+0x10/0x10
[  166.720323][ T3694]  ? kasan_save_track+0x4f/0x80
[  166.720342][ T3694]  ? dup_task_struct+0xc1/0xd80
[  166.720364][ T3694]  ? __get_vm_area_node+0x3bd/0x3d0
[  166.720386][ T3694]  __vmalloc_node_range_noprof+0x333/0x1480
[  166.720415][ T3694]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[  166.720439][ T3694]  ? kasan_save_alloc_info+0x40/0x50
[  166.720463][ T3694]  ? __kasan_slab_alloc+0x73/0x90
[  166.720481][ T3694]  ? arch_dup_task_struct+0x5b/0xe0
[  166.720519][ T3694]  ? __asan_memcpy+0x5a/0x80
[  166.720537][ T3694]  dup_task_struct+0x5d6/0xd80
[  166.720558][ T3694]  ? copy_process+0x55a/0x32a0
[  166.720578][ T3694]  ? _raw_spin_lock_irq+0x93/0x120
[  166.720596][ T3694]  ? copy_process+0x32a0/0x32a0
[  166.720616][ T3694]  ? __kasan_check_write+0x18/0x20
[  166.720635][ T3694]  copy_process+0x55a/0x32a0
[  166.720657][ T3694]  ? __cfi_copy_process+0x10/0x10
[  166.720678][ T3694]  ? __kmalloc_cache_noprof+0x23c/0x470
[  166.720697][ T3694]  ? __kasan_check_write+0x18/0x20
[  166.720713][ T3694]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  166.720735][ T3694]  vhost_task_create+0x1f7/0x400
[  166.720755][ T3694]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  166.720775][ T3694]  ? __cfi_vhost_task_create+0x10/0x10
[  166.720796][ T3694]  ? __cfi_vhost_task_fn+0x10/0x10
[  166.720813][ T3694]  ? __kasan_check_write+0x18/0x20
[  166.720831][ T3694]  ? mutex_lock+0x97/0x1d0
[  166.720852][ T3694]  ? __cfi_mutex_lock+0x10/0x10
[  166.720870][ T3694]  ? kernel_text_address+0xa9/0xe0
[  166.720894][ T3694]  kvm_mmu_post_init_vm+0x161/0x300
[  166.720920][ T3694]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[  166.720944][ T3694]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  166.720967][ T3694]  ? kstrtoull+0x13b/0x1e0
[  166.720991][ T3694]  ? kstrtouint+0x78/0xf0
[  166.721012][ T3694]  ? ioctl_has_perm+0x1bc/0x500
[  166.721029][ T3694]  ? __asan_memcpy+0x5a/0x80
[  166.721045][ T3694]  ? ioctl_has_perm+0x408/0x500
[  166.721060][ T3694]  ? has_cap_mac_admin+0xd0/0xd0
[  166.721078][ T3694]  ? __kasan_check_write+0x18/0x20
[  166.721095][ T3694]  ? mutex_lock_killable+0x97/0x1d0
[  166.721119][ T3694]  ? __cfi_mutex_lock_killable+0x10/0x10
[  166.721139][ T3694]  ? proc_fail_nth_write+0x184/0x220
[  166.721164][ T3694]  kvm_vcpu_ioctl+0xa48/0x1000
[  166.721184][ T3694]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  166.721201][ T3694]  ? __cfi_vfs_write+0x10/0x10
[  166.721219][ T3694]  ? __kasan_check_write+0x18/0x20
[  166.721235][ T3694]  ? mutex_unlock+0x90/0x240
[  166.721255][ T3694]  ? __cfi_mutex_unlock+0x10/0x10
[  166.721275][ T3694]  ? __fget_files+0x2c5/0x340
[  166.721296][ T3694]  ? __fget_files+0x2c5/0x340
[  166.721315][ T3694]  ? bpf_lsm_file_ioctl+0xd/0x20
[  166.721334][  T373] usb 2-1: MIDIStreaming interface descriptor not found
[  166.721337][ T3694]  ? security_file_ioctl+0x3e/0x110
[  166.721362][ T3694]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  166.721375][ T3694]  __se_sys_ioctl+0x132/0x1b0
[  166.721395][ T3694]  __x64_sys_ioctl+0x7f/0xa0
[  166.721415][ T3694]  x64_sys_call+0x1878/0x2ee0
[  166.721433][ T3694]  do_syscall_64+0x57/0xf0
[  166.721451][ T3694]  ? clear_bhb_loop+0x50/0xa0
[  166.721472][ T3694]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  166.721492][ T3694] RIP: 0033:0x7fb52d99ce59
[  166.721518][ T3694] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  166.721534][ T3694] RSP: 002b:00007fb52e925028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  166.721554][ T3694] RAX: ffffffffffffffda RBX: 00007fb52dc15fa0 RCX: 00007fb52d99ce59
[  166.721568][ T3694] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  166.721579][ T3694] RBP: 00007fb52e925090 R08: 0000000000000000 R09: 0000000000000000
[  166.721591][ T3694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.721603][ T3694] R13: 00007fb52dc16038 R14: 00007fb52dc15fa0 R15: 00007ffcdf42a9b8
[  166.721619][ T3694]  </TASK>
[  166.721687][ T3694] Mem-Info:
[  166.759462][  T373] usb 2-1: USB disconnect, device number 87
[  166.763567][ T3694] active_anon:24904 inactive_anon:4 isolated_anon:0
[  166.763567][ T3694]  active_file:12193 inactive_file:12586 isolated_file:0
[  166.763567][ T3694]  unevictable:0 dirty:35 writeback:0
[  166.763567][ T3694]  slab_reclaimable:4522 slab_unreclaimable:71626
[  166.763567][ T3694]  mapped:25252 shmem:16614 pagetables:1202
[  166.763567][ T3694]  sec_pagetables:0 bounce:0
[  166.763567][ T3694]  kernel_misc_reclaimable:0
[  166.763567][ T3694]  free:1499658 free_pcp:1868 free_cma:0
[  167.193764][ T3701] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2130 sclass=netlink_route_socket pid=3701 comm=syz.2.1205
[  167.222691][ T3694] Node 0 active_anon:99704kB inactive_anon:16kB active_file:48772kB inactive_file:50344kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:101052kB dirty:140kB writeback:0kB shmem:66452kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7068kB pagetables:4736kB sec_pagetables:0kB all_unreclaimable? no
[  167.257697][ T3694] DMA32 free:2958164kB boost:0kB min:19080kB low:23848kB high:28616kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2963324kB mlocked:0kB bounce:0kB free_pcp:5160kB local_pcp:0kB free_cma:0kB
[  167.288714][ T3694] lowmem_reserve[]: 0 3921 3921
[  167.293583][ T3694] Normal free:3034308kB boost:0kB min:25972kB low:32464kB high:38956kB reserved_highatomic:0KB free_highatomic:0KB active_anon:99680kB inactive_anon:16kB active_file:48772kB inactive_file:50344kB unevictable:0kB writepending:140kB present:5242880kB managed:4015864kB mlocked:0kB bounce:0kB free_pcp:8728kB local_pcp:2688kB free_cma:0kB
[  167.325163][ T3694] lowmem_reserve[]: 0 0 0
[  167.329552][ T3694] DMA32: 5*4kB (M) 4*8kB (M) 4*16kB (M) 5*32kB (M) 3*64kB (M) 5*128kB (M) 5*256kB (M) 5*512kB (M) 4*1024kB (UM) 4*2048kB (M) 718*4096kB (M) = 2958164kB
[  167.345875][ T3694] Normal: 753*4kB (UME) 1082*8kB (UE) 630*16kB (UME) 849*32kB (UME) 496*64kB (UME) 98*128kB (UME) 13*256kB (UME) 9*512kB (UME) 2*1024kB (M) 9*2048kB (UME) 712*4096kB (UME) = 3037972kB
[  167.364753][ T3694] 41421 total pagecache pages
[  167.369437][ T3694] 33 pages in swap cache
[  167.373738][ T3694] Free swap  = 124216kB
[  167.377887][ T3694] Total swap = 124996kB
[  167.382028][ T3694] 2097051 pages RAM
[  167.385883][ T3694] 0 pages HighMem/MovableOnly
[  167.390568][ T3694] 352254 pages reserved
[  167.394743][ T3694] 0 pages cma reserved
[  167.399864][ T3694] Memory allocations:
[  167.404110][ T3694]          0 B        0 init/main.c:1477 func:do_initcalls
[  167.411459][ T3694]          0 B        0 init/do_mounts.c:186 func:mount_root_generic
[  167.419572][ T3694]          0 B        0 init/do_mounts.c:158 func:do_mount_root
[  167.427711][ T3694]          0 B        0 init/do_mounts.c:352 func:mount_nodev_root
[  167.435618][ T3694]          0 B        0 init/do_mounts_rd.c:241 func:rd_load_image
[  167.443532][ T3694]          0 B        0 init/do_mounts_rd.c:72 func:identify_ramdisk_image
[  167.452182][ T3694]          0 B        0 init/initramfs.c:507 func:unpack_to_rootfs
[  167.460101][ T3694]          0 B        0 init/initramfs.c:508 func:unpack_to_rootfs
[  167.467990][ T3694]          0 B        0 init/initramfs.c:509 func:unpack_to_rootfs
[  167.475919][ T3694]          0 B        0 init/initramfs.c:101 func:find_link
[  167.564939][  T337] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[  167.735772][  T311] usb 4-1: new full-speed USB device number 78 using dummy_hcd
[  167.820763][  T337] usb 3-1: Using ep0 maxpacket: 16
[  167.827522][  T337] usb 3-1: unable to get BOS descriptor or descriptor too short
[  167.836855][  T337] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  167.847058][  T337] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 1, skipping
[  167.859998][  T337] usb 3-1: New USB device found, idVendor=04b4, idProduct=931c, bcdDevice= 0.40
[  167.869136][  T337] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.873136][   T36] audit: type=1400 audit(164.539:30235): avc:  denied  { setopt } for  pid=3727 comm="syz.0.1215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  167.879071][  T337] usb 3-1: Product: syz
[  167.900863][  T337] usb 3-1: Manufacturer: syz
[  167.905744][  T337] usb 3-1: SerialNumber: syz
[  167.911104][  T311] usb 4-1: config 120 has an invalid interface number: 125 but max is 0
[  167.916665][  T373] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[  167.922751][  T311] usb 4-1: config 120 has no interface number 0
[  167.933805][  T311] usb 4-1: config 120 interface 125 altsetting 8 endpoint 0x3 has invalid maxpacket 33206, setting to 64
[  167.945192][  T311] usb 4-1: config 120 interface 125 altsetting 8 endpoint 0x84 has invalid wMaxPacketSize 0
[  167.955677][  T311] usb 4-1: config 120 interface 125 has no altsetting 0
[  167.964235][  T311] usb 4-1: New USB device found, idVendor=03f0, idProduct=0307, bcdDevice= 0.01
[  167.973596][  T311] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.975873][ T3733] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  167.982123][  T311] usb 4-1: Product: syz
[  167.991055][ T3733] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  167.994709][  T311] usb 4-1: Manufacturer: syz
[  168.007462][  T311] usb 4-1: SerialNumber: syz
[  168.014553][ T3707] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  168.065878][  T373] usb 2-1: device descriptor read/64, error -71
[  168.127567][ T3743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  168.136143][ T3743] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  168.149887][  T337] usb 3-1: unit 2 not found!
[  168.159317][  T337] usb 3-1: USB disconnect, device number 78
[  168.183715][  T508] udevd[508]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  168.276951][ T3707] kvm_intel: kvm [3705]: vcpu1, guest rIP: 0x9114 Unhandled WRMSR(0x1d9) = 0x130f
[  168.287583][ T3707] kvm: kvm [3705]: vcpu1, guest rIP: 0x9114 Unhandled WRMSR(0x186) = 0x230a
[  168.332369][  T373] usb 2-1: device descriptor read/64, error -71
[  168.346847][  T311] ums-usbat 4-1:120.125: USB Mass Storage device detected
[  168.376088][  T311] ums-usbat 4-1:120.125: probe with driver ums-usbat failed with error -5
[  168.387018][  T311] usb 4-1: USB disconnect, device number 78
[  168.598812][  T373] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[  168.719924][  T311] usb 4-1: new full-speed USB device number 79 using dummy_hcd
[  168.737556][  T373] usb 2-1: device descriptor read/64, error -71
[  168.888334][  T311] usb 4-1: unable to get BOS descriptor or descriptor too short
[  168.897036][  T311] usb 4-1: not running at top speed; connect to a high speed hub
[  168.905487][  T311] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  168.915759][  T311] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  168.926870][  T311] usb 4-1: string descriptor 0 read error: -22
[  168.933171][  T311] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  168.942251][  T311] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.953610][  T311] usb 4-1: 0:2 : does not exist
[  168.982511][  T337] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[  168.993188][  T373] usb 2-1: device descriptor read/64, error -71
[  169.110535][  T373] usb usb2-port1: attempt power cycle
[  169.153037][  T337] usb 3-1: Using ep0 maxpacket: 32
[  169.159296][  T337] usb 3-1: config 3 has an invalid interface number: 224 but max is 0
[  169.167921][  T337] usb 3-1: config 3 has no interface number 0
[  169.174056][  T337] usb 3-1: config 3 interface 224 has no altsetting 0
[  169.182628][  T337] usb 3-1: New USB device found, idVendor=0b95, idProduct=2791, bcdDevice=ce.f6
[  169.191931][  T337] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.199959][  T337] usb 3-1: Product: syz
[  169.204202][  T337] usb 3-1: Manufacturer: syz
[  169.208853][  T337] usb 3-1: SerialNumber: syz
[  169.429174][ T3754] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.437636][ T3774] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.438115][ T3754] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  169.446616][ T3774] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  169.461909][  T337] usb 3-1: USB disconnect, device number 79
[  169.473741][  T373] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[  169.487601][ T3778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.495185][  T373] usb 2-1: device descriptor read/8, error -71
[  169.496884][ T3778] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  169.512886][   T36] audit: type=1400 audit(166.078:30237): avc:  denied  { create } for  pid=3777 comm="syz.0.1229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  169.535114][   T36] audit: type=1400 audit(166.078:30236): avc:  denied  { create } for  pid=3777 comm="syz.0.1229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  169.611056][  T311] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5)
[  169.624058][  T311] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5)
[  169.633746][  T373] usb 2-1: device descriptor read/8, error -71
[  169.644731][  T311] usb 4-1: 5:0: failed to get current value for ch 1 (-22)
[  169.664523][  T311] usb 4-1: USB disconnect, device number 79
[  169.888581][  T373] usb 2-1: new high-speed USB device number 91 using dummy_hcd
[  169.910818][  T373] usb 2-1: device descriptor read/8, error -71
[  170.060367][  T373] usb 2-1: device descriptor read/8, error -71
[  170.176790][  T373] usb usb2-port1: unable to enumerate USB device
[  170.212029][   T36] audit: type=1400 audit(166.735:30238): avc:  denied  { create } for  pid=3800 comm="syz.2.1236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  170.498431][ T3811] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1239'.
[  170.508439][   T36] audit: type=1326 audit(167.016:30239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3809 comm="syz.3.1239" exe="/root/ci2-android-6-12-rust/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f13c299ce59 code=0x0
[  170.613295][  T373] usb 3-1: new full-speed USB device number 80 using dummy_hcd
[  170.774566][  T373] usb 3-1: unable to get BOS descriptor or descriptor too short
[  170.782669][  T373] usb 3-1: not running at top speed; connect to a high speed hub
[  170.791301][  T373] usb 3-1: config 2 has an invalid interface number: 52 but max is 0
[  170.799610][  T373] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  170.809925][  T373] usb 3-1: config 2 has no interface number 0
[  170.816156][  T373] usb 3-1: config 2 interface 52 altsetting 1 endpoint 0x3 has an invalid bInterval 0, changing to 10
[  170.827588][  T373] usb 3-1: config 2 interface 52 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  170.837358][  T373] usb 3-1: config 2 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  170.850280][  T373] usb 3-1: config 2 interface 52 has no altsetting 0
[  170.859015][  T373] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice=d7.f8
[  170.868193][  T373] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.876451][  T373] usb 3-1: Product: syz
[  170.880918][  T373] usb 3-1: Manufacturer: syz
[  170.885903][  T373] usb 3-1: SerialNumber: syz
[  171.063888][ T3817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.072442][ T3817] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.151621][   T36] audit: type=1400 audit(167.617:30240): avc:  denied  { write } for  pid=3807 comm="syz.2.1238" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  171.178219][   T36] audit: type=1400 audit(167.617:30241): avc:  denied  { remove_name } for  pid=3807 comm="syz.2.1238" name="binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  171.200993][   T36] audit: type=1400 audit(167.617:30242): avc:  denied  { unlink } for  pid=3807 comm="syz.2.1238" name="binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  171.284830][  T311] usb 2-1: new high-speed USB device number 92 using dummy_hcd
[  171.287887][  T373] usbhid 3-1:2.52: couldn't find an input interrupt endpoint
[  171.302848][  T373] usb 3-1: USB disconnect, device number 80
[  171.329603][ T3821] netlink: 'syz.3.1242': attribute type 8 has an invalid length.
[  171.337386][ T3821] netlink: 'syz.3.1242': attribute type 32 has an invalid length.
[  171.447131][  T311] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  171.456269][  T311] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.464292][  T311] usb 2-1: Product: syz
[  171.468592][  T311] usb 2-1: Manufacturer: syz
[  171.473447][  T311] usb 2-1: SerialNumber: syz
[  171.723567][ T3826] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.732032][ T3826] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.741857][   T36] audit: type=1400 audit(168.161:30243): avc:  denied  { execute } for  pid=3825 comm="syz.0.1243" dev="tmpfs" ino=1074 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  171.762740][   T36] audit: type=1400 audit(168.161:30244): avc:  denied  { execute_no_trans } for  pid=3825 comm="syz.0.1243" path=2F6D656D66643A5B0B7827A529F7A078FF01202864656C6574656429 dev="tmpfs" ino=1074 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  172.169492][  T373] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[  172.331283][  T373] usb 3-1: unable to get BOS descriptor or descriptor too short
[  172.339694][  T373] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 37, changing to 7
[  172.350792][  T373] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 119, changing to 7
[  172.363959][  T373] usb 3-1: New USB device found, idVendor=2a39, idProduct=3fd3, bcdDevice= 0.40
[  172.373192][  T373] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.376901][ T3840] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  172.381648][  T373] usb 3-1: Product: syz
[  172.390480][ T3840] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  172.395325][  T373] usb 3-1: Manufacturer: syz
[  172.408026][  T373] usb 3-1: SerialNumber: syz
[  172.421533][ T3840] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  172.441924][ T3843] 9pnet_fd: p9_fd_create_tcp (3843): problem connecting socket to 127.0.0.1
[  172.568684][ T3846] random: crng reseeded on system resumption
[  172.635295][  T373] usb 3-1: Can't get UAC3 power state for id 10
[  172.642647][  T373] usb 3-1: 2:0: failed to get current value for ch 0 (-71)
[  172.653841][  T373] usb 3-1: 2:0: cannot get min/max values for control 2 (id 2)
[  172.671552][ T3846] Unrecognized hibernate image header format!
[  172.681227][  T373] usb 3-1: USB disconnect, device number 81
[  172.690726][  T508] udevd[508]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  172.707217][ T3846] PM: hibernation: Image mismatch: architecture specific data
[  173.215001][ T3859] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  173.224604][ T3859] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  173.501816][  T311] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[  173.673526][  T311] usb 3-1: config 0 interface 0 altsetting 32 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  173.686563][  T311] usb 3-1: config 0 interface 0 has no altsetting 0
[  173.693162][  T311] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  173.702256][  T311] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.710811][  T311] usb 3-1: config 0 descriptor??
[  173.794626][ T3882] fuse: Unknown parameter 'fM'
[  173.842471][ T3889] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  173.851263][ T3889] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  173.896180][  T337] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[  174.056033][  T337] usb 4-1: Using ep0 maxpacket: 32
[  174.062247][  T337] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[  174.066865][  T373] usb 2-1: USB disconnect, device number 92
[  174.070639][  T337] usb 4-1: config 0 has no interface number 0
[  174.089465][  T337] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  174.098742][  T337] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.106814][  T337] usb 4-1: Product: syz
[  174.111187][  T337] usb 4-1: Manufacturer: syz
[  174.115971][  T337] usb 4-1: SerialNumber: syz
[  174.125819][  T337] usb 4-1: config 0 descriptor??
[  174.131689][  T337] smsc95xx v2.0.0
[  174.146376][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.153759][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.161079][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.168573][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.175172][   T36] audit: type=1400 audit(170.450:30245): avc:  denied  { connect } for  pid=3890 comm="syz.1.1265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  174.176123][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.202994][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.214044][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.221424][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.228765][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.236165][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.243525][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.250866][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.258190][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.265634][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.272960][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.280300][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.287645][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.294991][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.302336][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.309659][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.317008][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.324360][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.331703][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.339147][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.346821][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.355001][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.362514][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.369898][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.377244][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.384572][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.391921][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.399271][  T311] magicmouse 0003:05AC:0265.002E: unknown main item tag 0x0
[  174.408189][  T311] magicmouse 0003:05AC:0265.002E: hidraw0: USB HID vff.fd Device [HID 05ac:0265] on usb-dummy_hcd.2-1/input0
[  174.435891][ T3896] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  174.450850][ T3896] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  174.792397][  T337] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  174.803164][  T337] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  174.812449][  T337] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  174.823318][  T337] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71
[  174.832947][  T337] usb 4-1: USB disconnect, device number 80
[  174.911109][   T36] audit: type=1400 audit(171.144:30246): avc:  denied  { map } for  pid=3899 comm="syz.2.1267" path="/dev/urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  174.934590][   T36] audit: type=1400 audit(171.144:30247): avc:  denied  { write execute } for  pid=3899 comm="syz.2.1267" path="/dev/urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  174.959647][   T36] audit: type=1400 audit(171.172:30248): avc:  denied  { create } for  pid=3901 comm="syz.2.1268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  174.964311][ T3904] netlink: 4096 bytes leftover after parsing attributes in process `syz.2.1269'.
[  174.995230][ T3904] netlink: 'syz.2.1269': attribute type 4 has an invalid length.
[  175.059763][ T3913] overlayfs: failed to resolve './file2': -2
[  175.150986][ T3919] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.161508][ T3919] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.264971][ T3925] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.274357][ T3925] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.403288][ T3928] overlayfs: conflicting options: verity=on,redirect_dir=nofollow
[  175.665528][  T337] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[  175.713861][ T3934] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.722380][ T3934] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.823543][ T3936] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.832067][ T3936] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.836051][  T337] usb 4-1: Using ep0 maxpacket: 8
[  175.846053][  T337] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.857049][  T337] usb 4-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  175.869909][  T337] usb 4-1: config 0 interface 0 has no altsetting 0
[  175.876601][  T337] usb 4-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[  175.885960][  T337] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.894566][  T337] usb 4-1: config 0 descriptor??
[  176.115095][ T3931] ±ÿ: renamed from lo (while UP)
[  176.336684][  T337] hkems 0003:2006:0118.002F: unknown main item tag 0x0
[  176.343643][  T337] hkems 0003:2006:0118.002F: unknown main item tag 0x0
[  176.351247][  T337] hkems 0003:2006:0118.002F: unknown main item tag 0x0
[  176.358142][  T337] hkems 0003:2006:0118.002F: unknown main item tag 0x0
[  176.365240][  T337] hkems 0003:2006:0118.002F: unknown main item tag 0x0
[  176.372536][   T36] audit: type=1400 audit(172.514:30249): avc:  denied  { accept } for  pid=3944 comm="syz.0.1285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  176.382788][ T3947] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.392464][  T337] hkems 0003:2006:0118.002F: unknown main item tag 0x0
[  176.401104][ T3947] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.408254][  T337] hkems 0003:2006:0118.002F: unknown main item tag 0x0
[  176.427909][  T337] hkems 0003:2006:0118.002F: unknown global tag 0xd
[  176.437054][  T337] hkems 0003:2006:0118.002F: item 0 1 1 13 parsing failed
[  176.445855][  T337] hkems 0003:2006:0118.002F: parse failed
[  176.452982][  T337] hkems 0003:2006:0118.002F: probe with driver hkems failed with error -22
[  176.470201][ T3949] tipc: Failed to remove unknown binding: 66,1,1/2077257915:3449394092/3449394094
[  176.549743][ T3958] tipc: Enabled bearer <eth:wg2>, priority 10
[  176.562603][ T3958] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.571145][  T373] usb 4-1: USB disconnect, device number 81
[  176.573164][ T3958] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  177.049625][ T3960] FAULT_INJECTION: forcing a failure.
[  177.049625][ T3960] name failslab, interval 1, probability 0, space 0, times 0
[  177.062413][ T3960] CPU: 1 UID: 0 PID: 3960 Comm: syz.0.1290 Not tainted syzkaller #0 29c6904b08c3b1e8518f4116e2e8016f6159917e
[  177.062445][ T3960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  177.062457][ T3960] Call Trace:
[  177.062465][ T3960]  <TASK>
[  177.062471][ T3960]  __dump_stack+0x21/0x30
[  177.062492][ T3960]  dump_stack_lvl+0x140/0x1c0
[  177.062506][ T3960]  ? __cfi_dump_stack_lvl+0x10/0x10
[  177.062521][ T3960]  ? release_sock+0x171/0x1f0
[  177.062534][ T3960]  dump_stack+0x19/0x20
[  177.062549][ T3960]  should_fail_ex+0x3d7/0x530
[  177.062560][ T3960]  should_failslab+0xac/0x100
[  177.062573][ T3960]  kmem_cache_alloc_node_noprof+0x45/0x420
[  177.062585][ T3960]  ? netlink_data_ready+0x20/0x20
[  177.062599][ T3960]  ? __alloc_skb+0x108/0x370
[  177.062612][ T3960]  __alloc_skb+0x108/0x370
[  177.062624][ T3960]  netlink_alloc_large_skb+0xf7/0x1b0
[  177.062637][ T3960]  netlink_sendmsg+0x594/0xb10
[  177.062647][ T3960]  ? __cfi_netlink_sendmsg+0x10/0x10
[  177.062656][ T3960]  ? bpf_lsm_socket_sendmsg+0xd/0x20
[  177.062669][ T3960]  ? security_socket_sendmsg+0x3d/0x100
[  177.062682][ T3960]  ? __cfi_netlink_sendmsg+0x10/0x10
[  177.062691][ T3960]  ____sys_sendmsg+0x9de/0xa30
[  177.062701][ T3960]  ? __import_iovec+0x5ad/0x7c0
[  177.062713][ T3960]  ? __sys_sendmsg_sock+0x50/0x50
[  177.062723][ T3960]  ? import_iovec+0x80/0xb0
[  177.062742][ T3960]  ___sys_sendmsg+0x2a6/0x370
[  177.062752][ T3960]  ? __sys_sendmsg+0x2a0/0x2a0
[  177.062761][ T3960]  ? proc_fail_nth_write+0x184/0x220
[  177.062775][ T3960]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  177.062797][ T3960]  __x64_sys_sendmsg+0x1fb/0x2d0
[  177.062806][ T3960]  ? fput+0x1a4/0x240
[  177.062819][ T3960]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  177.062829][ T3960]  ? ksys_write+0x1f3/0x260
[  177.062839][ T3960]  ? __kasan_check_read+0x15/0x20
[  177.062849][ T3960]  x64_sys_call+0x2a4c/0x2ee0
[  177.062859][ T3960]  do_syscall_64+0x57/0xf0
[  177.062869][ T3960]  ? clear_bhb_loop+0x50/0xa0
[  177.062882][ T3960]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  177.062894][ T3960] RIP: 0033:0x7fb52d99ce59
[  177.062905][ T3960] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  177.062914][ T3960] RSP: 002b:00007fb52e925028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  177.062927][ T3960] RAX: ffffffffffffffda RBX: 00007fb52dc15fa0 RCX: 00007fb52d99ce59
[  177.062935][ T3960] RDX: 000000002400e090 RSI: 00002000000001c0 RDI: 0000000000000005
[  177.062942][ T3960] RBP: 00007fb52e925090 R08: 0000000000000000 R09: 0000000000000000
[  177.062949][ T3960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.062956][ T3960] R13: 00007fb52dc16038 R14: 00007fb52dc15fa0 R15: 00007ffcdf42a9b8
[  177.062964][ T3960]  </TASK>
[  177.365618][ T3970] netlink: 'syz.2.1292': attribute type 21 has an invalid length.
[  177.370927][ T3972] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  177.383364][ T3972] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  177.433336][ T3977] syzkaller1: entered promiscuous mode
[  177.438900][ T3977] syzkaller1: entered allmulticast mode
[  177.637935][ T3982] netlink: 'syz.2.1297': attribute type 46 has an invalid length.
[  177.645844][ T3982] netlink: 'syz.2.1297': attribute type 28 has an invalid length.
[  177.722661][  T373] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[  177.861250][  T373] usb 4-1: device descriptor read/64, error -71
[  177.941201][ T3988] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  177.949760][ T3988] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  178.127706][  T373] usb 4-1: device descriptor read/64, error -71
[  178.383505][  T373] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[  178.458956][ T3992] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1300'.
[  178.491551][ T3998] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1303'.
[  178.510744][ T4000] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  178.520102][ T4002] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  178.520890][ T4000] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  178.531317][ T4002] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  178.554012][  T373] usb 4-1: device descriptor read/64, error -71
[  178.576669][ T4002] SELinux: failed to load policy
[  178.809877][  T373] usb 4-1: device descriptor read/64, error -71
[  178.841850][  T389] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[  178.938007][  T373] usb usb4-port1: attempt power cycle
[  179.001717][  T389] usb 2-1: Using ep0 maxpacket: 32
[  179.007941][  T389] usb 2-1: config 0 has an invalid interface number: 196 but max is 0
[  179.016260][  T389] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  179.026560][  T389] usb 2-1: config 0 has no interface number 0
[  179.032635][  T389] usb 2-1: config 0 interface 196 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  179.045703][  T389] usb 2-1: config 0 interface 196 has no altsetting 0
[  179.053984][  T389] usb 2-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a
[  179.063098][  T389] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.071117][  T389] usb 2-1: Product: syz
[  179.075257][  T389] usb 2-1: Manufacturer: syz
[  179.079856][  T389] usb 2-1: SerialNumber: syz
[  179.084927][  T389] usb 2-1: config 0 descriptor??
[  179.091260][  T389] ipheth 2-1:0.196: Unable to find endpoints
[  179.103263][ T4007] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  179.111903][ T4007] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  179.305707][ T4005] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  179.310808][  T373] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[  179.314709][ T4005] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  179.331569][  T389] usb 2-1: USB disconnect, device number 93
[  179.343873][  T373] usb 4-1: device descriptor read/8, error -71
[  179.482407][  T373] usb 4-1: device descriptor read/8, error -71
[  179.667054][ T4013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  179.675668][ T4013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  179.685902][ T4012] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  179.694496][ T4012] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  179.702263][ T4014] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  179.710937][ T4014] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  179.737826][  T373] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[  179.759531][  T373] usb 4-1: device descriptor read/8, error -71
[  179.898320][  T373] usb 4-1: device descriptor read/8, error -71
[  179.905089][   T36] audit: type=1400 audit(175.826:30250): avc:  denied  { append } for  pid=4023 comm="syz.0.1313" name="usbmon0" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  179.928084][   T36] audit: type=1400 audit(175.826:30251): avc:  denied  { map } for  pid=4023 comm="syz.0.1313" path="/dev/usbmon0" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  179.951568][   T36] audit: type=1400 audit(175.826:30252): avc:  denied  { execute } for  pid=4023 comm="syz.0.1313" path="/dev/usbmon0" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  180.012126][ T4030] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.014372][  T373] usb usb4-port1: unable to enumerate USB device
[  180.025405][ T4030] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.058676][ T4030] SELinux:  policydb magic number 0x366d6970 does not match expected magic number 0xf97cff8c
[  180.069098][ T4030] SELinux: failed to load policy
[  180.163480][  T337] usb 2-1: new high-speed USB device number 94 using dummy_hcd
[  180.224959][ T4039] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.233571][ T4039] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.241752][ T4039] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.250327][ T4039] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.258480][ T4039] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.267196][ T4039] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.275698][ T4039] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.284263][ T4039] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.292451][ T4039] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.300987][ T4039] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.309135][ T4039] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.317751][ T4039] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.334082][  T337] usb 2-1: Using ep0 maxpacket: 32
[  180.340715][  T337] usb 2-1: unable to get BOS descriptor or descriptor too short
[  180.350607][  T337] usb 2-1: New USB device found, idVendor=0dba, idProduct=3000, bcdDevice= 0.40
[  180.360133][  T337] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.368196][  T337] usb 2-1: Product: syz
[  180.372460][  T337] usb 2-1: Manufacturer: syz
[  180.377164][  T337] usb 2-1: SerialNumber: syz
[  180.597555][  T337] usb 2-1: Invalid firmware size=18.
[  180.603666][  T337] usb 2-1: USB disconnect, device number 94
[  180.627931][ T4044] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  180.635171][ T4044] IPv6: NLM_F_CREATE should be set when creating new route
[  180.642424][ T4044] IPv6: NLM_F_CREATE should be set when creating new route
[  180.660131][ T4046] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1322'.
[  180.673789][   T36] audit: type=1400 audit(176.548:30253): avc:  denied  { write } for  pid=4045 comm="syz.0.1322" name="usbmon9" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  180.677975][ T4046] cgroup: Invalid name
[  180.697479][   T36] audit: type=1400 audit(176.548:30254): avc:  denied  { ioctl } for  pid=4045 comm="syz.0.1322" path="/dev/usbmon9" dev="devtmpfs" ino=118 ioctlcmd=0x9201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  180.868639][   T36] audit: type=1400 audit(176.736:30255): avc:  denied  { accept } for  pid=4057 comm="syz.2.1327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  180.938237][   T36] audit: type=1400 audit(176.792:30256): avc:  denied  { read write } for  pid=4060 comm="syz.2.1328" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  180.939599][ T4061] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.961611][   T36] audit: type=1400 audit(176.792:30257): avc:  denied  { open } for  pid=4060 comm="syz.2.1328" path="/dev/raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  180.970273][ T4061] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.993536][   T36] audit: type=1400 audit(176.792:30258): avc:  denied  { ioctl } for  pid=4060 comm="syz.2.1328" path="/dev/raw-gadget" dev="devtmpfs" ino=190 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  181.033328][ T4056] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1326'.
[  181.410579][  T389] usb 2-1: new high-speed USB device number 95 using dummy_hcd
[  181.572157][  T389] usb 2-1: unable to get BOS descriptor or descriptor too short
[  181.579909][ T4067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  181.588446][ T4067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  181.596745][  T389] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  181.606866][  T389] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  181.615831][  T389] usb 2-1: too many endpoints for config 1 interface 1 altsetting 76: 188, using maximum allowed: 30
[  181.626745][  T389] usb 2-1: config 1 interface 1 altsetting 76 has 0 endpoint descriptors, different from the interface descriptor's value: 188
[  181.639946][  T389] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  181.650813][  T389] usb 2-1: config 1 interface 1 has no altsetting 0
[  181.659893][  T389] usb 2-1: string descriptor 0 read error: -22
[  181.666149][  T389] usb 2-1: New USB device found, idVendor=21b4, idProduct=0081, bcdDevice= 0.40
[  181.675328][  T389] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.698203][ T4072] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  181.706843][ T4072] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  181.905517][ T4065] SELinux:  policydb magic number 0x366d6970 does not match expected magic number 0xf97cff8c
[  181.915836][ T4065] SELinux: failed to load policy
[  181.921706][  T389] usb 2-1: 2:0: failed to get current value for ch 0 (-71)
[  181.931030][  T389] usb 2-1: 2:0: cannot get min/max values for control 2 (id 2)
[  181.943551][  T389] usb 2-1: USB disconnect, device number 95
[  182.114042][  T337] usb 4-1: new full-speed USB device number 86 using dummy_hcd
[  182.156552][ T4080] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  182.165071][ T4080] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  182.285924][  T337] usb 4-1: unable to get BOS descriptor or descriptor too short
[  182.294158][  T337] usb 4-1: not running at top speed; connect to a high speed hub
[  182.302285][  T337] usb 4-1: too many configurations: 150, using maximum allowed: 8
[  182.311926][  T337] usb 4-1: unable to read config index 0 descriptor/start: -61
[  182.319901][  T337] usb 4-1: can't read configurations, error -61
[  182.365762][ T4084] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  182.374361][ T4084] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  182.455119][  T337] usb 4-1: new full-speed USB device number 87 using dummy_hcd
[  182.616614][  T337] usb 4-1: unable to get BOS descriptor or descriptor too short
[  182.624835][  T337] usb 4-1: not running at top speed; connect to a high speed hub
[  182.632721][  T337] usb 4-1: too many configurations: 150, using maximum allowed: 8
[  182.641583][  T337] usb 4-1: unable to read config index 0 descriptor/start: -61
[  182.649387][  T337] usb 4-1: can't read configurations, error -61
[  182.655749][  T337] usb usb4-port1: attempt power cycle
[  182.716495][   T36] audit: type=1400 audit(178.462:30259): avc:  denied  { name_bind } for  pid=4089 comm="syz.2.1340" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  182.736840][  T389] usb 2-1: new high-speed USB device number 96 using dummy_hcd
[  182.747795][ T4092] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1341'.
[  182.824406][ T4094] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  182.832939][ T4094] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  182.902826][  T389] usb 2-1: Using ep0 maxpacket: 8
[  182.908942][  T389] usb 2-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.919871][  T389] usb 2-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  182.932676][  T389] usb 2-1: config 0 interface 0 has no altsetting 0
[  182.940389][  T389] usb 2-1: New USB device found, idVendor=046a, idProduct=0023, bcdDevice= 0.00
[  182.950435][  T389] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.959411][  T389] usb 2-1: config 0 descriptor??
[  182.975154][ T4099] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  182.983701][ T4099] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  183.030710][  T337] usb 4-1: new full-speed USB device number 88 using dummy_hcd
[  183.053639][  T337] usb 4-1: unable to get BOS descriptor or descriptor too short
[  183.061711][  T337] usb 4-1: not running at top speed; connect to a high speed hub
[  183.069655][  T337] usb 4-1: too many configurations: 150, using maximum allowed: 8
[  183.078637][  T337] usb 4-1: unable to read config index 0 descriptor/start: -61
[  183.086257][  T337] usb 4-1: can't read configurations, error -61
[  183.179623][  T389] usbhid 2-1:0.0: can't add hid device: -32
[  183.185845][  T389] usbhid 2-1:0.0: probe with driver usbhid failed with error -32
[  183.222591][  T337] usb 4-1: new full-speed USB device number 89 using dummy_hcd
[  183.245548][  T337] usb 4-1: unable to get BOS descriptor or descriptor too short
[  183.253662][  T337] usb 4-1: not running at top speed; connect to a high speed hub
[  183.261528][  T337] usb 4-1: too many configurations: 150, using maximum allowed: 8
[  183.270401][  T337] usb 4-1: unable to read config index 0 descriptor/start: -61
[  183.278051][  T337] usb 4-1: can't read configurations, error -61
[  183.284418][  T337] usb usb4-port1: unable to enumerate USB device
[  183.544508][ T4107] rust_binder: 1144: no such ref 1
[  183.549717][ T4107] rust_binder: 4105:4107 transaction to 0 failed: ENOENT
[  183.549749][ T4108] rust_binder: 4105:4108 transaction to 0 failed: ENOENT
[  183.554281][ T4104] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  183.572344][ T4104] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  183.602824][ T4111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  183.611412][ T4111] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  183.624777][ T4111] SELinux:  policydb magic number 0x366d6970 does not match expected magic number 0xf97cff8c
[  183.634993][ T4111] SELinux: failed to load policy
[  184.181918][ T4114] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  184.410332][ T4122] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  184.418913][ T4122] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  185.073729][ T4124] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12592 sclass=netlink_route_socket pid=4124 comm=syz.3.1352
[  185.460863][  T389] usb 4-1: new high-speed USB device number 90 using dummy_hcd
[  185.631423][  T389] usb 4-1: Using ep0 maxpacket: 8
[  185.639056][  T389] usb 4-1: New USB device found, idVendor=0582, idProduct=0025, bcdDevice= 0.40
[  185.648325][  T389] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.656445][  T389] usb 4-1: Product: syz
[  185.660623][  T389] usb 4-1: Manufacturer: syz
[  185.668675][  T829] usb 2-1: USB disconnect, device number 96
[  185.674624][  T389] usb 4-1: SerialNumber: syz
[  186.025772][  T829] usb 2-1: new high-speed USB device number 97 using dummy_hcd
[  186.187018][  T829] usb 2-1: unable to get BOS descriptor or descriptor too short
[  186.195529][  T829] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  186.205762][  T829] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  186.214885][  T829] usb 2-1: too many endpoints for config 1 interface 1 altsetting 76: 188, using maximum allowed: 30
[  186.225846][  T829] usb 2-1: config 1 interface 1 altsetting 76 has 0 endpoint descriptors, different from the interface descriptor's value: 188
[  186.239029][  T829] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  186.249867][  T829] usb 2-1: config 1 interface 1 has no altsetting 0
[  186.258536][  T829] usb 2-1: string descriptor 0 read error: -22
[  186.265347][  T829] usb 2-1: New USB device found, idVendor=21b4, idProduct=0081, bcdDevice= 0.40
[  186.274404][  T829] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.326778][  T389] usb 4-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[  186.335467][  T389] usb 4-1: clock source 0 is not valid, cannot use
[  186.342221][  T389] usb 4-1: 1:1: cannot get freq (v2/v3): err -71
[  186.348905][  T389] usb 4-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[  186.357968][  T389] usb 4-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[  186.366567][  T389] usb 4-1: clock source 0 is not valid, cannot use
[  186.373312][  T389] usb 4-1: 2:1: cannot get freq (v2/v3): err -71
[  186.379884][  T389] usb 4-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[  186.392426][  T389] usb 4-1: USB disconnect, device number 90
[  186.497949][ T4138] SELinux:  policydb magic number 0x366d6970 does not match expected magic number 0xf97cff8c
[  186.508222][ T4138] SELinux: failed to load policy
[  186.513927][  T829] usb 2-1: 2:0: failed to get current value for ch 0 (-71)
[  186.524633][  T829] usb 2-1: 2:0: cannot get min/max values for control 2 (id 2)
[  186.538106][  T829] usb 2-1: USB disconnect, device number 97
[  186.772335][ T4143] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  186.780935][ T4143] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  186.992077][ T4151] netlink: 'syz.3.1360': attribute type 4 has an invalid length.
[  187.059086][ T4156] fuse: Bad value for 'fd'
[  187.114886][ T4163] FAULT_INJECTION: forcing a failure.
[  187.114886][ T4163] name failslab, interval 1, probability 0, space 0, times 0
[  187.127576][ T4163] CPU: 1 UID: 0 PID: 4163 Comm: syz.3.1363 Not tainted syzkaller #0 29c6904b08c3b1e8518f4116e2e8016f6159917e
[  187.127600][ T4163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  187.127607][ T4163] Call Trace:
[  187.127612][ T4163]  <TASK>
[  187.127617][ T4163]  __dump_stack+0x21/0x30
[  187.127641][ T4163]  dump_stack_lvl+0x140/0x1c0
[  187.127664][ T4163]  ? __cfi_dump_stack_lvl+0x10/0x10
[  187.127688][ T4163]  ? __cfi_avc_has_perm+0x10/0x10
[  187.127701][ T4163]  ? kasan_save_alloc_info+0x40/0x50
[  187.127717][ T4163]  dump_stack+0x19/0x20
[  187.127730][ T4163]  should_fail_ex+0x3d7/0x530
[  187.127741][ T4163]  should_failslab+0xac/0x100
[  187.127753][ T4163]  __kmalloc_cache_noprof+0x41/0x470
[  187.127765][ T4163]  ? vhost_task_create+0x12c/0x400
[  187.127777][ T4163]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  187.127789][ T4163]  vhost_task_create+0x12c/0x400
[  187.127800][ T4163]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  187.127812][ T4163]  ? __cfi_vhost_task_create+0x10/0x10
[  187.127829][ T4163]  ? __cfi_vhost_task_fn+0x10/0x10
[  187.127840][ T4163]  ? __kasan_check_write+0x18/0x20
[  187.127850][ T4163]  ? mutex_lock+0x97/0x1d0
[  187.127863][ T4163]  ? __cfi_mutex_lock+0x10/0x10
[  187.127875][ T4163]  ? kernel_text_address+0xa9/0xe0
[  187.127889][ T4163]  kvm_mmu_post_init_vm+0x161/0x300
[  187.127904][ T4163]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[  187.127919][ T4163]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  187.127932][ T4163]  ? kstrtoull+0x13b/0x1e0
[  187.127947][ T4163]  ? kstrtouint+0x78/0xf0
[  187.127960][ T4163]  ? ioctl_has_perm+0x1bc/0x500
[  187.127970][ T4163]  ? __asan_memcpy+0x5a/0x80
[  187.127979][ T4163]  ? ioctl_has_perm+0x408/0x500
[  187.127988][ T4163]  ? has_cap_mac_admin+0xd0/0xd0
[  187.127998][ T4163]  ? __kasan_check_write+0x18/0x20
[  187.128007][ T4163]  ? mutex_lock_killable+0x97/0x1d0
[  187.128020][ T4163]  ? __cfi_mutex_lock_killable+0x10/0x10
[  187.128032][ T4163]  ? proc_fail_nth_write+0x184/0x220
[  187.128047][ T4163]  kvm_vcpu_ioctl+0xa48/0x1000
[  187.128058][ T4163]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  187.128069][ T4163]  ? __cfi_vfs_write+0x10/0x10
[  187.128079][ T4163]  ? __kasan_check_write+0x18/0x20
[  187.128089][ T4163]  ? mutex_unlock+0x90/0x240
[  187.128100][ T4163]  ? __cfi_mutex_unlock+0x10/0x10
[  187.128112][ T4163]  ? __fget_files+0x2c5/0x340
[  187.128125][ T4163]  ? __fget_files+0x2c5/0x340
[  187.128136][ T4163]  ? bpf_lsm_file_ioctl+0xd/0x20
[  187.128149][ T4163]  ? security_file_ioctl+0x3e/0x110
[  187.128163][ T4163]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  187.128173][ T4163]  __se_sys_ioctl+0x132/0x1b0
[  187.128185][ T4163]  __x64_sys_ioctl+0x7f/0xa0
[  187.128197][ T4163]  x64_sys_call+0x1878/0x2ee0
[  187.128207][ T4163]  do_syscall_64+0x57/0xf0
[  187.128217][ T4163]  ? clear_bhb_loop+0x50/0xa0
[  187.128230][ T4163]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  187.128242][ T4163] RIP: 0033:0x7f13c299ce59
[  187.128252][ T4163] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  187.128261][ T4163] RSP: 002b:00007f13c392c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  187.128273][ T4163] RAX: ffffffffffffffda RBX: 00007f13c2c15fa0 RCX: 00007f13c299ce59
[  187.128282][ T4163] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  187.128289][ T4163] RBP: 00007f13c392c090 R08: 0000000000000000 R09: 0000000000000000
[  187.128295][ T4163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.128302][ T4163] R13: 00007f13c2c16038 R14: 00007f13c2c15fa0 R15: 00007ffd189a7228
[  187.128310][ T4163]  </TASK>
[  187.348826][ T4167] tmpfs: Invalid uid '0x00000000ffffffff'
[  187.503441][ T4172] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.511970][ T4172] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  187.637266][ T4178] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.645906][ T4178] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  187.654881][ T4178] SELinux:  policydb magic number 0x366d6970 does not match expected magic number 0xf97cff8c
[  187.665185][ T4178] SELinux: failed to load policy
[  187.752501][  T337] usb 4-1: new high-speed USB device number 91 using dummy_hcd
[  187.797218][ T4180] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1370'.
[  187.806831][ T4180] fuse: Bad value for 'fd'
[  187.816725][ T4180] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  187.898995][   T36] kauditd_printk_skb: 2 callbacks suppressed
[  187.899012][   T36] audit: type=1400 audit(183.322:30262): avc:  denied  { getopt } for  pid=4182 comm="syz.1.1371" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  187.924077][   T36] audit: type=1400 audit(183.322:30263): avc:  denied  { read } for  pid=4182 comm="syz.1.1371" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  187.944332][  T337] usb 4-1: Using ep0 maxpacket: 8
[  187.950499][  T337] usb 4-1: config 0 interface 0 altsetting 144 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.956078][   T36] audit: type=1400 audit(183.378:30264): avc:  denied  { create } for  pid=4182 comm="syz.1.1371" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  187.961660][  T337] usb 4-1: config 0 interface 0 altsetting 144 endpoint 0x81 has invalid wMaxPacketSize 0
[  187.991543][  T337] usb 4-1: config 0 interface 0 has no altsetting 0
[  187.998180][  T337] usb 4-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[  188.007204][  T337] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.015742][  T337] usb 4-1: config 0 descriptor??
[  188.065046][ T4187] fuse: Invalid rootmode
[  188.077345][ T4189] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  188.085919][ T4189] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.095117][ T4189] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  188.103591][ T4189] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.214677][ T4192] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  188.223329][ T4192] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.266249][ T4196] FAULT_INJECTION: forcing a failure.
[  188.266249][ T4196] name failslab, interval 1, probability 0, space 0, times 0
[  188.278904][ T4196] CPU: 0 UID: 0 PID: 4196 Comm: syz.0.1375 Not tainted syzkaller #0 29c6904b08c3b1e8518f4116e2e8016f6159917e
[  188.278936][ T4196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  188.278949][ T4196] Call Trace:
[  188.278956][ T4196]  <TASK>
[  188.278962][ T4196]  __dump_stack+0x21/0x30
[  188.278989][ T4196]  dump_stack_lvl+0x140/0x1c0
[  188.279011][ T4196]  ? __cfi_dump_stack_lvl+0x10/0x10
[  188.279033][ T4196]  dump_stack+0x19/0x20
[  188.279051][ T4196]  should_fail_ex+0x3d7/0x530
[  188.279066][ T4196]  should_failslab+0xac/0x100
[  188.279086][ T4196]  kmem_cache_alloc_node_noprof+0x45/0x420
[  188.279104][ T4196]  ? dup_task_struct+0xc1/0xd80
[  188.279122][ T4196]  ? kasan_save_alloc_info+0x40/0x50
[  188.279145][ T4196]  ? __kasan_kmalloc+0x96/0xb0
[  188.279164][ T4196]  ? __kmalloc_cache_noprof+0x23c/0x470
[  188.279180][ T4196]  dup_task_struct+0xc1/0xd80
[  188.279200][ T4196]  ? __kasan_check_write+0x18/0x20
[  188.279216][ T4196]  ? _raw_spin_lock_irq+0x93/0x120
[  188.279234][ T4196]  ? copy_process+0x32a0/0x32a0
[  188.279256][ T4196]  ? __kasan_check_write+0x18/0x20
[  188.279275][ T4196]  copy_process+0x55a/0x32a0
[  188.279292][ T4196]  ? __cfi_copy_process+0x10/0x10
[  188.279304][ T4196]  ? __kmalloc_cache_noprof+0x23c/0x470
[  188.279320][ T4196]  ? __kasan_check_write+0x18/0x20
[  188.279338][ T4196]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  188.279360][ T4196]  vhost_task_create+0x1f7/0x400
[  188.279380][ T4196]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  188.279399][ T4196]  ? __cfi_vhost_task_create+0x10/0x10
[  188.279410][ T4196]  ? __cfi_vhost_task_fn+0x10/0x10
[  188.279420][ T4196]  ? __kasan_check_write+0x18/0x20
[  188.279430][ T4196]  ? mutex_lock+0x97/0x1d0
[  188.279442][ T4196]  ? __cfi_mutex_lock+0x10/0x10
[  188.279453][ T4196]  ? kernel_text_address+0xa9/0xe0
[  188.279476][ T4196]  kvm_mmu_post_init_vm+0x161/0x300
[  188.279502][ T4196]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[  188.279533][ T4196]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  188.279548][ T4196]  ? kstrtoull+0x13b/0x1e0
[  188.279563][ T4196]  ? kstrtouint+0x78/0xf0
[  188.279576][ T4196]  ? ioctl_has_perm+0x1bc/0x500
[  188.279586][ T4196]  ? __asan_memcpy+0x5a/0x80
[  188.279595][ T4196]  ? ioctl_has_perm+0x408/0x500
[  188.279609][ T4196]  ? has_cap_mac_admin+0xd0/0xd0
[  188.279626][ T4196]  ? __kasan_check_write+0x18/0x20
[  188.279644][ T4196]  ? mutex_lock_killable+0x97/0x1d0
[  188.279666][ T4196]  ? __cfi_mutex_lock_killable+0x10/0x10
[  188.279685][ T4196]  ? proc_fail_nth_write+0x184/0x220
[  188.279700][ T4196]  kvm_vcpu_ioctl+0xa48/0x1000
[  188.279711][ T4196]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  188.279721][ T4196]  ? __cfi_vfs_write+0x10/0x10
[  188.279731][ T4196]  ? __kasan_check_write+0x18/0x20
[  188.279750][ T4196]  ? mutex_unlock+0x90/0x240
[  188.279771][ T4196]  ? __cfi_mutex_unlock+0x10/0x10
[  188.279792][ T4196]  ? __fget_files+0x2c5/0x340
[  188.279814][ T4196]  ? __fget_files+0x2c5/0x340
[  188.279829][ T4196]  ? bpf_lsm_file_ioctl+0xd/0x20
[  188.279845][ T4196]  ? security_file_ioctl+0x3e/0x110
[  188.279860][ T4196]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  188.279870][ T4196]  __se_sys_ioctl+0x132/0x1b0
[  188.279882][ T4196]  __x64_sys_ioctl+0x7f/0xa0
[  188.279900][ T4196]  x64_sys_call+0x1878/0x2ee0
[  188.279918][ T4196]  do_syscall_64+0x57/0xf0
[  188.279936][ T4196]  ? clear_bhb_loop+0x50/0xa0
[  188.279958][ T4196]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  188.279974][ T4196] RIP: 0033:0x7fb52d99ce59
[  188.279984][ T4196] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  188.279993][ T4196] RSP: 002b:00007fb52e925028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  188.280005][ T4196] RAX: ffffffffffffffda RBX: 00007fb52dc15fa0 RCX: 00007fb52d99ce59
[  188.280017][ T4196] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  188.280028][ T4196] RBP: 00007fb52e925090 R08: 0000000000000000 R09: 0000000000000000
[  188.280040][ T4196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.280050][ T4196] R13: 00007fb52dc16038 R14: 00007fb52dc15fa0 R15: 00007ffcdf42a9b8
[  188.280065][ T4196]  </TASK>
[  188.699137][   T36] audit: type=1400 audit(183.847:30265): avc:  denied  { write } for  pid=4169 comm="syz.3.1366" name="loop-control" dev="devtmpfs" ino=48 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  188.702049][  T337] smartjoyplus 0003:6666:8804.0030: unknown main item tag 0xe
[  188.729653][ T4200] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  188.730518][  T337] smartjoyplus 0003:6666:8804.0030: item fetching failed at offset 4/5
[  188.739743][ T4200] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.747487][  T337] smartjoyplus 0003:6666:8804.0030: parse failed
[  188.761144][  T337] smartjoyplus 0003:6666:8804.0030: probe with driver smartjoyplus failed with error -22
[  188.989465][  T829] usb 4-1: USB disconnect, device number 91
[  189.052929][   T36] audit: type=1400 audit(184.410:30266): avc:  denied  { search } for  pid=4212 comm="syz.2.1380" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  189.212728][  T337] usb 2-1: new high-speed USB device number 98 using dummy_hcd
[  189.372600][  T337] usb 2-1: Using ep0 maxpacket: 8
[  189.378978][  T337] usb 2-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.390384][  T337] usb 2-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  189.413501][  T337] usb 2-1: config 0 interface 0 has no altsetting 0
[  189.423282][  T337] usb 2-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[  189.433273][  T337] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.443011][  T337] usb 2-1: config 0 descriptor??
[  189.448467][ T4220] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  189.464460][ T4220] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  189.474050][ T4220] SELinux:  policydb magic number 0x366d6970 does not match expected magic number 0xf97cff8c
[  189.484458][ T4220] SELinux: failed to load policy
[  190.001345][   T36] audit: type=1326 audit(185.292:30267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4237 comm="syz.2.1388" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494f59ce59 code=0x7ffc0000
[  190.026300][   T36] audit: type=1326 audit(185.292:30268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4237 comm="syz.2.1388" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494f59ce59 code=0x7ffc0000
[  190.051858][   T36] audit: type=1326 audit(185.302:30269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4237 comm="syz.2.1388" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494f59ce59 code=0x7ffc0000
[  190.077445][   T36] audit: type=1326 audit(185.302:30270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4237 comm="syz.2.1388" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494f59ce59 code=0x7ffc0000
[  190.077835][ T4251] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.103429][   T36] audit: type=1326 audit(185.302:30271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4237 comm="syz.2.1388" exe="/root/ci2-android-6-12-rust/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f494f59ce59 code=0x7ffc0000
[  190.112229][ T4251] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.145957][ T4252] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1388'.
[  190.157786][ T4252] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.166409][ T4252] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.214658][  T323] usb 4-1: new high-speed USB device number 92 using dummy_hcd
[  190.374517][  T323] usb 4-1: Using ep0 maxpacket: 32
[  190.382266][  T323] usb 4-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice= 0.40
[  190.391390][  T323] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.399417][  T323] usb 4-1: Product: syz
[  190.403601][  T323] usb 4-1: Manufacturer: syz
[  190.408230][  T323] usb 4-1: SerialNumber: syz
[  190.439180][  T337] usbhid 2-1:0.0: can't add hid device: -71
[  190.446060][  T337] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  190.458303][  T337] usb 2-1: USB disconnect, device number 98
[  190.634277][ T4235] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.643359][ T4235] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.655725][ T1952] Bluetooth: hci0: Frame reassembly failed (-84)
[  190.724637][ T4261] tipc: Started in network mode
[  190.729664][ T4261] tipc: Node identity , cluster identity 4711
[  190.755241][ T4262] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.764559][ T4262] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.790468][ T4261] rust_binder: Error in use_page_slow: ESRCH
[  190.790491][ T4261] rust_binder: use_range failure ESRCH
[  190.796528][ T4261] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  190.802147][ T4261] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  190.809968][ T4261] rust_binder: 4260:4261 transaction to 4260 failed: ESRCH
[  190.886366][ T4261] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1395'.
[  191.096920][ T4259] Invalid logical block size (3601)
[  191.656002][ T4272] netlink: 'syz.0.1397': attribute type 5 has an invalid length.
[  191.973135][ T4298] netlink: 'syz.0.1405': attribute type 4 has an invalid length.
[  191.980960][ T4298] netlink: 'syz.0.1405': attribute type 5 has an invalid length.
[  191.988982][ T4298] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.1405'.
[  192.007928][ T4300] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1406'.
[  192.058656][ T4301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1406'.
[  192.090923][ T4305] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.101442][ T4305] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.154686][  T829] usb 2-1: new high-speed USB device number 99 using dummy_hcd
[  192.315619][  T829] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  192.326071][  T829] usb 2-1: New USB device found, idVendor=04dd, idProduct=9032, bcdDevice=fd.0b
[  192.335128][  T829] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.343796][  T829] usb 2-1: config 0 descriptor??
[  192.349949][  T829] usb 2-1: unsupported MDLM descriptors
[  192.567625][ T4292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.576254][ T4292] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.828033][   T53] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  192.842736][  T323] snd-usb-audio 4-1:1.1: probe with driver snd-usb-audio failed with error -2
[  192.864868][  T323] usb 4-1: USB disconnect, device number 92
[  192.922408][ T4323] ³þ: renamed from bond_slave_0
[  193.351249][ T4336] netlink: 196 bytes leftover after parsing attributes in process `syz.2.1415'.
[  193.370479][ T4336] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1415'.
[  193.456654][ T4346] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  193.470602][ T4346] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  193.493511][ T4341] kvm: pic: non byte write
[  193.499808][ T4342] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1417'.
[  193.509849][ T4341] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1417'.
[  193.520408][ T4342] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  193.530757][ T4342] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  193.689400][  T323] usb 4-1: new high-speed USB device number 93 using dummy_hcd
[  193.849619][  T323] usb 4-1: Using ep0 maxpacket: 16
[  193.856039][  T323] usb 4-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  193.866625][  T323] usb 4-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.877883][  T323] usb 4-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  193.887875][  T323] usb 4-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  193.901016][  T323] usb 4-1: config 7 interface 0 has no altsetting 0
[  193.907896][  T323] usb 4-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[  193.917304][  T323] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.089732][   T36] kauditd_printk_skb: 2261 callbacks suppressed
[  194.089765][   T36] audit: type=1400 audit(189.139:32533): avc:  denied  { nlmsg_write } for  pid=4353 comm="syz.2.1421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  194.257301][   T36] audit: type=1400 audit(189.298:32534): avc:  denied  { create } for  pid=4355 comm="syz.0.1422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=irda_socket permissive=1
[  194.359175][ T4344] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.369021][ T4344] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.533683][ T4369] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.557872][ T4369] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.608655][ T4344] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.625691][ T4344] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.645553][  T323] usbhid 4-1:7.0: can't add hid device: -71
[  194.651909][  T323] usbhid 4-1:7.0: probe with driver usbhid failed with error -71
[  194.663406][  T323] usb 4-1: USB disconnect, device number 93
[  194.832497][ T4380] 9pnet: p9_errstr2errno: server reported unknown error ùô
[  194.832700][ T4381] fuse: Unknown parameter 'fd½0x0000000000000008'
[  194.863831][ T4380] fuse: Bad value for 'fd'
[  194.871207][ T4380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.881000][ T4380] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.193457][  T337] usb 2-1: USB disconnect, device number 99
[  195.382752][ T4400] rust_binder: Error in use_page_slow: ESRCH
[  195.382773][ T4400] rust_binder: use_range failure ESRCH
[  195.388974][ T4400] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  195.394553][ T4400] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  195.402421][ T4400] rust_binder: 4399:4400 transaction to 4399 failed: ESRCH
[  195.437428][  T323] usb 4-1: new high-speed USB device number 94 using dummy_hcd
[  195.555729][   T36] audit: type=1400 audit(190.518:32535): avc:  denied  { create } for  pid=4409 comm="syz.2.1439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  195.586752][  T323] usb 4-1: device descriptor read/64, error -71
[  195.729895][ T4416] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.739654][ T4416] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.863764][  T323] usb 4-1: device descriptor read/64, error -71
[  196.119587][  T323] usb 4-1: new high-speed USB device number 95 using dummy_hcd
[  196.172854][  T829] usb 2-1: new high-speed USB device number 100 using dummy_hcd
[  196.279617][  T323] usb 4-1: device descriptor read/64, error -71
[  196.308481][ T4423] can1: slcan on ttyS3.
[  196.332765][  T829] usb 2-1: Using ep0 maxpacket: 8
[  196.333811][ T4422] can1 (unregistered): slcan off ttyS3.
[  196.338921][  T829] usb 2-1: config 0 interface 0 has no altsetting 0
[  196.350178][  T829] usb 2-1: New USB device found, idVendor=172f, idProduct=0038, bcdDevice= 0.00
[  196.359305][  T829] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.369511][  T829] usb 2-1: config 0 descriptor??
[  196.370829][ T4427] syzkaller0: entered allmulticast mode
[  196.380400][   T36] audit: type=1400 audit(191.287:32536): avc:  denied  { listen } for  pid=4424 comm="syz.0.1443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  196.383488][ T4425] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  196.409139][ T4425] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  196.437058][ T4427] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1444'.
[  196.535299][  T323] usb 4-1: device descriptor read/64, error -71
[  196.652641][  T323] usb usb4-port1: attempt power cycle
[  196.804667][  T829] waltop 0003:172F:0038.0031: unknown main item tag 0x2
[  196.811667][  T829] waltop 0003:172F:0038.0031: unknown main item tag 0x6
[  196.818707][  T829] waltop 0003:172F:0038.0031: ignoring exceeding usage max
[  196.827096][  T829] waltop 0003:172F:0038.0031: hidraw1: USB HID v0.81 Device [HID 172f:0038] on usb-dummy_hcd.1-1/input0
[  196.963531][ T4436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  196.972439][ T4436] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  196.981376][ T4437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  196.990019][ T4437] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.014948][  T323] usb 4-1: new high-speed USB device number 96 using dummy_hcd
[  197.025198][  T829] usb 2-1: USB disconnect, device number 100
[  197.037251][  T323] usb 4-1: device descriptor read/8, error -71
[  197.175828][  T323] usb 4-1: device descriptor read/8, error -71
[  197.212236][ T4436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.220809][ T4436] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.423091][ T4444] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.430705][  T323] usb 4-1: new high-speed USB device number 97 using dummy_hcd
[  197.432037][ T4444] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.452921][  T323] usb 4-1: device descriptor read/8, error -71
[  197.591810][  T323] usb 4-1: device descriptor read/8, error -71
[  197.707807][  T323] usb usb4-port1: unable to enumerate USB device
[  197.847924][  T373] usb 2-1: new high-speed USB device number 101 using dummy_hcd
[  197.879274][ T4457] rust_binder: Error while translating object.
[  197.879351][    C1] BUG: TASK stack guard page was hit at ffffc900010b7fb8 (stack is ffffc900010b8000..ffffc900010c0000)
[  197.879392][    C1] Oops: stack guard page: 0000 [#1] PREEMPT SMP KASAN PTI
[  197.879411][    C1] CPU: 1 UID: 0 PID: 4457 Comm: syz.0.1453 Not tainted syzkaller #0 29c6904b08c3b1e8518f4116e2e8016f6159917e
[  197.879438][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  197.879449][    C1] RIP: 0010:update_stack_state+0xf4/0x4b0
[  197.879477][    C1] Code: 84 c0 0f 85 89 03 00 00 41 c6 06 01 b8 a8 00 00 00 49 89 d7 eb 05 b8 10 00 00 00 4c 8d 73 08 48 8d 4b 10 4c 89 7d b0 4c 01 f8 <48> 89 85 78 ff ff ff 48 8d 53 18 48 8d 43 28 48 8d 73 20 48 89 b5
[  197.879492][    C1] RSP: 0018:ffffc900010b7fc0 EFLAGS: 00010282
[  197.879508][    C1] RAX: ffffc900010b8220 RBX: ffffc900010b8188 RCX: ffffc900010b8198
[  197.879522][    C1] RDX: ffffc900010b8210 RSI: ffffc900010b8210 RDI: ffffc900010b81e0
[  197.879535][    C1] RBP: ffffc900010b8080 R08: ffffc900010b8101 R09: 0000000000000000
[  197.879549][    C1] R10: ffffc900010b8188 R11: fffff5200021703d R12: 0000000000000000
[  197.879561][    C1] R13: dffffc0000000000 R14: ffffc900010b8190 R15: ffffc900010b8210
[  197.879575][    C1] FS:  00007fb52e9256c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  197.879591][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  197.879604][    C1] CR2: ffffc900010b7fb8 CR3: 000000011a810000 CR4: 00000000003526b0
[  197.879620][    C1] Call Trace:
[  197.879629][    C1]  <TASK>
[  197.879638][    C1]  ? unwind_next_frame+0x3c1/0x750
[  197.879671][    C1]  ? __unwind_start+0x34c/0x410
[  197.879692][    C1]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  197.879713][    C1]  ? arch_stack_walk+0xf2/0x170
[  197.879731][    C1]  ? arch_stack_walk+0xf2/0x170
[  197.879748][    C1]  ? stack_trace_save+0xaa/0x100
[  197.879768][    C1]  ? __cfi_stack_trace_save+0x10/0x10
[  197.879788][    C1]  ? __asan_memset+0x39/0x50
[  197.879806][    C1]  ? save_stack+0x125/0x240
[  197.879832][    C1]  ? free_contig_range+0x260/0x260
[  197.879848][    C1]  ? __reset_page_owner+0x450/0x450
[  197.879868][    C1]  ? zone_page_state_add+0x43/0x90
[  197.879890][    C1]  ? kvm_sched_clock_read+0x15/0x30
[  197.879913][    C1]  ? sched_clock_noinstr+0xd/0x30
[  197.879934][    C1]  ? __set_page_owner+0x8e/0x600
[  197.879954][    C1]  ? __zone_watermark_ok+0x134/0x630
[  197.879976][    C1]  ? __cfi___set_page_owner+0x10/0x10
[  197.879997][    C1]  ? kasan_unpoison+0x4a/0x70
[  197.880014][    C1]  ? post_alloc_hook+0x37d/0x3b0
[  197.880035][    C1]  ? __cfi_post_alloc_hook+0x10/0x10
[  197.880057][    C1]  ? gfp_to_alloc_flags_cma+0x1c0/0x1c0
[  197.880075][    C1]  ? _raw_spin_trylock+0xb5/0x140
[  197.880091][    C1]  ? __cfi__raw_spin_trylock+0x10/0x10
[  197.880109][    C1]  ? prep_new_page+0x2d/0x190
[  197.880130][    C1]  ? get_page_from_freelist+0x496e/0x4a20
[  197.880158][    C1]  ? __alloc_pages_noprof+0x7e0/0x7e0
[  197.880179][    C1]  ? static_key_count+0x45/0x70
[  197.880200][    C1]  ? gfp_to_alloc_flags_cma+0x96/0x1c0
[  197.880218][    C1]  ? lruvec_init+0x211/0x280
[  197.880236][    C1]  ? __alloc_pages_noprof+0x35f/0x7e0
[  197.880259][    C1]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  197.880307][    C1]  ? unwind_get_return_address+0x51/0x90
[  197.880328][    C1]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  197.880349][    C1]  ? arch_stack_walk+0x10a/0x170
[  197.880368][    C1]  ? stack_trace_save+0xaa/0x100
[  197.880387][    C1]  ? stack_depot_save_flags+0x672/0x800
[  197.880406][    C1]  ? kasan_save_track+0x4f/0x80
[  197.880426][    C1]  ? kasan_save_track+0x3e/0x80
[  197.880443][    C1]  ? kasan_save_free_info+0x4a/0x60
[  197.880467][    C1]  ? __kasan_slab_free+0x5f/0x80
[  197.880486][    C1]  ? kfree+0x158/0x440
[  197.880503][    C1]  ? krealloc_noprof+0xfa/0x130
[  197.880521][    C1]  ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel5alloc4kbox3BoxINtNtNtB4_3mem12maybe_uninit11MaybeUninitINtNtBN_6rbtree4NodemINtNtNtBN_4list3arc7ListArcNtNtCs2tVsXcF29le_11rust_binder7process11NodeRefInfoKyd703a5263dcc8650_EEENtNtBL_9allocator7KmallocEEB2S_+0x114/0x360
[  197.880574][    C1]  ? _RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process10update_ref+0x16c0/0x2660
[  197.880602][    C1]  ? _RNvXs_NtCs2tVsXcF29le_11rust_binder10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x1715/0x5dd0
[  197.880632][    C1]  ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCs2tVsXcF29le_11rust_binder10allocation10AllocationEBK_+0x1a/0xf0
[  197.880674][    C1]  ? _RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread21copy_transaction_data+0x7c54/0x9460
[  197.880701][    C1]  ? _RNvMs_NtCs2tVsXcF29le_11rust_binder11transactionNtB4_11Transaction3new+0x3d0/0x28d0
[  197.880728][    C1]  ? _RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread11transaction+0x1b97/0x3e50
[  197.880753][    C1]  ? _RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread5write+0x1271/0xa690
[  197.880777][    C1]  ? _RNvCs2tVsXcF29le_11rust_binder17rust_binder_ioctl+0x1192/0x5c20
[  197.880797][    C1]  ? __se_sys_ioctl+0x132/0x1b0
[  197.880817][    C1]  ? __x64_sys_ioctl+0x7f/0xa0
[  197.880835][    C1]  ? x64_sys_call+0x1878/0x2ee0
[  197.880852][    C1]  ? do_syscall_64+0x57/0xf0
[  197.880870][    C1]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  197.880895][    C1]  ? _RNvMs_NtNtCs1ewLyjEZ7Le_6kernel5alloc9allocatorNtB4_7Kmalloc14aligned_layout+0x9a/0x180
[  197.880925][    C1]  ? kasan_save_free_info+0x4a/0x60
[  197.880948][    C1]  ? __kasan_slab_free+0x5f/0x80
[  197.880968][    C1]  ? kfree+0x158/0x440
[  197.880983][    C1]  ? krealloc_noprof+0xfa/0x130
[  197.881002][    C1]  ? krealloc_noprof+0xfa/0x130
[  197.881020][    C1]  ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel5alloc4kbox3BoxINtNtNtB4_3mem12maybe_uninit11MaybeUninitINtNtBN_6rbtree4NodemINtNtNtBN_4list3arc7ListArcNtNtCs2tVsXcF29le_11rust_binder7process11NodeRefInfoKyd703a5263dcc8650_EEENtNtBL_9allocator7KmallocEEB2S_+0x114/0x360
[  197.881072][    C1]  ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel5alloc4kbox3BoxINtNtNtB4_3mem12maybe_uninit11MaybeUninitINtNtBN_6rbtree4NodemINtNtNtBN_4list3arc7ListArcNtNtCs2tVsXcF29le_11rust_binder7process11NodeRefInfoKyd703a5263dcc8650_EEENtNtBL_9allocator7KmallocEEB2S_+0x10/0x10
[  197.881123][    C1]  ? _RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreemINtNtNtB7_4list3arc7ListArcNtNtCs2tVsXcF29le_11rust_binder7process11NodeRefInfoKyd703a5263dcc8650_EE9raw_entryB1i_+0x413/0x580
[  197.881161][    C1]  ? __cfi__RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreemINtNtNtB7_4list3arc7ListArcNtNtCs2tVsXcF29le_11rust_binder7process11NodeRefInfoKyd703a5263dcc8650_EE9raw_entryB1i_+0x10/0x10
[  197.881200][    C1]  ? __kasan_check_write+0x18/0x20
[  197.881218][    C1]  ? _raw_spin_lock+0x92/0x120
[  197.881234][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[  197.881252][    C1]  ? _RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process10update_ref+0x16c0/0x2660
[  197.881282][    C1]  ? __cfi__RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process10update_ref+0x10/0x10
[  197.881316][    C1]  ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ef/0x3d0
[  197.881339][    C1]  ? __asan_memcpy+0x5a/0x80
[  197.881356][    C1]  ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ef/0x3d0
[  197.881379][    C1]  ? __cfi__RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x10/0x10
[  197.881409][    C1]  ? __kasan_check_write+0x18/0x20
[  197.881426][    C1]  ? _raw_spin_lock+0x92/0x120
[  197.881442][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[  197.881459][    C1]  ? _RINvMs4_NtCs2tVsXcF29le_11rust_binder10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x6a9/0xc70
[  197.881491][    C1]  ? __asan_memcpy+0x5a/0x80
[  197.881508][    C1]  ? _RINvMs4_NtCs2tVsXcF29le_11rust_binder10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x5f4/0xc70
[  197.881541][    C1]  ? __cfi__RINvMs4_NtCs2tVsXcF29le_11rust_binder10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x10/0x10
[  197.881572][    C1]  ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ef/0x3d0
[  197.881600][    C1]  ? __asan_memcpy+0x5a/0x80
[  197.881616][    C1]  ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ef/0x3d0
[  197.881640][    C1]  ? __cfi__RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x10/0x10
[  197.881673][    C1]  ? __kasan_check_write+0x18/0x20
[  197.881690][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[  197.881707][    C1]  ? _RNvXs_NtCs2tVsXcF29le_11rust_binder10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x30c/0x5dd0
[  197.881737][    C1]  ? __asan_memcpy+0x5a/0x80
[  197.881753][    C1]  ? _RNvXs_NtCs2tVsXcF29le_11rust_binder10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x1715/0x5dd0
[  197.881787][    C1]  ? kernel_text_address+0xa9/0xe0
[  197.881809][    C1]  ? __kernel_text_address+0x11/0x40
[  197.881830][    C1]  ? unwind_get_return_address+0x51/0x90
[  197.881854][    C1]  ? __cfi__RNvXs_NtCs2tVsXcF29le_11rust_binder10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x10/0x10
[  197.881884][    C1]  ? stack_depot_save_flags+0x38/0x800
[  197.881904][    C1]  ? kasan_save_track+0x4f/0x80
[  197.881922][    C1]  ? kasan_save_track+0x3e/0x80
[  197.881940][    C1]  ? kasan_save_alloc_info+0x40/0x50
[  197.881963][    C1]  ? __kasan_kmalloc+0x96/0xb0
[  197.881982][    C1]  ? __kmalloc_node_track_caller_noprof+0x251/0x4f0
[  197.882001][    C1]  ? krealloc_noprof+0x8d/0x130
[  197.882018][    C1]  ? _RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process23insert_or_update_handle+0x51e/0x2c70
[  197.882059][    C1]  ? _RNvMs4_NtCs2tVsXcF29le_11rust_binder10allocationNtB5_14AllocationView22transfer_binder_object+0x224/0xc10
[  197.882093][    C1]  ? _RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread21copy_transaction_data+0x4031/0x9460
[  197.882121][    C1]  ? _RNvMs_NtCs2tVsXcF29le_11rust_binder11transactionNtB4_11Transaction3new+0x3d0/0x28d0
[  197.882148][    C1]  ? _RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread11transaction+0x1b97/0x3e50
[  197.882173][    C1]  ? _RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread5write+0x1271/0xa690
[  197.882196][    C1]  ? _RNvCs2tVsXcF29le_11rust_binder17rust_binder_ioctl+0x1192/0x5c20
[  197.882216][    C1]  ? __se_sys_ioctl+0x132/0x1b0
[  197.882235][    C1]  ? __x64_sys_ioctl+0x7f/0xa0
[  197.882254][    C1]  ? x64_sys_call+0x1878/0x2ee0
[  197.882271][    C1]  ? do_syscall_64+0x57/0xf0
[  197.882288][    C1]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  197.882311][    C1]  ? __kasan_check_write+0x18/0x20
[  197.882328][    C1]  ? _raw_spin_lock+0x92/0x120
[  197.882345][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[  197.882362][    C1]  ? __kasan_check_write+0x18/0x20
[  197.882379][    C1]  ? _RNvMs5_NtCs1ewLyjEZ7Le_6kernel6bitmapNtB5_6Bitmap7set_bit+0xc1/0x260
[  197.882407][    C1]  ? __cfi__RNvMs5_NtCs1ewLyjEZ7Le_6kernel6bitmapNtB5_6Bitmap7set_bit+0x10/0x10
[  197.882435][    C1]  ? _raw_spin_unlock+0x45/0x60
[  197.882452][    C1]  ? _RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x181/0x2d0
[  197.882477][    C1]  ? __asan_memcpy+0x5a/0x80
[  197.882494][    C1]  ? _RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x1c8/0x2d0
[  197.882520][    C1]  ? __cfi__RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x10/0x10
[  197.882546][    C1]  ? _RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x1c8/0x2d0
[  197.882572][    C1]  ? __cfi__RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x10/0x10
[  197.882597][    C1]  ? _RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process23insert_or_update_handle+0x17cc/0x2c70
[  197.882627][    C1]  ? desc_read+0x202/0x3e0
[  197.882653][    C1]  ? __kasan_check_write+0x18/0x20
[  197.882670][    C1]  ? desc_read+0x1ab/0x3e0
[  197.882688][    C1]  ? prb_first_seq+0x109/0x1d0
[  197.882707][    C1]  ? __cfi_prb_first_seq+0x10/0x10
[  197.882726][    C1]  ? __kasan_check_write+0x18/0x20
[  197.882742][    C1]  ? desc_read+0x1ab/0x3e0
[  197.882761][    C1]  ? __kasan_check_read+0x15/0x20
[  197.882777][    C1]  ? this_cpu_in_panic+0x56/0x90
[  197.882798][    C1]  ? _prb_read_valid+0x9f3/0xa80
[  197.882817][    C1]  ? __asan_memcpy+0x5a/0x80
[  197.882835][    C1]  ? prb_read_valid+0x80/0x80
[  197.882854][    C1]  ? data_alloc+0x4d0/0x7e0
[  197.882872][    C1]  ? desc_read+0x202/0x3e0
[  197.882899][    C1]  ? __kasan_check_write+0x18/0x20
[  197.882916][    C1]  ? desc_read+0x1ab/0x3e0
[  197.882934][    C1]  ? prb_first_seq+0x109/0x1d0
[  197.882952][    C1]  ? __cfi_prb_first_seq+0x10/0x10
[  197.882971][    C1]  ? __kasan_check_write+0x18/0x20
[  197.882987][    C1]  ? desc_read+0x1ab/0x3e0
[  197.883006][    C1]  ? __kasan_check_read+0x15/0x20
[  197.883022][    C1]  ? this_cpu_in_panic+0x56/0x90
[  197.883041][    C1]  ? _prb_read_valid+0x9f3/0xa80
[  197.883060][    C1]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  197.883079][    C1]  ? prb_read_valid+0x80/0x80
[  197.883097][    C1]  ? _raw_spin_unlock_irqrestore+0x4a/0x70
[  197.883115][    C1]  ? up+0x10a/0x1b0
[  197.883135][    C1]  ? __cfi_up+0x10/0x10
[  197.883155][    C1]  ? __kasan_check_write+0x18/0x20
[  197.883172][    C1]  ? _RNvMs_NtNtCs1ewLyjEZ7Le_6kernel5alloc9allocatorNtB4_7Kmalloc14aligned_layout+0x9a/0x180
[  197.883200][    C1]  ? __cfi__RNvMs_NtNtCs1ewLyjEZ7Le_6kernel5alloc9allocatorNtB4_7Kmalloc14aligned_layout+0x10/0x10
[  197.883228][    C1]  ? __cfi_llist_add_batch+0x10/0x10
[  197.883250][    C1]  ? console_unlock+0x247/0x2c0
[  197.883271][    C1]  ? __cfi_console_unlock+0x10/0x10
[  197.883293][    C1]  ? krealloc_noprof+0xfa/0x130
[  197.883310][    C1]  ? _RNvNtCs1ewLyjEZ7Le_6kernel5alloc20dangling_from_layout+0x11/0x20
[  197.883337][    C1]  ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCs2tVsXcF29le_11rust_binder6thread18ScatterGatherStateEEB16_+0x396/0x820
[  197.883373][    C1]  ? irq_work_queue+0xc2/0x160
[  197.883395][    C1]  ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCs2tVsXcF29le_11rust_binder6thread18ScatterGatherStateEEB16_+0x10/0x10
[  197.883431][    C1]  ? vprintk_emit+0x3e3/0x650
[  197.883451][    C1]  ? __cfi_vprintk_emit+0x10/0x10
[  197.883472][    C1]  ? _RINvMNtCs2tVsXcF29le_11rust_binder10allocationNtB3_10Allocation5writeyEB5_+0x47c/0x760
[  197.883501][    C1]  ? __cfi__RINvMNtCs2tVsXcF29le_11rust_binder10allocationNtB3_10Allocation5writeyEB5_+0x10/0x10
[  197.883533][    C1]  ? vprintk_default+0x2a/0x40
[  197.883552][    C1]  ? vprintk+0x93/0xa0
[  197.883568][    C1]  ? _printk+0xde/0x140
[  197.883587][    C1]  ? __cfi__RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreemINtNtNtB7_4list3arc7ListArcNtNtCs2tVsXcF29le_11rust_binder7process11NodeRefInfoKyd703a5263dcc8650_EE9raw_entryB1i_+0x10/0x10
[  197.883627][    C1]  ? __cfi__printk+0x10/0x10
[  197.883653][    C1]  ? mutex_unlock+0x90/0x240
[  197.883676][    C1]  ? _copy_from_user+0x87/0xa0
[  197.883696][    C1]  ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCs2tVsXcF29le_11rust_binder10allocation10AllocationEBK_+0x1a/0xf0
[  197.883729][    C1]  ? _RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread21copy_transaction_data+0x7c47/0x9460
[  197.883757][    C1]  ? _RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread21copy_transaction_data+0x7c54/0x9460
[  197.883796][    C1]  ? __cfi__RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread21copy_transaction_data+0x10/0x10
[  197.883868][    C1]  ? is_bpf_text_address+0x17b/0x1a0
[  197.883893][    C1]  ? kernel_text_address+0xa9/0xe0
[  197.883915][    C1]  ? __kernel_text_address+0x11/0x40
[  197.883938][    C1]  ? unwind_get_return_address+0x51/0x90
[  197.883959][    C1]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  197.883982][    C1]  ? stack_depot_save_flags+0x38/0x800
[  197.884001][    C1]  ? kasan_save_track+0x4f/0x80
[  197.884019][    C1]  ? kasan_save_track+0x3e/0x80
[  197.884037][    C1]  ? kasan_save_alloc_info+0x40/0x50
[  197.884060][    C1]  ? __kasan_kmalloc+0x96/0xb0
[  197.884079][    C1]  ? __kmalloc_node_track_caller_noprof+0x251/0x4f0
[  197.884099][    C1]  ? krealloc_noprof+0x8d/0x130
[  197.884116][    C1]  ? _RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process23insert_or_update_handle+0x51e/0x2c70
[  197.884144][    C1]  ? _RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process10update_ref+0x7c0/0x2660
[  197.884171][    C1]  ? _RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread5write+0x1a91/0xa690
[  197.884195][    C1]  ? _RNvCs2tVsXcF29le_11rust_binder17rust_binder_ioctl+0x1192/0x5c20
[  197.884214][    C1]  ? __se_sys_ioctl+0x132/0x1b0
[  197.884233][    C1]  ? __x64_sys_ioctl+0x7f/0xa0
[  197.884251][    C1]  ? x64_sys_call+0x1878/0x2ee0
[  197.884267][    C1]  ? do_syscall_64+0x57/0xf0
[  197.884285][    C1]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  197.884307][    C1]  ? _raw_spin_lock+0x92/0x120
[  197.884323][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[  197.884341][    C1]  ? __kasan_check_write+0x18/0x20
[  197.884357][    C1]  ? _RNvMs5_NtCs1ewLyjEZ7Le_6kernel6bitmapNtB5_6Bitmap7set_bit+0xc1/0x260
[  197.884385][    C1]  ? _raw_spin_unlock+0x45/0x60
[  197.884402][    C1]  ? __cfi__RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreemINtNtNtB7_4list3arc7ListArcNtNtCs2tVsXcF29le_11rust_binder7process11NodeRefInfoKyd703a5263dcc8650_EE9raw_entryB1i_+0x10/0x10
[  197.884441][    C1]  ? __kasan_check_write+0x18/0x20
[  197.884457][    C1]  ? mutex_unlock+0x90/0x240
[  197.884477][    C1]  ? __cfi_mutex_unlock+0x10/0x10
[  197.884498][    C1]  ? __asan_set_shadow_00+0x12/0x20
[  197.884524][    C1]  ? is_bpf_text_address+0x17b/0x1a0
[  197.884547][    C1]  ? kernel_text_address+0xa9/0xe0
[  197.884570][    C1]  ? __kernel_text_address+0x11/0x40
[  197.884591][    C1]  ? unwind_get_return_address+0x51/0x90
[  197.884627][    C1]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  197.884655][    C1]  ? arch_stack_walk+0x10a/0x170
[  197.884674][    C1]  ? stack_depot_save_flags+0x38/0x800
[  197.884692][    C1]  ? _RNvMs_NtCs2tVsXcF29le_11rust_binder11transactionNtB4_11Transaction3new+0x3d0/0x28d0
[  197.884720][    C1]  ? x64_sys_call+0x1878/0x2ee0
[  197.884736][    C1]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  197.884758][    C1]  ? __cfi__RNvMs_NtCs2tVsXcF29le_11rust_binder11transactionNtB4_11Transaction3new+0x10/0x10
[  197.884788][    C1]  ? kasan_save_alloc_info+0x40/0x50
[  197.884812][    C1]  ? __kasan_kmalloc+0x96/0xb0
[  197.884831][    C1]  ? __kmalloc_node_track_caller_noprof+0x251/0x4f0
[  197.884851][    C1]  ? _RINvMNtNtCs1ewLyjEZ7Le_6kernel4list3arcINtB3_7ListArcINtCs2tVsXcF29le_11rust_binder7DTRWrapNtBS_11DeliverCodeEE8pin_initNtNtB7_5error5ErrorINtNtNtB7_4init10___internal11InitClosureNCNvMs0_BS_BP_11arc_try_news0_0BP_B1U_EEBS_+0x10e/0x720
[  197.884894][    C1]  ? __asan_memset+0x39/0x50
[  197.884911][    C1]  ? _RINvMNtNtCs1ewLyjEZ7Le_6kernel4list3arcINtB3_7ListArcINtCs2tVsXcF29le_11rust_binder7DTRWrapNtBS_11DeliverCodeEE8pin_initNtNtB7_5error5ErrorINtNtNtB7_4init10___internal11InitClosureNCNvMs0_BS_BP_11arc_try_news0_0BP_B1U_EEBS_+0x2c5/0x720
[  197.884954][    C1]  ? __cfi__RINvMNtNtCs1ewLyjEZ7Le_6kernel4list3arcINtB3_7ListArcINtCs2tVsXcF29le_11rust_binder7DTRWrapNtBS_11DeliverCodeEE8pin_initNtNtB7_5error5ErrorINtNtNtB7_4init10___internal11InitClosureNCNvMs0_BS_BP_11arc_try_news0_0BP_B1U_EEBS_+0x10/0x10
[  197.884997][    C1]  ? avc_has_perm_noaudit+0x28a/0x360
[  197.885017][    C1]  ? avc_has_perm+0x155/0x240
[  197.885035][    C1]  ? _RNvNtCs1ewLyjEZ7Le_6kernel5error9to_result+0x85/0x1e0
[  197.885059][    C1]  ? __cfi__RNvNtCs1ewLyjEZ7Le_6kernel5error9to_result+0x10/0x10
[  197.885085][    C1]  ? __kasan_check_write+0x18/0x20
[  197.885102][    C1]  ? _raw_spin_lock+0x92/0x120
[  197.885118][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[  197.885134][    C1]  ? selinux_binder_transaction+0x165/0x1d0
[  197.885155][    C1]  ? _RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread11transaction+0x1b97/0x3e50
[  197.885180][    C1]  ? __asan_set_shadow_00+0x12/0x20
[  197.885205][    C1]  ? __cfi__RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process10update_ref+0x10/0x10
[  197.885235][    C1]  ? __cfi__RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread11transaction+0x10/0x10
[  197.885275][    C1]  ? __kasan_check_write+0x18/0x20
[  197.885292][    C1]  ? _RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread5write+0x1271/0xa690
[  197.885329][    C1]  ? __cfi__RNvMs2_NtCs2tVsXcF29le_11rust_binder6threadNtB5_6Thread5write+0x10/0x10
[  197.885387][    C1]  ? is_bpf_text_address+0x17b/0x1a0
[  197.885411][    C1]  ? kernel_text_address+0xa9/0xe0
[  197.885433][    C1]  ? __kernel_text_address+0x11/0x40
[  197.885455][    C1]  ? unwind_get_return_address+0x51/0x90
[  197.885476][    C1]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  197.885496][    C1]  ? arch_stack_walk+0x10a/0x170
[  197.885516][    C1]  ? stack_depot_save_flags+0x38/0x800
[  197.885535][    C1]  ? kasan_save_track+0x4f/0x80
[  197.885553][    C1]  ? kasan_save_track+0x3e/0x80
[  197.885571][    C1]  ? kasan_save_alloc_info+0x40/0x50
[  197.885594][    C1]  ? __kasan_kmalloc+0x96/0xb0
[  197.885612][    C1]  ? __kmalloc_node_track_caller_noprof+0x251/0x4f0
[  197.885630][    C1]  ? krealloc_noprof+0x8d/0x130
[  197.885657][    C1]  ? _RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process8get_node+0x920/0x1aa0
[  197.885686][    C1]  ? _RNvMs6_NtCs1ewLyjEZ7Le_6kernel4listINtB5_4ListINtCs2tVsXcF29le_11rust_binder7DTRWrapDNtBL_13DeliverToReadEL_EE12insert_innerBL_+0x43a/0x6c0
[  197.885727][    C1]  ? __se_sys_ioctl+0x132/0x1b0
[  197.885747][    C1]  ? __cfi__RNvMs6_NtCs1ewLyjEZ7Le_6kernel4listINtB5_4ListINtCs2tVsXcF29le_11rust_binder7DTRWrapDNtBL_13DeliverToReadEL_EE12insert_innerBL_+0x10/0x10
[  197.885780][    C1]  ? __kasan_check_write+0x18/0x20
[  197.885796][    C1]  ? _RNvMs0_NtCs2tVsXcF29le_11rust_binder4nodeNtB5_4Node28incr_refcount_allow_zero2one+0x502/0xee0
[  197.885821][    C1]  ? __kasan_check_write+0x18/0x20
[  197.885838][    C1]  ? _raw_spin_lock+0x92/0x120
[  197.885855][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[  197.885873][    C1]  ? _raw_spin_unlock+0x45/0x60
[  197.885890][    C1]  ? _RNvMs0_NtCs2tVsXcF29le_11rust_binder7processNtB5_12ProcessInner24new_node_ref_with_thread+0x5ec/0x950
[  197.885923][    C1]  ? __cfi__RNvMs0_NtCs2tVsXcF29le_11rust_binder7processNtB5_12ProcessInner24new_node_ref_with_thread+0x10/0x10
[  197.885955][    C1]  ? _RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreeyINtNtNtB7_4sync3arc3ArcINtCs2tVsXcF29le_11rust_binder7DTRWrapNtNtB1d_4node4NodeEEE9raw_entryB1d_+0x403/0x500
[  197.885990][    C1]  ? __cfi__RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreeyINtNtNtB7_4sync3arc3ArcINtCs2tVsXcF29le_11rust_binder7DTRWrapNtNtB1d_4node4NodeEEE9raw_entryB1d_+0x10/0x10
[  197.886025][    C1]  ? __kasan_check_write+0x18/0x20
[  197.886042][    C1]  ? _raw_spin_lock+0x92/0x120
[  197.886058][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[  197.886076][    C1]  ? _RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process8get_node+0x11f1/0x1aa0
[  197.886105][    C1]  ? __asan_memcpy+0x5a/0x80
[  197.886122][    C1]  ? __asan_set_shadow_00+0x12/0x20
[  197.886144][    C1]  ? _RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process8get_node+0x127e/0x1aa0
[  197.886175][    C1]  ? __cfi__RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process8get_node+0x10/0x10
[  197.886204][    C1]  ? _RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreelINtNtNtB7_4sync3arc3ArcNtNtCs2tVsXcF29le_11rust_binder6thread6ThreadEE9raw_entryB1e_+0x416/0x580
[  197.886237][    C1]  ? __cfi__RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreelINtNtNtB7_4sync3arc3ArcNtNtCs2tVsXcF29le_11rust_binder6thread6ThreadEE9raw_entryB1e_+0x10/0x10
[  197.886267][    C1]  ? __kasan_check_write+0x18/0x20
[  197.886284][    C1]  ? _raw_spin_lock+0x92/0x120
[  197.886301][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[  197.886318][    C1]  ? _raw_spin_unlock+0x45/0x60
[  197.886335][    C1]  ? __asan_set_shadow_00+0x12/0x20
[  197.886356][    C1]  ? _RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process18get_current_thread+0x1008/0x1c70
[  197.886383][    C1]  ? __cfi__RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process18get_current_thread+0x10/0x10
[  197.886409][    C1]  ? avc_has_perm_noaudit+0x26c/0x360
[  197.886429][    C1]  ? __asan_memcpy+0x5a/0x80
[  197.886446][    C1]  ? __kasan_check_write+0x18/0x20
[  197.886462][    C1]  ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel4sync3arc3ArcINtCs2tVsXcF29le_11rust_binder7DTRWrapNtNtB1o_4node4NodeEEEB1o_+0x155/0x4a0
[  197.886497][    C1]  ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel4sync3arc3ArcINtCs2tVsXcF29le_11rust_binder7DTRWrapNtNtB1o_4node4NodeEEEB1o_+0x10/0x10
[  197.886532][    C1]  ? avc_has_perm+0x155/0x240
[  197.886550][    C1]  ? _RNvNtCs1ewLyjEZ7Le_6kernel5error9to_result+0x85/0x1e0
[  197.886575][    C1]  ? __cfi__RNvNtCs1ewLyjEZ7Le_6kernel5error9to_result+0x10/0x10
[  197.886601][    C1]  ? __kasan_check_write+0x18/0x20
[  197.886618][    C1]  ? _raw_spin_lock+0x92/0x120
[  197.886635][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[  197.886658][    C1]  ? _RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process14set_as_manager+0xb14/0x1030
[  197.886684][    C1]  ? __asan_memcpy+0x5a/0x80
[  197.886701][    C1]  ? _RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process14set_as_manager+0xd14/0x1030
[  197.886725][    C1]  ? __kernel_text_address+0x11/0x40
[  197.886751][    C1]  ? __cfi__RNvMs4_NtCs2tVsXcF29le_11rust_binder7processNtB5_7Process14set_as_manager+0x10/0x10
[  197.886776][    C1]  ? stack_trace_save+0xaa/0x100
[  197.886795][    C1]  ? __kasan_check_write+0x18/0x20
[  197.886812][    C1]  ? _raw_spin_lock+0x92/0x120
[  197.886829][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[  197.886846][    C1]  ? _RNvCs2tVsXcF29le_11rust_binder17rust_binder_ioctl+0x113c/0x5c20
[  197.886867][    C1]  ? __asan_memcpy+0x5a/0x80
[  197.886883][    C1]  ? _RNvCs2tVsXcF29le_11rust_binder17rust_binder_ioctl+0x1192/0x5c20
[  197.886904][    C1]  ? _raw_spin_trylock+0xb5/0x140
[  197.886922][    C1]  ? _raw_spin_unlock+0x45/0x60
[  197.886939][    C1]  ? call_rcu_nocb+0x6d7/0xc80
[  197.886963][    C1]  ? __cfi__RNvCs2tVsXcF29le_11rust_binder17rust_binder_ioctl+0x10/0x10
[  197.886984][    C1]  ? swake_up_one_online_ipi+0x30/0x30
[  197.887008][    C1]  ? __cfi_mt_free_rcu+0x10/0x10
[  197.887028][    C1]  ? is_bpf_text_address+0x17b/0x1a0
[  197.887052][    C1]  ? kernel_text_address+0xa9/0xe0
[  197.887074][    C1]  ? __kernel_text_address+0x11/0x40
[  197.887095][    C1]  ? unwind_get_return_address+0x51/0x90
[  197.887116][    C1]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  197.887136][    C1]  ? arch_stack_walk+0x10a/0x170
[  197.887154][    C1]  ? stack_trace_save+0xaa/0x100
[  197.887174][    C1]  ? stack_depot_save_flags+0x38/0x800
[  197.887192][    C1]  ? kasan_save_track+0x4f/0x80
[  197.887210][    C1]  ? kasan_save_track+0x3e/0x80
[  197.887228][    C1]  ? kasan_save_alloc_info+0x40/0x50
[  197.887251][    C1]  ? __kasan_kmalloc+0x96/0xb0
[  197.887270][    C1]  ? __kmalloc_node_track_caller_noprof+0x251/0x4f0
[  197.887289][    C1]  ? krealloc_noprof+0x8d/0x130
[  197.887307][    C1]  ? kvrealloc_noprof+0x59/0x120
[  197.887324][    C1]  ? _RNvCs2tVsXcF29le_11rust_binder16rust_binder_mmap+0x78b/0x11f0
[  197.887344][    C1]  ? mmap_region+0x1579/0x1d60
[  197.887361][    C1]  ? do_mmap+0xb85/0x13c0
[  197.887376][    C1]  ? vm_mmap_pgoff+0x36e/0x4b0
[  197.887396][    C1]  ? is_bpf_text_address+0x17b/0x1a0
[  197.887416][    C1]  ? kernel_text_address+0xa9/0xe0
[  197.887437][    C1]  ? __kernel_text_address+0x11/0x40
[  197.887459][    C1]  ? unwind_get_return_address+0x51/0x90
[  197.887480][    C1]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  197.887500][    C1]  ? arch_stack_walk+0x10a/0x170
[  197.887519][    C1]  ? cgroup_rstat_updated+0x141/0x810
[  197.887539][    C1]  ? __cfi_cgroup_rstat_updated+0x10/0x10
[  197.887562][    C1]  ? kasan_save_stack+0x4d/0x60
[  197.887585][    C1]  ? kasan_save_stack+0x3e/0x60
[  197.887603][    C1]  ? __kasan_record_aux_stack+0xb2/0xd0
[  197.887626][    C1]  ? detach_entity_load_avg+0x7b0/0x7b0
[  197.887653][    C1]  ? update_curr+0xf8/0x9e0
[  197.887670][    C1]  ? __cfi___update_load_avg_cfs_rq+0x10/0x10
[  197.887695][    C1]  ? xfd_validate_state+0x68/0x140
[  197.887718][    C1]  ? save_fpregs_to_fpstate+0x196/0x220
[  197.887738][    C1]  ? __kasan_check_write+0x18/0x20
[  197.887754][    C1]  ? __switch_to+0xc4f/0x1300
[  197.887777][    C1]  ? __cfi_sched_clock_cpu+0x10/0x10
[  197.887800][    C1]  ? __cfi___switch_to+0x10/0x10
[  197.887824][    C1]  ? psi_task_switch+0xad/0xa10
[  197.887845][    C1]  ? _raw_spin_unlock+0x45/0x60
[  197.887862][    C1]  ? finish_task_switch+0x139/0x760
[  197.887883][    C1]  ? __switch_to_asm+0x3d/0x70
[  197.887899][    C1]  ? __schedule+0x14d6/0x2100
[  197.887919][    C1]  ? __sched_text_start+0x10/0x10
[  197.887939][    C1]  ? avc_has_extended_perms+0x80b/0xe70
[  197.887958][    C1]  ? __asan_memcpy+0x5a/0x80
[  197.887973][    C1]  ? avc_has_extended_perms+0x969/0xe70
[  197.887988][    C1]  ? __asan_set_shadow_00+0x12/0x20
[  197.888006][    C1]  ? do_vfs_ioctl+0x182d/0x2010
[  197.888019][    C1]  ? preempt_schedule_thunk+0x1a/0x40
[  197.888033][    C1]  ? __ia32_compat_sys_ioctl+0x920/0x920
[  197.888050][    C1]  ? try_to_wake_up+0x11f0/0x1fa0
[  197.888068][    C1]  ? __cfi_try_to_wake_up+0x10/0x10
[  197.888089][    C1]  ? ioctl_has_perm+0x39a/0x500
[  197.888106][    C1]  ? has_cap_mac_admin+0xd0/0xd0
[  197.888123][    C1]  ? file_mmap_ok+0x147/0x1a0
[  197.888140][    C1]  ? userfaultfd_unmap_complete+0x29f/0x320
[  197.888158][    C1]  ? selinux_file_ioctl+0x732/0x1480
[  197.888182][    C1]  ? __cfi_userfaultfd_unmap_complete+0x10/0x10
[  197.888200][    C1]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  197.888224][    C1]  ? do_futex+0x37d/0x510
[  197.888247][    C1]  ? __cfi_do_futex+0x10/0x10
[  197.888268][    C1]  ? vm_mmap_pgoff+0x153/0x4b0
[  197.888285][    C1]  ? __fget_files+0x2c5/0x340
[  197.888303][    C1]  ? bpf_lsm_file_ioctl+0xd/0x20
[  197.888320][    C1]  ? security_file_ioctl+0x3e/0x110
[  197.888342][    C1]  ? __cfi__RNvCs2tVsXcF29le_11rust_binder17rust_binder_ioctl+0x10/0x10
[  197.888363][    C1]  ? __se_sys_ioctl+0x132/0x1b0
[  197.888383][    C1]  ? __x64_sys_ioctl+0x7f/0xa0
[  197.888402][    C1]  ? x64_sys_call+0x1878/0x2ee0
[  197.888419][    C1]  ? do_syscall_64+0x57/0xf0
[  197.888437][    C1]  ? clear_bhb_loop+0x50/0xa0
[  197.888456][    C1]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  197.888478][    C1]  </TASK>
[  197.888485][    C1] Modules linked in:
[  197.888516][    C1] ---[ end trace 0000000000000000 ]---
[  197.888527][    C1] RIP: 0010:update_stack_state+0xf4/0x4b0
[  197.888551][    C1] Code: 84 c0 0f 85 89 03 00 00 41 c6 06 01 b8 a8 00 00 00 49 89 d7 eb 05 b8 10 00 00 00 4c 8d 73 08 48 8d 4b 10 4c 89 7d b0 4c 01 f8 <48> 89 85 78 ff ff ff 48 8d 53 18 48 8d 43 28 48 8d 73 20 48 89 b5
[  197.888566][    C1] RSP: 0018:ffffc900010b7fc0 EFLAGS: 00010282
[  197.888581][    C1] RAX: ffffc900010b8220 RBX: ffffc900010b8188 RCX: ffffc900010b8198
[  197.888595][    C1] RDX: ffffc900010b8210 RSI: ffffc900010b8210 RDI: ffffc900010b81e0
[  197.888609][    C1] RBP: ffffc900010b8080 R08: ffffc900010b8101 R09: 0000000000000000
[  197.888622][    C1] R10: ffffc900010b8188 R11: fffff5200021703d R12: 0000000000000000
[  197.888635][    C1] R13: dffffc0000000000 R14: ffffc900010b8190 R15: ffffc900010b8210
[  197.888654][    C1] FS:  00007fb52e9256c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  197.888682][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  197.888695][    C1] CR2: ffffc900010b7fb8 CR3: 000000011a810000 CR4: 00000000003526b0
[  197.888714][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  197.888964][    C1] Kernel Offset: disabled