last executing test programs: 2.411396281s ago: executing program 3 (id=36): symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file7\x00', 0x1ac) renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x8000600, 0x0, 0xff, 0x2, 0x0, 0x5}, 0x20) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (fail_nth: 18) 2.411042381s ago: executing program 3 (id=37): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="1201000000000010711e0920000000000001090224000100000000090400090103000100092105000001220500090581030002"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="069b0b77449f67ae38"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$hidraw(&(0x7f0000000100), 0x0, 0x0) read$hidraw(r1, &(0x7f0000002340)=""/147, 0x93) syz_usb_ep_write(r0, 0x81, 0x1, &(0x7f0000000140)='\x00') 2.386209903s ago: executing program 2 (id=38): arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000880), 0x2, 0x0) r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000008c0), 0x0, 0x0) dup3(r1, r0, 0x80000) arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0xa82, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x2) ioctl$XFS_IOC_PATH_TO_HANDLE(r2, 0xc0385869, 0x0) arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1) (async) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000880), 0x2, 0x0) (async) openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000008c0), 0x0, 0x0) (async) dup3(r1, r0, 0x80000) (async) arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0xa82, 0x0) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x2) (async) ioctl$XFS_IOC_PATH_TO_HANDLE(r2, 0xc0385869, 0x0) (async) 2.366526333s ago: executing program 2 (id=39): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)={0x12, 0x42, 0x601, 0x0, 0x25dfdbff, "", [@typed={0x4, 0x200}]}, 0x14}], 0x1}, 0x800) r1 = socket(0x10, 0x803, 0x0) r2 = socket$inet6(0xa, 0x80002, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x24088040, &(0x7f0000000280)={0xa, 0xe20, 0x20, @empty}, 0x1c) sendto$inet6(r2, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c) setitimer(0x0, 0x0, 0x0) setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f0000000140)=0x3, 0x4) sendto$inet6(r2, 0x0, 0x60, 0x40012, 0x0, 0x0) r3 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x80081, 0x0) writev(r3, &(0x7f0000002840)=[{&(0x7f0000001640)="4d3a6cc423aa641a5daa65f3c77008db8ab5b511d5738856dbcc52b98f011ee9dd927a2304a7bb8ab0ae9333d90f7a35bbf31a96391108108e4aacdebcec82ffa2ee79fabc74ee68bbc38d358fcc46c318f653e5c8a1465ccfd359a50abf74eaad0c726f0c789c82b42738f3bdf20488449a1f2bb3ecc9538505e689e3daf0d68061f34a300ece18e5697cc22d08e82f692f55337cbed23711f924c784b0ba204e90152060c9cee6fbc278a3e2fa69c15b28130733ee042a79468d59758daf87fed0af2c05d4d3c84db2d0b66ccf0b4876891fa3d1867e4a5a33138639da2fd6738e9f16ffcbe5a87ac56310b11ad78be154f9b6d2e20cbb8810a93e29d3e627109388f99dcb626e086c26da0ed156a8add5f4b733794a2454e3603886ea164a540afa09eef85d8aeaefa9ed44d3df64a9ab04cf5794ab26dc8ed0f5fe89106e17622026336494b39e449588f04124d8af6dcb4d0d8fd981e4a86b20328ad89ef3207b270c815d20f2e7d7bd0176c4351faed49743921eb78a6c38b6fba25c6b789dc505d8848e884fa077263cbd35af9052e9495a085021f82a3c6cb7818374a35c73e42ed584e60b7324ddc09ef657bd44ce306a2456df90cd5452155144b544d3fc1c5274ab0f92687e16032da0de90d5ef31ff2a1271da6742cc5ea0f7c147277892a8d207d333803ac85ea459c5aed4df25dca8a076d94749dbee0cabf2b519ceb4f598d5257473d3a7608b201031b3fa39ff7e78f2bbb12f9ae873e216e9e23af174aab71eb3d94d4beb04468aaa72e9cba888732c9c04e273080b91afad69657226454ddd45f701c59c8ab2e702e30ceba8372c7b7d921612e07a0a72121c32eff771aa372c499b32903a666254a832519b94d838ed45a067bf2060a1c89ad2d93efe1dce651e9f11c675d7175e9234fe16e0941dd2fc7e3412bfbcd79e094ca6bd48700be58660cb38fe459b6af7423b86743153b964192f9c3589a3632fb3dba906a60a06c8c112451ad9885063feaf081bc7301578f262f0f30320408420203fce42f8da562a70d547cf61f09d5af4507b0919cc5748bf7918c5a856c4f440eeaa8f9b3951ea2bd657cd061bc82102a3fac34e6c01cc483510121fe0e0e0ff0ed347c5a58b679b69f4bb58a009850c77f2f51152c65f86251adbba194988e9968d31edf20014938edf967204a61f37543301d5eeef352a9882b1c37a8bdcaab70ba635e8a36c25e43622b74706d366684296ff1a8d82221da684bb6d4eb2204af81fc3289632e53a9e840a4dcc69296dea25f95c36139d9bd7e4ef797fb86863aa94336268856e7537976c456956593697ca55b350a69256119d38bbe61f4ebde395243a91221aa5616aa85237c7f66ec7be30773f7fbcb4a18552261569d73497a416d18c9e2e1f26a293732acd7a288ff03b2317c2e1f258bb73bd648288cad461148df134095e6f7082ec25f55e6445891f698da4007c1a0c11da17e573764f0a55b7ea17cf76d6efa3f4d011e0292044212de858c63b61b50280189b2dde7fc628928d8fbe2b7ee08a8ef96f649236030a353bdc02a039d24b8cd35b15d02a597648c19796b5b992e27674c4dc282ffd61e6173e5598c64d0c9982f748101f6149d867d86d2663312e2d57195aa8bd25bbc70a0a3af0cb4e3173b33f906fbac86af05efcb0274ebee6d2866b61a08f2611c5787a66e980a9a98877584ecae0cff79f4f8337ccbd74f1e0ee38bae3961c826adbf8e13a06033242251105f58b95244e165146318cb9e4e45b147fb8c8b476124fc0b1eddcfd419dbfd18bc3999bd5c183e2fbe037f4266a00a008fdfc281a79a620d13ee713d3b29f009e650a4f90e82aa0ea1a56a25d75d9c7ed8f3d801fcea94c08c379f7302715f150ae6c191f7757582d0d0bc2a6a0db0deca8e7989380da4c09d6f027364f82395e0f21d13c5c2067b2596d40ed13add5ff109379c677140acca7c8d873c35674d3af70f5a3ed4eb2a749531fee151e8e6f3a0630b31038eefd88021e4b78b540afe8daab17bcdb9e981a873e52d893eb94c37190b65a26889532d9113872af31236c46c40eb4329d5e9d0b37f1b05bddc19161e0e9842171a0de5178e13f930e82b2025945189cc13380bf1150ffac4f7ef01a85f25a62b4ec1d157c33649dc3772a4cfc16df98be36e8844843aaf31807238eef4f256815390d7d6faf0d894f5eec922162ac9bc1c632a98f650b7a966e66233ac7d068e7558ba0a9c973deb0fb85335451ab6dd76b2e660d6a5bf49019e09ea73c363a394a86c97e800b2263d8c109fc2584b5e3aa794773135b44e19da399413bca0120e4cc667f1a04f8214b4f1ae930b08fe480a3976bcd44d4379ef3f491238b4514ed08ff56a007b14c6dee012fc340a0f6197c688cac44e71ad3e5ece4e05398dd3ed2ecd2cb2534a9bbbe1de7d878f1bd3e4ec5bc88ad368b5a526aa8ab26f2883525ea18d073a8a3eee1f2aab8515c8f98041080a53958edb73fd8be204f22d7b1fecef084043e3cbf39b88576505712dc3adcfc4fbacffe6307505dc28e59fea7b6922ed1bb0342e3e8f2858e9ea9a0e2f6816f509e454332f408148b3ea47dfccd35dbd28b1c808cfafc4789de21af18e145858d24875e68c439aa67a06c1ec5482ca7ab292c7f53b37c7369bf19351a817aefe980ab2b60d4e92475cca58622918c1b26b35be346a7f2292a666beb3b3b6fc3f4f3cbe6b189cf39b8d9fd97a7fa9bc793e23525e50a0d", 0x7a6}], 0x1) sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000000500)=[{{&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @empty}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000100)=""/192, 0xc0}, {&(0x7f00000001c0)=""/6, 0x6}], 0x2, &(0x7f0000000240)=""/222, 0xde}, 0xda}, {{&(0x7f0000000380)=@tipc=@name, 0x80, &(0x7f0000000480)=[{&(0x7f0000000400)=""/98, 0x62}], 0x1, &(0x7f00000004c0)=""/47, 0x2f}, 0x9}], 0x2, 0x2000, &(0x7f0000003700)={0x77359400}) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000700)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route_sched_retired(r1, &(0x7f0000001040)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001000)={&(0x7f0000000ac0)=@deltclass={0x534, 0x29, 0x8, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x2, 0x3}, {0xa}, {0xf, 0xffe0}}, [@c_cbq={{0x8}, {0x4}}, @c_dsmark={{0xb}, {0xc, 0x2, @TCA_DSMARK_VALUE={0x5, 0x5, 0xdf}}}, @c_cbq={{0x8}, {0x14, 0x2, [@TCA_CBQ_FOPT={0x10, 0x3, {{0x9, 0x2}, 0x5, 0x5}}]}}, @c_dsmark={{0xb}, {0xc, 0x2, @TCA_DSMARK_MASK={0x5, 0x4, 0x8}}}, @c_dsmark={{0xb}, {0xc, 0x2, @TCA_DSMARK_VALUE={0x5, 0x5, 0x80}}}, @c_cbq={{0x8}, {0x408, 0x2, [@TCA_CBQ_RTAB={0x404, 0x6, [0xcbf5, 0xffffff22, 0x0, 0x1, 0xfffffffe, 0x1, 0x7, 0x9, 0xa4, 0x4, 0x8, 0xfffffffc, 0x2, 0x9, 0x3, 0xe, 0x2, 0x1, 0x5, 0xd4e, 0x6, 0x61, 0x3, 0x8, 0x8000, 0x1, 0x2, 0x6, 0x3, 0x3, 0x1, 0x1, 0xfffffff9, 0x6, 0x224, 0x5, 0x10000, 0x1000, 0x8, 0xb, 0x4, 0x7f, 0x9, 0x3, 0x10, 0x2, 0x8, 0x8, 0x3, 0x1d17, 0x8, 0x0, 0x5, 0x9, 0x3f, 0x7fffffff, 0x5, 0x5, 0x10000, 0x9, 0x1, 0xffffffc0, 0x2, 0xfffffffd, 0x800, 0x6, 0x401, 0xb1, 0x7, 0x2, 0x5, 0x8, 0x932a, 0x1, 0x2, 0x9, 0x6, 0x3, 0x4, 0x1, 0x5, 0x76e6, 0x0, 0x7ff, 0x10001, 0x3, 0xe97, 0xffff, 0x100, 0x8, 0x3, 0x7, 0x1, 0x1, 0x4, 0x9e4, 0x5, 0x4, 0x1, 0xc5d, 0x0, 0x88, 0xb, 0x8, 0x80, 0x0, 0x7a, 0x8, 0xfffffff9, 0x7, 0xc65a, 0x5, 0x6, 0xc, 0x4, 0x6, 0x10, 0x6, 0x2dbfa673, 0x1, 0x5795, 0x3, 0x0, 0x2400000, 0x8000, 0x81, 0x430, 0x80, 0x0, 0x8c, 0x5, 0x1, 0xf, 0x3ff, 0x3, 0xa0, 0xc, 0xd1cd, 0x1, 0xff, 0x8, 0x7, 0x0, 0x5, 0x6, 0x4, 0xf, 0x7, 0x4, 0x7fff, 0x8, 0x1, 0x7, 0x800, 0x2, 0x7fffffff, 0x2, 0x7ff, 0x6, 0x1fe0, 0x2a0, 0x60000000, 0x6, 0xfffffeff, 0x200, 0xfffffffa, 0x7ff, 0x400, 0x40c22b9, 0x4, 0x1, 0x1, 0xc, 0x4, 0x4, 0x7fffffff, 0x5, 0xffffff60, 0x3, 0x200, 0x8, 0x3, 0x4, 0x6, 0x10000, 0xa4, 0x2d, 0x2, 0x9, 0x800, 0x2, 0x3, 0x3, 0x9, 0x9, 0x42d, 0x4, 0x8, 0x4, 0x70f, 0x3, 0x600000, 0xfffff6d2, 0x1, 0x579, 0x7fff, 0x0, 0x5, 0x493, 0x9, 0x8efe, 0x3, 0x3, 0x6, 0x83, 0x3, 0x0, 0x10, 0xb6, 0x7, 0x8000, 0x80000001, 0x3, 0x9, 0x0, 0x80000000, 0x4, 0x3, 0xfffffffc, 0x0, 0x0, 0x1, 0x5f55, 0x31, 0x3, 0x2, 0x8, 0x7c875fb4, 0x10001, 0x2, 0x1, 0x5, 0x80000001, 0xd, 0x80000000, 0x5, 0x81, 0x1, 0x37, 0x5, 0x3, 0x6, 0x8, 0x5, 0x5, 0x6]}]}}, @c_atm={{0x8}, {0x1c, 0x2, [@TCA_ATM_EXCESS={0x8, 0x4, {0x10, 0x6}}, @TCA_ATM_EXCESS={0x8, 0x4, {0x7, 0xe}}, @TCA_ATM_EXCESS={0x8, 0x4, {0x5, 0x9}}]}}, @c_cbq={{0x8}, {0x34, 0x2, [@TCA_CBQ_WRROPT={0x10, 0x2, {0x8, 0x4, 0x80, 0x9, 0xca3, 0xb}}, @TCA_CBQ_RATE={0x10, 0x5, {0x24, 0x0, 0xfffb, 0x8, 0x0, 0x7fff}}, @TCA_CBQ_RATE={0x10, 0x5, {0x9, 0x0, 0x2, 0x6, 0x8, 0x3baf8af}}]}}, @c_atm={{0x8}, {0x28, 0x2, [@TCA_ATM_FD={0x8, 0x1, r2}, @TCA_ATM_HDR={0x13, 0x3, "35cfc4b60ef3306b31a23f5b32191e"}, @TCA_ATM_EXCESS={0x8, 0x4, {0x6, 0xfff2}}]}}]}, 0x534}, 0x1, 0x0, 0x0, 0x40080}, 0x20000801) r6 = socket$unix(0x1, 0x1, 0x0) bind$unix(r6, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r6, 0x0) connect$unix(r6, &(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000080)={0x0, 'pimreg1\x00', {0x2}, 0x6}) sendmsg$nl_xfrm(r4, &(0x7f0000002680)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="40010000100033"], 0x140}, 0x1, 0x0, 0x0, 0x4c080}, 0x4048844) pwritev(r4, &(0x7f0000000900)=[{&(0x7f0000000580)="962edf472cbab151258067a78f1d7125468c29cad3433888eeee3d9d85a5225dbd10cfd1355cacac01e2ecbfd5421ec880a80eb1a31fd8df9d6f932b2220ef2516998e0612d31e1dd494c505725db70f7d81c0454456dec3e48760861cf53d6e13cc5c2d75e5f432cfa7c3bdccc580e97d6c310cf79db2d0f7c953cb237debac07399853a760b95288759556b00e4eda31b44fdeff3263d7d60b522c8564874b0ad22de8b0756fb2e8e521b64cb9c7", 0xaf}, {&(0x7f0000000640)="f4a1071facea213fd940d4ae8ae8ff03cb3f2bd19afbea4f913e3a9275f77d40c1ca76dc97183a77aeb7c80ccb78c4140527edacb60e14c172be5507cf69033651d9408858a00906befd9234739214ff7abf8d7619919caf", 0x58}, {&(0x7f0000000780)="005f549488b7c4d516808397688327e1fb80d6a245bb5e4fb05ed2b44c101c8514e94023a61551835804804a36eb7e1431d25eab8b5cb46dc5f1ddf7d55b15e563f826bca4305b5f0d583645ed2c15d2dd5a55c5dd749ddab77c0c5515623447fba44c169aa93234c6f88d774f2524a32d1ccc08f17b3113a5e1d09bc8e0adfd32e285fa62de6f3778a770a9c420", 0x8e}, {&(0x7f0000000840)="af99f9742279056082be13c864f4603f81324c8e7d8add233550063bb58834662d5ed4f7a0c20991a8d46bbb72863d13149a4baed7a974b9411c81711f56b6ebd889028e419ff1847223e16a64718fc0a34b03c9a682347137b6fae1bcecb80b3706fd6d1aaa1e942331f29ee62b394ff81c44bb2d88897d5b1ac699b0f496a24fcc6085253072", 0x87}], 0x4, 0xffff, 0x1) 2.290849447s ago: executing program 2 (id=41): r0 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, &(0x7f0000000200)) r1 = userfaultfd(0x80801) (async) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_netfilter(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="280000001200050b03000000000000000700000008000700010000000c00008008001d0098"], 0x28}}, 0x0) (async) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x100}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1000003) (async) ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f00000000c0)={&(0x7f0000002000/0x2000)=nil, 0x2000}) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) (async) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f0000000040)) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x503000, 0x0) 2.225975951s ago: executing program 2 (id=43): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x7, 0x4, 0x3e8, 0x218, 0x218, 0x108, 0x300, 0x300, 0x300, 0x4, 0x0, {[{{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1}}}, {{@uncond, 0xc0, 0x110, 0x0, {0xa00}}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="0e4c96b57363", @empty, @dev={0xac, 0x14, 0x14, 0x13}, @multicast1, 0x1}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x800}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438) (async) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_proto_private(r1, 0x89a2, 0x0) (async) mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000000) (async) r2 = socket$unix(0x1, 0x5, 0x0) recvfrom$unix(r2, 0x0, 0x0, 0x40002143, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r3, &(0x7f0000002a80)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000017c0)={0x24, 0x10, 0x1, 0x70bd2b, 0x25dfdbfb, "", [@nested={0x4, 0x4f}, @nested={0x4, 0x71}, @typed={0xc, 0x29, 0x0, 0x0, @u64=0xfc000000}]}, 0x24}], 0x1, 0x0, 0x0, 0x8000}, 0x8880) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000440)={'mangle\x00', 0x2, [{}, {}]}, 0x48) 2.183427463s ago: executing program 2 (id=44): r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket(0x2, 0x3, 0x66) r2 = socket(0x10, 0x3, 0x0) connect$netlink(r2, &(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x8}, 0x5) syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r1) r3 = syz_usb_connect(0x5, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0xde, 0xc9, 0x70, 0x10, 0x35bc, 0x107, 0xb8da, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x7f, 0x4, 0x50, 0x0, "", [{{0x9, 0x4, 0xd0, 0xb, 0x0, 0xff, 0xff, 0xff}}]}}]}}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0}) syz_usb_disconnect(r3) r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x3214, 0x0) syz_usb_disconnect(r4) syz_usb_connect(0x0, 0x36, &(0x7f00000002c0)=ANY=[], 0x0) ioctl$EVIOCRMFF(r4, 0x40085507, &(0x7f0000000100)=0x18) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x11, 0x0, 0x20040001, 0x40, 0xa, 0x1000, 0x0, 0x0, 0x7fffffff}}) 1.894466009s ago: executing program 0 (id=52): personality(0x5400004) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000180)="64670feea1096f00003e660f38054c880f323e26640fb9a9c94f660fc7b27f1a360f09366764f4660fdd40e69a3a00e300baa000b0e5ee", 0x37}], 0x1, 0x6, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f00000002c0)={0x0, 0x11, 0x6, @multicast}, 0x10) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) 1.693042699s ago: executing program 0 (id=53): socket(0x10, 0x3, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x42082, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0) close(r1) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000200)=ANY=[@ANYRES16=r1, @ANYRES32=r0]) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r4 = socket$packet(0x11, 0x2, 0x300) sendto$packet(r4, 0x0, 0x0, 0x4405a885, &(0x7f0000000140)={0x11, 0x16, r3, 0x1, 0x80, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x42}}, 0x14) syz_usb_connect$cdc_ecm(0x0, 0x77, &(0x7f0000000240)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x65, 0x1, 0x1, 0x0, 0x0, 0x8, "", [{{0x9, 0x4, 0x0, 0x5, 0x3, 0x2, 0x6, 0x0, 0x72, {{0x5}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0x2558, 0x9, 0x5, 0xcb}, [@mdlm={0x15, 0x24, 0x12, 0x13}, @mdlm={0x15, 0x24, 0x12, 0x1c}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x3ff, 0x2, 0x9, 0xe3}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x50, 0xfa}}}}}]}}]}}, 0x0) 1.015532825s ago: executing program 1 (id=55): socket(0x4, 0x80000, 0x10001) 1.014349435s ago: executing program 1 (id=56): symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file7\x00', 0x1ac) renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x8000600, 0x0, 0xff, 0x2, 0x0, 0x5}, 0x20) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (fail_nth: 20) 1.011682655s ago: executing program 1 (id=57): r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x14b040, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffff3) mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0) ioctl$ASHMEM_SET_NAME(r0, 0x40087708, 0x0) mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x2000004, 0x13, r0, 0xa012c000) r1 = dup3(r0, r0, 0x80000) ioctl$ASHMEM_GET_SIZE(r1, 0x7704, 0x0) 1.011112915s ago: executing program 1 (id=58): r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x8142, 0x0) (async) newfstatat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x800) fchown(r0, 0xffffffffffffffff, r1) poll(&(0x7f0000001540)=[{r0, 0x8002}], 0x1, 0xfffffffa) (async) memfd_create(&(0x7f00000000c0)=',\xea\xc9t\x8b\xb7\x04\x1d^s^\t5\xa1i\x01\x00\xd4\xd7\x02\x8dmbs\x0f3\x92\'\x94N\b\xe0m\xa4\x01\x00\xe5\x00\x00\x00\x00\x00-\xb3\x8d\xa1v\xe5\x8a0\x05\x00\xa4\xed\x94 \x15Y\x1f\xccY\xff\xb4\xa2\xa62:\xfa\xf9\xb7\x05q\xa4d\xda0y\xd3\xd6\x98\x9f\x11\n\xf44Q\xff\xff)\xb3|\x04\x00\x00\x80FD\xb8\xc2\x8a\x99Y\xf6:\xfeT\xa1', 0x4) (async) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) (async) umount2(&(0x7f0000000080)='./file0\x00', 0x4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) (async) r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2) (async) r4 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) ftruncate(r4, 0xffff) fcntl$addseals(r4, 0x409, 0x7) (async) r5 = ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f0000000080)={r4, 0x0, 0x0, 0x4000}) mmap(&(0x7f0000734000/0x1000)=nil, 0x1000, 0x3000007, 0x11, r5, 0x0) (async) read$FUSE(0xffffffffffffffff, &(0x7f0000001640)={0x2020, 0x0, 0x0, 0x0}, 0x2020) setuid(r6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r7, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x803e0000, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0) (async) recvmsg$unix(r8, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100) (async) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) (async) r9 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) (async) setreuid(0x0, 0xee01) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000080)={0x50, 0x0, 0x0, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2}}, 0x50) syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000970e5b4035121800eef0000000010902120001000000000904"], 0x0) (async) setresuid(0x0, 0xee01, 0x0) (async) r10 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) unlinkat(r10, &(0x7f0000000040)='.\x00', 0x0) (async) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000140)={@rand_addr, @initdev}, &(0x7f00000001c0)=0xc) (async) syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fdinfo/3\x00') 997.818296ms ago: executing program 1 (id=59): socket$packet(0x11, 0x2, 0x300) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_open_dev$evdev(&(0x7f0000000240), 0x49d, 0x82083) ioctl$EVIOCGLED(r0, 0x40284504, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000440)={0x0, 0x2, 0xffdffff8, 0x1c7, 0x5, "ff000000000000000000000000000200"}) ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r1, 0x4068aea3, &(0x7f00000000c0)) syz_open_pts(r2, 0x0) ioctl$TIOCSWINSZ(r2, 0x5414, &(0x7f0000000140)={0x7f, 0xd, 0x4, 0xbf6f}) ioctl$TCXONC(r2, 0x540a, 0x3) ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000240)={0x3, 0x6d60, 0x9, 0x4, 0x19, "a95b31f0df93148a04d30b82ca5a260aa3ae4a"}) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r3], 0x20}}, 0x0) socket$packet(0x11, 0x2, 0x300) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_open_dev$evdev(&(0x7f0000000240), 0x49d, 0x82083) (async) ioctl$EVIOCGLED(r0, 0x40284504, 0x0) (async) socket$inet6_tcp(0xa, 0x1, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000440)={0x0, 0x2, 0xffdffff8, 0x1c7, 0x5, "ff000000000000000000000000000200"}) (async) ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r1, 0x4068aea3, &(0x7f00000000c0)) (async) syz_open_pts(r2, 0x0) (async) ioctl$TIOCSWINSZ(r2, 0x5414, &(0x7f0000000140)={0x7f, 0xd, 0x4, 0xbf6f}) (async) ioctl$TCXONC(r2, 0x540a, 0x3) (async) ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000240)={0x3, 0x6d60, 0x9, 0x4, 0x19, "a95b31f0df93148a04d30b82ca5a260aa3ae4a"}) (async) socket(0x10, 0x3, 0x0) (async) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) (async) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r3], 0x20}}, 0x0) (async) 877.910722ms ago: executing program 1 (id=60): syz_usb_connect(0x3, 0x40, &(0x7f0000000180)={{0x12, 0x1, 0x310, 0x76, 0xec, 0xae, 0x10, 0xbda, 0x8153, 0x18b3, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2e, 0x1, 0x3, 0x7, 0x30, 0x5, "", [{{0x9, 0x4, 0xf2, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, [@uac_control={{0xa, 0x24, 0x1, 0x0, 0x1c}, [@feature_unit={0x9, 0x24, 0x6, 0x2, 0x5, 0x1, [0x7], 0x2}, @feature_unit={0x9, 0x24, 0x6, 0x2, 0x6, 0x1, [0x3], 0xe}]}]}}]}}]}}, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x101000, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, 0x0, 0xfffffffffffffd3d) connect$can_bcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_LEAVE_OCB(0xffffffffffffffff, 0x0, 0x24058080) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 580.147219ms ago: executing program 3 (id=61): r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000005c0)={r1, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}}) r2 = syz_open_dev$loop(&(0x7f0000000180), 0x3, 0xa8503) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000001280)={r0, 0x1, {0x2a12, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x6, 0x3, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9603dda1af1ea80000000000000000000000deff00000000000000000000000014a2648f00", "2809e85be108038948224ad54afa97bd00000000000001403c7540f4767f9e01177d3dd4060000006100", "90be8b1c55f96400", [0x10000, 0x4]}}) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000002280), r3) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f00000022c0)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r3, &(0x7f0000002380)={0x0, 0x0, &(0x7f0000002340)={&(0x7f0000002300)={0x28, r4, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000001}, 0x800) 523.318541ms ago: executing program 3 (id=62): symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r0 = syz_open_procfs(0x0, &(0x7f0000000500)='oom_adj\x00') write$tcp_mem(r0, &(0x7f0000000240)={0x2, 0x20, 0x2, 0x20, 0x8040002}, 0x48) socket(0x23, 0x800, 0x52d) read$FUSE(r0, &(0x7f0000000a40)={0x2020}, 0x2020) getdents(r0, &(0x7f0000000240)=""/243, 0xf3) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file7\x00', 0x1ac) renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x8000600, 0x0, 0xff, 0x2, 0x0, 0x5}, 0x20) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) 521.511132ms ago: executing program 3 (id=63): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="f8000000160001000000000000000000ff020000000000000000000000000001fe8800000000f60000000000000001010000000001000008000080003c000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000004d46c0000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000fcffffffffffffff00000020000000000d00000000000000000000000000000000000000000000000000000000000000fdffffffffffffff0000000000000040ffffffff000000000000000002000100f50000000000000000000000ffffffff"], 0xf8}, 0x1, 0x0, 0x0, 0x840}, 0x4) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r3 = socket$pppl2tp(0x18, 0x1, 0x1) r4 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f00000002c0)) connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x31}}, 0x2, 0x0, 0x4}}, 0x2e) r5 = socket$pppl2tp(0x18, 0x1, 0x1) syz_clone(0x23a40080, 0x0, 0x38, 0x0, 0x0, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x4000000) r6 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xc40, 0x0) ioctl$BLKPG(r6, 0x1269, &(0x7f00000001c0)={0x1, 0x0, 0x98, &(0x7f0000000200)={0x800000, 0x8000, 0xa}}) connect$pppl2tp(r5, &(0x7f0000000140)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e21, @empty}, 0x2, 0x1, 0x2}}, 0x26) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0xa0) r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r7, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0xfffffffffffffdd2) write$FUSE_INIT(r7, &(0x7f0000000040)={0x50, 0x0, r8, {0x7, 0x1f, 0x8, 0xffffffffd24b2432, 0x2, 0xffff, 0x0, 0xabe6, 0x0, 0x0, 0x100, 0x8001}}, 0x50) ioctl$PPPIOCGL2TPSTATS(r5, 0x40047452, 0x0) r9 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r9, r10, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000300)="2e0fc72c66b9b50300000f320f303d0000baf80c66b88d31f88066efbafc0cec660ffee6ba6100b8d600efbaf80c66b8b4219a8e66efbafc0cb80000eff2aff4", 0x40}], 0x1, 0x5a, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x2}, 0x0) r11 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000)) ioctl$PAGEMAP_SCAN(r11, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000440)=[{0xfffffffffffffffa, 0x5a, 0x1}, {0x0, 0x8, 0x81}], 0x2, 0x0, 0x0, 0x2, 0x0, 0x2}) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000000c0)={'macsec0\x00', 0x400}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000280)={'syzkaller1\x00', 0x1611b36b35ec3b86}) 398.081299ms ago: executing program 0 (id=64): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ASSOCIATE_RESP(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0xe8}]}, 0x28}}, 0x0) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000100), r0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSET(r2, &(0x7f0000000500)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000004c0)={&(0x7f0000000180)={0x334, 0xa, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x4}, @NFTA_SET_DESC={0x234, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_DESC_CONCAT={0x14c, 0x2, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x29}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5812}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xd16}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x80}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc}]}, {0x3c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7fff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xca}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xb2c}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}, {0x4}, {0x44, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1ff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x746}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xf95}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1000}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc}]}]}, @NFTA_SET_DESC_CONCAT={0xdc, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7f}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x80000001}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xcc}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x588}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xf639}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4d3}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x10001}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x496f}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8001}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4eb70417}]}]}]}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x1a}, @NFTA_SET_DESC={0xc8, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x87}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x401}, @NFTA_SET_DESC_CONCAT={0xac, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffffd}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8612}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}, {0x3c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffffa}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffff8}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffbff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xde}]}]}]}]}, 0x334}}, 0x4004004) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000006c0)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x48, r1, 0x20, 0x70bd28, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r4}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r5}}]}, @NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x6405}]}, 0x48}, 0x1, 0x0, 0x0, 0x8c4}, 0x4000) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000700)='cpuset.effective_mems\x00', 0x0, 0x0) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r7, &(0x7f0000000d80)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000d40)={&(0x7f00000007c0)={0x578, r8, 0x305, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x9, 0x59}}}}, [@NL80211_ATTR_SCHED_SCAN_MATCH={0x188, 0x84, 0x0, 0x1, [{0x58, 0x0, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x6}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ap_ssid}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa}, @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0xd}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ap_ssid}, @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x8000}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ap_ssid}]}, {0xdc, 0x0, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x54, 0x6, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0x6}, @NL80211_BAND_6GHZ={0x8, 0x3, 0x150}, @NL80211_BAND_2GHZ={0x8, 0x0, 0x6}, @NL80211_BAND_2GHZ={0x8, 0x0, 0x5}, @NL80211_BAND_LC={0x8, 0x5, 0x8}, @NL80211_BAND_LC={0x8, 0x5, 0x7}, @NL80211_BAND_6GHZ={0x8}, @NL80211_BAND_5GHZ={0x8, 0x1, 0x9}, @NL80211_BAND_6GHZ={0x8, 0x3, 0x10}, @NL80211_BAND_5GHZ={0x8, 0x1, 0x5}]}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ap_ssid}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x2c, 0x6, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0x85f}, @NL80211_BAND_LC={0x8}, @NL80211_BAND_6GHZ={0x8, 0x3, 0x5732}, @NL80211_BAND_60GHZ={0x8, 0x2, 0x7}, @NL80211_BAND_2GHZ={0x8, 0x0, 0x8}]}, @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x7}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0xc, 0x6, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x8, 0x0, 0x80}]}, @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x1}, @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x7}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0x19, 0x1, @random="e6c6c4cf00e8de1bc4224c3d1fdbec08229d42f596"}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ibss_ssid}]}, {0x50, 0x0, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0x14, 0x1, @random="df96baaf9c109dfdf395c230f96017ab"}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ap_ssid}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ibss_ssid}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x14, 0x6, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x8, 0x1, 0x40}, @NL80211_BAND_60GHZ={0x8, 0x2, 0x1ff0}]}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa, 0x5, @from_mac=@device_b}]}]}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6}, @NL80211_ATTR_SCAN_SUPP_RATES={0x3b0, 0x7d, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x7b, 0x3, "72175e130077e66414c5671e4ab1fb012a138e70b24e531620239b2cb9fc5365cd7e51a1be1dd56b5aeee52a513395877af0ad6fed993c73579a03cf6eb39961813c066cbba56f3006b721b01e7d814ba1e976abcb2ea8447ec6fb24bbf4c9184ec2760335e5fe435bba3d765ad8f18000d06649d75b59"}, @NL80211_BAND_2GHZ={0xb4, 0x0, "89fba90599852f53a9ec2bcda1859c687818ae36c06673aa7932edb000faca7fad5fbd5fe43db4c92ade5b8b34a1009f35a20d704fa05b5a6e41945d0925f055b8d8dc868da0a7fee1cf77787ca6dc4d16973025148b5da5a047fb4fb3581c37dd41f249d3d649ab34103914e4b4d61dad0d47b82fdaa8f317b3a43f1669bbbe98c2689e73d2079df832e27e5567b6c3a2718ebfc10fd3d6b91305fc8e7bd799c19f865997a34fc8cc0138a395ce4cf0"}, @NL80211_BAND_60GHZ={0xa0, 0x2, "85a5b3e49600ea9ddb6baba39e3277b8b592d57dc13aaa10346b264756323c848afa2e6db9ee9130f57679e809e57a83e8d0b6769ddfcb712b5f05ee9757b43cc9ede0bb8aea616c65bd28066f2f83c70ca208871af2820a20f662ee8068fccace2321ab9fe68c0e6f4fdf3d0abdad6a83aa684bef00c323e70a8f12043e53a46358ff8fe197ca1e20c738f27e4a9cbc136d5ad46f76a73c2b9ef237"}, @NL80211_BAND_5GHZ={0xaf, 0x1, "5c9b0eade655d6bd81cef589f5d8c13f8b670bca509c3738fbff8d2f68afc251cdd1532fabab8218a5c51dd841ce0848d8c8c0d7a19c169a55537104ae10cffb33bb63dbde6d120ea11b698ce0bd034b4e30c88e037f935c88dfb98f37fbf9a458760184f7cd6f511e581506fadf70bc41984001bb266ccab4c4846c261776cc87f669cf53d1b260c89dba6e904f8502e193827f55b07aa6727b131d73eb353624cc97c07bf82a28b26abb"}, @NL80211_BAND_6GHZ={0xc6, 0x3, "4c1578d08bbd9853b0805fddf2b4a5de7cdfb5f55279d48fc370bc6f6885749252b156083d2cedd02bdef4345936b152acc9b6fce7dfdbd4a760c7b556da495743ea9bd44079f8b8b9f24eb0e5946fc73184d9ee6dedb5999c3d9491a63040988768b03282be4fd52f04b5ef68823b7179170cc51a1ce498b95e716d1c79ed30285d87d1ab4ab8bbb2356d789c2976896c26cafd92f1ce7332d9ffa5560fb0cbaa33df82babb29a5d2417e173e62a492497f7ce720b6709d7b288d6581a72db4928a"}, @NL80211_BAND_6GHZ={0x63, 0x3, "651045e1a2d3876fe6d7566b77e5058c1c62f83f2eb46ffe6974bf36099555d1565d7b7e64253e15e69011fa2d4a3b46f8d4abc0c3b301385c6f2c8ec8e80559e39163b12dfbaecc584c0015abf7693bf1e2f81892858a229fb789c52abd9f"}]}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x1}, @NL80211_ATTR_SCAN_FLAGS={0x8}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5}]}, 0x578}, 0x1, 0x0, 0x0, 0x40000}, 0x84) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), r3) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000e40)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r0, &(0x7f0000000f40)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000f00)={&(0x7f0000000e80)={0x6c, r9, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x3c}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4040081}, 0x10) write$P9_RVERSION(r7, &(0x7f0000000f80)={0x15, 0x65, 0xffff, 0x3, 0x8, '9P2000.L'}, 0x15) ioctl$KVM_RUN(r7, 0xae80, 0x0) mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000004) r11 = syz_genetlink_get_family_id$devlink(&(0x7f0000001000), r7) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r7, &(0x7f0000001140)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001100)={&(0x7f0000001040)={0x88, r11, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xab}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xb}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x88}, 0x1, 0x0, 0x0, 0x114}, 0x10) sendmsg$TIPC_NL_LINK_SET(r7, &(0x7f0000001280)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001240)={&(0x7f00000011c0)={0x54, 0x0, 0x10, 0x70bd26, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x40, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5fc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}]}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x24004080) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000001380)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001340)={&(0x7f0000001300)={0x2c, r1, 0x20, 0x70bd27, 0x25dfdbfd, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x4}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}]}, 0x2c}}, 0x4004) ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r6, 0x8983, &(0x7f00000013c0)={0x1, 'nr0\x00', {}, 0x7}) ioctl$F2FS_IOC_DECOMPRESS_FILE(r5, 0xf517, 0x0) syz_kvm_setup_cpu$x86(r7, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000001480)=[@text16={0x10, &(0x7f0000001400)="6766c74424000c0000006766c7442402537b00006766c744240600000000670f011c240f013cdd33d090b50066b8e5a18ea30f23d00f21f86635300000070f23f8f4660f3810d066b8010000000f01d9f30faeef660f388195eef6", 0x5b}], 0x1, 0x4, &(0x7f00000014c0)=[@cstype3, @flags={0x3, 0x50000}], 0x2) r12 = socket$nl_generic(0x10, 0x3, 0x10) r13 = syz_genetlink_get_family_id$gtp(&(0x7f0000001540), r7) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000001580)={'batadv_slave_0\x00', 0x0}) sendmsg$GTP_CMD_DELPDP(r12, &(0x7f0000001680)={&(0x7f0000001500)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001640)={&(0x7f00000015c0)={0x44, r13, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@GTPA_PEER_ADDR6={0x14, 0xb, @dev={0xfe, 0x80, '\x00', 0x22}}, @GTPA_PEER_ADDR6={0x14, 0xb, @dev={0xfe, 0x80, '\x00', 0x31}}, @GTPA_LINK={0x8, 0x1, r14}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000014}, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f00000016c0)='/proc/slabinfo\x00', 0x0, 0x0) 358.908851ms ago: executing program 0 (id=65): keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000000)='bond_slave_0\x00') keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x9) ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f00000000c0)=0x1) read$FUSE(r1, &(0x7f0000000100)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_GETXATTR(r1, &(0x7f0000002140)={0x18, 0x0, r2}, 0x18) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) 295.367664ms ago: executing program 0 (id=66): symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file7\x00', 0x1ac) renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x8000600, 0x0, 0xff, 0x2, 0x0, 0x5}, 0x20) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (fail_nth: 21) 288.209404ms ago: executing program 3 (id=67): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000000, @mcast2, 0xa}, 0x1c) write(r0, &(0x7f0000000300)="8f04000e0580a7b6070d63e286a5cefe4000000000000000", 0x18) syz_usb_connect$uac3(0x0, 0x93, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0xe41, 0x414b, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x81, 0x3, 0x1, 0x7f, 0x20, 0xe, {0x8, 0xb, 0x0, 0x3, 0x1, 0x1, 0x30, 0x1}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x9, 0x1d, 0x77e}, [@output_terminal={0x13, 0x24, 0x3, 0x1, 0x300, 0x2, 0x4, 0x8, 0x3, 0x9, 0x7, 0x7}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x4, 0x2, 0x9, {0xa, 0x25, 0x25, 0x40004, 0x5, 0x15}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x8, 0x80, 0x3, {0xa, 0x25, 0x25, 0x0, 0xb}}}}}}}}]}}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x800, 0x0) (async) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x800, 0x0) userfaultfd(0x80000) (async) userfaultfd(0x80000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0x34, r3, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x6}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x80000000}]}, 0x34}, 0x1, 0x0, 0x0, 0x404c084}, 0x800d0) (async) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0x34, r3, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x6}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x80000000}]}, 0x34}, 0x1, 0x0, 0x0, 0x404c084}, 0x800d0) r4 = gettid() openat$ublk_ctrl(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) (async) openat$ublk_ctrl(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) socket$key(0xf, 0x3, 0x2) (async) r7 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x2, 0x13, 0x80, 0x6, 0x2, 0x0, 0x70bd29, 0x25dfdbfc}, 0x10}}, 0x10) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x4, 0xffffffffffffffff}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r8, 0x16a9d000) dup(r2) (async) r9 = dup(r2) r10 = signalfd4(r9, &(0x7f0000000280), 0x5a, 0x0) readv(r10, &(0x7f0000000580)=[{&(0x7f00000003c0)=""/234, 0xea}], 0x1) rt_sigqueueinfo(r4, 0x21, &(0x7f0000000180)={0x33, 0x40000020, 0xfffffffb}) socket$xdp(0x2c, 0x3, 0x0) (async) r11 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r11, 0x0, 0x484, 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae03, 0x3d) 94.437105ms ago: executing program 2 (id=68): r0 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffc]}, 0x8) read(r0, &(0x7f0000000740)=""/377, 0x179) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xc4) (async) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0xb}) (async) mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat, @fd={0x66642a85, 0x0, r1}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0}) 0s ago: executing program 0 (id=69): r0 = socket$tipc(0x1e, 0x5, 0x0) unshare(0x4040600) getsockopt$TIPC_NODE_RECVQ_DEPTH(r0, 0x10f, 0x83, 0x0, 0x0) ioctl$XFS_IOC_EXCHANGE_RANGE(r0, 0x40285881, &(0x7f0000000000)={r0, 0x0, 0x8000, 0x6, 0xf4e1, 0x8}) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) getsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=0x4) kernel console output (not intermixed with test programs): syzkaller syzkaller login: [ 23.117167][ T36] kauditd_printk_skb: 31 callbacks suppressed [ 23.117213][ T36] audit: type=1400 audit(1777026078.790:59): avc: denied { transition } for pid=260 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 23.146107][ T36] audit: type=1400 audit(1777026078.790:60): avc: denied { noatsecure } for pid=260 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 23.165938][ T36] audit: type=1400 audit(1777026078.800:61): avc: denied { write } for pid=260 comm="sh" path="pipe:[2663]" dev="pipefs" ino=2663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 23.188214][ T36] audit: type=1400 audit(1777026078.800:62): avc: denied { rlimitinh } for pid=260 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 23.207045][ T36] audit: type=1400 audit(1777026078.800:63): avc: denied { siginh } for pid=260 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.0.160' (ED25519) to the list of known hosts. [ 30.256798][ T36] audit: type=1400 audit(1777026085.930:64): avc: denied { mounton } for pid=282 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 30.258323][ T282] cgroup: Unknown subsys name 'net' [ 30.279593][ T36] audit: type=1400 audit(1777026085.930:65): avc: denied { mount } for pid=282 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 30.307103][ T36] audit: type=1400 audit(1777026085.960:66): avc: denied { unmount } for pid=282 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 30.307508][ T282] cgroup: Unknown subsys name 'devices' [ 30.490939][ T282] cgroup: Unknown subsys name 'hugetlb' [ 30.496627][ T282] cgroup: Unknown subsys name 'rlimit' [ 30.595838][ T36] audit: type=1400 audit(1777026086.270:67): avc: denied { setattr } for pid=282 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 30.619076][ T36] audit: type=1400 audit(1777026086.270:68): avc: denied { mounton } for pid=282 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 30.644547][ T36] audit: type=1400 audit(1777026086.270:69): avc: denied { mount } for pid=282 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 30.655623][ T284] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 30.677451][ T36] audit: type=1400 audit(1777026086.350:70): avc: denied { relabelto } for pid=284 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 30.703366][ T36] audit: type=1400 audit(1777026086.350:71): avc: denied { write } for pid=284 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 30.737069][ T36] audit: type=1400 audit(1777026086.410:72): avc: denied { read } for pid=282 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 30.737718][ T282] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 30.762591][ T36] audit: type=1400 audit(1777026086.410:73): avc: denied { open } for pid=282 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 32.173750][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.183690][ T289] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.190860][ T289] bridge_slave_0: entered allmulticast mode [ 32.197272][ T289] bridge_slave_0: entered promiscuous mode [ 32.205498][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.212581][ T289] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.219683][ T289] bridge_slave_1: entered allmulticast mode [ 32.226017][ T289] bridge_slave_1: entered promiscuous mode [ 32.334120][ T293] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.341200][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.348521][ T293] bridge_slave_0: entered allmulticast mode [ 32.355361][ T293] bridge_slave_0: entered promiscuous mode [ 32.366855][ T293] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.374097][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.381260][ T293] bridge_slave_1: entered allmulticast mode [ 32.387520][ T293] bridge_slave_1: entered promiscuous mode [ 32.496434][ T295] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.503669][ T295] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.510907][ T295] bridge_slave_0: entered allmulticast mode [ 32.517370][ T295] bridge_slave_0: entered promiscuous mode [ 32.535118][ T295] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.542500][ T295] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.550399][ T295] bridge_slave_1: entered allmulticast mode [ 32.556784][ T295] bridge_slave_1: entered promiscuous mode [ 32.631214][ T294] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.638376][ T294] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.645577][ T294] bridge_slave_0: entered allmulticast mode [ 32.652923][ T294] bridge_slave_0: entered promiscuous mode [ 32.659797][ T294] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.666860][ T294] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.674055][ T294] bridge_slave_1: entered allmulticast mode [ 32.680591][ T294] bridge_slave_1: entered promiscuous mode [ 32.741379][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.748461][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.755815][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.762893][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.819281][ T293] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.826361][ T293] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.833805][ T293] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.840983][ T293] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.878723][ T295] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.885810][ T295] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.893133][ T295] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.900198][ T295] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.908632][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.915879][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.923226][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.930972][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.938443][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.945626][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.975591][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.982774][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.991163][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.998391][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.010846][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.017910][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.040238][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.047418][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.100795][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.107877][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.116432][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.123532][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.148025][ T289] veth0_vlan: entered promiscuous mode [ 33.155180][ T293] veth0_vlan: entered promiscuous mode [ 33.162480][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.169561][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.178648][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.185685][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.206878][ T289] veth1_macvtap: entered promiscuous mode [ 33.222145][ T293] veth1_macvtap: entered promiscuous mode [ 33.254783][ T295] veth0_vlan: entered promiscuous mode [ 33.279814][ T293] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 33.286311][ T295] veth1_macvtap: entered promiscuous mode [ 33.303259][ T294] veth0_vlan: entered promiscuous mode [ 33.344721][ T294] veth1_macvtap: entered promiscuous mode [ 33.638340][ T31] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 33.668163][ T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 33.708126][ T63] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 33.788366][ T328] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 33.800926][ T31] usb 3-1: config 1 has an invalid interface number: 7 but max is 0 [ 33.809334][ T31] usb 3-1: config 1 has no interface number 0 [ 33.815454][ T31] usb 3-1: config 1 interface 7 altsetting 0 bulk endpoint 0xF has invalid maxpacket 64 [ 33.827273][ T31] usb 3-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00 [ 33.828023][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 33.836481][ T31] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 33.846484][ T9] usb 1-1: New USB device found, idVendor=0582, idProduct=0025, bcdDevice= 0.40 [ 33.850235][ T31] usb 3-1: Product: syz [ 33.860587][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 33.863761][ T31] usb 3-1: Manufacturer: syz [ 33.872064][ T9] usb 1-1: Product: syz [ 33.876699][ T31] usb 3-1: SerialNumber: syz [ 33.883113][ T9] usb 1-1: Manufacturer: syz [ 33.889927][ T310] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 33.897879][ T63] usb 4-1: unable to get BOS descriptor or descriptor too short [ 33.905988][ T9] usb 1-1: SerialNumber: syz [ 33.911464][ T63] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 33.922180][ T63] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 33.935281][ T63] usb 4-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40 [ 33.944421][ T63] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 33.952517][ T328] usb 2-1: Using ep0 maxpacket: 32 [ 33.957839][ T63] usb 4-1: Product: syz [ 33.963242][ T63] usb 4-1: Manufacturer: syz [ 33.968636][ T63] usb 4-1: SerialNumber: syz [ 33.973903][ T328] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 222, changing to 7 [ 33.989042][ T63] usb 4-1: selecting invalid altsetting 1 [ 33.995548][ T63] usb 4-1: unit 6 not found! [ 34.000298][ T328] usb 2-1: New USB device found, idVendor=0582, idProduct=00b2, bcdDevice= 0.40 [ 34.011515][ T328] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 34.019745][ T328] usb 2-1: Product: syz [ 34.024040][ T328] usb 2-1: Manufacturer: syz [ 34.028943][ T328] usb 2-1: SerialNumber: syz [ 34.138771][ T317] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 34.147472][ T317] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 34.237401][ T337] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 34.390312][ T325] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 34.398982][ T325] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 34.445537][ T338] usb 3-1: USB disconnect, device number 2 [ 34.581994][ T348] kernel profiling enabled (shift: 63) [ 34.587659][ T348] profiling shift: 63 too large [ 34.615125][ T63] usb 4-1: 2:0: failed to get current value for ch 0 (-71) [ 34.630732][ T63] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 34.642797][ T63] usb 4-1: USB disconnect, device number 2 [ 34.657135][ T339] udevd[339]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 34.945491][ T357] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:25 [ 34.945728][ T357] rust_binder: Write failure EINVAL in pid:25 [ 34.978764][ T9] usb 1-1: 1:1: cannot get freq (v2/v3): err -71 [ 34.986962][ T361] capability: warning: `syz.1.16' uses 32-bit capabilities (legacy support in use) [ 34.998244][ T9] usb 1-1: uac_clock_source_is_valid(): cannot get clock validity for id 0 [ 35.018292][ T9] usb 1-1: uac_clock_source_is_valid(): cannot get clock validity for id 0 [ 35.038219][ T9] usb 1-1: clock source 0 is not valid, cannot use [ 35.055233][ T9] usb 1-1: 2:1: cannot get freq (v2/v3): err -71 [ 35.063483][ T9] usb 1-1: uac_clock_source_is_valid(): cannot get clock validity for id 0 [ 35.071631][ T365] FAULT_INJECTION: forcing a failure. [ 35.071631][ T365] name failslab, interval 1, probability 0, space 0, times 0 [ 35.086108][ T328] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 35.088288][ T365] CPU: 1 UID: 0 PID: 365 Comm: syz.1.18 Not tainted syzkaller #0 8cfc209e52ea19d19d7bf60324c052393309520c [ 35.088325][ T365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 35.088344][ T365] Call Trace: [ 35.088354][ T365] [ 35.088368][ T365] __dump_stack+0x21/0x30 [ 35.088467][ T365] dump_stack_lvl+0x140/0x1c0 [ 35.088489][ T365] ? __cfi_dump_stack_lvl+0x10/0x10 [ 35.088515][ T365] ? mas_alloc_nodes+0x371/0x9d0 [ 35.088541][ T365] dump_stack+0x19/0x20 [ 35.088561][ T365] should_fail_ex+0x3d7/0x530 [ 35.088588][ T365] should_failslab+0xac/0x100 [ 35.088619][ T365] __kmalloc_node_noprof+0x6c/0x4f0 [ 35.088647][ T365] ? __kvmalloc_node_noprof+0x128/0x300 [ 35.088671][ T365] __kvmalloc_node_noprof+0x128/0x300 [ 35.088693][ T365] ? __cfi___kvmalloc_node_noprof+0x10/0x10 [ 35.088714][ T365] ? avc_has_perm_noaudit+0x28a/0x360 [ 35.088767][ T365] simple_xattr_alloc+0x68/0x140 [ 35.088791][ T365] ? _raw_spin_lock+0x92/0x120 [ 35.088809][ T365] simple_xattr_set+0x45/0x300 [ 35.088834][ T365] shmem_xattr_handler_set+0x192/0x2d0 [ 35.088853][ T365] ? __cfi_shmem_xattr_handler_set+0x10/0x10 [ 35.088872][ T365] __vfs_setxattr+0x49f/0x4e0 [ 35.088894][ T365] __vfs_setxattr_noperm+0x12e/0x670 [ 35.088916][ T365] __vfs_setxattr_locked+0x216/0x240 [ 35.088938][ T365] vfs_setxattr+0x16b/0x2f0 [ 35.088959][ T365] ? __cfi_vfs_setxattr+0x10/0x10 [ 35.088979][ T365] ? vfs_mkdir+0x705/0x820 [ 35.088999][ T365] ovl_check_setxattr+0x12f/0x270 [ 35.089025][ T365] ovl_set_opaque_xerr+0x80/0xd0 [ 35.089047][ T365] ovl_create_or_link+0x124a/0x1530 [ 35.089068][ T365] ? ovl_create_object+0x340/0x340 [ 35.089088][ T365] ? _raw_spin_lock+0x92/0x120 [ 35.089105][ T365] ? __cfi__raw_spin_lock+0x10/0x10 [ 35.089123][ T365] ? __kasan_check_write+0x18/0x20 [ 35.089149][ T365] ? _raw_spin_lock+0x92/0x120 [ 35.089166][ T365] ? from_vfsgid+0x76/0xb0 [ 35.089186][ T365] ? inode_init_owner+0x1ed/0x3a0 [ 35.089207][ T365] ovl_create_object+0x240/0x340 [ 35.089228][ T365] ? ovl_get_acl+0x70/0x70 [ 35.089247][ T365] ? __cfi_ovl_permission+0x10/0x10 [ 35.089271][ T365] ? selinux_inode_mkdir+0x26/0x30 [ 35.089290][ T365] ovl_mkdir+0x2f/0x40 [ 35.089329][ T365] vfs_mkdir+0x585/0x820 [ 35.089349][ T365] do_mkdirat+0x240/0x530 [ 35.089367][ T365] ? __cfi_do_mkdirat+0x10/0x10 [ 35.089386][ T365] ? getname_flags+0x208/0x700 [ 35.089410][ T365] __x64_sys_mkdirat+0x8b/0xa0 [ 35.089429][ T365] x64_sys_call+0x2ba8/0x2ee0 [ 35.089453][ T365] do_syscall_64+0x57/0xf0 [ 35.089471][ T365] ? clear_bhb_loop+0x50/0xa0 [ 35.089498][ T365] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 35.089520][ T365] RIP: 0033:0x7fb56ff9cdd9 [ 35.089577][ T365] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 35.089633][ T365] RSP: 002b:00007fb570dc5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 35.089667][ T365] RAX: ffffffffffffffda RBX: 00007fb570215fa0 RCX: 00007fb56ff9cdd9 [ 35.089681][ T365] RDX: 00000000000001c0 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 35.089694][ T365] RBP: 00007fb570dc5090 R08: 0000000000000000 R09: 0000000000000000 [ 35.089706][ T365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 35.089717][ T365] R13: 00007fb570216038 R14: 00007fb570215fa0 R15: 00007ffebb3290b8 [ 35.089732][ T365] [ 35.446495][ T9] usb 1-1: USB disconnect, device number 2 [ 35.456497][ T328] usb 2-1: unit 4 not found! [ 35.461639][ T328] usb 2-1: unit 144 not found! [ 35.477693][ T36] kauditd_printk_skb: 82 callbacks suppressed [ 35.477713][ T36] audit: type=1400 audit(1777026091.150:156): avc: denied { create } for pid=396 comm="syz.1.19" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 35.528676][ T31] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 35.567465][ T328] usb 2-1: USB disconnect, device number 2 [ 35.574421][ T349] udevd[349]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 35.597311][ T36] audit: type=1400 audit(1777026091.150:157): avc: denied { bind } for pid=396 comm="syz.1.19" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 35.627480][ T339] udevd[339]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card1/controlC1/../uevent} for writing: No such file or directory [ 35.665764][ T36] audit: type=1400 audit(1777026091.230:158): avc: denied { ioctl } for pid=401 comm="syz.0.24" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=4371 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 35.706253][ T413] af_packet: tpacket_rcv: packet too big, clamped from 65512 to 4294967272. macoff=96 [ 35.714558][ T36] audit: type=1326 audit(1777026091.300:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=410 comm="syz.1.25" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb56ff9cdd9 code=0x0 [ 35.729732][ T31] usb 4-1: unable to get BOS descriptor or descriptor too short [ 35.747513][ T31] usb 4-1: not running at top speed; connect to a high speed hub [ 35.757905][ T31] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 35.768423][ T36] audit: type=1400 audit(1777026091.350:160): avc: denied { setopt } for pid=412 comm="syz.2.26" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 35.768454][ T36] audit: type=1400 audit(1777026091.370:161): avc: denied { ioctl } for pid=412 comm="syz.2.26" path="socket:[3436]" dev="sockfs" ino=3436 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 35.768476][ T36] audit: type=1400 audit(1777026091.380:162): avc: denied { write } for pid=412 comm="syz.2.26" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 35.805660][ T31] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 35.859456][ T31] usb 4-1: New USB device found, idVendor=041e, idProduct=3020, bcdDevice= 0.40 [ 35.868953][ T31] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 35.877038][ T31] usb 4-1: Product: syz [ 35.881779][ T31] usb 4-1: Manufacturer: syz [ 35.887588][ T31] usb 4-1: SerialNumber: syz [ 35.934549][ T417] FAULT_INJECTION: forcing a failure. [ 35.934549][ T417] name failslab, interval 1, probability 0, space 0, times 0 [ 35.958174][ T417] CPU: 0 UID: 0 PID: 417 Comm: syz.2.27 Not tainted syzkaller #0 8cfc209e52ea19d19d7bf60324c052393309520c [ 35.958211][ T417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 35.958223][ T417] Call Trace: [ 35.958229][ T417] [ 35.958236][ T417] __dump_stack+0x21/0x30 [ 35.958265][ T417] dump_stack_lvl+0x140/0x1c0 [ 35.958287][ T417] ? __cfi_dump_stack_lvl+0x10/0x10 [ 35.958311][ T417] ? __kasan_kmalloc+0x96/0xb0 [ 35.958344][ T417] dump_stack+0x19/0x20 [ 35.958366][ T417] should_fail_ex+0x3d7/0x530 [ 35.958391][ T417] should_failslab+0xac/0x100 [ 35.958409][ T417] __kmalloc_node_track_caller_noprof+0x68/0x4f0 [ 35.958436][ T417] ? simple_xattr_set+0x5e/0x300 [ 35.958463][ T417] ? __asan_memcpy+0x5a/0x80 [ 35.958489][ T417] kstrdup+0x4d/0x130 [ 35.958511][ T417] simple_xattr_set+0x5e/0x300 [ 35.958537][ T417] shmem_xattr_handler_set+0x192/0x2d0 [ 35.958557][ T417] ? __cfi_shmem_xattr_handler_set+0x10/0x10 [ 35.958576][ T417] __vfs_setxattr+0x49f/0x4e0 [ 35.958599][ T417] __vfs_setxattr_noperm+0x12e/0x670 [ 35.958623][ T417] __vfs_setxattr_locked+0x216/0x240 [ 35.958646][ T417] vfs_setxattr+0x16b/0x2f0 [ 35.958669][ T417] ? __cfi_vfs_setxattr+0x10/0x10 [ 35.958754][ T417] ? vfs_mkdir+0x705/0x820 [ 35.958776][ T417] ovl_check_setxattr+0x12f/0x270 [ 35.958804][ T417] ovl_set_opaque_xerr+0x80/0xd0 [ 35.958826][ T417] ovl_create_or_link+0x124a/0x1530 [ 35.958849][ T417] ? ovl_create_object+0x340/0x340 [ 35.958870][ T417] ? _raw_spin_lock+0x92/0x120 [ 35.958889][ T417] ? __cfi__raw_spin_lock+0x10/0x10 [ 35.958909][ T417] ? __kasan_check_write+0x18/0x20 [ 35.958933][ T417] ? _raw_spin_lock+0x92/0x120 [ 35.958951][ T417] ? from_vfsgid+0x76/0xb0 [ 35.958973][ T417] ? inode_init_owner+0x1ed/0x3a0 [ 35.958996][ T417] ovl_create_object+0x240/0x340 [ 35.959019][ T417] ? ovl_get_acl+0x70/0x70 [ 35.959040][ T417] ? __cfi_ovl_permission+0x10/0x10 [ 35.959073][ T417] ? selinux_inode_mkdir+0x26/0x30 [ 35.959094][ T417] ovl_mkdir+0x2f/0x40 [ 35.959114][ T417] vfs_mkdir+0x585/0x820 [ 35.959135][ T417] do_mkdirat+0x240/0x530 [ 35.959155][ T417] ? __cfi_do_mkdirat+0x10/0x10 [ 35.959175][ T417] ? getname_flags+0x208/0x700 [ 35.959201][ T417] __x64_sys_mkdirat+0x8b/0xa0 [ 35.959222][ T417] x64_sys_call+0x2ba8/0x2ee0 [ 35.959248][ T417] do_syscall_64+0x57/0xf0 [ 35.959284][ T417] ? clear_bhb_loop+0x50/0xa0 [ 35.959306][ T417] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 35.959333][ T417] RIP: 0033:0x7f761ef9cdd9 [ 35.959350][ T417] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 35.959365][ T417] RSP: 002b:00007f761fe06028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 35.959387][ T417] RAX: ffffffffffffffda RBX: 00007f761f215fa0 RCX: 00007f761ef9cdd9 [ 35.959407][ T417] RDX: 00000000000001c0 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 35.959421][ T417] RBP: 00007f761fe06090 R08: 0000000000000000 R09: 0000000000000000 [ 35.959434][ T417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 35.959446][ T417] R13: 00007f761f216038 R14: 00007f761f215fa0 R15: 00007ffd3fd087b8 [ 35.959463][ T417] [ 36.106876][ T31] usb 4-1: 0:1 : does not exist [ 36.112468][ T36] audit: type=1400 audit(1777026091.780:163): avc: denied { read } for pid=366 comm="syz.3.20" path="socket:[3446]" dev="sockfs" ino=3446 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 36.128100][ T31] usb 4-1: 0:2 : does not exist [ 36.220057][ T36] audit: type=1400 audit(1777026091.890:164): avc: denied { mount } for pid=421 comm="syz.0.29" name="/" dev="pstore" ino=2514 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 36.241196][ T31] usb 4-1: 6:0: failed to get current value for ch 1 (-22) [ 36.247342][ T36] audit: type=1400 audit(1777026091.900:165): avc: denied { unmount } for pid=295 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 36.260477][ T31] usb 4-1: 6:0: failed to get current value for ch 0 (-22) [ 36.385238][ T31] usb 4-1: 6:0: failed to get current value for ch 1 (-22) [ 36.406782][ T31] usb 4-1: USB disconnect, device number 3 [ 36.431895][ T318] udevd[318]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 36.438301][ T45] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 36.528071][ T328] usb 1-1: new low-speed USB device number 3 using dummy_hcd [ 36.586516][ T430] can0: slcan on ttyS3. [ 36.599519][ T45] usb 3-1: not running at top speed; connect to a high speed hub [ 36.618530][ T45] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 68, changing to 4 [ 36.646730][ T45] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid maxpacket 1024, setting to 1023 [ 36.662740][ T433] netlink: 8 bytes leftover after parsing attributes in process `syz.3.32'. [ 36.668092][ T45] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 1568, setting to 1023 [ 36.689651][ T328] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 36.697203][ T45] usb 3-1: New USB device found, idVendor=0763, idProduct=2003, bcdDevice= 0.40 [ 36.718204][ T328] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1056, setting to 8 [ 36.722745][ T45] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 36.747514][ T328] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 36.764578][ T45] usb 3-1: Product: syz [ 36.781483][ T45] usb 3-1: Manufacturer: syz [ 36.781639][ T328] usb 1-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00 [ 36.786604][ T45] usb 3-1: SerialNumber: syz [ 36.808930][ T328] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 36.834077][ T328] usb 1-1: config 0 descriptor?? [ 36.851947][ T443] capability: warning: `syz.3.33' uses deprecated v2 capabilities in a way that may be insecure [ 36.867381][ T425] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 37.228992][ T45] usb 3-1: 1:1: invalid format type 0x1006 is detected, processed as PCM [ 37.237545][ T45] usb 3-1: 1:1 : sample bitwidth 55 in over sample bytes 2 [ 37.246409][ T45] usb 3-1: 1:1 : invalid UAC_FORMAT_TYPE desc [ 37.253276][ T45] usb 3-1: 2:1 : no UAC_FORMAT_TYPE desc [ 37.266157][ T45] usb 3-1: USB disconnect, device number 3 [ 37.280113][ T328] usbhid 1-1:0.0: can't add hid device: -71 [ 37.286145][ T328] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 37.300332][ T328] usb 1-1: USB disconnect, device number 3 [ 37.310465][ T339] udevd[339]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 37.388747][ T427] can0 (unregistered): slcan off ttyS3. [ 37.688168][ T340] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 37.774209][ T499] syz.2.39 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 37.787086][ T499] netlink: 56 bytes leftover after parsing attributes in process `syz.2.39'. [ 37.796376][ T501] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 37.805847][ T501] SELinux: failed to load policy [ 37.849056][ T340] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 37.861068][ T340] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 37.872009][ T340] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 37.882626][ T340] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 37.891650][ T340] usb 2-1: config 0 descriptor?? [ 37.919427][ T513] x_tables: duplicate underflow at hook 1 [ 37.920540][ T514] netlink: 4 bytes leftover after parsing attributes in process `syz.2.43'. [ 37.938102][ T45] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 38.098449][ T45] usb 4-1: Using ep0 maxpacket: 16 [ 38.107746][ T340] usbhid 2-1:0.0: can't add hid device: -71 [ 38.114394][ T340] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 38.114411][ T45] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 38.123643][ T340] usb 2-1: USB disconnect, device number 3 [ 38.143850][ T45] usb 4-1: config 0 interface 0 has no altsetting 0 [ 38.148218][ T528] netlink: 180 bytes leftover after parsing attributes in process `syz.1.48'. [ 38.150687][ T45] usb 4-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 38.175669][ T45] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 38.193540][ T45] usb 4-1: config 0 descriptor?? [ 38.208295][ T328] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 38.368264][ T328] usb 3-1: Using ep0 maxpacket: 16 [ 38.375182][ T328] usb 3-1: unable to get BOS descriptor or descriptor too short [ 38.383844][ T328] usb 3-1: config 127 has an invalid interface number: 208 but max is 0 [ 38.392295][ T328] usb 3-1: config 127 has no interface number 0 [ 38.398789][ T328] usb 3-1: config 127 interface 208 has no altsetting 0 [ 38.407411][ T328] usb 3-1: New USB device found, idVendor=35bc, idProduct=0107, bcdDevice=b8.da [ 38.416582][ T328] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 38.424643][ T328] usb 3-1: Product: syz [ 38.428863][ T328] usb 3-1: Manufacturer: syz [ 38.433475][ T328] usb 3-1: SerialNumber: syz [ 38.451292][ T541] syzkaller0: entered promiscuous mode [ 38.456946][ T541] syzkaller0: entered allmulticast mode [ 38.498294][ T340] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 38.650991][ T340] usb 2-1: Using ep0 maxpacket: 32 [ 38.656479][ T328] usb 3-1: USB disconnect, device number 4 [ 38.664594][ T340] usb 2-1: config index 0 descriptor too short (expected 29220, got 36) [ 38.673185][ T340] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 38.682930][ T340] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 38.691988][ T340] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 38.701747][ T63] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 38.709639][ T340] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 38.719612][ T340] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 38.732793][ T340] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 38.742675][ T340] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 38.752004][ T340] usb 2-1: config 0 descriptor?? [ 38.888091][ T63] usb 1-1: Using ep0 maxpacket: 32 [ 38.894464][ T63] usb 1-1: config 1 interface 0 altsetting 5 bulk endpoint 0x82 has invalid maxpacket 1023 [ 38.904632][ T63] usb 1-1: config 1 interface 0 altsetting 5 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 38.917585][ T63] usb 1-1: config 1 interface 0 has no altsetting 0 [ 38.927174][ T63] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 38.936446][ T63] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 38.944577][ T63] usb 1-1: Product: syz [ 38.948905][ T63] usb 1-1: Manufacturer: syz [ 38.953607][ T63] usb 1-1: SerialNumber: syz [ 38.959503][ T531] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 38.962395][ T541] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22 [ 38.969001][ T531] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 38.984450][ T542] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 38.993528][ T542] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 39.002935][ T542] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 39.008937][ T45] usbhid 4-1:0.0: can't add hid device: -71 [ 39.011767][ T542] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 39.018237][ T45] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 39.031635][ T340] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 39.052891][ T45] usb 4-1: USB disconnect, device number 4 [ 39.058607][ T340] usb 2-1: USB disconnect, device number 4 [ 39.072997][ T340] usblp0: removed [ 39.179176][ T63] usb 1-1: bad CDC descriptors [ 39.186927][ T63] usb 1-1: USB disconnect, device number 4 [ 39.308082][ T31] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 39.458071][ T31] usb 3-1: Using ep0 maxpacket: 16 [ 39.466519][ T31] usb 3-1: unable to get BOS descriptor or descriptor too short [ 39.474933][ T31] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 39.482757][ T31] usb 3-1: can't read configurations, error -71 [ 39.498087][ T340] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 39.574823][ T568] syz.3.62 (568): /proc/567/oom_adj is deprecated, please use /proc/567/oom_score_adj instead. [ 39.648028][ T340] usb 2-1: Using ep0 maxpacket: 16 [ 39.666418][ T340] usb 2-1: unable to get BOS descriptor or descriptor too short [ 39.678787][ T340] usb 2-1: config 3 has an invalid interface number: 242 but max is 0 [ 39.697236][ T340] usb 2-1: config 3 has no interface number 0 [ 39.704991][ T340] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=18.b3 [ 39.714360][ T340] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 39.722712][ T340] usb 2-1: Product: syz [ 39.734309][ T340] usb 2-1: Manufacturer: syz [ 39.739138][ T340] usb 2-1: SerialNumber: syz [ 39.751815][ T340] r8152-cfgselector 2-1: Unknown version 0x0000 [ 39.810904][ T579] FAULT_INJECTION: forcing a failure. [ 39.810904][ T579] name failslab, interval 1, probability 0, space 0, times 0 [ 39.823963][ T579] CPU: 1 UID: 0 PID: 579 Comm: syz.0.66 Not tainted syzkaller #0 8cfc209e52ea19d19d7bf60324c052393309520c [ 39.823997][ T579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 39.824009][ T579] Call Trace: [ 39.824015][ T579] [ 39.824030][ T579] __dump_stack+0x21/0x30 [ 39.824070][ T579] dump_stack_lvl+0x140/0x1c0 [ 39.824092][ T579] ? __cfi_dump_stack_lvl+0x10/0x10 [ 39.824115][ T579] dump_stack+0x19/0x20 [ 39.824136][ T579] should_fail_ex+0x3d7/0x530 [ 39.824161][ T579] should_failslab+0xac/0x100 [ 39.824179][ T579] __kmalloc_node_track_caller_noprof+0x68/0x4f0 [ 39.824206][ T579] ? security_context_to_sid_core+0xde/0x5c0 [ 39.824227][ T579] ? vfs_getxattr+0x2a0/0x2b0 [ 39.824251][ T579] kmemdup_nul+0x5a/0x1a0 [ 39.824273][ T579] security_context_to_sid_core+0xde/0x5c0 [ 39.824292][ T579] ? revert_creds+0xbb/0x150 [ 39.824312][ T579] ? ovl_other_xattr_get+0x114/0x160 [ 39.824338][ T579] ? security_context_to_sid+0x60/0x60 [ 39.824370][ T579] ? kasan_save_alloc_info+0x40/0x50 [ 39.824393][ T579] ? __cfi_ovl_other_xattr_get+0x10/0x10 [ 39.824483][ T579] ? __vfs_getxattr+0x421/0x450 [ 39.824506][ T579] security_context_to_sid_default+0x3f/0x50 [ 39.824526][ T579] inode_doinit_use_xattr+0x1a7/0x550 [ 39.824544][ T579] ? __cfi_ovl_get_dir_xattr_val+0x10/0x10 [ 39.824569][ T579] inode_doinit_with_dentry+0x770/0xde0 [ 39.824587][ T579] ? unlock_new_inode+0x89/0xd0 [ 39.824607][ T579] ? sb_finish_set_opts+0xa40/0xa40 [ 39.824631][ T579] ? __cfi_ovl_get_inode+0x10/0x10 [ 39.824645][ T579] selinux_d_instantiate+0x2b/0x40 [ 39.824669][ T579] security_d_instantiate+0xb8/0xf0 [ 39.824695][ T579] d_instantiate+0x59/0xb0 [ 39.824717][ T579] ovl_instantiate+0x1ef/0x2f0 [ 39.824738][ T579] ? __cfi__raw_spin_lock+0x10/0x10 [ 39.824758][ T579] ? ovl_create_or_link+0x1530/0x1530 [ 39.824780][ T579] ? ovl_copyattr+0x4e6/0x6c0 [ 39.824803][ T579] ? __kasan_check_read+0x15/0x20 [ 39.824826][ T579] ? ovl_dir_modified+0x128/0x190 [ 39.824849][ T579] ovl_create_or_link+0xe57/0x1530 [ 39.824880][ T579] ? ovl_create_object+0x340/0x340 [ 39.824901][ T579] ? _raw_spin_lock+0x92/0x120 [ 39.824919][ T579] ? __cfi__raw_spin_lock+0x10/0x10 [ 39.824938][ T579] ? __kasan_check_write+0x18/0x20 [ 39.824961][ T579] ? _raw_spin_lock+0x92/0x120 [ 39.824979][ T579] ? from_vfsgid+0x76/0xb0 [ 39.825001][ T579] ? inode_init_owner+0x1ed/0x3a0 [ 39.825023][ T579] ovl_create_object+0x240/0x340 [ 39.825043][ T579] ? ovl_get_acl+0x70/0x70 [ 39.825063][ T579] ? __cfi_ovl_permission+0x10/0x10 [ 39.825089][ T579] ? selinux_inode_mkdir+0x26/0x30 [ 39.825109][ T579] ovl_mkdir+0x2f/0x40 [ 39.825128][ T579] vfs_mkdir+0x585/0x820 [ 39.825149][ T579] do_mkdirat+0x240/0x530 [ 39.825168][ T579] ? __cfi_do_mkdirat+0x10/0x10 [ 39.825188][ T579] ? getname_flags+0x208/0x700 [ 39.825213][ T579] __x64_sys_mkdirat+0x8b/0xa0 [ 39.825234][ T579] x64_sys_call+0x2ba8/0x2ee0 [ 39.825259][ T579] do_syscall_64+0x57/0xf0 [ 39.825277][ T579] ? clear_bhb_loop+0x50/0xa0 [ 39.825299][ T579] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 39.825319][ T579] RIP: 0033:0x7fc8c459cdd9 [ 39.825342][ T579] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 39.825368][ T579] RSP: 002b:00007fc8c54cd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 39.825390][ T579] RAX: ffffffffffffffda RBX: 00007fc8c4815fa0 RCX: 00007fc8c459cdd9 [ 39.825404][ T579] RDX: 00000000000001c0 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 39.825418][ T579] RBP: 00007fc8c54cd090 R08: 0000000000000000 R09: 0000000000000000 [ 39.825430][ T579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 39.825442][ T579] R13: 00007fc8c4816038 R14: 00007fc8c4815fa0 R15: 00007ffd67c82868 [ 39.825488][ T579] [ 39.825497][ T579] SELinux: inode_doinit_use_xattr: context_to_sid(root:object_r:user_tmpfs_t) returned 12 for dev=overlay ino=127 [ 40.064161][ T340] r8152-cfgselector 2-1: Unknown version 0x0000 [ 40.064235][ T340] r8153_ecm 2-1:3.242: More than one union descriptor, skipping ... [ 40.159032][ T584] rust_binder: Error while translating object. [ 40.165054][ T340] r8152-cfgselector 2-1: bad CDC descriptors [ 40.173856][ C1] BUG: TASK stack guard page was hit at ffffc9000dbbfed8 (stack is ffffc9000dbc0000..ffffc9000dbc8000) [ 40.173906][ C1] Oops: stack guard page: 0000 [#1] PREEMPT SMP KASAN PTI [ 40.174039][ C1] CPU: 1 UID: 0 PID: 584 Comm: syz.2.68 Not tainted syzkaller #0 8cfc209e52ea19d19d7bf60324c052393309520c [ 40.174061][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 40.174071][ C1] RIP: 0010:get_page_from_freelist+0x1f/0x4a20 [ 40.174108][ C1] Code: 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec a0 02 00 00 49 89 cf <89> bc 24 a0 00 00 00 65 48 8b 04 25 28 00 00 00 48 89 84 24 80 02 [ 40.174123][ C1] RSP: 0018:ffffc9000dbbfee0 EFLAGS: 00010282 [ 40.174138][ C1] RAX: 0000000000000100 RBX: 0000000000000002 RCX: ffffc9000dbc0250 [ 40.174150][ C1] RDX: 0000000000000101 RSI: 0000000000000002 RDI: 0000000000192000 [ 40.174161][ C1] RBP: ffffc9000dbc01b0 R08: ffffffff876aae23 R09: 1ffffffff0ed55c4 [ 40.174174][ C1] R10: dffffc0000000000 R11: fffffbfff0ed55c5 R12: 0000000000000680 [ 40.174186][ C1] R13: dffffc0000000000 R14: 1ffff92001b7803c R15: ffffc9000dbc0250 [ 40.174199][ C1] FS: 00007f761fde56c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 40.174215][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.174227][ C1] CR2: ffffc9000dbbfed8 CR3: 0000000133464000 CR4: 00000000003526b0 [ 40.174244][ C1] Call Trace: [ 40.174250][ C1] [ 40.174259][ C1] ? __kasan_check_read+0x15/0x20 [ 40.174290][ C1] ? static_key_count+0x45/0x70 [ 40.174310][ C1] ? gfp_to_alloc_flags_cma+0x96/0x1c0 [ 40.174333][ C1] ? __cfi_gfp_zone+0x10/0x10 [ 40.174357][ C1] ? __alloc_pages_noprof+0x35f/0x7e0 [ 40.174377][ C1] ? unwind_next_frame+0x3c1/0x750 [ 40.174397][ C1] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 40.174416][ C1] ? _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x3c7/0x2810 [ 40.174445][ C1] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 40.174468][ C1] ? _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x3c7/0x2810 [ 40.174494][ C1] ? stack_depot_save_flags+0x672/0x800 [ 40.174522][ C1] ? stack_depot_save+0x12/0x20 [ 40.174543][ C1] ? save_stack+0x133/0x240 [ 40.174559][ C1] ? free_contig_range+0x260/0x260 [ 40.174581][ C1] ? __reset_page_owner+0x450/0x450 [ 40.174597][ C1] ? post_alloc_hook+0x3b8/0x3f0 [ 40.174614][ C1] ? prep_new_page+0x20/0x120 [ 40.174631][ C1] ? get_page_from_freelist+0x496e/0x4a20 [ 40.174650][ C1] ? __alloc_pages_noprof+0x35f/0x7e0 [ 40.174669][ C1] ? stack_depot_save_flags+0x672/0x800 [ 40.174690][ C1] ? kasan_save_track+0x4f/0x80 [ 40.174718][ C1] ? kasan_save_free_info+0x4a/0x60 [ 40.174738][ C1] ? __kasan_slab_free+0x5f/0x80 [ 40.174780][ C1] ? kfree+0x158/0x440 [ 40.174801][ C1] ? krealloc_noprof+0xfa/0x130 [ 40.174826][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel5alloc4kbox3BoxINtNtNtB4_3mem12maybe_uninit11MaybeUninitINtNtBN_6rbtree4NodejmEENtNtBL_9allocator7KmallocEECskDQVOo9v79Q_16rust_binder_main+0x114/0x360 [ 40.174867][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x18b7/0x2660 [ 40.174904][ C1] ? _RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x16ed/0x5c60 [ 40.174938][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCskDQVOo9v79Q_16rust_binder_main10allocation10AllocationEBK_+0x1a/0xf0 [ 40.174963][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x7a55/0x9130 [ 40.175000][ C1] ? _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x3c7/0x2810 [ 40.175025][ C1] ? kvm_sched_clock_read+0x15/0x30 [ 40.175045][ C1] ? sched_clock_noinstr+0xd/0x30 [ 40.175061][ C1] ? __set_page_owner+0x8e/0x600 [ 40.175074][ C1] ? __kasan_check_read+0x15/0x20 [ 40.175092][ C1] ? __zone_watermark_ok+0x134/0x630 [ 40.175110][ C1] ? __cfi___set_page_owner+0x10/0x10 [ 40.175126][ C1] ? __cfi___zone_watermark_ok+0x10/0x10 [ 40.175145][ C1] ? kasan_unpoison+0x4a/0x70 [ 40.175167][ C1] ? post_alloc_hook+0x3b8/0x3f0 [ 40.175185][ C1] ? __cfi_post_alloc_hook+0x10/0x10 [ 40.175202][ C1] ? gfp_to_alloc_flags_cma+0x1c0/0x1c0 [ 40.175224][ C1] ? _raw_spin_trylock+0xb5/0x140 [ 40.175239][ C1] ? __cfi__raw_spin_trylock+0x10/0x10 [ 40.175257][ C1] ? prep_new_page+0x20/0x120 [ 40.175274][ C1] ? get_page_from_freelist+0x496e/0x4a20 [ 40.175306][ C1] ? __alloc_pages_noprof+0x7e0/0x7e0 [ 40.175326][ C1] ? static_key_count+0x45/0x70 [ 40.175342][ C1] ? gfp_to_alloc_flags_cma+0x96/0x1c0 [ 40.175365][ C1] ? __cfi_gfp_zone+0x1/0x10 [ 40.175389][ C1] ? __alloc_pages_noprof+0x35f/0x7e0 [ 40.175408][ C1] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 40.175427][ C1] ? unwind_get_return_address+0x51/0x90 [ 40.175446][ C1] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 40.175463][ C1] ? arch_stack_walk+0x10a/0x170 [ 40.175494][ C1] ? stack_trace_save+0xaa/0x100 [ 40.175510][ C1] ? stack_depot_save_flags+0x672/0x800 [ 40.175534][ C1] ? kasan_save_track+0x4f/0x80 [ 40.175556][ C1] ? kasan_save_track+0x3e/0x80 [ 40.175579][ C1] ? kasan_save_free_info+0x4a/0x60 [ 40.175600][ C1] ? __kasan_slab_free+0x5f/0x80 [ 40.175615][ C1] ? kfree+0x158/0x440 [ 40.175635][ C1] ? krealloc_noprof+0xfa/0x130 [ 40.175657][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel5alloc4kbox3BoxINtNtNtB4_3mem12maybe_uninit11MaybeUninitINtNtBN_6rbtree4NodejmEENtNtBL_9allocator7KmallocEECskDQVOo9v79Q_16rust_binder_main+0x114/0x360 [ 40.175696][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x18b7/0x2660 [ 40.175729][ C1] ? _RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x16ed/0x5c60 [ 40.175762][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCskDQVOo9v79Q_16rust_binder_main10allocation10AllocationEBK_+0x1a/0xf0 [ 40.175785][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x7a55/0x9130 [ 40.175815][ C1] ? _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x3c7/0x2810 [ 40.175840][ C1] ? _RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_17transaction_innerEB8_+0xb22/0x1290 [ 40.175896][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x15b0/0xaf80 [ 40.175924][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x1192/0x5c20 [ 40.175946][ C1] ? __se_sys_ioctl+0x135/0x1b0 [ 40.175967][ C1] ? __x64_sys_ioctl+0x7f/0xa0 [ 40.175981][ C1] ? x64_sys_call+0x1878/0x2ee0 [ 40.176006][ C1] ? do_syscall_64+0x57/0xf0 [ 40.176022][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 40.176045][ C1] ? _RNvMs_NtNtCs1ewLyjEZ7Le_6kernel5alloc9allocatorNtB4_7Kmalloc14aligned_layout+0x9a/0x180 [ 40.176071][ C1] ? kasan_save_free_info+0x4a/0x60 [ 40.176092][ C1] ? __kasan_slab_free+0x5f/0x80 [ 40.176107][ C1] ? kfree+0x158/0x440 [ 40.176127][ C1] ? krealloc_noprof+0xfa/0x130 [ 40.176151][ C1] ? krealloc_noprof+0xfa/0x130 [ 40.176173][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel5alloc4kbox3BoxINtNtNtB4_3mem12maybe_uninit11MaybeUninitINtNtBN_6rbtree4NodejmEENtNtBL_9allocator7KmallocEECskDQVOo9v79Q_16rust_binder_main+0x114/0x360 [ 40.176212][ C1] ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel5alloc4kbox3BoxINtNtNtB4_3mem12maybe_uninit11MaybeUninitINtNtBN_6rbtree4NodejmEENtNtBL_9allocator7KmallocEECskDQVOo9v79Q_16rust_binder_main+0x10/0x10 [ 40.176251][ C1] ? _RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreemINtNtNtB7_4list3arc7ListArcNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoKyd703a5263dcc8650_EE9raw_entryB1i_+0x413/0x580 [ 40.176318][ C1] ? __cfi__RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreemINtNtNtB7_4list3arc7ListArcNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoKyd703a5263dcc8650_EE9raw_entryB1i_+0x10/0x10 [ 40.176363][ C1] ? __kasan_check_write+0x18/0x20 [ 40.176383][ C1] ? _raw_spin_lock+0x92/0x120 [ 40.176398][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 40.176416][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x18b7/0x2660 [ 40.176449][ C1] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x10/0x10 [ 40.176486][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ef/0x3d0 [ 40.176516][ C1] ? __asan_memcpy+0x5a/0x80 [ 40.176537][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ef/0x3d0 [ 40.176566][ C1] ? __cfi__RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x10/0x10 [ 40.176595][ C1] ? __kasan_check_write+0x18/0x20 [ 40.176616][ C1] ? _raw_spin_lock+0x92/0x120 [ 40.176633][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 40.176654][ C1] ? _RINvMs4_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x6a9/0xc70 [ 40.176690][ C1] ? __asan_memcpy+0x5a/0x80 [ 40.176711][ C1] ? _RINvMs4_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x5f4/0xc70 [ 40.176747][ C1] ? __cfi__RINvMs4_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x10/0x10 [ 40.176783][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ef/0x3d0 [ 40.176811][ C1] ? __asan_memcpy+0x5a/0x80 [ 40.176833][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ef/0x3d0 [ 40.176860][ C1] ? __kasan_check_write+0x18/0x20 [ 40.176882][ C1] ? __cfi__RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x10/0x10 [ 40.176911][ C1] ? __kasan_check_write+0x18/0x20 [ 40.176932][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 40.176949][ C1] ? _RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x308/0x5c60 [ 40.176985][ C1] ? __asan_memcpy+0x5a/0x80 [ 40.177006][ C1] ? _RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x16ed/0x5c60 [ 40.177046][ C1] ? plist_check_list+0x2a1/0x2c0 [ 40.177064][ C1] ? __cfi__RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x10/0x10 [ 40.177098][ C1] ? plist_add+0x513/0x5a0 [ 40.177134][ C1] ? kvm_sched_clock_read+0x15/0x30 [ 40.177157][ C1] ? sched_clock_noinstr+0xd/0x30 [ 40.177178][ C1] ? __kasan_check_read+0x15/0x20 [ 40.177198][ C1] ? psi_group_change+0xaae/0x1090 [ 40.177218][ C1] ? enqueue_task_rt+0x99c/0xfd0 [ 40.177239][ C1] ? psi_task_change+0x24c/0x4d0 [ 40.177258][ C1] ? enqueue_task+0x1157/0x1210 [ 40.177283][ C1] ? native_smp_send_reschedule+0x3d/0x60 [ 40.177306][ C1] ? ttwu_do_activate+0x1eb/0x610 [ 40.177322][ C1] ? resched_curr+0x1db/0x440 [ 40.177343][ C1] ? arch_scale_cpu_capacity+0x1c/0xb0 [ 40.177370][ C1] ? __cfi_resched_curr+0x10/0x10 [ 40.177391][ C1] ? update_rq_clock+0x325/0x7d0 [ 40.177412][ C1] ? ttwu_do_activate+0x610/0x610 [ 40.177429][ C1] ? __kasan_check_read+0x15/0x20 [ 40.177450][ C1] ? task_woken_rt+0x70/0x260 [ 40.177467][ C1] ? ttwu_do_activate+0x334/0x610 [ 40.177485][ C1] ? try_to_wake_up+0x1172/0x1fa0 [ 40.177502][ C1] ? __kasan_check_write+0x18/0x20 [ 40.177523][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 40.177540][ C1] ? __cfi_try_to_wake_up+0x10/0x10 [ 40.177558][ C1] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 40.177575][ C1] ? swake_up_one+0x14b/0x160 [ 40.177600][ C1] ? swake_up_one_online+0x4d/0xf0 [ 40.177621][ C1] ? __rcu_report_exp_rnp+0x1a9/0x1b0 [ 40.177645][ C1] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 40.177665][ C1] ? __rb_erase_color+0xb33/0xb50 [ 40.177684][ C1] ? __cfi_min_vruntime_cb_rotate+0x10/0x10 [ 40.177709][ C1] ? xfd_validate_state+0x68/0x140 [ 40.177729][ C1] ? save_fpregs_to_fpstate+0x196/0x220 [ 40.177746][ C1] ? __kasan_check_write+0x18/0x20 [ 40.177767][ C1] ? __switch_to+0xc4f/0x1300 [ 40.177790][ C1] ? __cfi_sched_clock_cpu+0x10/0x10 [ 40.177811][ C1] ? __cfi___switch_to+0x10/0x10 [ 40.177832][ C1] ? psi_task_switch+0xad/0xa10 [ 40.177849][ C1] ? _raw_spin_unlock+0x45/0x60 [ 40.177865][ C1] ? finish_task_switch+0x139/0x760 [ 40.177883][ C1] ? __switch_to_asm+0x3d/0x70 [ 40.177905][ C1] ? __schedule+0x13a1/0x1fa0 [ 40.177925][ C1] ? console_flush_all+0xa12/0xac0 [ 40.177953][ C1] ? __sched_text_start+0x10/0x10 [ 40.177972][ C1] ? __console_rewind_all+0x170/0x170 [ 40.177992][ C1] ? __kasan_check_write+0x18/0x20 [ 40.178011][ C1] ? _RNvMs_NtNtCs1ewLyjEZ7Le_6kernel5alloc9allocatorNtB4_7Kmalloc14aligned_layout+0x9a/0x180 [ 40.178035][ C1] ? __cfi__RNvMs_NtNtCs1ewLyjEZ7Le_6kernel5alloc9allocatorNtB4_7Kmalloc14aligned_layout+0x10/0x10 [ 40.178059][ C1] ? __cfi_llist_add_batch+0x10/0x10 [ 40.178078][ C1] ? preempt_schedule_common+0x2d/0x60 [ 40.178114][ C1] ? preempt_schedule+0xc5/0xe0 [ 40.178132][ C1] ? __cfi_preempt_schedule+0x10/0x10 [ 40.178151][ C1] ? krealloc_noprof+0xfa/0x130 [ 40.178174][ C1] ? _RNvNtCs1ewLyjEZ7Le_6kernel5alloc20dangling_from_layout+0x11/0x20 [ 40.178197][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main6thread18ScatterGatherStateEEB16_+0x396/0x820 [ 40.178237][ C1] ? irq_work_queue+0xc2/0x160 [ 40.178262][ C1] ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main6thread18ScatterGatherStateEEB16_+0x10/0x10 [ 40.178306][ C1] ? vprintk_emit+0x3e3/0x650 [ 40.178325][ C1] ? __cfi_vprintk_emit+0x10/0x10 [ 40.178342][ C1] ? _RINvMNtCskDQVOo9v79Q_16rust_binder_main10allocationNtB3_10Allocation5writeyEB5_+0x47c/0x760 [ 40.178366][ C1] ? __cfi__RINvMNtCskDQVOo9v79Q_16rust_binder_main10allocationNtB3_10Allocation5writeyEB5_+0x10/0x10 [ 40.178389][ C1] ? vprintk_default+0x2a/0x40 [ 40.178407][ C1] ? vprintk+0x93/0xa0 [ 40.178428][ C1] ? _printk+0xde/0x140 [ 40.178446][ C1] ? __cfi___check_object_size+0x10/0x10 [ 40.178470][ C1] ? __cfi__printk+0x10/0x10 [ 40.178487][ C1] ? _copy_from_user+0x87/0xa0 [ 40.178503][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCskDQVOo9v79Q_16rust_binder_main10allocation10AllocationEBK_+0x1a/0xf0 [ 40.178528][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x7a48/0x9130 [ 40.178559][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x7a55/0x9130 [ 40.178599][ C1] ? __cfi__RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x10/0x10 [ 40.178686][ C1] ? detach_entity_load_avg+0x7b0/0x7b0 [ 40.178711][ C1] ? cgroup_rstat_updated+0x141/0x810 [ 40.178728][ C1] ? __cfi_min_vruntime_cb_rotate+0x10/0x10 [ 40.178752][ C1] ? __cfi_cgroup_rstat_updated+0x10/0x10 [ 40.178769][ C1] ? __cgroup_account_cputime+0xa5/0xd0 [ 40.178791][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 40.178813][ C1] ? kernel_text_address+0xa9/0xe0 [ 40.178837][ C1] ? __kasan_check_write+0x18/0x20 [ 40.178863][ C1] ? _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x3c7/0x2810 [ 40.178887][ C1] ? krealloc_noprof+0x8d/0x130 [ 40.178909][ C1] ? _RINvMNtNtCs1ewLyjEZ7Le_6kernel4list3arcINtB3_7ListArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtBS_11DeliverCodeEE8pin_initNtNtB7_5error5ErrorINtNtNtB7_4init10___internal11InitClosureNCNvMs0_BS_BP_11arc_try_news0_0BP_B1Z_EEBS_+0x124/0x850 [ 40.178962][ C1] ? _RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_17transaction_innerEB8_+0xa2f/0x1290 [ 40.178998][ C1] ? __cfi__RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x10/0x10 [ 40.179025][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 40.179045][ C1] ? __kasan_kmalloc+0x96/0xb0 [ 40.179061][ C1] ? __kmalloc_node_track_caller_noprof+0x251/0x4f0 [ 40.179085][ C1] ? _RINvMNtNtCs1ewLyjEZ7Le_6kernel4list3arcINtB3_7ListArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtBS_11DeliverCodeEE8pin_initNtNtB7_5error5ErrorINtNtNtB7_4init10___internal11InitClosureNCNvMs0_BS_BP_11arc_try_news0_0BP_B1Z_EEBS_+0x124/0x850 [ 40.179219][ C1] ? __asan_memset+0x39/0x50 [ 40.179242][ C1] ? _RINvMNtNtCs1ewLyjEZ7Le_6kernel4list3arcINtB3_7ListArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtBS_11DeliverCodeEE8pin_initNtNtB7_5error5ErrorINtNtNtB7_4init10___internal11InitClosureNCNvMs0_BS_BP_11arc_try_news0_0BP_B1Z_EEBS_+0x2ff/0x850 [ 40.179290][ C1] ? __cfi_slow_avc_audit+0x10/0x10 [ 40.179314][ C1] ? __cfi__RINvMNtNtCs1ewLyjEZ7Le_6kernel4list3arcINtB3_7ListArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtBS_11DeliverCodeEE8pin_initNtNtB7_5error5ErrorINtNtNtB7_4init10___internal11InitClosureNCNvMs0_BS_BP_11arc_try_news0_0BP_B1Z_EEBS_+0x10/0x10 [ 40.179363][ C1] ? avc_has_perm_noaudit+0x2bd/0x360 [ 40.179387][ C1] ? avc_has_perm+0x1ec/0x240 [ 40.179409][ C1] ? avc_has_perm+0x211/0x240 [ 40.179432][ C1] ? _RNvNtCs1ewLyjEZ7Le_6kernel5error9to_result+0x85/0x1e0 [ 40.179498][ C1] ? __cfi__RNvNtCs1ewLyjEZ7Le_6kernel5error9to_result+0x10/0x10 [ 40.179520][ C1] ? __kasan_check_write+0x18/0x20 [ 40.179541][ C1] ? _raw_spin_lock+0x92/0x120 [ 40.179559][ C1] ? selinux_binder_transaction+0x165/0x1d0 [ 40.179576][ C1] ? _RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_17transaction_innerEB8_+0xb22/0x1290 [ 40.179611][ C1] ? __cfi__RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_17transaction_innerEB8_+0x10/0x10 [ 40.179648][ C1] ? __kasan_check_write+0x18/0x20 [ 40.179669][ C1] ? _raw_spin_lock+0x92/0x120 [ 40.179685][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 40.179702][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x155c/0xaf80 [ 40.179730][ C1] ? __asan_memcpy+0x5a/0x80 [ 40.179751][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x15b0/0xaf80 [ 40.179791][ C1] ? __cfi__RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x10/0x10 [ 40.179851][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 40.179875][ C1] ? kernel_text_address+0xa9/0xe0 [ 40.179896][ C1] ? __kasan_check_write+0x18/0x20 [ 40.179917][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 40.179935][ C1] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 40.179954][ C1] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 40.179972][ C1] ? stack_depot_save_flags+0x399/0x800 [ 40.179996][ C1] ? kasan_save_track+0x4f/0x80 [ 40.180022][ C1] ? kasan_save_track+0x3e/0x80 [ 40.180045][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 40.180065][ C1] ? __kasan_kmalloc+0x96/0xb0 [ 40.180080][ C1] ? __kmalloc_cache_noprof+0x23c/0x470 [ 40.180111][ C1] ? __set_page_owner+0x2af/0x600 [ 40.180128][ C1] ? post_alloc_hook+0x3b8/0x3f0 [ 40.180146][ C1] ? prep_new_page+0x20/0x120 [ 40.180162][ C1] ? get_page_from_freelist+0x496e/0x4a20 [ 40.180182][ C1] ? __alloc_pages_noprof+0x35f/0x7e0 [ 40.180201][ C1] ? alloc_slab_page+0x6b/0x1e0 [ 40.180217][ C1] ? allocate_slab+0x69/0x420 [ 40.180232][ C1] ? ___slab_alloc+0x5a2/0x8d0 [ 40.180246][ C1] ? __kmalloc_node_track_caller_noprof+0x2e6/0x4f0 [ 40.180270][ C1] ? krealloc_noprof+0x8d/0x130 [ 40.180293][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process18get_current_thread+0x4c5/0x1d80 [ 40.180322][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x3e3/0x5c20 [ 40.180346][ C1] ? __se_sys_ioctl+0x135/0x1b0 [ 40.180361][ C1] ? __x64_sys_ioctl+0x7f/0xa0 [ 40.180377][ C1] ? x64_sys_call+0x1878/0x2ee0 [ 40.180400][ C1] ? do_syscall_64+0x57/0xf0 [ 40.180416][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 40.180440][ C1] ? __kasan_check_write+0x18/0x20 [ 40.180462][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 40.180480][ C1] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 40.180507][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 40.180529][ C1] ? kernel_text_address+0xa9/0xe0 [ 40.180567][ C1] ? __kasan_check_write+0x18/0x20 [ 40.180588][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 40.180605][ C1] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 40.180628][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 40.180650][ C1] ? kernel_text_address+0xa9/0xe0 [ 40.180670][ C1] ? __kasan_check_write+0x18/0x20 [ 40.180692][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 40.180709][ C1] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 40.180728][ C1] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 40.180747][ C1] ? stack_depot_save_flags+0x399/0x800 [ 40.180769][ C1] ? kasan_save_track+0x4f/0x80 [ 40.180787][ C1] ? kasan_save_track+0x3e/0x80 [ 40.180805][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 40.180826][ C1] ? __kasan_kmalloc+0x96/0xb0 [ 40.180847][ C1] ? __kmalloc_node_track_caller_noprof+0x251/0x4f0 [ 40.180871][ C1] ? krealloc_noprof+0x8d/0x130 [ 40.180897][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process18get_current_thread+0x84c/0x1d80 [ 40.180930][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x3e3/0x5c20 [ 40.180953][ C1] ? __se_sys_ioctl+0x135/0x1b0 [ 40.180968][ C1] ? __x64_sys_ioctl+0x7f/0xa0 [ 40.180983][ C1] ? x64_sys_call+0x1878/0x2ee0 [ 40.181007][ C1] ? do_syscall_64+0x57/0xf0 [ 40.181024][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 40.181048][ C1] ? _RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreelINtNtNtB7_4sync3arc3ArcNtNtCskDQVOo9v79Q_16rust_binder_main6thread6ThreadEE9raw_entryB1e_+0x416/0x580 [ 40.181093][ C1] ? __cfi__RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreelINtNtNtB7_4sync3arc3ArcNtNtCskDQVOo9v79Q_16rust_binder_main6thread6ThreadEE9raw_entryB1e_+0x10/0x10 [ 40.181130][ C1] ? __kasan_check_write+0x18/0x20 [ 40.181153][ C1] ? _raw_spin_lock+0x92/0x120 [ 40.181170][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 40.181187][ C1] ? _raw_spin_unlock+0x45/0x60 [ 40.181203][ C1] ? __asan_set_shadow_00+0x12/0x20 [ 40.181222][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process18get_current_thread+0x102f/0x1d80 [ 40.181253][ C1] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 40.181286][ C1] ? __kasan_check_write+0x18/0x20 [ 40.181309][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel4sync3arc3ArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtNtB1o_4node4NodeEEEB1o_+0x155/0x4a0 [ 40.181354][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 40.181375][ C1] ? kernel_text_address+0xa9/0xe0 [ 40.181395][ C1] ? __kernel_text_address+0x11/0x40 [ 40.181415][ C1] ? unwind_get_return_address+0x51/0x90 [ 40.181435][ C1] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 40.181452][ C1] ? arch_stack_walk+0x10a/0x170 [ 40.181478][ C1] ? stack_trace_save+0xaa/0x100 [ 40.181495][ C1] ? stack_depot_save_flags+0x38/0x800 [ 40.181518][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x113c/0x5c20 [ 40.181541][ C1] ? __asan_memcpy+0x5a/0x80 [ 40.181562][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x1192/0x5c20 [ 40.181586][ C1] ? _raw_spin_trylock+0xb5/0x140 [ 40.181636][ C1] ? __cfi__RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x10/0x10 [ 40.181660][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 40.181681][ C1] ? kernel_text_address+0xa9/0xe0 [ 40.181702][ C1] ? __kasan_check_write+0x18/0x20 [ 40.181724][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 40.181741][ C1] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 40.181759][ C1] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 40.181777][ C1] ? stack_depot_save_flags+0x399/0x800 [ 40.181800][ C1] ? kasan_save_track+0x4f/0x80 [ 40.181823][ C1] ? kasan_save_track+0x3e/0x80 [ 40.181846][ C1] ? kasan_save_free_info+0x4a/0x60 [ 40.181866][ C1] ? __kasan_slab_free+0x5f/0x80 [ 40.181881][ C1] ? kfree+0x158/0x440 [ 40.181901][ C1] ? krealloc_noprof+0xfa/0x130 [ 40.181923][ C1] ? kvrealloc_noprof+0x59/0x120 [ 40.181945][ C1] ? _RNvMs0_NtNtCs1ewLyjEZ7Le_6kernel5alloc4kvecINtB5_3VecINtNtNtB9_4sync3arc3ArcNtNtCskDQVOo9v79Q_16rust_binder_main7process7ProcessENtNtB7_9allocator8KVmallocE7reserveB1g_+0x35f/0x700 [ 40.181981][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main16rust_binder_open+0xcf4/0x1af0 [ 40.182004][ C1] ? do_dentry_open+0x97b/0x1510 [ 40.182022][ C1] ? vfs_open+0x86/0x240 [ 40.182038][ C1] ? path_openat+0x2bb1/0x34f0 [ 40.182055][ C1] ? do_filp_open+0x1f5/0x440 [ 40.182076][ C1] ? do_sys_openat2+0x134/0x1d0 [ 40.182100][ C1] ? __x64_sys_openat+0x13a/0x170 [ 40.182119][ C1] ? x64_sys_call+0xe69/0x2ee0 [ 40.182141][ C1] ? do_syscall_64+0x57/0xf0 [ 40.182158][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 40.182181][ C1] ? __kasan_slab_free+0x6a/0x80 [ 40.182197][ C1] ? kfree+0x158/0x440 [ 40.182216][ C1] ? krealloc_noprof+0xfa/0x130 [ 40.182239][ C1] ? krealloc_noprof+0xfa/0x130 [ 40.182263][ C1] ? kvrealloc_noprof+0x66/0x120 [ 40.182284][ C1] ? _RNvMs0_NtNtCs1ewLyjEZ7Le_6kernel5alloc4kvecINtB5_3VecINtNtNtB9_4sync3arc3ArcNtNtCskDQVOo9v79Q_16rust_binder_main7process7ProcessENtNtB7_9allocator8KVmallocE30push_within_capacity_uncheckedB1g_+0x29c/0x570 [ 40.182325][ C1] ? __cfi__RNvMs0_NtNtCs1ewLyjEZ7Le_6kernel5alloc4kvecINtB5_3VecINtNtNtB9_4sync3arc3ArcNtNtCskDQVOo9v79Q_16rust_binder_main7process7ProcessENtNtB7_9allocator8KVmallocE30push_within_capacity_uncheckedB1g_+0x10/0x10 [ 40.182366][ C1] ? __cfi__RNvMs0_NtNtCs1ewLyjEZ7Le_6kernel5alloc4kvecINtB5_3VecINtNtNtB9_4sync3arc3ArcNtNtCskDQVOo9v79Q_16rust_binder_main7process7ProcessENtNtB7_9allocator8KVmallocE7reserveB1g_+0x10/0x10 [ 40.182404][ C1] ? detach_entity_load_avg+0x7b0/0x7b0 [ 40.182429][ C1] ? cgroup_rstat_updated+0x141/0x810 [ 40.182447][ C1] ? update_curr+0x6c1/0x9e0 [ 40.182472][ C1] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 40.182493][ C1] ? xfd_validate_state+0x68/0x140 [ 40.182513][ C1] ? save_fpregs_to_fpstate+0x196/0x220 [ 40.182531][ C1] ? __kasan_check_write+0x18/0x20 [ 40.182552][ C1] ? __switch_to+0xc4f/0x1300 [ 40.182573][ C1] ? __cfi_sched_clock_cpu+0x10/0x10 [ 40.182594][ C1] ? __cfi___switch_to+0x10/0x10 [ 40.182615][ C1] ? psi_task_switch+0xad/0xa10 [ 40.182634][ C1] ? _raw_spin_unlock+0x45/0x60 [ 40.182651][ C1] ? finish_task_switch+0x139/0x760 [ 40.182690][ C1] ? __switch_to_asm+0x3d/0x70 [ 40.182712][ C1] ? __schedule+0x13a1/0x1fa0 [ 40.182732][ C1] ? __sched_text_start+0x10/0x10 [ 40.182752][ C1] ? avc_has_extended_perms+0x80b/0xe70 [ 40.182776][ C1] ? __asan_memcpy+0x5a/0x80 [ 40.182797][ C1] ? avc_has_extended_perms+0x969/0xe70 [ 40.182821][ C1] ? __asan_set_shadow_00+0x12/0x20 [ 40.182840][ C1] ? do_vfs_ioctl+0x182d/0x2010 [ 40.182855][ C1] ? preempt_schedule_thunk+0x1a/0x40 [ 40.182872][ C1] ? __ia32_compat_sys_ioctl+0x920/0x920 [ 40.182889][ C1] ? try_to_wake_up+0x11f0/0x1fa0 [ 40.182905][ C1] ? stack_trace_save+0xaa/0x100 [ 40.182922][ C1] ? __cfi_try_to_wake_up+0x10/0x10 [ 40.182941][ C1] ? ioctl_has_perm+0x39a/0x500 [ 40.182961][ C1] ? has_cap_mac_admin+0xd0/0xd0 [ 40.182984][ C1] ? selinux_file_ioctl+0x732/0x1480 [ 40.183004][ C1] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 40.183024][ C1] ? do_futex+0x37d/0x510 [ 40.183052][ C1] ? __cfi_do_futex+0x10/0x10 [ 40.183072][ C1] ? __fget_files+0x2c5/0x340 [ 40.183094][ C1] ? bpf_lsm_file_ioctl+0xd/0x20 [ 40.183116][ C1] ? security_file_ioctl+0x3e/0x110 [ 40.183136][ C1] ? __cfi__RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x10/0x10 [ 40.183159][ C1] ? __se_sys_ioctl+0x135/0x1b0 [ 40.183175][ C1] ? __x64_sys_ioctl+0x7f/0xa0 [ 40.183190][ C1] ? x64_sys_call+0x1878/0x2ee0 [ 40.183212][ C1] ? do_syscall_64+0x57/0xf0 [ 40.183228][ C1] ? clear_bhb_loop+0x50/0xa0 [ 40.183246][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 40.183267][ C1] [ 40.183278][ C1] Modules linked in: [ 40.183297][ C1] ---[ end trace 0000000000000000 ]--- [ 40.183306][ C1] RIP: 0010:get_page_from_freelist+0x1f/0x4a20 [ 40.183329][ C1] Code: 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec a0 02 00 00 49 89 cf <89> bc 24 a0 00 00 00 65 48 8b 04 25 28 00 00 00 48 89 84 24 80 02 [ 40.183343][ C1] RSP: 0018:ffffc9000dbbfee0 EFLAGS: 00010282 [ 40.183357][ C1] RAX: 0000000000000100 RBX: 0000000000000002 RCX: ffffc9000dbc0250 [ 40.183369][ C1] RDX: 0000000000000101 RSI: 0000000000000002 RDI: 0000000000192000 [ 40.183380][ C1] RBP: ffffc9000dbc01b0 R08: ffffffff876aae23 R09: 1ffffffff0ed55c4 [ 40.183393][ C1] R10: dffffc0000000000 R11: fffffbfff0ed55c5 R12: 0000000000000680 [ 40.183406][ C1] R13: dffffc0000000000 R14: 1ffff92001b7803c R15: ffffc9000dbc0250 [ 40.183419][ C1] FS: 00007f761fde56c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 40.183434][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.183446][ C1] CR2: ffffc9000dbbfed8 CR3: 0000000133464000 CR4: 00000000003526b0 [ 40.183468][ C1] Kernel panic - not syncing: Fatal exception in interrupt [ 40.189185][ C1] Kernel Offset: disabled