last executing test programs:

5m4.437264923s ago: executing program 3 (id=1186):
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000406a053b000000000000010902240001000040b109040000020300010009210101000122050009058103"], 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000080)={'batadv_slave_1\x00', {0x2, 0x4e20, @broadcast}})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x891c, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0x0, @private=0xfffffffe}})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'batadv_slave_1\x00', {0x2, 0x4e21, @empty=0xe00}})
syz_usb_control_io(r1, &(0x7f0000000340)={0x2c, &(0x7f0000000040)={0x0, 0x7, 0x7, {0x7, 0x0, "00f4000000"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000002c0)={0x24, &(0x7f0000000100)={0x40, 0x22, 0x83, {0x83, 0x0, "a62112a67d1e086304583da6cd46097476fa6b108a776167af8b521432b6b571b5b28bd06db8dcbeebf94cea4212a065cc5bda58b42e3ecde34e351d3a3d1d4a2196ee7b91452fa0acf1478269215516a21519efd3721f62ed23716871f9b93afc4abbaa8cdc6028b2b3e3cc3d657e99952c0d5b4b47a59ee58290651a45616e48"}}, &(0x7f0000000380)={0x0, 0x3, 0xc8, @string={0xc8, 0x3, "e75186bdb93cc196280997c75b026c6490827e384e46b0ea4f13e20f6faae92b06024d634a8d0d5b9eaaa4809b62ece661ebe936b28c2de481de0b43019052506060b88894bfc9ac0df9c920235cab41b0a7a885c824300ed7999e5f9283c40cc8dd55b071a2a1315d8b8c0fb3405d8b2b12648df1da8bfaffee7c5c5877072c5e08ef3b69081dd4e13092458d036b70867eae41f39d1de214fb178676a3a3558b272d25ce3f635ee4a21d621017e99a14f03f44023296bc23fffa55e0cc4e497912329f7243"}}, &(0x7f0000000200)={0x0, 0x22, 0x12, {[@main=@item_4={0x3, 0x0, 0xc, "e46d556a"}, @main=@item_4={0x3, 0x0, 0xc, "32419a9f"}, @main=@item_012={0x2, 0x0, 0x8, "57fb"}, @main=@item_4={0x3, 0x0, 0xa, "a52a68f7"}]}}, &(0x7f0000000280)={0x0, 0x21, 0x9, {0x9, 0x21, 0xd, 0x5, 0x1, {0x22, 0x51d}}}}, &(0x7f00000006c0)={0x2c, &(0x7f0000000480)={0x0, 0x15, 0xcc, "149d4d9e5418ae7e680d242bd15f6cbbc777a69493c8a367264c045adb671ec8293fbd648d187cb5d32de91bc8b1326d727d554c0658f1101924b9135013a3224db2554903b80e5af511a175c9529c46f33a0966486fe1512a8a202cb11a13d75cde7a7aed14d94e397950718409aa997f93afb0a3465ddf6c41f440d9c810a87ec4139a05c5a6e15c19310c53a398c59a32dc86e248120dabe7a18689ae6d9faf9824a5e29bf2d12943994153496289812ff9a4090060d383182b5230e286f734610e484d02917f13563cab"}, &(0x7f0000000580)={0x0, 0xa, 0x1, 0x40}, &(0x7f00000005c0)={0x0, 0x8, 0x1, 0x4}, &(0x7f0000000600)={0x20, 0x1, 0x75, "9e3226985b991f50286894bb38c19d3c3938e246903452d420d753deedf192fa4c781d0c7d739d73c3103f87dd87e99cccd6a5180fb7b3678d288acee155319694435925f6c3c2613e20a4038fd800e82619cd9d61be6ccabfd8602254b9af7980e2f694dbbafe304ca6bdd861a0e2725012aacb2c"}, &(0x7f0000000680)={0x20, 0x3, 0x1, 0x1}})
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @remote}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000200)=0x8, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendmmsg$inet6(r5, &(0x7f00000016c0)=[{{&(0x7f00000004c0)={0xa, 0x4e23, 0x0, @loopback, 0x9}, 0x1c, 0x0, 0x0, &(0x7f0000000a00)=[@rthdr_2292={{0x28, 0x29, 0x39, {0xff, 0x2, 0x2, 0x1, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}}}, @rthdr={{0x18, 0x29, 0x39, {0x33212f25b1bd33bf, 0x0, 0x2, 0x7}}}], 0x40}}], 0x1, 0x4040084)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e22, 0x5, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x3}, 0x1c)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
read$FUSE(r7, &(0x7f00000029c0)={0x2020}, 0x2020)

5m3.881497184s ago: executing program 3 (id=1194):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000100)={0xfffffffc, 0xe7, 0x2, 0x34d, 0x7, "ea71061d0000000001000200", 0x0, 0x80})
r1 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r1, &(0x7f0000000380)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x2)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffd}, &(0x7f0000000000)={0x9, 0x0, 0x3837, 0x0, 0xfffffffffffffffc, 0x0, 0x7}, 0x0, 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x2, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, 0x0)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r3)
r4 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
fchdir(r5)
mount$9p_xen(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000002c0), 0x80000, &(0x7f0000000680)={'trans=xen,', {[{@msize={'msize', 0x3d, 0x4b}}]}})
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.numa_stat\x00', 0x275a, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0)
r8 = socket$xdp(0x2c, 0x3, 0x0)
bind$xdp(r8, &(0x7f0000000180)={0x2c, 0x1, 0x0, 0xc}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='tra\b\x00\x00\x00d,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',\x00'])

5m3.881182604s ago: executing program 3 (id=1195):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/dev_snmp6\x00')
getdents(r0, &(0x7f00000010c0)=""/4135, 0x1027)
mount$binderfs(0x0, &(0x7f0000000280)='./binderfs\x00', 0x0, 0x2000063, &(0x7f0000000040))

5m3.857497234s ago: executing program 3 (id=1196):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x20102) (async)
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
open(0x0, 0x1a1342, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000002c0)=0x20) (async)
openat(0xffffffffffffff9c, 0x0, 0x20842, 0x22) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) (async)
rename(&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)='./file1\x00') (async)
mkdirat(0xffffffffffffff9c, 0x0, 0x0) (async)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x200) (async)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={0x0, <r2=>0x0}, &(0x7f0000000140)=0xc)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000180)=<r3=>0x0)
sendmsg$nl_generic(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="c81000002c0000092cbd700008000000060000001400258004004a8008004200", @ANYRES32=r2, @ANYBLOB="0400b8805c0076804900a700b381500107d710857a28f9df1a794e00ef63b93c23b862f718d957b8f88d153ab5469cf739b35ba3ab32b928affa845df4bd6d9308a0399559de1c993967593bd7ef3475d90000000400ca8006004a007d0000007fcfa09a55c9fe8f7c002f5e4f7ea290062dc7725f6a501f6d94a3f27580a20ee0d886aee284cce9ce7dcc980481fae0c42750d7d50d36596462da4a9f9f81d2ba39d91dce1831b93eb7945620b1ac6070391b69ab3355a4bb73fc84e3311104e8448a3c245d1f2f355c5e137f06a17303dd3108e5b1b813d92d721214633cbd553d927f13ffb9ef7930d7c0b5af08e91bba83b565b325176e8c16c13f3c1f32af2b886708ea52fd37e960fb2768b1aaeca0badfb69cc8f4bd61e4eb7d449f578483667d033546a4464f5f718c840fa405799a658b1c73e2ef2c7314b1cb479bfd2371f7f476f483ad338efce2bc0864377ee16f23c33195a3d4f946c86c9c84654c5d455161ccaf34c85276b2d9b99cee606dabbe78b189831cfbf812752fe061f6f199dd83a6a0a042f9433ae20aec6d4c6312c3eb2c036c64da8f6ad41b3979929e1a83ac3175552ff09e46fde17f0b178bb6490dd14ecbbdf3cc0d81a4b05a832c18eaae7541b5aa9aeb0fa2bb611e2be0466b7a3a2c20b8d7ce37dcfa6c7b9db900c3a73b4a00ad34ba5e8593d4fb585ed2eaf0ddf0a4b3b9b2e27f69587ac4910debcc30f20e691eb498e203718e3ed10db7bd23196250703ed2948d5fa950807d1b636caa9716e7e0f499b5e0ec12156cd7de8178e4cfcd77e2cba36b3690698abdf7ad3d078018caaffa7f87cf43d7f348f57ecb9332adb7f5c1d681b2386e44295fe7e9f89aedd29e80652a9aa002a3e1489a7f0ad7748530da89b3204b542a19518052c31875d914abae963a9dcde1cd535d499525ed1abfe6df9a74ef33a680938a426fc5b65f1ceaec784c91529e3a0d8e2a02ad5ffce2bcf8604eacb2e17f489d4d4efa1b434bb012abdd22f68b823bcee3d6599c0f6bb1b09b39a4dac2ca386409a9ed50db5032bcbe94cb758e0df9009facdbf7d35adf584e0dd4762dea1baa1ca8380ad9638fdfda91962d3d404071ec660aed02e5a9e7ebb6187bf56ad7ed5975c163f0457408913cda59652fd37746d80a29fb4330570b1e7f91296b90cdfba9bc8f8327ebb4bf26b945ce3de30f1bc91e425807ce2c2fb358aae0dd9bf2b5b4f42ed51fa76cc3226c1724e1f254a44bdc866a173dd8e9ad011d05d828ede1cf694900093f7f8e2cbbb1df478d346f7f362d27a55c47acbaac94c157c2d70b7d2321d0d6c74b1718555e566ab1292d16680c7fccb96f52c4a9d7a4ff06bcc2f2552411d59c58e6c0bc58705931d220694af32eb87a9173a1cfbbd40f28dc6e25cf9cd7f2759e1ee89db79daef63bd06d847cbaaf6b6b355133e6f93b3f6e56cf9c793ed13b5f6466988abf3abb6a75d99b05185b08403a5ebeae18ebb681269600f5fca5a10b0616975fe670a5030d114d909bcc3fe1832ef6db1c0c6b1e77f30cc58781d70453637c517c19488171ae636e720291432f84b7c7319b6ed51d84e8d2db3a0a40bb6e8465619d00b4550625330169ad061514a2ea32874e9debbb32bd7a04cd1ec4fcc36df4e35aa1d2b19de12ccbadabb61f96456fd7f4cb3bf09701dc2124e416ef929fddb6d58e6b3e2ada1692ad49fe4f869a88b6519b21c8043baa0031e30af2c64db8ed9a86c79a66da54ec5f4f793215e671c2d9849539df2308d96711cc106fb189276d72719313ea5bbed210120d1b4437303839aa9624e399a59ce3b8c6a4d12106ca6970032e985bfbc99cad10187a0a08d708b970f5df50c96db41d5c544a3054b99a577f331060ae563c45abf059291fd4aeadfa6228e0cd88fe754fa485e8160d0bca52eae01f67da261127d9a93b98c36429aab93cd201e26bd5c5b1f507710c5a3b2771ebb88522f6f7d3e97ad0398b5a2a1669157875713e43f06e071906fe9475f6e42e01aa5cd83c438eecd985b1554b8e40200817806cd17064658352e60f955932ef08ab4e54976e99727c78a98b42606cfffabdfe716c6b66ab7b7b0af6e6fd4e6f52e7d81b910b10cc26e1da7c5630e367e3946cee7c35e4f52dfff74903cb6606c8642013cb78a531084bff78ef95b5e3c02309e928686c72aee859665013a2a3af5315eea8629d48d128c38c5cc628406ef753b05d696989d33cdaf87203632398cb5ae056ed172859593128bf271b0a02d64c7424e3628e08205aa41b32771cd84c39bd4fa9369dc1288563da67cc29b15ac63e8caab299e4f603393ec5b0d197da411cca9374cae0bef333f03c1c6e905990280c8e33d0ea753c986b77a704e1b856f46d39cb8a148524768781bc6cb0d8afaf3bb8940b0621062304aefcb223995bb0f089379600f12803947d2c0d2a13ec09c21cd4fb107d2dff9168936d68a7c414850e559932c918f6b118bbc97320059c17547805b08082ac2df3111032903f220d127a53cc21ca323a9bcd4328ed4837025d1882e8deda6ab6196fcb756e6c0839af02f529ff837a2e544e4ca3e1361fe16faf56356cae8b27c3a07c2dce47cde37250db4cadc06f3151266bfcffdc27f1c59ea150c7cca2bcd21277c9d5e65f82402799be4059043b3f1510c27430f184f37b57a48b91f667090027247af7744fa525bda1bcfebca933a4009a058e5f781edda41f9a584bb2244d7d1ce696d6d3fde75defbe23ea93cda087d26ab6cc4411bfb4a12290efc97261dbd48afec1d71562cfa3c98630cebeeacfb405053075a27e3f070d4b642b0669e4934c0ae3ddab96a4349bd75715fa7e0ce3d9e60705f3166f9f315d8eed9547bc74d0f841e0a641528b61d6cd3b6e141a27b3fd11927278fda6b2315f8c6c8ad5ef7742e0a59bd094fb92691dca2319698974dfd973a05b7d7033f569787dc3a1347bfcc82af23bd6370fe904bb0b2a831199bcc402c7687dda43f7c33b9758efd01d13a79f97f7a7ed4f3fbb3771b6d29ad3be0fc7eeb3d58118a7aa18dde3c563d763d853223b4c7f6818eebc8f496f1f782b54deb82ef9f97bb471bf0d573cccf5e6e44d904737fe50c31873ce2f5053695bbab9358bf07d49633f1c0bea78d40b2806757aaf80dd26866a57959b13369ac98b6c89ae46c6a703c4f57e8f82a9f622cfc4e96d5ffefb403ca14875fa3e23751771107b8119713443cfbdff60c539ce5341d07e2bf4c4a8e50fa902f895237f34fa74b147739285db7b382137b38363ee9ac90878efcfb6c6ddb87ab5e9db8104fc7996e0122891fa855e9081114e8865e7c9398d46882aa782334637c23a18141da3f7ec56babc16f8cd1b5d1451bcc9d77d1b349fa476315e08db81dd19541505b719df85c7b9f6d5a73d2b4007dbf8bfc9e3dcd50592d5fe672a86a79af64548037871b92df33fb15c0c773d67450ec72e937ba7b9ebe5c2e679543ca81cd7aaeb3197fecaf37feb8545f8253ac8ddfbe0cf4a31d74e9e7f321caced04fcacfaf0d1530b6f1ded7357bdc08e2d0f183091474f03c463adf89a7f2a8738569aeda18e8cf95746f361eec592e1d4fa4914596d6b3f3d5bc8106f45d2ca7b0612650185204d85b372577184d68294e556495c445511fac253996607d53db8b3d99119090f853b33e2cc469d0d02f3bf5fb0931dcb7be980a7f5036a745bf7568d58fe38d9bfa416173dcaefbb07ba7bf8ba5ef5834d2d88f7850ce7431011624e3b4f7bc2e7d103029ee9decaf81ffafab1d54c1471efe48319ef11c79f20e04e981a465310cb6f0b52c1095f02a463213783d9b080a232ae4adcdf1d10fa2b48d62fac6ebf9e7d277d1bd549715050bc6ea1931fe63e862bf1a158e0cbe4498fccafb65162d881667c62f8808450dd50ce363d51bb235dd97dbdc7dd38b982edd15f8a40cbb83622ba4fd74b1f6d1da32b34d98cddbd6fb9c1903f19fb3c8eb37fa04aebb5a37d78d3fbe819ddf2827b8c14816247d3ef0b08f284ba714c1f51e0f8a30afc14bfb8d129e8b1cc5f8778c3fe78070ac677d42a4240db31770b31702c14373cb02c5064f5632fad294b985ed7292d9d688926c03fc285de86ee766d6ba66915d308042fa6449bc67400fd1843c76a929e98e0bb199fc8a67a23f67448b65e3d02ea69e1aa7022152885c817d2a88ddc3a72f13e99f8cb991ab880c42f70306b3cb92b7c6639f36fccc302c5f2644c1235d0db2f599cb363c6655574888119e6a0345cd22ecd99e8a7dc0859af8c8c56f4ad80cea7e99f1b7b95255347a7f67fae630f358a3504447ec7491c65da31fab69df80933a314f33b45c88f5cccd857d03c5b3f07896453c31a8a944eeb7bc30342fcaaefa8d51dda9f7c6c5e678dd164c16362c5b312e881644fe22748a6cf5fc2b752505370ea22f9751a528b725e51b9d8c3efd421af2bc11f8bdd97547497783dc0a9c72eabb33bb199e3f877b351dbe09844164419c3dd38d2b2c1b863d726a26a367c81547a4d911621534da5c58065275927a1bc66d9d48a92133148beaae06d4c1ecb1a6bb5dec650ac6832f351afbb2e54ff85151273dfbab2bd5df3333e3864a94905d11bff5140b44c1d16386fc50e2495d25dc0172bc09df208ca244d4be3f66db9c9f57522a0039c57c5ff0041d706eb437e9ccda82df72798b15daeeb15a846fe6fc79e79c8d39ad077de1b14de7d156443f8b46a227bb316ddfb2dfd97e855499c53e6394a9f4d53456abf5ea26f2d25fa2a6eb2a9af23b12e3d3f2129a2eccc6a6e36ae6d68135f05827c072a9c72dd07c524aaf3df682fce0b7b690209cf5e3edf40c0d5c94cf8f2104b39a8c2a5202d2fc7c51a453f4ba35ce3d31cff88913815be3076bcbdcd238ff8cb53e748e0dcf2118f8f295e141d9aaba767355819c79749009ec950e2750e0ed6d17cccf4660313b5f07e4ad0bb1912ef7eb33386748b80df8623c79066f763e57c006fbd05ce344319ab47eab5f6f48864d6ca10f6543460e11fdbf5f33406f8bc060b953e910d48ca2ee0d7cab73e9a3aa2a005fcff60fc185d626451ddd91424091713c2728c90de14e6cfa0530d75b092e0dbca996c3ceb3b62544b39ce5cca30d0fc25a5ac96c5d7f64201c5396748418ba8bb1f7eb55a9f2ed1143e73c9562ee76b93b48a9c899e62cafdfe8bb0aa3e8fae23d0548177cb36396c294a82f2675c9378c9738fab508c503aeeba3be17de07fc0aa9b252da717a30c07bfa8872fe809f588f7e5781d8c1d8fdbe2481fc3d16bda520c631b0187b0cdf65e9b7b89e584dae7222797f33ee85ab3ceb89eff278030179df7ae68319cab9cb15706c3cdf763ac5e32a03e879fb708629961fe54e90b96e5569767500d6b1a1d4daf069231e9cbdec674136799a0d3a252168721774a1c585ef43260d3287a736def3a28b61870de1baed6ba569890153ebd6e0fe82ec1c3cd452a32fc080f181b9946643d9ce1c42ddade442c789884b25237e999f29bc74d9a622ebc420206106e3385094488c8abad8138e02fc22989719c2d5732322e536f236fd9a818126a2dc0a2d3a7d73a77fd2ae213349926e26a47b0f8e75f03be2ff9a3d1bbfa4d5dab0ea3dbaa2e5d44d5515845e14c28e94b73fb52782c37644e8c7c929f0ce20ce591a1d930fffcff42843055bb485f61a44ae724631ba8f7f1e4eb30f8a6ec767b432055aff8ddb73cedb3d4f88e70ce568e54050c22ddd4ef5d0baa2eafd4b581aade30db1c26747ff57b6ea716c28583081f5ac833cb7d90c4f5dca7aea973cfe37c877b5ed248dd3e031ced3b6af12022c09c41984f653e7567214dfb75923e2d2c14b76305dd788c15e8f2fc987df264565b91d042a54db5d438617e9140b85ecc282affe392f973809c40b30e398208a585e1080fe689bd09d74d9389afefc9bfc20c6755f3102cb68dc3fc0e9b6c6c141426b35f7e2d4d02f6f1123b44d608008500", @ANYRES32=r3, @ANYBLOB], 0x10c8}, 0x1, 0x0, 0x0, 0x20000011}, 0x4048) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x2, 0x0) (async)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r4}})

5m3.856567454s ago: executing program 3 (id=1197):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
sigaltstack(&(0x7f0000000180)={&(0x7f00000021c0)=""/4097, 0x0, 0x1001}, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000002340)='mountstats\x00')
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000040)='binder\x00', 0x2200892, 0x0)
pread64(r3, &(0x7f0000002380)=""/253, 0xfd, 0x4eb)
timer_settime(r2, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r5=>0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000300)='comm\x00')
io_submit(r5, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x8, 0xfffe, r6, 0x0}])
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0) (async)
sigaltstack(&(0x7f0000000180)={&(0x7f00000021c0)=""/4097, 0x0, 0x1001}, 0x0) (async)
gettid() (async)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) (async)
syz_open_procfs(0x0, &(0x7f0000002340)='mountstats\x00') (async)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0) (async)
read$FUSE(r4, &(0x7f0000000200)={0x2020}, 0x2020) (async)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000040)='binder\x00', 0x2200892, 0x0) (async)
pread64(r3, &(0x7f0000002380)=""/253, 0xfd, 0x4eb) (async)
timer_settime(r2, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) (async)
io_setup(0x8, &(0x7f0000004200)) (async)
syz_open_procfs(0x0, &(0x7f0000000300)='comm\x00') (async)
io_submit(r5, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x8, 0xfffe, r6, 0x0}]) (async)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) (async)
close_range(r0, 0xffffffffffffffff, 0x0) (async)

5m3.837614325s ago: executing program 3 (id=1200):
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x159c48, &(0x7f0000000200)=ANY=[@ANYRESHEX=0x0])

5m3.793120705s ago: executing program 32 (id=1200):
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x159c48, &(0x7f0000000200)=ANY=[@ANYRESHEX=0x0])

3m6.720557743s ago: executing program 0 (id=3043):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x89f6, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x10, 0x0, 0x2, 0x0, 0xb152, 0x1, 0x1ff, 0x0, 0x5}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_int(r1, 0x11, 0x67, &(0x7f0000000000)=0x507, 0x4)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='batadv_slave_0\x00', 0x10)
sendmmsg$inet(r1, &(0x7f0000000400)=[{{&(0x7f0000000c00)={0x2, 0x4e20, @multicast2}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000140)="931016aac75b01ec8af352814aa606a994c6a9479acdd791ff4afd05e714e5f949c10c458d", 0x25}, {&(0x7f0000000180)="682779d6d3e56a80761d503fc4acf1778874449a4f6de0636802b4e3a9acca23169cd090469dee98052a1787dc9e8fd7ea2c2acd32eeba34e970cf3317f84493226f6e3330a11cbd95d5c2dc967fe3ad6b1281ddf55d0532f2d3aae5e76db03178380d2b7840eaa6a276c6985376996d369f342b88555302d908627dca5adf56e73dd6c022606ea64600007eb4d2146e17cc048e13c6a2f4eb0a", 0x9a}, {0x0}], 0x3}}], 0x2, 0x2000c044)
sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000040)="fbe65dc390da7ee179a4", 0xa}, {&(0x7f0000000700)="fdc913c5fb15c710950f8e561c846edc4223d841cad2a2154e3bad5fc74c8e5172171929da09a2e314c77de173e154838fc39c1684ea331216706f4d645dc0aea3d0e06b72545914394805a2513f1cc11bea6266382e51a10d7021329f79eb6067dfb71729c45f1c6833a0c39fab03fe8b0287fb43941b186dca8a2566859bd9d703269b72961338b8770982f94f867fb9cbdfbad33279788d610dc62ac87a843b674dcd97fd1ac6cb09047da172d781dd0a889441efaceaea", 0xb9}, {&(0x7f0000000f40)="0f4978175cca4e919808f7d279f162081ce626e5069cd12b7d9b2362619683410b2e102ca5a93f3d4c38d62f24c31bdef3f0fce20e56473de27b17b9bf09969cc1f587639eab524cd451930fe5ce7adff5dd9443b830227d7c5498c9b370376b9df1e0b13fc08c0858d5e8f25619a5edc22606b96cba46a3c36be89ea689c04c80ca2062d7154f439b868a4faa682d6a9e0705e6cfdd32dc1724263f29fa4ac640c4f35440b41235d3b146bc65cc74ffc6881f606d40559ba0664fb0bfc112e274e9a302878d6661679222b2abcbb7f841a64262d26f98ea2db15d1e19ef8b1b83be184d2559466f71aee9c1e25cbf0a6e6f365c8d8b070254e98fe9b74859c074a2ef24f97c2619b43ff4deca477f1d0fda469eb99ebdaa7264ed00d0ee6fd147960906843cc60363799d6c3909c3a5b3798e3c3da1d3158160d1cbba8f80c638abd152447afb26b96c8adb9c6622c838e77daaea60a6054fc70e36f97fce2608b185830520e7ad7554cb3bc6b2ac570c6f2d6942e33738ef17d0c27dc8d3d3bc62879d86929203f0f5f8b6a11fba96d5b918b10be11036a15f1664ce8ce2d2ffbec002afe2a32df1de34bc4fb750664bafa0357818f5dc0876c694f7122c3c4c55da9177866a30a4434963783ca386c3c96d32c523a4eb4b9aa539231a181b550155e633b3db0a3f87c696661e91dd5a9f7f343888c07f9dc34ff731038f5f8459d09e3b44a331c7b406f81c570cf96b78a17b2680776aadcf5761a9546de5a2aab31ea1df393041869da677d9706920ce16c2d263f79a35ddf12bce46d0ed6e2efecaa38a6e6b139b279cd5be0d21380f2dae5dcc0f3d1666567593b23b3112b1ffd97538f23f0d479a88285b87eb0d2f968c1fd74b654998b72dd14af4b7861c9cd31382208471c647f58599a7c7c3b84595f4cdcf747f08afb7bf38bb7b8c5c1db75d5e2ee587346ffc33486bd7af93027933d2601f828aa8e82c8623ee572b60e0f604214eb1f1681cad9cffef62520e464bbd292d9b8de1efec38892451e32b444815663f71d5ea4fa15185b6235be724c46590f22f66c6ef90b0e5d2a14df4c0e94abd9430e380b5c4a60356e7a3b93ddf91df43971665c5ba2f3980e20e7a28088de1dffdd082032d604cae8ce50d868e39ca67e19ea4b69503f4f428391b3c1c18d369481f9ed3888e513e5da58a8b55ab8cc354a285dee52e7e81c32834262b83e6c37c0a4421bc12d04a0c584fb87732e264a4fb486a76982dcf8217351bc9e6dbafdee705f03695f0a8301458d974e797a2e542920184065fdf73950a8910f0f488e10ae34c1de200f3620907071703647eac956b687c016f74883417089a1a7fd5744dc66e9bd9dd2f5d8595a2c42e3c106582b4e6e58170bb51e9ef95d8dec11a239443830ea6cf5edd6a943726594b089f883ab8dc83238575e45d9607679382d1642216a7e017308141836cd8df27c60af67877c7f0e24fabc23530c349c28486e179dd015db6fd494f41404cad782d7aa209a51e467ba2afe1cc", 0x443}], 0x3}, 0x4004)
read$FUSE(0xffffffffffffffff, &(0x7f0000003480)={0x2020}, 0x2020)

3m6.718918973s ago: executing program 0 (id=3044):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x640, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r2, 0x4068aea3, &(0x7f0000000200)={0xc0, 0x0, 0x10000})
syz_kvm_setup_syzos_vm$x86(r2, &(0x7f0000bff000/0x400000)=nil)
symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file0\x00')
setpriority(0x1, 0x0, 0xb0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4, 0x0, &(0x7f0000000000)=[@register_looper], 0x50, 0x0, &(0x7f0000000040)="bc5e32fcd59b15b02cac2b8f1b02ff7cf494acd2c945f0a3021c8a83b4caae701b8ad0cef05b224cce2602c4976e855dc8b4e7b7652e4507ee331027fb54d8740129462474fcefdc6142431ea73cd6a1"})

3m5.85005899s ago: executing program 0 (id=3062):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x441, 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xffffffffffffff2a)
ioctl$TCXONC(r0, 0x540a, 0x2) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x1})
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
pipe(&(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f00000000c0), 0x0, 0x66d6e6e21fc0ab33)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000a00)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x80300, 0x0)
cachestat(r5, &(0x7f0000000340)={0xffffffffffffffff, 0x4}, &(0x7f00000004c0), 0x0) (async)
splice(r2, 0x0, r4, 0x0, 0x25a5, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0) (async)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000300)=<r7=>0x0)
fcntl$setownex(r6, 0xf, &(0x7f0000000340)={0x2, r7}) (async)
r8 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000140)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "ed27fbb5d5ba69000e6769b69dc51dc5c32930bc5b6886786c9c975fe54da42154c59a884c54b5ff1e0501c423c33cd3314f79fd035e590fec690ad23ecae1dc", 0x33}, 0x48, 0xfffffffffffffffe)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/warn_count', 0x8102, 0x0) (async)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) (async)
r10 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_group_source_req(r10, 0x29, 0x2e, &(0x7f0000000180)={0x1589, {{0xa, 0x4e24, 0x3, @mcast2, 0x7}}, {{0xa, 0x4e22, 0x400, @empty, 0x81}}}, 0x108) (async)
fchown(r9, 0xee01, 0x0) (async)
keyctl$read(0xb, r8, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async)
syz_open_dev$rtc(&(0x7f00000002c0), 0x4, 0x20200) (async)
fstat(r1, &(0x7f00000003c0))

3m5.772699401s ago: executing program 0 (id=3065):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
openat$udambuf(0xffffffffffffff9c, &(0x7f00000003c0), 0x2)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000440)={0x14, 0x0, &(0x7f0000000400)=[@request_death], 0x42, 0x1000000, 0x0})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x1381, 0x3})
r4 = mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000bc0)={0x10, 0x0, &(0x7f0000000ac0)=[@free_buffer={0x40086303, r4}, @enter_looper], 0x54, 0x0, &(0x7f0000000b00)="eab7eff9f911a8687976f7a6c5998dd78bac5fab3d8503b46631f279d44ff48534e4b9696e0cfd4fb45a17df1d83d3234c9910e572e34d902837352ebb7f40e638637e2d0882b350465d585835d542960a8f43e1"})
fdatasync(0xffffffffffffffff)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x10, 0x0, &(0x7f0000000600)=[@enter_looper, @free_buffer={0x40086303, r4}], 0x50, 0x0, &(0x7f0000000280)="d81e15c3b9703b627c6f69f27e8fda212411223bed3eb544eea0bb85b9db7e9aa8f4f153246efaf2a8d8f8cf1ae69729c805005f7cf44d476fa4d69887ad7b73ec4b8475b312ee27f07411c59fbffc81"})

3m5.127981553s ago: executing program 4 (id=3074):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x1381, 0x1000000003})
r1 = openat$sysfs(0xffffff9c, &(0x7f0000000300)='/sys/power/wake_unlock', 0x2a661, 0x33)
write$binfmt_script(r1, &(0x7f0000000400)={'#! ', './file0'}, 0xb)
ioctl$USBDEVFS_SETCONFIGURATION(0xffffffffffffffff, 0x80045505, &(0x7f0000000000)=0x2d)
socket$key(0xf, 0x3, 0x2)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x33, &(0x7f0000000080)=0xcb1d, 0x4)
bind$inet6(r2, &(0x7f0000f65000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, 0x0, 0x0, 0xfffffefffbfbbfbe, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty, 0x6}, 0x1c)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x60, 0x0, &(0x7f00000004c0)=[@register_looper, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0xfffffffffffffe4b, 0x18, &(0x7f0000000200)={@flat=@handle={0x73682a85, 0x0, 0x3}, @fd, @flat=@weak_handle={0x77682a85, 0x100a}}, &(0x7f0000000380)={0x0, 0x18, 0x30}}}, @release={0x40046306, 0x3}, @request_death], 0x0, 0x0, 0x0})

3m5.069853204s ago: executing program 4 (id=3075):
clock_adjtime(0x1, &(0x7f0000000000)={0xffff, 0x100000000, 0xb0000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3b9ac9ff, 0x0, 0x1000000008, 0x0, 0x2000000000000000, 0x5a6c101, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xf})
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYBLOB="01022abd7000fedbdf250f00000021000e006804020004007e15000408"], 0x38}, 0x1, 0x0, 0x0, 0x20000050}, 0x48000)
sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYRES32, @ANYBLOB="7a391670fc4a4e84132acb9e190403e146c841316fc4631c9aa062f25ca49bcb4ab6cfbb54a77af51bf33445a9f136ad3a8a7d81e2ae25f90f6452d2ef5c74806c7d9e69c6d94563f481f4848855aa247db96d83cac651a8bd3b13c0"], 0x68}, 0x1, 0x0, 0x0, 0x200480d0}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="280000002100010002000000000000000a00000000000001016200000c0014"], 0x28}], 0x1, 0x0, 0x0, 0x8000}, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000010c0), 0x80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_XSAVE(r4, 0x5000aea5, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

3m5.069571674s ago: executing program 4 (id=3076):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000100)="58000000140019234083feff040d8c560a06580200ff0000000000000020ffff00000000000064009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100030c10000000224effffffff", 0x58}], 0x1)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r1, 0x80047210, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x58, 0x0, &(0x7f0000000300)=[@dead_binder_done, @reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000480)={@ptr={0x70742a85, 0x0, &(0x7f0000000200)=""/230, 0xe6, 0x1, 0x32}, @flat=@weak_binder={0x77622a85, 0x10a}, @ptr={0x70742a85, 0x1, &(0x7f0000000380)=""/229, 0xe5, 0x1, 0x19}}, &(0x7f0000000080)={0x0, 0x28, 0x40}}, 0x40}], 0x0, 0x0, 0x0})

3m5.069419705s ago: executing program 4 (id=3077):
syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100000cb768405e0483020b990102030109022400010000000009040000025c291d000905090000000006f808050ae5"], 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000240), 0x3e, 0x6542)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x6, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06d29f3d9e234b30c50997d3bef409ff21e70c7f3f800b2f7b6aa54cc50aff7f00", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b7ad33", [0x2, 0x7]}})
ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x2)

3m4.938797727s ago: executing program 0 (id=3078):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/binder1\x00', 0x1002, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
arch_prctl$ARCH_GET_XCOMP_PERM(0x1022, &(0x7f00000001c0))
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x20, 0xb, 0x0, 0x0, 0x7995}, 0x8, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
close_range(r0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10a)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$incfs(&(0x7f0000000580)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000005c0), 0x0, 0x0)
r4 = fsopen(&(0x7f0000000280)='fuse\x00', 0x0)
fchown(r4, 0xffffffffffffffff, 0xffffffffffffffff)
mkdir(&(0x7f0000000300)='./bus\x00', 0x100)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x1aa)
getdents64(r5, 0x0, 0x0)
listen(r3, 0x0)
io_setup(0x6, &(0x7f0000000140)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000000040)=[&(0x7f0000000600)={0x1802, 0x0, 0x0, 0x2, 0xfffd, r3, 0x0, 0x0, 0x0, 0x0, 0x2}])
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x68800, 0x20)
read$FUSE(r7, &(0x7f0000002040)={0x2020}, 0x2020)
r8 = eventfd2(0xfffffff0, 0x1)
r9 = eventfd2(0x0, 0x1)
io_submit(r6, 0x5, &(0x7f0000000540)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x8, r0, &(0x7f00000000c0)="a015702f55a01a4556a707a10f4dbaa43434cb30de085030003010e4b9197e3a9c6d4932b31bb40c36cde07ae798efcf6b91eeded69628a87baf10743604b610085a3f7f34", 0x45, 0x1, 0x0, 0x1, r2}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x6, r1, &(0x7f0000000200)="8b18e40386fe9aeb4fd03823456a0885b84cca9665153893f43ec2e1bd3dc1ea36932dcbe1fbb682d8ceddf680d56dd3fa47e6e63d13c87bd74a27874076e40a0ab7d6647456a11a32b08cc822067af048efd15c3762a72ded25a3aa3e97edc1", 0x60, 0x0, 0x0, 0x1, r8}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x7, 0xffffffffffffffff, &(0x7f0000000280)="04523846b34b880d1144e7a56a88ae8d250d587f37cfeffc557d61ad86ed72aacdad88ccf53c8021b4c294ebbc01b99ad43d2db8f441902e47033ea8753d72a4b6433f3c8d8ee6dbd52a041a93ee8688ec587f7f0c9ca977e0d580bbdc098f4887924719b7852950eef936d2a938ed6c313dd3d5d3f82f3cdf5dbb4bde65dce7b86e8974aa970686bc4dc500b4a74669de5f1c892e6c82c64ed83ab14df1c5f54c1460e99153f52b5df0fa73a321dd3b90e0499b08342cc16c722084fea984", 0xbf, 0x29e, 0x0, 0x1, r9}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x6, 0x4, r0, &(0x7f0000000380)="5862c46dff2b304f6af9b84ddc5da1effac6d45e9ea4725fc3c55ab4287b864f5345bb3a7637207e9b855949ad1387dd77fbb3dec12eeb4e64fa7c070d72f2803d2da02af283dd19de4329249730488c59e6af174dbf5e5b787407bd6def2c052b352b78a89f0626f5edc83f4fc52bed0c4d9b57f1283757fdd808955bc0789775e5e21d6ff22241462e14522c1a288b8188e7857939f22f53b5a58d56d3840e2ac5a01427d866ed7b0dbe54e7291dcf959a3d65d5c87c4aae4c38628c1970c8f87f2bf0ec73a1a619dd9046f70e7ea9340bba91d650631af1a774a00bef5c19a5911f21fca5789d0c8c082922f4cd5b54608e23", 0xf4, 0x9, 0x0, 0x3, r2}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x1, 0xffffffffffffffff, &(0x7f00000004c0)="bef0a0fcee1b", 0x6, 0x5a, 0x0, 0x3, r2}])

3m4.876056639s ago: executing program 0 (id=3079):
unshare(0x22020600)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ioctl$FICLONE(r1, 0x40049409, r0)
socket$tipc(0x1e, 0x5, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
userfaultfd(0x80800)
r2 = socket(0x10, 0x3, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
r3 = socket$inet6(0xa, 0x802, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000c0000000c0000800800", @ANYRES16=r3], 0x20}}, 0x40816)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000540), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
dup2(r0, r4)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000580)=ANY=[], 0xfffffffffffffcc3)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000fc0), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e0000000000000000000c0003800400038004000100"], 0x38}}, 0x0)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="150bfeffffff0000000001000000080001"], 0x28}}, 0x80)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x444000, 0x0)

3m4.853151129s ago: executing program 33 (id=3079):
unshare(0x22020600)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ioctl$FICLONE(r1, 0x40049409, r0)
socket$tipc(0x1e, 0x5, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
userfaultfd(0x80800)
r2 = socket(0x10, 0x3, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
r3 = socket$inet6(0xa, 0x802, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000c0000000c0000800800", @ANYRES16=r3], 0x20}}, 0x40816)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000540), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
dup2(r0, r4)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000580)=ANY=[], 0xfffffffffffffcc3)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000fc0), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e0000000000000000000c0003800400038004000100"], 0x38}}, 0x0)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="150bfeffffff0000000001000000080001"], 0x28}}, 0x80)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x444000, 0x0)

3m4.602019624s ago: executing program 4 (id=3081):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000780)=ANY=[@ANYBLOB="020080"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, &(0x7f0000000000)={0x14, 0x0, 0x0}, &(0x7f0000000380)={0x1c, &(0x7f00000002c0)={0x40, 0x15, 0x46, "f63e12d474b343087e9eb73f3588d0603e405cfb01d649c269469d4a6467ee57d4916a4da395cee28ee6d13e1bf8550fb44e1e845273a132ff4425581146b91279e42b8830ff"}, &(0x7f00000008c0)={0xa1, 0x1, 0x400, "2aac8ccbd1b0851b263ee5483bdeae474e9d9d7e6065ae5e06bba998857aaf1da65a2d3f25d4dcb6f240b457d2e41b9682eb046a634c1e087485f1cbfa03e60cb76b225d312cb1a95c93725e9838cc1369f0c5d67fdc9e664befb3ca6b09c9eea7210f2b16cf9c17f3a52bdc0f30bd09ead8c39eaa54fd759a8238cedd46ec5245312df46fb04f73a600ddab3052ec4abae491b94b34d53f2f69b82d67ea9575622f59b1671aab73441803a8256f55e0d3309e7c87478b9d24f35edbc62967d0763930ec907f00730c4c4926dcfd9f3391a4d70ddf68173cb43f3e7fe70b68321603a06b18add2d5eef89ede73b4c1e7a16dcaf0a9f75d6fe9d674f3ade7aedd4a39cc977d52f6f562d63c271e1b5399d828bbc7e8b3d238bb50871661ef6d2cee4a9a3e523167e395133dd4df2994a9d6958064229ed366ce5dd0f256c6cdf18bfda9da68cda4cd1443e8a8f67953c5b24258f1ccd9e514ed186c507bddd2477a9d6e953298c145c8a974f05c0ae2637ee01198d7f94de7ecbc0bb2d084c804f72e7393162f86fc7202e8395df0213bc5e1e0da856132ae00a649fc7a3a26a8a5b022a48dbfe81847ae08706c9c7366d5a16fb6ac68f0f436ad5fa0f289d74438a7c208c92bdc597fb2da2f19e222bde02b874e70e2f2a2a50b906f7fed4358450a8803950f68d7bdc3332fd645d03c61f177e0e602f69cc41772ccbdf70a35f5fdf313f5788f863ad5534d303b6dfe42fbffdd47efa0df5b7bf01dbd8e0038caa023b36e40988b5619d318c989a470d95bdd0ca9bb3610d19502d12c091256090d88d9345f9c89e1a24566e2536ad151a3e462160417319ba34979ac13fb7e713f0d2aa151f40b52d360a82e2a2420e4181bcffbe0f6c8007241fa6a0c2789beab1f366db4af3f28a114dd97eb1a4beffb99d7df3437fb8263cde23c44fcd8a6e73e1107360b8e417204e135464d8f996b86a1812c253408fb78737a368b1b88e4cc8585487fe39961896ed1b093c21cfc456c5dc6a177dcb881b776053468ee0d1ff7ffc05599a383b7c1c16b38fe3cd7c3d3386b4f974075f09a196cba336bbba2defa91763ab5c7bf973c12d8de66937a7a5a8116b47a98b01977970ce43772e78f5c4862ad2ca5a2cc1a5cc191dca2ae031c867c4cca9598ba2332bcba7379c7f5b97c91240870737686edf1b3c4d4fd32d091cf865f5596f24d9130b40a1e3a62b40dfa7908d8cb679400add3a72d06f6dd738aaf5cdae9c2979c56136a7f566d0062c38cdb3e472024ffb6fe1e3e1042d4411a7d9cf9936aa464dda64898d602a584024c3f6b0cc45c9009af1bffd80bebec4bf8a6aec280bf078dc82c0700b8394271eedd7debd57e5c9a09fb997da37fd3306ca0a51459f299b48bf0908f5c9be3c31379c4f1dea89841fa49cee8a459316e553fed7f31fbe714de"}, &(0x7f0000000100)=ANY=[@ANYBLOB="000158620093216751f78c754f0028da1628883cdecf6999acf7d4bf0998294499432e3c2f95d9aeefb7bb4f2cc3ba1a4ede6a5a7d23cb3d7dfcd8858789f9908f6df0a7e44756d8866b323cd5545e82fe6039f30292ccd02e49fd5e7f1edbeeebb9529d66826aaa7c20127332834efd82cf6929cfccfe5da508ca24d5ce15b2975b04f614d5"]})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x1002, 0x0)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
close_range(r1, 0xffffffffffffffff, 0x0)

3m4.091851913s ago: executing program 4 (id=3082):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x800, 0x0) (async)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x138a, 0x1000000003}) (async)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000010c0)=ANY=[@ANYBLOB="340000001000010000000000fedbdf25070000001300000008000000", @ANYRES32, @ANYBLOB="10003a800c00020003959100000000000400378015e56125b8cd1bef119f3dddf7214e5442854800de3446b7229941da72765ae014a76a24cfaaf723935e474b166b7dcb8346324ea8604eaaca5505cc29b15646b11f661e4b01738bc2c412f840d53c097046d0b439d1bede9df988c0454f4a256fa10ba1c18c0aac6a5dbf6bdaca7b84eb4b237ca15bef9d953c65b26147256356003f72466a943e40b20100000000000000afe13344949a2e39ead6e726f4c297"], 0x34}], 0x1}, 0x0)
r3 = creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x182)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000004500), 0x800, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}}) (async)
r5 = socket$vsock_stream(0x28, 0x1, 0x0) (async)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r8)
sendmsg$NFC_CMD_GET_TARGET(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r9, 0x1}, 0x14}}, 0x0) (async)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r7) (async, rerun: 32)
r10 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r8) (rerun: 32)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_STATUS(r11, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000740)={0x1c, r10, 0xb1f7e769831e1ff, 0x70bd2b, 0x25dfdbff, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0xd119a8b8e309842f}, 0x88c0) (async, rerun: 64)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) (rerun: 64)
fcntl$lock(r12, 0x26, &(0x7f0000000100)) (async, rerun: 32)
fcntl$lock(r12, 0x25, &(0x7f00000000c0)) (async, rerun: 32)
sendmsg$NBD_CMD_STATUS(r7, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000580)={0xe0, r10, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x80000001}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SOCKETS={0x64, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r12}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}, {0xc, 0x1, 0x0, 0x1, {0x8}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}]}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x5}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x8}, @NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}]}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x9}]}, 0xe0}, 0x1, 0x0, 0x0, 0x4040}, 0x404c800)
ioctl$SIOCSIFHWADDR(r6, 0x89b1, &(0x7f0000000900)={'wg1\x00', @remote}) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
r13 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r13, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=@newsa={0x158, 0x10, 0x413, 0x70bd28, 0x0, {{@in=@multicast1, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x20, 0x20}, {@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x40000040, 0x32}, @in=@private=0xa010100, {0x4, 0x7, 0x3, 0x40000000000004, 0xffffffffffffffff, 0xffffffffffffffff, 0x7f}, {0x0, 0x8, 0xcc}, {0xf6}, 0x0, 0x0, 0x2, 0x1, 0xfe}, [@algo_aead={0x67, 0x12, {{'rfc4309(ccm(aes))\x00'}, 0xd8, 0x60, "6fc3070b4f8f7330202b93875f2d67a6a77871db764ec62c9599d2"}}]}, 0x158}}, 0x804)

2m48.929094577s ago: executing program 34 (id=3082):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x800, 0x0) (async)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x138a, 0x1000000003}) (async)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000010c0)=ANY=[@ANYBLOB="340000001000010000000000fedbdf25070000001300000008000000", @ANYRES32, @ANYBLOB="10003a800c00020003959100000000000400378015e56125b8cd1bef119f3dddf7214e5442854800de3446b7229941da72765ae014a76a24cfaaf723935e474b166b7dcb8346324ea8604eaaca5505cc29b15646b11f661e4b01738bc2c412f840d53c097046d0b439d1bede9df988c0454f4a256fa10ba1c18c0aac6a5dbf6bdaca7b84eb4b237ca15bef9d953c65b26147256356003f72466a943e40b20100000000000000afe13344949a2e39ead6e726f4c297"], 0x34}], 0x1}, 0x0)
r3 = creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x182)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000004500), 0x800, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}}) (async)
r5 = socket$vsock_stream(0x28, 0x1, 0x0) (async)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r8)
sendmsg$NFC_CMD_GET_TARGET(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r9, 0x1}, 0x14}}, 0x0) (async)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r7) (async, rerun: 32)
r10 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r8) (rerun: 32)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_STATUS(r11, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000740)={0x1c, r10, 0xb1f7e769831e1ff, 0x70bd2b, 0x25dfdbff, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0xd119a8b8e309842f}, 0x88c0) (async, rerun: 64)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) (rerun: 64)
fcntl$lock(r12, 0x26, &(0x7f0000000100)) (async, rerun: 32)
fcntl$lock(r12, 0x25, &(0x7f00000000c0)) (async, rerun: 32)
sendmsg$NBD_CMD_STATUS(r7, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000580)={0xe0, r10, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x80000001}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SOCKETS={0x64, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r12}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}, {0xc, 0x1, 0x0, 0x1, {0x8}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}]}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x5}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x8}, @NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}]}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x9}]}, 0xe0}, 0x1, 0x0, 0x0, 0x4040}, 0x404c800)
ioctl$SIOCSIFHWADDR(r6, 0x89b1, &(0x7f0000000900)={'wg1\x00', @remote}) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
r13 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r13, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=@newsa={0x158, 0x10, 0x413, 0x70bd28, 0x0, {{@in=@multicast1, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x20, 0x20}, {@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x40000040, 0x32}, @in=@private=0xa010100, {0x4, 0x7, 0x3, 0x40000000000004, 0xffffffffffffffff, 0xffffffffffffffff, 0x7f}, {0x0, 0x8, 0xcc}, {0xf6}, 0x0, 0x0, 0x2, 0x1, 0xfe}, [@algo_aead={0x67, 0x12, {{'rfc4309(ccm(aes))\x00'}, 0xd8, 0x60, "6fc3070b4f8f7330202b93875f2d67a6a77871db764ec62c9599d2"}}]}, 0x158}}, 0x804)

1m6.743935222s ago: executing program 2 (id=4881):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = add_key(&(0x7f0000001680)='logon\x00', &(0x7f00000016c0)={'syz', 0x3}, &(0x7f0000001700)="e56033266681900d8547cc3b7410f9b6e375a7ccf085adf3629176aab6c7bd07a02c3341e60a1a9ca79d82723e8e9f336270d37eac627043aab2b86d", 0x3c, 0xffffffffffffffff)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000100)="e5621efbf130f8bb16226f35a21956bf20444b0f8c80530c1b6a1eb44136aeb25506caafe3a93185cb37f22870a1d15ef000295837049854bf276cc4475057c69053766b0828a5bd9ec00f009e6477c247a6c9fd077515c84ba8588283e9abba06615bbbad26be637c75d713d7bd8d0b26e3feb92eabe0bec1ab9fb004d16251f0fe5b5850b403f21e845d8106e1", 0x8e}, {&(0x7f00000001c0)="4c70acc26a980ba2466fea3cf93812cc7ca8f915934ba05d4ce2831706c8a70f909b45c08931f23d99b79a03a49d74b5c23747e441d4b18ee039cec46d4d8a502615e032010107fb593c06fb07233592443cca376d54b8a28c92b78f645e57c1ef8233b8bbd76c17daa58fe8287c9551ab2497dbd785cd37fd0b8dca8b00e76acf22a6e4c6ed2818097edb57d6010dec7d97984cde7e12cc571fc328716d26ba554c9ecf06609f10e42188d022a3528fa766fb53ef6f336e0bc094c62b4a79cb784db4483f6a2aec92873468ddb1588356c452648be7bbccf24b2e39f9e4d4aba16a8437a7331db927d90b9c605cfb59b54aa937816ba4960b7c989a6b0c621a5bfcb19a27ebe86e04e2606c21d221cdae1ab1564bc7675d99cd3a3f5fa3075684b14140c35f7cef16f607866e6a74569292c140efac0129d4c1b9bef7815b7c8860e1c30e9496f69e50d7862a5568d94cf900a57cf8c34a13f64cf72d79fb2d361e36a6eef4c4bd4ea9718d14fb7538535ca4bc551198d339fe763066e9b5864efa36c67b0675675eff66ab45c514a811b0d0257ecce81aa5509a9c0a011ac5ff578f6f85c5c14b122464dad466c2355223ac1f9919592af0720e4a5074dbd0c1516a9236b9f93f26f2f3b9a9ba30dbea733fe540fb814d5cc7294ebf9cd29dcf6550d2b7970226eba68d65e7ac39da76504d2e692cff55ac504aac6dbe4dfb830e81aed0d52acb03d0c3e8f1329db590c704d940e48aa97d0481c4e4e319c896ac22276c14130fb51b5023ea19a969b23f5e68ff26dbf1c72acdc4137a9057554bc06c21ae6dadc985c58b2149725ad8e0b195c700b21a542057b9707838b549f9bc6a3e889b09b9fd324630404678d53033caf28f5111a0d2c07855bb0b06d4991d2ded484f328ad4011bcedb9e77bd96de779a2d9455a02dc3d4f9cf163abdf1e2d12785c84257ab4ca1bf3f945e01c98efdc43d674ddecab3c8382b27b1b885db68f7063133d0805a36c6e6c686f4582c411803f0f74bb3bd7eba902400fd905705d369138bcc381eff4fcc884f3467b22f51ca635a46aecfffd20e678f27141f538e093ce37735206d50bf4df4627f61711d0443358c9797ee336afe1503450f44446ad11c30b26d5e763c67708ce810ad0f27e0055be4544a08bfc44ad43676059b1de003cbd2c72d210fd346a2ff8341d7c6447929611f31978363ce56897bd981af6eb6fdb48d798b9245e7d0fb500832a5e634d7f43c91e93896ca291771f6296e7e6807a7582ee2c9129d9895da0dd9ef7223f34493f89d295827d89f5aed0c312333a578b3ed2962a86234bd975fcaebcfdb38a4a37a1bbb6dcb7d38707df188fbb6f75057c7c4ae637b0e5c4231798fda6a3147b0c11f7b6d15812a1ea7488d6a4ff6b25f0244ce3936b0ceb6d5d2bb84b8dc66d529016a9287a7c4d737f51215767faa89a3659543b9b3d333b96de8332d56857f71e22b900f45cd11982a16436a28805040a86446e888422b503fc6b82ee459002cfa48da36d5dcbbc845114eccace9493cf741993a9b2164df319a728d53157f35ec6e0b575424ad531601924849ec4a11643439f4955b63bbbd0b58ecbb7e79715ca45adc93f222bc1c45b49b50271727ab93a2480a877f701d05604592d46c6ba9732168e95801fbbb479c3ba8b9cfb442108330088a3421edbe4b7754fd3124666217f15bf128d5e865f489d86bead4bb623342fbb102620c42999b88b7c8ad83cfb438142b892f79c8c1653f32627e9cbef32bac60a2b9d4dce20b7cb98658d15a09f72893a0dd5b9afedb642908956995c8935136c19b745d60f3413273c1ce8c47fc3f8e3b2abf9e1b04adb0bc4558a8b28467710e299b1b0e8e1de5fe0bd1cd644379df48feb953518466025950f982980f9e880c0c92a96c947b7ce81c4b5fd1c04fba75f3e86e7ee9c27482cff539636dd6b695ca575a371edfe0db7d7c624a3c3aa59fa8268f27899e28dcefaec415e7c5a49f31e4fd4b1080a5721fe670de767f818d1a8dfe082b185a028d7b7cbac4676d99d9c100c0c59dc7eb6738a5dedaba8363b5d15c74482ce176bcb7ac49e7ecabf95a7ace9acc7d15fdd40c512d5c596ca82cd18baaa043e1e6ab77966d4cceee38631febebb5a9d32b00a7f5e6ccca064daeeaf810888330a7b0ba79bd3eb5bff26ac82b75378008a32350d66046ccc1b3b2246f13574399fa376f3207555881c0b5ba99094c4b5d71dcc1c6bd34af861956b6066a04407de843da0b0414122fb51aba3d0c2eea3c2b5aba8b0a3fd376c0011fa71fec3e041f4db18f1984948373e3db1c9bd46f41e664fb8549a83ae74ec0e19bc45f9e302184e1c24ad27f65f5de6edfbe0be39e55d63889fbeac3806ce54332c9f8f9cae2696180aa7998e461beb5ff8b5b40988feffc86d40fe814c1b0db53480ab2e8d94f9c719a74351d3f21c12a4930c6a653d3611188ddd90f6716a02f6aeaf4953da968af9a37e4d9dcc53131d13d75af4c8f1f99fe57a4d0e9f4aabc27946f79876e102b25ee57ff283b6c36706485b4550d12d26b192fdd94dad0bdb44ea36adc5e8584185cf7cf24c0f5bd0b9c0f0b467e07246b1c81e1b1397d7cfe497faedc0e9bb5f16a945140ee339911e7bec7d6ba9ee3022ca8b20c11b4b8197057f2d195f0831f5c759412355e7f9b611eb1c6eed9f88b5813cfae3382f72049852c873f0cae0ab01a4911e9dbf029e2459d3bf2524606c3b2c763ae31c063250e3cee4e59d0989973d08dfe8eb0c74574e1e62dc93341fa330ed84a2d33e94dd0c26884295ff4aac57edf190b137128eb8e6655b1e6aed419d4c566b1e8b3e758a395019776f84d8179404c13eb3fea8f66b4231946251ab971f46ac3395ce998783dc70cd95d66c53ea9abf46a82c55c5ae1c013ee05df71bbb5f998e17f9d46fc710cb95cb958c429380fa96a893264a03fe9b0b2e072c99ffbf64ba05e4e7df6b7be157470390aba45d1256932a81cabae83038182bc70e2ff2be743219418667790345b22b8eb9a1dd53c2aef9979fb16216b51c9ec1d284736a572d7defa19e93521e14ee3dad48468cc8b436ca6f7094905cae3b937349fc8f046f56a5f2ee015fe565b18f368e21dec3dee4e613a97a8da640f6c1033d1aca6ae9c0649942e98bce2b7d57da7f1b366c908598fb626630a72082f92133ec1b4d07310580c124718fcb92d390eb334456ff49686ae7acd8a9261bcceed5e847edde439b471d016a4c4c0befe1a30a9694e959c8227673a4ee0e8467a86ef85fe3d7434ad35a97d31ae623bfdb1dd7623e112464399cfd21e423993672c3fd83e13547dc7a149a7994beac54ca6642d271cddd3feca86d65714cc1509f4aeef8d4cfda121a419bfaf296fd9bb981d6c6257a8a7496d748a639f7451968075ed93f1799204555a9ca584adc0bb42e83cf3b00fe6ea4098f0598cfdcfc58c0e02e5cbd5c31a8205a4fef634770b7823d261012eb33135e87ff9018203cb007997d605ae464132cf872cf9c0840022692f2c410fbbb80f820890483acba52bda73ab87128d8517f6331214232378a3fd1ab1deb2b8ae94ff658e1ec06bf59dbde4f4a99403d374fcd39d232cd58d5cecec344622581a9b9f9949e5bef3cdd6645ddc539c655eeaac9099428badc55aa0fa98706560c3138b5b64e0827c0fc2178f5fd7c86be9d89b67491690ba0da87852c47efee4e47bc563edbf65a336401028668306754c3b9292afb57a9154b3a0a35a0f115afb02642daeb509e1957091b54ee2f4efa3ba792ee61df8397bcf901f581d23dd33433f0a4e86f77760b73834dc52ff8cdca1ffad65cac508890a5d336c1773f16ec906092581b2a5590ba40a168396461aa8c61cda1bb96e9ee8d5b5c1c69e274157543ad9f5e6dead48590ea1032009d5a145a4eadf2c15a02a94a7ffeef3b9848f60fbfef5ce5a58186ced60a64812e68faafdbbe937b3d3d7bbaa22e3f7f63d6a1dd738ad8f3d095e08939ad14c6cec49335b7b01bb3c9bbe8acb27e5ac2c1c854eb602a2711dc1031c54cb0b81bd6cd55ba3571d0dbc8ac3f65dfe536e4e1963a626f9abd35fa86b2df730a9b7b356b5926927ad7d64bd66e97a77fc20899db375e07397fcf51843389ee0cf44bf8fa58096db11f0069272e6b59760283889738d97701fb05f65baa8ce32ad9bea7e7dead856394b431dc5e46051ba25fd57637856c132dfcffd38faea806ab894968788b633955a6e3d77780662bf2adfb38e322abc4e6d50ef13d569a73a59a27d9bf4fabf86b6a12196844cbfb1e90a4a6d929f30e8aef1a1ae2d7972d4b10d3b89335ff2326dd9d37bebcdef8f5a7a48cf0ea3fe3eec02b34d6e91afd12a39280cf149d1f8319060728e34d5a98c047b6f51c4a4b6cd6067763235523972324312b960cb26c5e9c1bf1ecd327dc42f526b3ae9c21888035a48a8eb06935641c316374449268060bb9558613d5201d24ef54edb4fe5a14a3b22c4c6cd14627f7349440f22ff45c14fb83ed00f452f07d21b00e4765e8d00c9aa01468c60cb121024dad6ae01dabd08de0d6d4d30917f6643e0d897bcdc82832ded4be357307239eaf6270c3bc434829ddb54fa92c4b497fbb4366b3c76f0decf2dc6e857aece9a2dbc1947b488e81f7f332e86ca188ce6bca64280b6fe165959ca619fbe3dc6ac491bf869f6f038fcfee19991e6c620d6429359e0a5d8c7e47786015185d574230fece8bfb8ad8aea890330584ef86c907c47cb3fb7d6dfd8b9803038f5b362a6c1133ba3d0cc6d8bfc1d322445f3f6c1a30eb75699801e022dac7f747b90abbefc69f6d2facb5cda15f2cacefe8a94abe1ed6ff1d86389bfc428f2338abeee1b8250cadc0a213d09c5edebab7a407f04c10047b1941d06c46b0d09dc90039bdd2dbf5802841b17c3c0080099faaee576b74ad4818260832935d63d1605e3e734f8ad078615209ae86ca8654703e0ce25aeca69bf0830dc77ba3cbc233e51545a179190475c430963c584c427118f374227c42d39f814eda3c74d65db22b5960ad095fd7cccf91bdb3db91b1cc4bc952924a0dc2a49c5ee71f6e962034a7b5da75ff8c6ee3b13153e5d7de8c17c6589025639a8372d089c9ec0f2aa6bb1f1750884760651f659f7755d0640e12100fdcf3960442352c16d1bb8769007d6532f80f50300eac3725499edfb9c0ecef6d87acda06835befc7ea949a7a19bf937b2a09d2bbe682368c3fb4df9fe9cc08e3a5d6d46f581a96b89b33bfb40251dac8392bd22cb6d777ddec5e3393f87a0c05607181681708b8875606bab0f94f03b72fbadfb94fa02e31b198197139017d732dc83d4fced285f5cbdad337579a98254176abeed6904ca8095b68b4b015245236f5bfc08eed55c0cb4640c1124f323a05c1cfe722e13b51dccb0349b966ca21bdaeba92cb9594e7d49c9899d734c37f57f204cac18ee7d488c4c4ae3f4c7ff12585c956403652bf2e56c23663f6f4b00b6bf6f805cbf16271bd1ee7974833ed732aec7f7bd500cb25140bea5fe1fe8ad46ea31ca3b148bbe6cfd520776cdf62a71144ee3a5c28a57cb20ef4c22e44319e866b65f20e248e708ad79fff09465c82fe8686a753e02417c7c7d31f3502235fb71a8eac54d16f786d06d208618146e27a0747864ee967f0c7262adbb174b7f52710ee87b3ce7628b52357a0d1e84e753e81ded6d5e8ba2e04274ca9d4f06f2b42d4eb0060f656922ab98dfefb928871618b17081860b8f", 0x1000}, {&(0x7f00000011c0)="68dc05ee22512fb4fe8d09ed1fccbc65a50cd3d89957a7f080f58e97df52a2ee4aa07a54d71487f32f41daf337eaf12ed0a1541a5da44a890bb549cbf503c8086e21451c592ae9ecddc0466e8eb86a304b77cea78d277aeca87871adb9ee6936ca9c291a48a7c8ab44c4b66be8f00b5cda6abab412d1e6c75c140103fdb4555f5551f12a9e896adb3c1eb8d8c9b44908b0c9886d466f210eed8d287ee6a8fb57e4b1e10a6d4da5efba60ce36789e82bc5e53f34df26e5bb6cc3d87ba32affc", 0xbf}, {&(0x7f0000001280)="da4794632aa05e3cd7422f6d080f707cb1f0c64cf2d944a778bb91ab33f4d17345d125847ea78510d52287f0d940118b2c896460fb22cf5a729818a41debbefc9c3dbb4538e31ee8ff65d17225e246089c5bf63a67b02489157f4d8a77cbfa964845d347533beb82d8aab060eab67e6278ac315ae883e057a136b1e41d66a77a23a832c76237f3107fc961ab8f140ac067698cb526f2dbb21c5222f3c47c553e9b6e03a926ed1abc2e8e7a6a2304cd373e45f43350f5659d1334b5b179a8cf27a1af34321d93e04b91498f49ff39541d510482fa1fcfdea249abbd35d8b0482014882405dfa16bada35099b79774cc67efb83c1c159d", 0xf6}, {&(0x7f0000000000)="8188b95d28bb7e3ca093dd9f25f1e1c945272f0204d642ec04b9a9b20e4621c72f0e505c553154bfcbd92d0252f926f05fc33e2433e465d80e000eede91cc413179e036d0b3361ad6184d609e6e71c70691fe9123d72d7110b645bb9b1480c7e7f7144d4d29e5e541bae674950", 0x6d}, {&(0x7f0000001380)="770a9fc0f2d9191b2f99bc6540a8490e7a8af2d5b553cd686b615fa8998aefbc0a585c7dfc5661a3abbe4a78d3b8791b0eb5046bf7f110ae8ababb69247fe59f3c1fdf596a88281635c6aa9aa6e2a9530de11c586da5488b155a7c2780373f914a1ea6e04a492442fe547ebc2948291787", 0x71}, {&(0x7f0000001400)="6d5a9a3aaa2e6ce7fc8f2510d8632766242717c7a1af9ff1881adc5a5c3f02ee6110f581385f05c75961637656719315389276324e7279a5fc3af2e4c6f97d8f5756c86d8a8e2484ef2cfff991e457580c1e", 0x52}, {&(0x7f0000001480)="3afa3bf0df", 0x5}, {&(0x7f00000014c0)="08be9608e4c56f465ba6fda74aebfb8cb621c0cc5e27aea0d0e08cd5246ed7a2191b4987344c1fa66f8ffc18ee1f4eaeec7a53444e4f4f1b68a0408df8a41b02233d9491651fea41b41863ea507e6b956b6432e6408057cdcb5c8177f3fc88d5af76483cf9f39e5ef0f72e96bbb7dfed80dae6b2008d6ca4c5226c8dae9464ecc697ab5300d06eea7d19e68529bb53046ecbd2d7d01df4bd6f430007d7d875422f3c0d88c46dcd74c5b6b5af39c8f27833dc6d5d2dc204c65f545ec2afac7833cb27a3bc62c385cb4bd68c0c44496ad5c76207bc984f", 0xd6}], 0x9, r1)
ioctl$BINDER_GET_EXTENDED_ERROR(r0, 0xc00c6211, &(0x7f0000000080))

1m6.726099602s ago: executing program 2 (id=4882):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) (async)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (async)
chdir(&(0x7f0000000280)='./file1\x00') (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$bind(0x0, 0x0, 0x0, 0x1805406, 0x0) (async)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async, rerun: 64)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (rerun: 64)
mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x0, 0x3032, 0xffffffffffffffff, 0x1263b000) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x165342, 0x0)
write(r1, &(0x7f0000000400)="547bbee68789313efe846d6698abfeac0d12b144933fa6f684f1ba13b34680bf4b9ea70f71faa2a82a45ab47458c1f827355ad34033fbb8b9699eb0b279252dfcf29e377e14dcfbde42857cbf2aa88d3dad8ec2deea7afe4e747fa392fe01d425970fb2dd7a000ea3889f0d9021f347818106963e18c256e3df26b41c61d30284a8ad61c6269756119d62e3a7a24c1dcd09d3eb35dfee6ec945ac190c4797988e0d7f6f38bf9b124431dd8208a9208195a70c8e558c216e78d5f5b3f6df6f155e16bf7dd8f4e9eaf61d5142a82da7a87aeca19c25b631cd8a14ce9f2fc8dbcd05f51dc9260abc82d780c9358bd6411ebf48520694d413024432d0bfc3759a620289c9c8705009fd829da6eb5b72b454436b0af8e9dc4941ca2cff92561cad984e15849dcd73f04c7f70a30304da2fbc17f421767ad5ce47ed79d6698428eada9a39faa02f978699bc8c482224a2d5f85cc1135ea92ac1c610e32f1e7c82da6d91e0c8634da679760c32c3e891db352b76b61a65bbdd023e093a8e0d37fd8cd00679cb1bceaac84b05861740c221b2cb4afa1ce8b091c815fc4bd83995b5bf5dcdf2912572cf6180ec27445404917ff9e8e6604e2afc19a1bb3745914f0a101e03e44ea5f64d40402f12a81310c97086fb01d04e82799c40f29348eb283ad58a40d608a47fbf9a25dbb308aa03b2425ffa896e1a70a37cf49e6dbdeda39ee88aadb26811eba78a0dfe5400a51428c31582edcc5f75b5dd963707a54b9b1e35f9966995d6474acbf7094124cecf38369aba3f6a5e3ad071f5e3df902843a3947623fe01571d97625c3e27721b08a6f85fd7b879acd400de5beabdd2603d566fdb4018bf8bd74c3ea1ae67c988992c7dab4ebcf501a73815e1b527d3ff1cf9e729d55127118565f794d253fef25609e5a415615d1b5fca5381b49446d9b9e75fbfcdd9218b0d8d8d965871b897544e32fd0b4cb5600ffdcdb0056bcad75216759590f8a94db82b0acd2a5a34e5c34241a19f1a7a7cceb894341f55c6b474f3cc052f9863a67519dfadee6576f08d7448929424c13e845e2e636b87dc14e1ab4ad05d69f896ca1bc5c1267befb686c4207e21aa30bdae1d1602d3e4080784834e213c426ba5446f90d3b3885a5d6942c6b0e637f5bb9c7908460bd7d04497ab054c8fc7f89068f7535976ad051bfe94c243ce7604a63b2099b69f1ed73590a318fad9a170fa0cddfe60e981a92de2e1aab3465b11a968108e08deadfa1fa546c4cbc0c34ac28597848562583ae8d93cb60f2e06c7a1f743add51eb8cd732b40d48fde00117cb2d654100dfcc66b7c9fefac80e137caa5cf43ae897780251a3ebbc4ddd3b003168963c9e2c9446cb29731fc4bbb5e551aca6913f7b8576ce34012581b5a363917970399ca369688e637cf06ff3c8114383d2fcbf9c69f1ca63cd21695254a440df5ef0a8abfdbd0a651a533b6cdb82382e3bd70f87c1d3eb0a6e22452605026fafe6d35158c0728c1050a39330c80ee2ee0b09366fc6382883ecd0796feec657b36aee4091471e406e9faffd5ede27943e5fbf1b7249ab8bad71f60063697f04db52e980a9fb3eb5e53b89be8a5f0e6afea7435789ecd444c28eb411cdc2158e434178749f36cc957dbd17efb2b218592f78d6864f2708e8c6db2da0d3f6de53959afec0c90d3d62a13a0bc3857bce58d81223eddd05cf3c1ec6b3fc5307d0f16d470f2065300295197e9fa81d2e5574b2c7b18f1c6c85156a9b1174d62dcd3cb026f4b67e6babd66c8f427b9687585f37b18c82e0100507035e78ce010b78ea1b5d3884db25df36ae929dd535a854a31cba5e47655873df72be7463c600b704e9da0e7cb2d61d0710248814ecced2eef8f227c8aec308c2c9d0a39d1a6b306080e8eaef8edece0f6d0d1612c582d70c3999a1a6bd529538f51ba4869ce74bc8509a7126d96db118cdb55411a36f4361d53c8027c12a7486e9c84e4de445b454630be27bdc2ec268702d9c1890297bdd1fc7a235f1a47f4645d286146f3cb9a7ce650f4157a1e7f134eb1815001d59905d3103efad3c66479330e8a5da941c9c38bf21bc0770e3fd56cafa19ad6e9d51f94ed4f900062b5602653aacdcc956aeecfb1dd613caf918e1ca8ef2e1504c42768e77df43569d5fe4b48c237cad5285c578b26b4e47c8ce06fd2686e17eb6d5df5645d0fdde7782216be07a1135dabc3a59598bdbab249c5391832f18ac5163aa7a1a890128a4520835a53eb750604c5e328ecb3216516b3eba3f97652caeb4327da8865880a932dc8e7668666ac3b76a2a424ca37b5dfb52495710611e20790427a9f9e7ac59bb86f0fb7a17a5def347a98dd8e733b784d78d5c7f16f327a2606d4252411457465540a60b0757802f470d08337c0fe4eee5f5cfe4f296d0f7068e80828a022c95632beb7b7f802135e246b1adebebf24c821dee7205e9fe1a437b16aaa8dcb4a58b0bdbc8dbc2fce09271c27430cc9ca8141955ec5ff4228627c3816cfe1bb2c0f40f6a61e8bfa4e2dd744e41ed80b83e9aef77119f4b062b98e86690711e83e795bafa7a8db16f241cee76aa01ff749100c113fda966aa8c83ebe975f760c18e3864065a5de6e8028a9e3199f4acff11e14bb13bc50faf97fdeab46edc371e55cab78841a2de17ca116b0183ac38b658c57a64ab11bb0de071c971a7a5175ad0bac6ac1d1118230a5412a35bd005b369df0e04e749ea93d7e56f713b9ceff580547a2a76ea4753a78b4a5cd0311024c5536b536c8ede63bac8e8b4c5851248d9098a7c6bcc3d5f209178b45aef3c1afa4ab73d8feac3e1f771626d73d85f72dc15d16bd3b7b93e622626f6f3d96b4425d328236cf1579f1ca834a7b318b012e27b9a2dc528189cf1eb3705d90de50ce7ac0c256b7e41500113e164fb7d53c74c6f829552a5bce73eeab9a46d01551bdab18fd3a7e82b036872f1e876b12c5676f63a6ef0c6ff159788a0c2fc40f179a259c656e8aba9295e90027e74ef910ce3c56d6e2de917947410b05603b6a5052453f13e6ac058b3f621573bfe6224bad8c3a5f575e1eb774839cb554c53c9b3ad623df6c5c9627cce856f9ba5847557bc9f854cbb37a936f20a733ba352ee5b343b941290a399fb862434d1b551da420053cad3bad65195cde40b345740e30e9a22619add8aedb763473b729c0649f7a1ea45325534c9b629a1fe3a54a78fe44969715182c6df5c9ecf6878380831b2996579332ac37286e72ab16824c3fc9ef8d74a7f1f5cf80fa37f6bb990db3a7a70139887a4eba0763247c58f4fe770a0496a5ef49a3ba4d62bb900644d49b5fba7e58d58af6ae50c96da346618434ed46b8f4c27cde5e8863d5b090dc117f3b16db2c4273fa84f8b06d3df436bf4a8cfa6d33d7f0e78ef422d5d7640c821398c9adf4d6ccb1b2f7cd0e497023cfdd6b5bb9ad6a29edb8b78fb3322414cad1458eb12699853acb165076db7088f518386380850c111cbe74034ddbfe217db714325ebc4d6b46eba640cf125b87eed0832077ab775e475e431079756b3da6f9bb3c861ce7eabf6adf70b76eb9642a1bab3d7afef2d7b40c8a19b98123ad7449c1039c494e73bc91a86e8e92c39a9482cf60605b9e5c209262c4fcfde76ee370bd6a78253b64c5cbb19a11b34c5a9ccf634c52751277268cd97e795b43867af5a4db51bd631ac547906fd52aff43eb98edacecf08f94a060902b5cb82e87ec856305005bd1150e581d9717460e31ba724da5e7ad72fa580f8509fe838dbc1bfbbf53e29688f25ca602d2de702e4411d3d133e2ab2f454f71f98efc2cd0eb468544cacf608c6689ef122009cf61e813e26b7b2b1695143fcd510f509ec2bf7205e674ba6767eaa29605c51e434c298bde0969617292e960d22b085632d241aa2a8e0f6ac6f2d56d0ed2c6bd3eca306a3224915065894480e737c7d7a11901bb7f977525cfcab652476baab0fd3b68dc59fd14ccdd6248bd5c5a0ab1dbae28a848b2d4ad0d973bb149ff4115b0436b7d145a6f8081d314039131f60dc8ed0ccf2c4971f0a59a65b3b1ef638e6d009dff793a4b7266c58f88bb117d665cae8fc6f6c2840470333bdbc8df12c6633a6ac7b664e089a85dc6d49f52459dd2df1be552194eef6027c1b45f62b97647788c3325f05609c1e02cbc9a18be72e4b502df719e4f9cb82615e3a03b5732328e552023dbfdcf91ed5ab51242e7d09a9b73674f0946976d8a8fa9288dce4d54d5820a0f0053b892685f79a6c8dbac724fce4d24a7b75e383f54ac58af3951d666a22f158637acc4f0e09e248e85f8e1439501afc0d5b7e9eab40fa737ae93482a1e29f3e327fa31d0d764c65ab976af1eb91fe08c5bc10a48b93453ad192d1d538cf93b792a70246bde99f46a78b670edea552840e08c787c928ee311f954b73d07287a59b470e38d4e624ddba8e4b21a74d7c07cc684b0ea82212129901029e74312866722dfa2dc53de3e8ddc00adc21deb7510ed15c50d139296297408da3d6beb589e7bb3f1d74e4e8dddec14b9cdf371d7f142136cdca5644d09edd97228a0abcd2e7b402c5cc68683cb980f50ca7aea8338dc5990a6ebb2d2b95a3deecc45f5a4f4e0e40a57e29f3e227c41db00e17dc962e2ea3184b5057c89974bcab651a22e588a527d7d8ec695e7ab5622c1ad3763d045a8393b7acfa04488556ac957777d1aebfc5d0e2a8150a6984d5607ac2400789d8f622c837d6a9b78fcc2d8aa872949edde53e3a99b5f5bf35bff5f0db7874ad3f172f9d8dd6cbb17a770b1482c79b9a15605cd0d89c6bae9aa6db8e886cfff8f843b99df95dde88c96202ae6ced4d539a3f70997ee7b2bdb7bbe529f9bc55b143066de8d9dcd7fa38c54094f2235e4a17ef8e910b4d48c373ce5e6fc9824ca8f115e579b002df16c591557cd6cac1363b8d8fc656075ca703a87f1efa76e4122eb7358389f659681fb49cb82215f73b284a7678b8b1528472d0cfab1980ee3d4410bdc1c31f1f798c3ca5744077e2f6cb4ca6e415f1e3afc8c00dd95d3307de5428883513f01ed19dde487e1c103619fd78583f09d02982512e0ee20a670b3b24986dcb7431f1ef3fd12e801bb2454213ff7b1962a464647eb4c8125cf2ed098160da880024a98add9b2917e133dcee7a8e25387fd5bf2b3f8fb05b2f7ed5f719b30b9cca4b1754e31d48bd2ec79e7e9c155130ea5f0876f3bb4d94ac74b209633ecb03deb8b9448e8cf4b4bcb04ffdb38ac457881f84636246a4e5e7773166129fb8b7803c6dde0ee69fd1f76f1d93b729eacc9d8dbd6e61e638a3f8de972a824936b1d869a15daaa21db04760e9110c5b7c736671d31a72fcd57a6f7424c898791cafa21a48921215a78d60a367aa7c6284a1aaa1fee0c5291bdc91bf8c032c9917fd28e68fc046ea4b17952f1abbe01af5f19e4fa99fc6a985f6264f9efbb208e6146d3465cc603ef36d3d59b5197bca1696bf5658b60cf0e0455cb1e174e52c4acb712a3ed9202a1ae334427b93305939c7f15e9e5eed09b5fc8d1e3836720d46d133841d4482ec2427d3002d95bce996b4b2d5b59b2a43970afe35517674bfdd8807931697422045f60641138fefa27865b9d477ef04847dd02d305e8f15e228522e54d1ffda6d5b26ad831146c66e6f9153ebeb0785ea75283df66816d771c7e4297c1686d06494a59046313169f2e2b4988a2758198fcb166d9d112d187a4456503e6c0bdfb390c89dcebf3cb8260a27fdebddbc6071857010ad4c59c062db35a4", 0x1f000)

1m6.629300964s ago: executing program 2 (id=4883):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x258881, 0x0)
preadv(r0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/202, 0xca}, {&(0x7f0000000140)=""/174, 0xae}], 0x2, 0x400, 0x31)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240), 0x480, 0x0)
ioctl$TIOCSISO7816(r1, 0xc0285443, &(0x7f0000000280)={0x200, 0x7ff, 0x1, 0xffffffff})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW(r2, 0x5403, &(0x7f00000002c0)={0x441, 0x4, 0x2, 0x9, 0x14, "a28e9bd63cbcd3b347ca228eabf40bc5103e2e"})
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000700)={0x0, 0x1, 0x20, 0x14, 0x1af, &(0x7f0000000300)="b7b49f46a9ad27e60086603e0c38a160d966a7a31d2c138d8d1417ee6237a68aeed3759c58c4f00069da47dde76dd9d71f5ce4fe71b7d968afbafb4bc1805f7b9888b68c2240384c95eeecd824236747030a3350d00effd01718829bbbed1c4bd6cb09c8991a3cd4c29b478478fd0d6d07e22f6378ebe153b90b50b41616a78444161b0997a4026bbc73122c9af1db2028a83e764a41482dbb96aa486003c379d0ca90e46640510fb0268675feb295c6057268c30b6bced13cd63eb2b6e3f29d038e4dee7e8a5b0d537baa348f0dac9c8ca9a0d03f36ffc71ad9cf07e1a2a852b61bfa2389c7c2d2b936c52d4bff10d9258da7eae1d7abf423e5a06bc9fc166c991ba45197531e43a31271d5d92177f9205da8370fd465637a0824dc30c7fd36523c9ab6146b368c9d1fb3d8edbfc5dd9826e8aa16df66523f9ec7698252af408d16ed998e867c6a8a1480adc0d022f763ce98ec42d94082a21566627718554a9c523f2553a9f8e184867c580a04605c52787781e5b2fef467b696f3643474592b9234c21d40a01946e9640d0b082d9d8b29cd36fc0d1ba93bce9a55be4be149b6a040b3d7a90269932170a695dbc7b398988d72d1159ca89dda9af081cf7ddd4bb47add37d0f7a0dc8f66c3af287126d36148376bf3ec402a698d0b4d1670c692e48dda74b18815d06c12807f25da4b45bab74bcfdbf9b1d8fb5ea0c7e4e495cd9a7023e7bd1063bd012afe835f31718652c06931429e47638c876b586d5ebe065b7eb426d000bc0509a4fa19ed9bb17e1c5f28610877fc9ddc4d10615023dedf7385e5a9ee674a4d6cbf4dc442f5340b4ad2ae24de3e33c3a3cbb634626ed9ab0215429a6abf41090253739b19792eb143f65c51673686f69c75de90b08f4e30c714cf46d6b367ceaf937e613e0c94b61090a67af6a950d44234268d6b84c52641b5f077345ab19828a7bf792593e553eaf110c2d67a1a8115bd2c94b2269d7fa161268d0eea5f44e55e13ed8f3c84c07b17f2c81923b0ac2d447dda57adb63cef6adfdb6e5fa8b43d9628fd2837996ed05ad71cbcdf43ab7ab57383439eab16d59f1e8b21ebaad85f705d535cabe907355e7b8eb58f4c39fbb3e1e276fd34ffd3403ef38d4ff1c30ec01778040aea67a72bbdea26971b96d510859cc13f52cc7940e8f024db3032620998107229486b865d66bc55e28b2feed7894adaae8e4fb09b6a024221e2453578a5d7ab5c8e375439241600cd3a4a2ddf843a994fcb6b4cf90ac888f3d4a5aa75629e558e287418712bafad28f306961916d1107e99aaa3a91f2cf661336554eff4f6b062e794bf2ef8c9b7b7fcc6ff8a1ed7cf702f38931044babab8fea0fd6ec731f40e7916f72346d88b025215dad9c34862e96816f43e353269326a99113a508607f538df0a2566edf7179a774f935473de72ed"})
ioctl$KDDELIO(r1, 0x4b35, 0x3)
ioctl$TIOCGRS485(r1, 0x542e, &(0x7f0000000740))
ioctl$KVM_RUN(r1, 0xae80, 0x0)
writev(r0, &(0x7f0000000a00)=[{&(0x7f0000000780)="9e8112954c86566cdba0bf6309549cd095470aac32dfce7a5b50190d2ee9cb9ccef4819f6e723b6887a85590aa770d850c84c40fc3ead6b32c9003d17df507f6e3dcaa4524ccb89f8d59ed5be97b4c35e11019cdaca08a856ecda0d113356a63e9b50860f516bcd343ee27f871d64acee8ca755b123f8490b0f3bbd6b2c1336d9bfafe1b1916f7765fc5e3de58c6448ae47d52cdfd6b2a24d6310b2457648a0eeaa901c86289f9c0ff1972253751fe22732ef061abf041af9b15dcfe77c0433f402ac66a1c8cf3d001a9593a0154f69f78a79ab82bdcb906accd37c8bb0acd1b7a95fa9c9b48a8b0c31f0e0c7a07c4c5d82ac04608fc38", 0xf7}, {&(0x7f0000000880)="49b6fc75e876d8a5c9d57f1d870e6fe3863d816a55f973b573daae6f3702991f1e99", 0x22}, {&(0x7f00000008c0)="d9bf0027e61a918882b7", 0xa}, {&(0x7f0000000900)="3665823a6d29cc9e5b4db6e7e23d1cd9d34922235bac", 0x16}, {&(0x7f0000000940)="ae94ae139cee572d28df0e2b415839fab418f29b403acfd1e6af4b08214e0c5bfc924d932fe519d61d20d10a1573f386", 0x30}, {&(0x7f0000000980)="a85474c4bab128174728b26580ed70b6f3ba8bcc48db099ef4f961bb70fba22664374f2db80755943a80e854101f4d705a4fd6e2d0b4f3c16223ce17c82fc343eede9dadbe871d696e6d38b8e99fc5e75910", 0x52}], 0x6)
pipe2$9p(&(0x7f0000000a80)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80000)
write$P9_RWRITE(r4, &(0x7f0000000ac0)={0xb, 0x77, 0x2, 0x7}, 0xb)
write$P9_RXATTRWALK(r1, &(0x7f0000000b00)={0xf, 0x1f, 0x1, 0x4}, 0xf)
ioctl$INCFS_IOC_FILL_BLOCKS(r3, 0x80106720, &(0x7f0000001040)={0x6, &(0x7f0000000f80)=[{0x7, 0xc1, &(0x7f0000000b40)="fad9a4f6e97aab0beefe6efceba261816f9ce948a6cea06ad26beeb1eaa643e1dad113d46fa4a1b0efeae3e56615de322c00d14b46ecf5a853bce9f15b4ebc81c01b0404876a24ca8066c7a31dd578fa371921638e1b2867207d903ed6a4bf5020f4935aa444236eb7459313cd81ec2977ee9ead3d1402a2b9eec68cb5e265c2f5bafbfde41f3bc836359b0c38764f56a19c47f78b09c150d2ec7a9e3e8587299b2f7f529238a8053c36a4534e94f59aa5bb3efa20e9183a17dd776a84c32e8502", 0x1}, {0x7, 0x6d, &(0x7f0000000c40)="2f75da14e72b3c867384b256cd6f8c0ebadfbf4af918f0900ad31e95efc432d9b2e65066c11a92032cdc0adc71ef4d4e13448822737537da0ca92b494a1a6b427096ef81f5613bee4a2e293566072f545271464283a82396094a13896a1683fde7869f4b9c2aae6ecc697fde82"}, {0xa, 0x64, &(0x7f0000000cc0)="4af428483e4dba84e00d41590b91789cf3ff08a6fda7a00f857d61933204188514f753b913b1f45ffb2e477745bbfae71375ac2fe017c3737985dc2617932a102f1caad8f717d7b7685dec91e13d5c6825e404b438354eb932a05efe2dd2d73939a01c36", 0x0, 0x1}, {0x2, 0xe7, &(0x7f0000000d40)="38ea2314f706390c22f2eb5d0b5060d7aa5ba7da91c0ac209d2de64848386824233066e030074625677e13113e6b2f341f160f77b1204624455306eaffe37f4a0c36274991ce86c48e00d9f33a1f1191012326cf32fd54447b16630134b9302acaa767fc486724a7a3e07eab7d4cae4eb98c056dce2812374c6cda5019a3931c432362791548a0d0a6120da2d655a2f5913d5dc634ab2ab6c7155524392545cecc3f27c76690ce0baf56f633d91e639cf1efa475407957e950441daa5c66eec8678d83559510ea182b5cacd0d81a3f767e7a2703b91ccd41c61872e1e792f037aedc7f82fc82e9", 0x1, 0x1}, {0xfffffffc, 0x3c, &(0x7f0000000e40)="0477978a5a95af9114fe45d2d69de45824744cd3097685e628371799c027d2aea7cdc3ce451bd3a83fc6155af6e1bbaa655d979eda046b1abc6fa280", 0x1, 0x1}, {0x5, 0xe0, &(0x7f0000000e80)="99883b8807571162cce6633cf8849c22bf2218c417fa35533b535a785edfaffaa2e9a604df8e9338cfdba85af9aeee388c078e0d03851e5d5f33e556e25c9e82f355796caae47c0c18747ddb8383fdf02468e67eb3b1d3fe0eb8d4e111606f8f7c96dbbd4d35890355dbfd34e5bcfe622d70d5e234724c99d783a2fcd9ae342d594e7568b32aad0404dc54980adeae2d5ffc2f965ed2e8f7738bfa287050d62cdbba3875fc97046209c442cf44ad9c06d46b04fbcdb8d7d5f482e551f355898b8fdd14a8608574fa731a4de29f520c87c27f38579caa9bb19c75e63e66d9b8fc", 0x0, 0x1}]})
lstat(&(0x7f00000010c0)='./file0\x00', &(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000001180)={{{@in=@remote, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@loopback}, 0x0, @in6=@ipv4={""/10, ""/2, @private}}}, &(0x7f0000001280)=0xe8)
sendmsg$nl_xfrm(r0, &(0x7f0000001740)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001700)={&(0x7f00000012c0)=@updsa={0x424, 0x1a, 0x20, 0x70bd27, 0x25dfdbfe, {{@in6=@mcast1, @in6=@ipv4={'\x00', '\xff\xff', @local}, 0x4e21, 0x2, 0x4e24, 0x4a4, 0x2, 0x20, 0x20, 0x89, 0x0, r5}, {@in=@loopback, 0x4d3, 0x3c}, @in6=@local, {0x9, 0x9, 0x40, 0x80000001, 0x5a, 0xd4a, 0x0, 0x6}, {0x6, 0xf8, 0x7f, 0x7}, {0x8, 0x10001, 0x6}, 0x70bd25, 0x3500, 0x2, 0x0, 0x23, 0x181}, [@replay_esn_val={0x38, 0x17, {0x7, 0x70bd2d, 0x70bd26, 0x70bd28, 0x70bd2a, 0x2, [0x8, 0x9, 0xfffffffb, 0x8, 0x6, 0x7fff, 0x4]}}, @migrate={0x134, 0x11, [{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@multicast2, @in6=@mcast1, @in6=@mcast2, 0xd4, 0x0, 0x0, 0x3500, 0x2, 0x2}, {@in=@multicast2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, @in6=@mcast1, 0xff, 0x3, 0x0, 0x3505, 0xa, 0xa}, {@in=@dev={0xac, 0x14, 0x14, 0x20}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@empty, @in=@remote, 0x32, 0x4, 0x0, 0x3500, 0x2, 0xa}, {@in=@multicast1, @in=@multicast2, @in=@dev={0xac, 0x14, 0x14, 0x18}, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x6c, 0x0, 0x0, 0x3501, 0xa, 0x2}]}, @etimer_thresh={0x8, 0xc, 0x1}, @sec_ctx={0xa2, 0x8, {0x9e, 0x8, 0x1, 0x4, 0x96, "5fdcc6d319d9b2c16aee75045e4278935357674bfa8af88c4d05b9079e6e36a451e995cf5dbf021290b7f2f9d650b054f5ab627a2d74a510a3bd3fba6a51a4d390097ca51d4c120826dadbdfd99d94e32b5acc13f63cf40a0926261577cb63728555bdf31c394c4152923d1c140b8de77291cfd77c17362a39f2dc6ffe1f3d1600cf5202420ef7c48379fb2f877843a6a71e45a22520"}}, @proto={0x5, 0x19, 0xff}, @encap={0x1c, 0x4, {0x0, 0x4e23, 0x4e20, @in6=@private0={0xfc, 0x0, '\x00', 0x1}}}, @mark={0xc, 0x15, {0x350759, 0x8}}, @sa={0xe4, 0x6, {{@in=@rand_addr=0x64010101, @in=@remote, 0x4e23, 0x40c, 0x4e22, 0x4, 0xa, 0x0, 0x80, 0x2c, 0x0, r6}, {@in=@rand_addr=0x64010102, 0x4d5, 0x33}, @in=@empty, {0x64, 0x100000001, 0x8, 0x7a50000000, 0xb, 0x475, 0x1cf, 0x5}, {0x8, 0x7d5a270c, 0xb223, 0x400}, {0x7, 0xbce0, 0xe29}, 0x70bd26, 0x3502, 0xa, 0x1}}, @XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x3}]}, 0x424}, 0x1, 0x0, 0x0, 0x1}, 0x4)
ioctl$TCGETA(r0, 0x5405, &(0x7f0000001780))
ioctl$USBDEVFS_WAIT_FOR_RESUME(r1, 0x5523)
syz_genetlink_get_family_id$team(&(0x7f00000017c0), r1)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001800), 0x0, 0x0)
r8 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$KDSKBSENT(r8, 0x4b49, &(0x7f0000001840)={0x3, "0d4a9092a444bd758b3d02b52a01c28a97ddc42b281cde1d9bb17e038e3c85fb90bdc499034f770ef8a71bdd8de58eb3460e3cceec07049e21dcd88ff865d8b7669bc82f318c02aac958858b42b94ab9adcb6668a0b84b26a0c0ceb9503494226e84f2f456e3cb2a23c59beb879b54b8d980022865c6c06bd276ec7cf4a5315fa457e1263324f17b05d6da6d092c13c6e07db5a707a7f989df3cecd857031db77d3bcce34234cc4f327e47d97a53fc0f90bc33f232390946f3ca5422739ed55a5f4c9e23f43b48897136b198a4bcf2b66aea119be1ded8d06029a788d36e2be309d7101d305738b1dd3cf9632a99aa200768312b39a982e12db884241a0bc7926073fd874a900e053a80776a9e328939e3f7db9f7fd4985fb2bee5643d0aa6a03c6d7f3eb7aaec66a8c0bd4f62822024c48efb0405e401dbd1793316988e7c173687e8c1b53294a3ca096c028f9318cd831d8ce2ad5387d9c0a3b2b37ef3a54edb0de84558fc5b2fcbea2faa052775c8aa6afc1f75957feddf677b3e003435136c33d1040776c40bad93e812f8a6cc62c8c1d7d0456857ea25ca467bde1018753ed3180fb0b6b36501304026e181e654a3b88a114036b340018736846e301bed5ac7282363edb78a870d44ccde2c33897e47c558c3cb6d8f5a629ac05f589449923713dff6d6dae9616d6cb46996e15d88c603cd1f1c1731a3f9c33127ece815"})
r9 = eventfd(0x7)
ioctl$AUTOFS_IOC_EXPIRE(r9, 0x810c9365, &(0x7f0000001a80)={{0x7b9, 0x2}, 0x100, './file0\x00'})
r10 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000001bc0), 0x54442, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r10, 0xc0109428, &(0x7f0000001c00)={0x2, 0x4})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001c40))
ioctl$TCSETA(r7, 0x5406, &(0x7f0000001c80)={0x8, 0x5, 0x9, 0x9, 0xc, "8b2305866e04006f"})

1m6.628992464s ago: executing program 2 (id=4884):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
link(&(0x7f0000000080)='.\x00', &(0x7f00000000c0)='./file0\x00')
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/binder1\x00', 0x0, 0x0)
ioctl$BINDER_GET_EXTENDED_ERROR(r1, 0xc0046209, &(0x7f0000001340))

1m6.628495954s ago: executing program 2 (id=4885):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x400201, 0x48, 0x1}, 0x18)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto(r2, &(0x7f0000000300)="4625bb7328291e27241d5e90a0e4f786d5e28b5af9798b0011691dc45f020e74dfe695eaa8b21bf696c4172679af9fbebebeadf3f63f3cff51e31835d1e764bc726794dbf68c7dff17b92f01be4a847434477d29bda8268314722bf3db3c942259e42b7483ddd643b5adb4669476e969a786b2dce51872be184927eb5046aa12290af71829b2b0b16e346e743d869b125c5ac9ce1b90179eb66a7fc54ba9411187dd8beefef3aa382637103d99a2076f7d615475c100cf3dccf2eccacf20aa5dfa577ab1980dfa4304cf95e68602ee8e573defef035bbf9f34cbc01345", 0xdd, 0x2004c845, &(0x7f0000000440)=@sco={0x1f, @none}, 0xc6) (async)
sendto(r2, &(0x7f0000000300)="4625bb7328291e27241d5e90a0e4f786d5e28b5af9798b0011691dc45f020e74dfe695eaa8b21bf696c4172679af9fbebebeadf3f63f3cff51e31835d1e764bc726794dbf68c7dff17b92f01be4a847434477d29bda8268314722bf3db3c942259e42b7483ddd643b5adb4669476e969a786b2dce51872be184927eb5046aa12290af71829b2b0b16e346e743d869b125c5ac9ce1b90179eb66a7fc54ba9411187dd8beefef3aa382637103d99a2076f7d615475c100cf3dccf2eccacf20aa5dfa577ab1980dfa4304cf95e68602ee8e573defef035bbf9f34cbc01345", 0xdd, 0x2004c845, &(0x7f0000000440)=@sco={0x1f, @none}, 0xc6)
socket(0x10, 0x3, 0x0)
unshare(0x400)
fsopen(&(0x7f0000000100)='ramfs\x00', 0x0) (async)
r3 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x6) (async)
fsmount(r3, 0x0, 0x6)
getsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x4a, 0x0, 0x0) (async)
getsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x4a, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
write(r4, &(0x7f0000000000)="3c00000058001f000307f4f9002304000a04d65f0800010002010002170003800500000099db973b91aa057972513500b0406700912deb5b85932234", 0x3c) (async)
write(r4, &(0x7f0000000000)="3c00000058001f000307f4f9002304000a04d65f0800010002010002170003800500000099db973b91aa057972513500b0406700912deb5b85932234", 0x3c)
mkdirat(r1, &(0x7f0000000100)='./file0\x00', 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_hci(r5, 0x0, 0x3, 0x0, &(0x7f0000000000))
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="1400000022000101000004001280000000000000"], 0x14}], 0x1}, 0x0)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', &(0x7f0000000140), 0x4a81, &(0x7f0000000000)=ANY=[@ANYBLOB="6d61783d30303030303030303030b85a85880d6d3422303030303030303030303030302c00"])

1m6.553811285s ago: executing program 2 (id=4886):
r0 = syz_open_dev$loop(&(0x7f0000000240), 0x3e, 0x6542) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/pm_debug_messages', 0x0, 0x80)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x6, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b79d33", [0x2, 0x7]}}) (async)
ioctl$BLKRRPART(r0, 0x125f, 0x0)

1m6.517123966s ago: executing program 35 (id=4886):
r0 = syz_open_dev$loop(&(0x7f0000000240), 0x3e, 0x6542) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/pm_debug_messages', 0x0, 0x80)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x6, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b79d33", [0x2, 0x7]}}) (async)
ioctl$BLKRRPART(r0, 0x125f, 0x0)

3.760847668s ago: executing program 5 (id=5814):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000080), 0x20002, 0x0)
sendfile(r0, r0, 0x0, 0x6)
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f00000010c0)=""/208)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0xf5262000)
ioctl$BTRFS_IOC_ADD_DEV(r0, 0x5000940a, &(0x7f00000000c0)={{r1}, "84d1d77dbd6022ca593f3444dced4edfbaacfa29a3ddc2ec442e2912aec4969651d40b2f479fde1fb12e7d0d4d93c59cc2982680738b116c5341f70fdf441a62c07a5d510616e1aee40455f4aac0671111372ee3effd87afc400aa56f976006896598b591b7d79097d6143d187cad3ab0558a6c3eabae0dc78e8b24252d34109bc6de9962419663ddbc50bfe15b50d95f616debf6997641368d1772c968fd822e2c260775eef05409513c4f9d552e0a792f37afaa9f025f6c440223cd73dbd76d337afe17c28c6a2365474f31d8251acf45436b45a765b0ba808ffc174551d4083c36d48d9a6bf2858c53d780390198ce204639ede4531d20895f0ed7d5485048b0e44398d3ae9f6aee0f370854745313336108fa1f34075910322e68b995797b69ea346b3a8d5c1f2065cf55619948852d6cc3a307fe545194f321a762ebf4e3e46e05b523ff5eaba1944c52a769340ff5d3d351b9fdbd6c4c0c47ae6ac4a74eb2ebb77e5eeb68542bfe058de46ebe318a24c0ee7afe5af5369b58ab71470620da1a34e6efb357d740930f7cdd82ffc8fe82ba30537a66b822594f2c7bde36cd7d90990edb93f1c4d24fe37118cfdc0612f797fc81f7a5ff70f87a685de179044129abc143cde1d865851383152ed1bcc59e8889f93829eb63ea74e14e68a4b0d1b81dcc0e814edcc370cfe49ada8e6ee038d9aeb656fff0f5c63eba1708c0f12434b494d3e7084ef060e5a74923d3ba3ffc0806f01f2a337f54dd194e7d0ac17470b52c79172ccb3f6c676b28ce499485b031cccecbbf9ad0ae982ec06453d9a081f093943075ec7dcc238d186d21e481ebaf380948ec0950d56697332341711d6dafb963d693516f904a168358c0520e5585f54a8dbfbb36bd18e1c75dc3cb723d294aec6ce97ded176021e7cb133fb332116d9806889bf6c19103be73bef76ec3a31b9e6e68a6fd8193fb22ecff5a405bcf88d7468031df77bf7ae11f59319ed8995fd4128f7c13ae00e7058891de8ebd58577f4195605399aa30c725ca988b6f00da106d15d63c13dbd03227c8161ebdaeb7425fb7dbe4464a28e21cf8aa94e7bec89f1a60513d356393d82171f038c3df539723534c41143e6973108107353e13da835a329f8ace96b54e593c4004efc66c8229d1ad4b2b73acccfcd685db5a3dcc28b1414bfea82ec1306922741fea7fd4e6b150ff3b8ca3f8d578b5d2d8d58472e6a8b3ca0887ddbb1b964684e22657ceed6b3fb3839e0903abfcc43a3c42b0c072a69cd02106127a7b1fe2f12845d0213940ce7e610ebed30ddcaef7adb8e7456cf6a23a203324486ce283a4db42256d095bdab4b345300ebfda3ba245f7da2e744faabc2fd505a3e99f40d3565fb7144e2f17c6176c59823e1bb96be8b3a4480ac718e603630687c3b6feb92b35af54448725383f8b3047ae78e545b6a7bc7a4b34249a2bd7c752f8be130ba22ce430b03519d159a79db1755125c319e495232188fbb8c15497539854cd5695bdc81d12bd459689ffbfe51df30a1e0822bbc4fdd106952e0b000e774b6bb6bea508f42328b237123d5245da015a56a8d47f43cbeef051602123ed1ca922e5dee0dc748210ec232ed5911c381667baf5a742c0d61a267f1feaf921d1f58149ea6e0f7f8c32316d8eb934d2decef9837328d97451bf2d3c4a848bd7303fc130d34cf0f08e58fff30f86da576bbe6391028afb8943acad4a450d6bb357802c49f7cbfd24ac240ad17948c6dcf1ad6ac3007faaa371379cf4dd779e315d414b6cae0a213c4e83631fa79466b4fb72ae5d8cde414dc2bd3e22b9c38663349dc335a1863093c0db760411db52a86241efa1d43b7cb8534fb12d8f6a9e934a172fa470723c0464b6e95f427b955e7952ed58b59687e88a289381ba55cfe20ce60928cbb6d9fe24b5bcfadb6833e21b6ff5f0ae7d6d980e8379ff6c75c13a674bf1932a883806771f2b4165ae8aa6fdada05823f2bb6fdec4b066f1c58aef7574667caabc03c4faa7c7719a9397c62ea87b5ca4283a2830dd7e3015bd8a753c0143196df30db025b2ae68c8ee8d614fe6029a0657cfd7a93213087add31f5fda23345c76a49e8f4835020d85e1117b02bba688cb89c7fcb49043be79bc331fcd49e9308e0a0e3e44fb5fe039c5aac0dfc48e915954f9e22e0bd8352cbdcd3a78f17899fa23b5a999d61e177f9c2464d6040092d7ba4a4e36b8795e9277f3c47b31546019b4fcad76b05c889d8ecdcaef383186814ba46db8d9cfcb248f35905781c088e64fadc6faf60c30cfaad7e6af22bbfd088212522494fd8c292bb2ca03e7ba82d92be1ddd1864c3a70a37369b8d0f0b87cfab599f72c7fc960cf212fbcb044615ec1fde1d145b3a66a1aaa8d28f826e9f668101a5f14ce58caa920f119a6f3a01ad1c5d40f314807d77f354769667ebeddd46c99f16041e89eccb9a0a62dbe17ad2cc51f8856541ee1bf96a0c556d38ed0a3b2ff32af2601bd18fe31d416594c68c3818a20cb682e52c6ea200e65811bbd2550293017bf0729f638adbcf2d1c360685dde722e3cd1a2d2348920b202a049b3b8ef746e7b6fed3ad29c679ba47d52aa050d8fe4d00eeaff460d9a27615c5bc3ec0f2746fd340180a3a2dfa5021128950f8da3e9d3481290dfedbb3c598e6dfa2bd999dd22a96935dd20c3e27cd36011bf1f0984d61a4154b2d7e8fd05fd3aa4b016d8e45e43e359d814dbb218f7dc3c4001078c21a783b6b7b75d913c9ecadc49a06b0a615802693b78edba84e157954a5b752fc184db09cbd7f079b1db76f452ae0cae271063eb25aa06839926425e3cdd8ca5779bd1483c947bacaffd43642ab16a8ec670768fb7ede62c217f4f0df35c7baac9cf3a3a7ae9b98ae19bd00b478f6204cdc306f91aaa353ffc614c9928ab5416a34defff0a370ee593363f5ee3f100a2b6e9a4c2310fac550e7944e7420024777c0050feb5d4570d236f0619a7ba9dd2a249ca1e1f14578458f0666901300a862636f9ac4183666d375b6621783e997c1e0006e0ca57df34d653b223a3c5afb8f4a1468d9ab425c475548eab60f5d883e2689135182e083d5e1eb2365226c6356cfbd1b124c74c0d399a4380a9f8dad6584636b9470e391e1922ed77a24496773b3002da4fea9aa9b88c6469e86ef072bbebb08ed3cebfaafb8a0658d1233559e898b4d754de7af73b1521f8f7330a0c6fd86af378f845bf0d0ebe4045fcf71d34308a211ddfe60c1617e7602852704a0293795b2b9490ad2afb6d96e057c0aa0ba4423c408411b3feda35b8321a0c95ff4219a99fb064ccfd4163057d6b4854c098a93b62f76580e4df1cf6e675b04b7839184f2f89ebb15a8c3388a3c7850600f410b53f2d7ad8a01516b7923248c98e502d3259fd76373098c4c400ea6cd54dc1d23b69eb09e1d41f076a1218332a27e1dc1829014fc942c7fe93b9efd9a892cd67d842b3566a99b9e29f45796dc46a6e7c7553046d4f1f612f530d4de2ae1f6ad616a6034b92ac871c19503c21b921a465e0fa13cd177c189e2389f2f3c68cfd3f6365bcccc4a8352eb66eaa07939cccf28cec309193ef175161f9ffbf2cb3f38f22aad589815ed7ea08e0b1065876379ac69a0a9a6aee6dac32bc9d8132cfde9d44331b0d4188a0efbf44ec05e8bb6f8f68e64707aada41397196bfbf8431d08b553e1b5c13ca40a58eb7e8fa0fc437276029492387ff34ec0f53621f791bb2749339e813cc4c2a977b1705cb52c907ed2a60746d7639ecaf3e63e649ec167e4f376967e3096e70f7a7b6008c22bff283034a1641185b1907496b378faf2b78e091ed810e733849e0a64e57c17cf25deb87ec9a37ae5a0022e4d0500093fb631abdf8b971a5aa8583a791a7c900ae264ba16d853721e65eaac0de00f4165a673100951fd7426b0bc4fe186276d62e1e3258926ef92be35b6c81dd35df748f6d7d1654393dca2d3398fb5ad4d61872eaacd630e4f4a3a34b4f8d4d772841887911eab035b352f752d795a1ac103d1d7f6d7013f2c609cb8ef9c1e37a45ee806f46e447613f42bffb3931a5a1cc2f5c9cc3034d83da6a218980eb8aaf052e404f5845400f563a9ee7941562c4ac220d940e9f27c9953dc8b9c078d2d8b0d7f70c432eae71286c516fa4e2586f7c492f3028efe8cd34e14bd2767513ff554dba682ee6fab09626f7770fedbf1b8208e943c70f1bd93268ff6cd1846dd35dc27102122ab56672d7c471b7b51718198fe3289674bb6ff0a23d6f4a8492fe7c16c28061b58c77670b41edc9bdd9122b1cf736805b01e4e8190a6a9e7eeef20a08a396f6750be9d893e4c5fbb2fa4afa49e30be3d01bc2885c2c5d86a5483c82f683480153da7b76a02ac064a0c96f304ae5ee590cfd7e4c306b9675618794739d3b5de3d22ddfb76f3ffa45686bea0de2bb72fb3314d8f42e5a115d333065cd8022ecbe6ed9d70538410c92619c90087b66da15f24fda7a44a84a1950b2e4f67b01aad941bb350b1edeb8790564d7c06b4687752a75b51b02ad8ae13aa118f4ad19ba86670a45e1ff21f0602d5d0d0e1a84e2c9582f1e37955ae4866350de959ebb5dd700f82fa67f9297e7e98a392626ca5f2c729f22ddacc374af1a9b6005300e335fffdc9e795f13351701851f203b094584accbce8fc225483734f468c25694d8c86edc0f582162eb10edd5b06ffc668e1de30f4398339407aacb02fbdef5adfec8dc898d6732e2b005174d123d311ccee96ed9119d5dffd58043a0be858bb117eeee2cd4c1b83b30958ec3fe6aa2bb6db57641270a9acbac7b229d4b5f9d5038894f6c51a32262f20cb807077d3f6bcfc2ee52cd7aa984909adfd8c5d290f478c4c627032d729780e0bafdc22114fb6e1bec33823fd6acd8795c7faac640da8d6bbc8bb4f8dbfee7bb86dc6e485149ddbed4ebe5af0389a2dbeadc623b4e6add2709688658d57ceff9e927fd01a232c9fdffca8e6d6e39530fb9c13a111e330d8ddbe4c78f2e1c6856088a18a93461362248cc117fc43189aa2a00da6cdba4372c7e5c62f4863a3536f6507771ac9a5be7e4470f78578e34707ec03272e0ff79b9d24a821b5ca44cbcc1e41b8ac21e4372834b7a2fa5a22d349716c929ffb27d8376e6411ddf4bc8925955ccda7dc23272f0d315eecb23daae8381ce070e39b2e3c15f19baef5fc65e766d989543a83309a411f4adcf80e89855f48afd00876c239d6ac96ea569e931634f080fb77f4e84c144743498080ce1684f715f5d71df4148cceaf17fd0f240e5478d8c81b2d6c07f9480e352ec5c1aebeca9ee6b3d074c97abf01ef10f1b03777be4dea2287fd077e4e2ca00209640abcd1e79024d0c0ab834d5ac4b27b258749182a657a5a838039000ca3cb8fda3f7207fc5c3efe79d2c8dae10a1b491b707370ef4f0be6d8f5c9d94f74e6bc19887d5e6152c0a725ce013ed8e0aef751efab8e7593c3f2beb59f5282eded054665822e94c98f57e434f22c5da43dab92eb9b63704324536294f447604422782fd87c217236e558aa04eff2b3751b733c78333f0cb6d9c5796f304f74d4ff70a9160714b8d4241700f93317927907f8500e56832bc19cf71dbfcae08276d7bea2cd122d493c0cf6e3cb096052c70c99d9ba566ba131bca2755826fd785bc2b4b14de30a62adcba3c262cd037a34544f91422f369e85a3a00f69f65269aa282a9fbdb3d4d75d21aed46f87a1254618000513e6eef32757068f93e3a74ac5824a10ed81e58c281e5"})

3.760697408s ago: executing program 5 (id=5815):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS2(r1, 0x4068aea3, &(0x7f0000000380)={0xb6, 0x0, 0xa3d846ff51ab7fae})
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x42002, 0x180)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}})

3.492662823s ago: executing program 7 (id=5826):
creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x182)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="38010000fe0000"], 0x138)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000003c0), 0x420, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c778000426f3d", @ANYRESHEX=r2, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB=',nodevmap,afid=0x0000000000000000,\x00'])
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
read$FUSE(r3, &(0x7f0000007100)={0x2020}, 0x941f)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt(r4, 0xff, 0x1, 0x0, &(0x7f0000000040))
getsockopt$EBT_SO_GET_INIT_ENTRIES(r4, 0x0, 0x83, &(0x7f0000000340)={'broute\x00', 0x0, 0x4, 0x91, [0x9, 0x1, 0x101, 0x8d, 0x4, 0x6], 0x2, &(0x7f0000000300)=[{}, {}], &(0x7f0000000400)=""/145}, &(0x7f00000004c0)=0x78)

3.491348323s ago: executing program 7 (id=5828):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffff3)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)
ioctl$ASHMEM_SET_NAME(r0, 0x40087707, &(0x7f0000000540)='\x00\x00\x03\x06\x00\x00\x00\x05\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9f\xf0:\xfd$\xad\xbb\x9a|c\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xeeZN\xf4V\xba\xdb\xaf|\xef\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84x\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~~\x84\\\xe4\x00\x00\x00')

3.490114993s ago: executing program 7 (id=5829):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000001780)=ANY=[@ANYBLOB="0203000320020000ff0e00000000000002000900100000009d09000000000000030006000000000002000000e0000002000000000000000002000100000004d300000603010000c0030005003c00000002000000ac141400000000000000000005001a0020010000000000000000000000000000ff0200000000000000000000000000011d0000000102080000800000ee3fbec9e0cba133f73ad299ee34924bb6b5c04db2a97c180d06c141adabeaa25c5ee4137122f693be294184847f7d563c13823746e4251def213156c092a66441d2697b70d242dd373ce5466db1e3233022b28735c1f63b6f94cd9a3dc02ed595ab0f4920ba149f9e2b776a673cba6fd1b1a0b7afc324c7415f9f10bc0e1b9be3ecdd4ee2dafc8920be27da28fd485d760193bfd14753cfeda8980e9d7b5d309e7135f18873dec0e1aac30a5e0fb3e76837c966d2beb0a6ca532718688b10d1522993460d48e51400a4db815306c563cd51273f67fc2b5f354bd2f9b5399f98d22e303c2d7a73be0710637c0ba3ab300cff9eaaf1308e0993b337ca704b62a06332c76baf4146cc34343f935bdde85add31c6f41057628282e78bff38e1afe16c2de8da167421a725c57c3018248b7ddef4538a0486aaac0fac9a0d6f1128da0c93736f1f690a226c4576c07d139e011e88769db1963d7006505155656da5f0001f15cf7f98a3f19ac5dfa9a9f46abec62127968c754599bfb172a7c232f4036a42dd16b4e8be8269f62df816406b3168c4e731d572422201f89d4508222bb22a35326a3cc5249d2f0c30c949678a10c9a89e496fdde1b9d0d435806e9e7b87e1867922c6fa0edb4a1354039d6d24ee6208c43d657ef8c4037ac83d97b40e35514ad749bd7532becf06a9cb74e5fcca8eaf30563a3dffb41a9972a373f27c30184e1b0b2aec02af308904cebfa1f0e10a293353707fd5712dfd5eb6f71cea4603a2e7285c11dc4810897a1fff4698fb7c411a5655271a80e1d56fd43ee43cdd49ae6b4382a4e074f6f2f2054e42b865ae13f819a2be2c58cf0acb03c9e3988d41dc51566953ca34abd8ea4089f7b95ba5c06cc879fcb1b0f75c068c549397c61dab3599b9830903c20135f7263f893116ec7a24fada06ada39a4ded8abca5ac03d2405804184f7a5fe73f0af7ec465bd5dcbc682c33009331fca66e8a783c20bbd9f1be03847d80e5473e9cbd280d4d38813e29e5eac24f3be9241011b908076d6419af18620819822a55f03adf118437e50aa89111441f6768154747d1169a3cc3a1b8ca19fee05fdda3d1b226dae467e2b5eecada92cc0257a26c5ad073420a9d6f409b5694d616087eb2bcbd80b7982be14f2487711294e38330599fde6b29ad7e47d0c8e5219145517a78e91448dde7585d7310ad74282dbd6350b1e21c97757ea85be98a618d0f9d27e0b23e76be07d062aeccd54c1c36d8222139d925898e9b833c9ba3d676738c1fb0df1175ba70353a20633019af5c0ea4084f1a95c5895c998d04fd72f31a5aca0128bdc4357970f2ef428956cab03ca4789cdc467beaac3c00cf249b5910a55062f4370341e3707e34481d3c3157ee01cfb22c778f1697f311a46c2c4568e13a517ceb71ccc1722c195b850a111f705d1365913cb9694f476eb6ae732b97325faed2e2df43db0d1096abd3ceb5955e126f2eaebc6ae1057be9d8b6dddf575a40d97ebed64bcfdbd5bf941a9750de451566cbf3d1026f749fc4574641183daff715556a6d1a5a04b885cf7d00ba04e8c56df4192d97f8f3834975bfdd7d2cfc7d054192ed45cac9ef27305ab75eebc59543caf84218a62f2d748b14e5d69756d869ba345567a4e4f0aa561c85ace548ca03ecbd5a2325b3b8df00d8260ba2625ce7c0b4c8a9bea3ff57ba5dcc7cbe1d24ae9ab5ffa186d0d945b976342eb4f0c69c31f88207e7b22638b27f1cf75f9cfae3fabb54af777d29023d4cdf3d674f154158e34264093b92cd185210c792566bf7f729ee440d1a764569d5e4f1512a674959c1671876d27c7a6e4adf6fd205bdd7ebf29db8349a1195132cb816f3311b3a7d7be73da80aea65ab27f1c603676bf9e2869817a276f437c8ad9cc2a5ce80f578502bb70d1806b00877ada92e84f7c82bf0a731bc13ced283b0dddd5ed59bec47d881104ce6be5edc42c2359f99564d79839c8ab50b6445bb0670c0dd9d8253c482906df9f554b4e59da8c959c7af7748255e03e5ebb5b98f78adcafd60c1b418359a427c8227c88c740053c906b20ecadc4b3e2766fee8e21cebdc1ae6fdd6ec10730671e97fa51b06936a07d712ff75578210a36aeec1dc89f690847e4cdaf56f75c5e4b29d8d3256fc3c4c0c58645beea9ccc1a3c897cb8a452a215d5894b5bb5e68b4ff09b8cebfa0952ef5a20426a03c51c4b3d34b9f0aa3ef152268b10eee348129b3ce59b24f5e1005f501cd67f50bfdd59c1c8ed2d86d5aa83eb9e7e454525a89cf8f4fbdd2bfbc3303e1e686b40a94075486bc5e7ca345dc8d32c9aa0b34823ecca97aa65265723b7044c99a04436315c7d09614b9211990df72d50c4fce6b668acbf95f53574f06f3044e47958500e299baacfb27b5e67850dc05e1b540b8089e7085378f33b2b3c2ceb5cd45cd933600cc9c886a722d50470bf3a0b7221607168d2f439a7bd7a1b02ac8cf2f2819369e5d0aba01dc2ac0df41cc33cbbf26f5931445dd6135dcd94e8239974f939b789d919d6558629e9ea9f3181824976770c0fb83f598070447460bf249b45ce5388d45c32f03ee5585f492d4fda9a72404eaec85cbbb02038c0f06636c639dabfe52b50ca6918dc5601a365ab0aa591439686934e1e39fffb01435b010d3985f74ff14f925a1c310e69a4d3ba7edcc816783cff5063eec754b99651ebb48c3681c4f61bca75f6859a456abc2458142ec6e002d7cbe06802581fcd9555ba46671e25ac293a6fc16fc1d87e87c9e724c9218e849c223a9d1e36b6f1908f588e7fcccd671f435146d92874eae168d4f561a7af45ea8de4aa011c6a79484773c42d7226c5b4936b45b59752404ee4a609c220f8b5343a763ca36f2705689f191cfa511aa4da4be8b2b333c9a029a6f3292101e9f651e1266ab2ca551b7bdf56462bfcd6fa9dd9fe07421ea451df802bdbbceceb83360c9c36df52c97f3072b7fb94a8ef3acc80ec14b8682d9eafbd2e228825e9cdfe762a2cedad1b87f92485a771bb701ff35bf260dc15d08a8ea6c6f3b4d5f7eb8e3b8c536f106899f73dbe43f91343ace6fffaa2e0197b44b730cefcaed1ceba9140c05706e4fa52313b7507f18888b8f00542b6029633ae3bea9aeffef4072a97f6566b84900ff6d6f30a80754e79fa5a83fc6efad719e38c413290b26c9755117469b87a903cc18491ad1b26ce14a8a7362006430f1387ca0d446a8a861ed65bb9d8d03614c79724b84cf607ebbc9374f6a5d494286ce75383f314ad743822f8534f23ddef60b4fd0e03dc6c810ea3ced898493fc73b0455774187b6ad55b9fec781bb715d2140ded272bd7f16d2cc2ed61a6ed2ed46d6327d3eaa5afdea3388a2a449d25d40413824b667da120ef3a453fc5416c83c5d197b6e0c2e7dbb385f4cdc62a550768fbf29fc85474daa441e8e6a61abce6985d9c1d8308437c21c09a2a02aeba119e17b8d7aa9bc93fd1f750a69acbd08885ffd4bd1165b880f2c070e3f32b113d99ebf491420e74ef556bcf2129769ee44d3a155dfd2a6ed7b794ace72b3b3a46d6bcf30dd79228752a32f876aff52bffaf8e5dcb5cbd206c0fc64979e326e52ccb8ed8453ab88a0224800cb7b48a21e935f510bdd1627967058c5af93b41b5b1a0d76bc1262d16aeb5776599a184c52da521dd1f365740bc6e931b38299659a30835bc94b7ef9dd631a5d5a1d3742c39d603584dc44de77dc16f6a502bdcdf9e2af755b8a28fb7592c48f7155677dabfd79e82b4dd769b40850d4cabebf2e6be3a82c7fc19a09056849125d541e8159a2561feb05a97222c0e040bab549c4754d9a0881bd7cd973628eacf5b76883094fb9aea9aff2df9651fb95af274749d880817482f342c1dba80277f96f0b4881ae6845763cd8f6df2a8392494581b7c2783c115f99c8f5fa9a6269457152dd3ee914ac9e3d7c4af131f3f3efee61e44d123c245ae4a7445acfb0f1a74d90c8a2010893786442af9fcaca3e67270fd8b2056a426b9c52549180daecb20e8e8b253ea64ea94cc4cf68c00ccbe00214b889145ee3caed1a2388a47e1f51c9c5a88921fa909033d5f518a3bed4263a435c1a6ac218728ae4309b0b411dac79a6e63ae14633786037ad33a88b17ce953356de60ea77fc07ba686867d7396d13ee765970392f7df778376ebf67109408d57ba29a7128829874c044eeefb66b2998370b5b8007373c186ac3a6fb31413f99b5d35a77ee65017a04de89f64f91f34e1f7625a9fce29f11c07d04075f445c145bcf115d82320b8416a11349020cbaf140115851fde9802df0b806940519605d03f72064921747ea004810a70e5d9c9b7a6c9d0f880571303f5376c6bf20ea0eb4a230b051b7a94b81a4f687bc50fe90fe2d85b6c0224e333fc00adb995f75c222f890fde71c127f5c221bef8436df64d4b3720a3b9986bf20f4851905bd94282865320f7ef44bbc861750b48a4f7eec51ef69cbddf588a28aa0e3d0e0a16084f2004857f245db41a2888b1ed4b1e6e18621307ebc6b517bb62f51999abc067988a6eccc027aecf155aa791cb12dcb5ba91902dff604d766fc9c6be584c928f79229bac0db9160379dfd88266c86b8bd45b34d42a33c3c7b3e1d3f6eb10e4121a9f32e5219ce8c981738c61654a362ed6e0e25213897eb7da6d78163f3c7467f668dbb50e3bb5669916346a389cc81e35643b0cf0e321a17805233a64635a4d6740afe11927b48330be755eeb02e3c3280530a86369e80902abc2888c0f1d2a6637669a71659eb442dda2274210ab252f11c0d3d9c14986d708e260fdf7298c3a1e6efa6551040db09e0a576c0535e5cda297dd577e336fb4c50e19f1ba15f579e6749bc276a57dd341b7bd092ff2ffbba30a687014f1aaaaa6285570ee6c69f6a9a801449998585046a9d70fb5481aef2aaa17d6c4640e20a09594d42fb71176603db2b4270e90801f7dd79820e601f22836fee393bd90d7b4688aff4f1ca0f9ba69dc53eaae694e3a5f468dbc4fcc77b2a3c5dc01146c3f6d69fe6aa6d88ee80087f4db3c11cabc295c747df1d6f8d7ab20db2982fd3b13d485e87f4c95647b6a0bb9f241fbc1ef60a5883384973b45c99a4fb04219d08b01feea5331c4287f1a1a09cc83212a7414df53a858a35e015abc85780a687ec0c346e378d9157b64a2180af54d40e98a58125246d6c1e03204ef777abc650702e80a76497ba5202ff1ad9cf8d113ec89032d89de01a324d75242e09de75ad97ad4ee7152008c152e44b3e8da323be66dcc642198dee5b9b42eca4cbbdc048a6798983a32e8f8caa1424aa2061b7f2c6f96abdd39cb1d7d2f6cfcfa920cb2373b8e5d8ce1ae283621f6aeb5234147d7b9606655d51ebd34020cc155a3090169cc4453f8f24e24e756e67f63ec8bd029c6e6ff3411475b921f792d875428b3809382e7b5c00f814f1a72582d954086761bec57ebb0ead769bfb03e35ecb609afa3c35791991896b2db78aebceb980b9b44176263358a5f9a09626c2e924a3afc98ed2b1f901dbfb59a0731cac12e710195f52d7f7f41f84bdf9fae08ee16efb8efad9276b5a0242821e2e6088f2f4096c67747f6792c3ecd2560991106e1db16984c8cba99fc2c0a5b3decb4463b9b9db61cfc3182fd25bc26ef178caa23b812ee4f2c6219c26a1fd823282f9ebfeab52972ef043f67cec56c3820a1213a8a34f17eb09d984fc09664a407bf71378a8578f24b66bcd4ade3d92c5f1ec915ecf27de1b5d6444287b4deab0e05ee3b6151b001001400030000000d00180009065c"], 0x1100}, 0x1, 0x7}, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x7, 0x0, &(0x7f0000000300)=[@transaction={0x40086315, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

3.365545755s ago: executing program 7 (id=5831):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000680)='/sys/power/disk', 0x2, 0x0)
read$FUSE(r0, &(0x7f0000001180)={0x2020}, 0x2020)
r1 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x8, 0x0, 0x0, 0x0)
pidfd_send_signal(r0, 0x21, &(0x7f0000000000)={0x7, 0x7}, 0x0)
r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080), 0x8002, 0x0)
mmap(&(0x7f0000018000/0x2000)=nil, 0x2000, 0xa8ca3411d3c26009, 0x13, r2, 0x22e7c000)

3.364969425s ago: executing program 7 (id=5832):
ioctl$FAT_IOCTL_GET_ATTRIBUTES(0xffffffffffffffff, 0x80047210, &(0x7f0000000000)) (async)
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x8000)
ioctl$EVIOCGPROP(r0, 0x80404509, &(0x7f0000000080)=""/199)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$FUSE_NOTIFY_DELETE(r1, &(0x7f00000001c0)={0x3b, 0x6, 0x0, {0x4, 0x4, 0x12, 0x0, '/dev/input/event#\x00'}}, 0x3b) (async)
r2 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000200), &(0x7f0000000280)=0x60)
setsockopt$nfc_llcp_NFC_LLCP_RW(r2, 0x118, 0x0, &(0x7f00000002c0)=0x6, 0x4) (async)
mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000) (async)
r3 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000300)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_control_io(r3, &(0x7f0000000600)={0x2c, &(0x7f0000000380)={0x40, 0xe, 0xc8, {0xc8, 0x1, "31fd69204c76fc123b0ea51e8fec010b6b4acda141b4351243992530021b8e6fad32589148af7eda1375eea8c980b182812d9d7aeb49d8b03d5be7e59db554317af909ebeee8b85027d14333bfcffca7eaa0ad98515bd2b6a08bac3398e655dfc86c317a5d25963c636f7ab033c152a7ccbf5450793aa025a343c3f59cae90a9ade66c894f8dda3083ca3f7dcdfec61d77b31f841959c93861d98e81a35eddcaa43ce68f590f6a1005a43d037181ebd15e659d89dd02de4c1de44b9bea1d91cac781a0720ce7"}}, &(0x7f0000000480)={0x0, 0x3, 0x7d, @string={0x7d, 0x3, "71caa10f29cde0abe2f554c8b4925fbbf81b86a10aa2666b698fb37d41b858d9297001d4115642e726d8fd8f8cb5c85a07319e1d7fc0ad51bd0ef9131e7904016ebd698cdfc3bacfdb379163221494fee15ae24a17c89b456fcc36416a1acf6eb4a743bfa04980aca13eb33f353e46b0d4d9c61c4833dfccaaeb76"}}, &(0x7f0000000540)={0x0, 0xf, 0x19, {0x5, 0xf, 0x19, 0x1, [@ss_container_id={0x14, 0x10, 0x4, 0x1, "56557448792470100a1d4efcdd3ca5e4"}]}}, &(0x7f0000000580)={0x20, 0x29, 0xf, {0xf, 0x29, 0x8, 0x80, 0x81, 0xd, "a6e16c2c", "af1e266e"}}, &(0x7f00000005c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x4, 0x3, 0x6, 0x1, 0x5, 0x1, 0x5}}}, &(0x7f0000000b00)={0x84, &(0x7f0000000640)={0x20, 0x38, 0xe4, "2da12d29fba5ca66e3bd1021b76ea8ab915cf64a6c90f91670c2737c6265afa557c7dc535190bda3e575d366d4bdebfdc188a6376c43e705e49470b3d3e4e52e51bd4fb249c00749de55c53d10843d46c4067bee427343bf0c18c7cdd1f8d388132640e1ff7fc90aad4ca967a415d7d9002612cf7b427726e193f313175d49f01c0ff5ae14d28184086cdd7bf370ae949ba62d17e0de1fe23e0977a1a97b0a97e66cf7b424f8872768c075c0bf7536ab1fb03bdee8de48102f4639a762bec7c0fe7cc3ab1447b898daec8d2d2b7db3ea3ebc16a32793efad66dcc29a67fe1ff8395843ad"}, &(0x7f0000000740)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000780)={0x0, 0x8, 0x1, 0x7}, &(0x7f00000007c0)={0x20, 0x0, 0x4, {0x2}}, &(0x7f0000000800)={0x20, 0x0, 0x4, {0x100, 0x80}}, &(0x7f0000000840)={0x40, 0x7, 0x2, 0x5}, &(0x7f0000000880)={0x40, 0x9, 0x1}, &(0x7f00000008c0)={0x40, 0xb, 0x2, "944c"}, &(0x7f0000000900)={0x40, 0xf, 0x2, 0x1}, &(0x7f0000000940)={0x40, 0x13, 0x6, @remote}, &(0x7f0000000980)={0x40, 0x17, 0x6, @multicast}, &(0x7f00000009c0)={0x40, 0x19, 0x2, '2p'}, &(0x7f0000000a00)={0x40, 0x1a, 0x2, 0x100}, &(0x7f0000000a40)={0x40, 0x1c, 0x1, 0x9}, &(0x7f0000000a80)={0x40, 0x1e, 0x1, 0x4}, &(0x7f0000000ac0)={0x40, 0x21, 0x1, 0x6}})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000d00)={&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000bc0)=""/208, 0xd0, 0x0, &(0x7f0000000cc0)}, &(0x7f0000000d40)=0x40)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000d80)='io.stat\x00', 0x0, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r5, 0x29, 0x2a, &(0x7f0000000dc0)={0x0, {{0xa, 0x4e21, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x509}}}, 0x88) (async)
syz_usb_ep_read(r3, 0x5, 0x86, &(0x7f0000000e80)=""/134)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000001100)={0x24, &(0x7f0000000f40)={0x20, 0x22, 0xd2, {0xd2, 0xd, "c033f510ac74b506dda428e28f6d316befd4e80219878dcce16ab3f131ee91ef6a43db228c3286ae110aea02183be6bd76f90da1a52a0252830e8d506214554d131c6557f568cb24091e18364682bc0f3b7fe18f8717595c46c7844610034f33cd17868cdfd55634f7163605aafea3a0accfbaeb956c9310b82830ab6f883fc9e0c57a1d375a4adb15d3eb0c6e30fded66580fbb6d5295490402f8228d00b8bc66fe9c7523bf9c9612e99961b7215a0ef505e9aeceb429ec3963346f622898e89b40b38e0cbdbe035ca6698bf2dff38b"}}, &(0x7f0000001040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x41b}}, &(0x7f0000001080)={0x0, 0x22, 0xf, {[@local=@item_012={0x0, 0x2, 0xa}, @main=@item_4={0x3, 0x0, 0xc, "6e46adaa"}, @local=@item_4={0x3, 0x2, 0x8, "9f3fc229"}, @local=@item_012={0x0, 0x2, 0x8}, @global=@item_012={0x2, 0x1, 0xb, "f184"}]}}, &(0x7f00000010c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0xc6b6, 0x6, 0x1, {0x22, 0x92f}}}}, &(0x7f0000001340)={0x2c, &(0x7f0000001140)={0x40, 0xd, 0x30, "ef0bb5fd2075611aeac1c8b9baad009df23e2c5b2d949e2f102ee3d1de17b20a2ed156f418bc7c154585d9f9b2c30226"}, &(0x7f0000001180)={0x0, 0xa, 0x1, 0x8}, &(0x7f00000011c0)={0x0, 0x8, 0x1, 0xf}, &(0x7f0000001200)={0x20, 0x1, 0xf0, "aba743f81f70a56ecc328dfd6df504df5fb64abe237d3bd3afeb8ff487c5cec422922662e24098cabf86057ca520cadf61a40ab395c2ad3148f7eea73587b70ab3540c2fade68b19783329cf96a506a7d1ea0048740a9206aa7fa252f240dbfc2989d580c864fcd3c7c40e5b98977f7f58deb7b81de23d0c306f910a11f4d10b3df0c31005fd17822b1028970991f242e74ce9dd7ea5ddc52a5aac8c9435538f80422a2552e624a0234f620228dd3b2aeacc2f21491fe102ac7b043af35b4545bdbc6f2c69b6a9f38a6fedc4a03db84ac40dbc8e4702adfdc73ce36004fbcb9233b371226bda085435edd30cb46e84e4"}, &(0x7f0000001300)={0x20, 0x3, 0x1, 0x8}}) (async)
ioctl$BTRFS_IOC_BALANCE(r4, 0x5000940c, 0x0) (async)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000013c0), r5)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r5, &(0x7f0000001480)={&(0x7f0000001380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001440)={&(0x7f0000001400)={0x1c, r6, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x208c4}, 0x80) (async)
setsockopt$inet6_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000014c0)=0x1, 0x4) (async)
close_range(r1, r5, 0x0) (async)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, &(0x7f0000001580)={0x14, &(0x7f0000001500)={0x0, 0xf, 0x2e, {0x2e, 0xc, "828c9c6b8b639cc9870016188714471bf27f4c5601e425718afc25f3e775e5ac108463e476ac10a5e632cdfc"}}, &(0x7f0000001540)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f00000017c0)={0x44, &(0x7f00000015c0)={0x0, 0x31, 0x1d, "33714a198225f8f57713de8d4c3d8966dff8754eb89f0beccbf9107a90"}, &(0x7f0000001600)={0x0, 0xa, 0x1, 0xd}, &(0x7f0000001640)={0x0, 0x8, 0x1, 0x81}, &(0x7f0000001680)={0x20, 0x80, 0x1c, {0x1ff, 0x2, 0x80000000, 0x4, 0x8, 0x295, 0x2, 0x7ff, 0xfffc, 0x3f, 0x6, 0x4}}, &(0x7f00000016c0)={0x20, 0x85, 0x4, 0x87}, &(0x7f0000001700)={0x20, 0x83, 0x2, 0x1}, &(0x7f0000001740)={0x20, 0x87, 0x2, 0x7f}, &(0x7f0000001780)={0x20, 0x89, 0x2, 0x1}})
write$FUSE_NOTIFY_DELETE(r1, &(0x7f0000001840)={0x29, 0x6, 0x0, {0x2}}, 0x29)
r7 = getpgid(0xffffffffffffffff)
r8 = syz_open_procfs(r7, &(0x7f0000001880)='coredump_filter\x00')
kcmp$KCMP_EPOLL_TFD(r7, r7, 0x7, r8, &(0x7f00000018c0)={r8, r8}) (async)
getsockname(r2, &(0x7f0000001900)=@hci, &(0x7f0000001980)=0x80) (async)
syz_clone3(&(0x7f0000002b00)={0x2400c000, &(0x7f00000019c0), &(0x7f0000001a00), &(0x7f0000001a40), {0x2c}, &(0x7f0000001a80)=""/48, 0x30, &(0x7f0000001ac0)=""/4096, &(0x7f0000002ac0)=[r7, r7], 0x2, {r8}}, 0x58) (async)
r9 = syz_usb_connect$uac1(0x0, 0xde, &(0x7f0000002b80)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xcc, 0x3, 0x1, 0xfa, 0xe0, 0x7f, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x400, 0x8}, [@selector_unit={0xb, 0x24, 0x5, 0x4, 0x1, "92d17a9858d9"}, @extension_unit={0xa, 0x24, 0x8, 0x5, 0x1, 0x6, "e42e7c"}, @input_terminal={0xc, 0x24, 0x2, 0x3, 0x201, 0x2, 0xff, 0x2, 0x5, 0x91}, @processing_unit={0xa, 0x24, 0x7, 0x1, 0x0, 0x5, "7d67e4"}, @input_terminal={0xc, 0x24, 0x2, 0x2, 0x306, 0x6, 0x8, 0x10, 0x3, 0x6b}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x1, 0x2, 0x8, 0x1}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x25, 0x3, 0x8, 0x69, "e28245"}, @as_header={0x7, 0x24, 0x1, 0x40, 0x3, 0x5}, @format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x4, 0x3, 0x7c, 0x9, "", "d9"}, @format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x8, 0x2, 0x5, 0x8, "bc"}]}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x6, 0x4f, 0x6, {0x7, 0x25, 0x1, 0x80, 0x0, 0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xa, 0x24, 0x2, 0x1, 0x7f, 0x2, 0x7, 0x7b, "4e89"}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0x4, 0x40, 0x6, {0x7, 0x25, 0x1, 0x82, 0x4, 0x6}}}}}}}]}}, &(0x7f0000002e80)={0xa, &(0x7f0000002c80)={0xa, 0x6, 0x201, 0x9e, 0x8, 0x4, 0x10, 0xfd}, 0x13, &(0x7f0000002cc0)={0x5, 0xf, 0x13, 0x2, [@ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0xc, 0x42, 0xc, 0x5, 0x3, 0x7f}]}, 0x4, [{0x50, &(0x7f0000002d00)=@string={0x50, 0x3, "f4bdaeb336b7c6b5265347d6f81cab1a5a0f94d823a28a38292dd3e981c29ed80bf6c422659b4dcf7982a9c9d9287ce88d1a1ce484852ca9a6057de709acfc46b1b9e73c97111d7fcea4168d8f05"}}, {0x4, &(0x7f0000002d80)=@lang_id={0x4, 0x3, 0x280a}}, {0x7a, &(0x7f0000002dc0)=@string={0x7a, 0x3, "2af2f73c70e2eff6f367422d2bf3448aefb6bc22ad75eef7a508734ea0023398080abe21aa35e57d7ca5ed750161f0e81f7250b694a4a6774ba35b62c2cb3ffa0ed67722c4b3fa7fb32efcae70a1d74bfd5dca1f96839c1f16966137dc7fa9480aea488d8b7f075f1b065c18d351ee22f0733518e6e33f2f"}}, {0x4, &(0x7f0000002e40)=@lang_id={0x4, 0x3, 0x300a}}]})
syz_usb_control_io$uac1(r9, &(0x7f0000003040)={0x14, &(0x7f0000002f00)={0x0, 0x23, 0xc0, {0xc0, 0x4, "92799d9379a7479e790f57327c8406cf4451b40c0f20825747102475a56ac1a8d5c05f631b1fd71e1c9857435b7438321446059047e5cd291404f32d2a20d637bb597491e9660965f53804d3ed5c77c86d1f2ccd1e7a3e20be4347c707cb772952a1535d5403d971c8b358757c5b026ccfc51527408b2fd08d56ff1cd873b389cb7268a8ba1989ab4a6921d1eec1648d912e86b564d54f7504eadd3acb39ee7a768df35a7219525bfa452fda1e71f83396955f6ff753908bc9d8c9bd9b3e"}}, &(0x7f0000003000)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x1c0a}}}, &(0x7f0000003340)={0x44, &(0x7f0000003080)={0x20, 0x7, 0xe3, "c13325d265e9d21cada0065b2af6872a54347fbeeddf6120b7687f29f0f48fe066bd0dbb1c79fbd71ee70a391c18e96a80cdbca5b2d1e2bc872498999c9830d73ff8adad894aa66ee8e28f6db492ac084ca1af2c3160aa7d98abd126b90982273d316204c02a08be46e8ff6e14cada096c198c6f6fc03c1351990f3d2eee423fe835438da8806109e9031e6ed13830ccc10883a742056688f58fdfbd732f7cdcf050f7961f7be9103b318255b4a6be32d25ae53f656579a2a6119de05cb4f42a479224806f6ccebd1fbd3be6365b07af314c626a91e86e636674dff3f85e979f56b8ca"}, &(0x7f0000003180)={0x0, 0xa, 0x1, 0x78}, &(0x7f00000031c0)={0x0, 0x8, 0x1, 0x10}, &(0x7f0000003200)={0x20, 0x81, 0x1, '1'}, &(0x7f0000003240)={0x20, 0x82, 0x1, '-'}, &(0x7f0000003280)={0x20, 0x83, 0x3, "83cd72"}, &(0x7f00000032c0)={0x20, 0x84, 0x1, 'p'}, &(0x7f0000003300)={0x20, 0x85, 0x3, "b3673c"}})

2.882403134s ago: executing program 5 (id=5833):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x60a00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x12, r0, 0x44da1000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x6000, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_udp_int(r2, 0x11, 0xb, &(0x7f0000000200)=0x8, 0x4)
ioctl$BLKGETNRZONES(r0, 0x80041285, &(0x7f0000000000)=0x3)
r3 = open(&(0x7f00000003c0)='./file2\x00', 0x81, 0x0)
ioctl$BTRFS_IOC_DEFRAG(r3, 0x127a, 0x3)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000005600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc084}, 0xc0)
futex(0x0, 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2, 0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

2.859698225s ago: executing program 5 (id=5835):
r0 = syz_open_dev$loop(&(0x7f0000000040), 0x1, 0x42145)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x6fd5239, 0x0, 0x0, 0xb, 0x0, "fee8a2ab78fc979fd1e00d96072000001ea89de2c100000000000000025d96000100000000000000000000000000000800000000000000efffffffffffffff00", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x3, 0x9]}}) (async)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x6fd5239, 0x0, 0x0, 0xb, 0x0, "fee8a2ab78fc979fd1e00d96072000001ea89de2c100000000000000025d96000100000000000000000000000000000800000000000000efffffffffffffff00", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x3, 0x9]}})
arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x1) (async)
arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
openat$cgroup_int(0xffffffffffffffff, &(0x7f00000001c0)='cgroup.max.descendants\x00', 0x2, 0x0) (async)
openat$cgroup_int(0xffffffffffffffff, &(0x7f00000001c0)='cgroup.max.descendants\x00', 0x2, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xe0040, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000540)={'gretap0\x00', &(0x7f00000004c0)={'ip_vti0\x00', 0x0, 0x8000, 0x8000, 0x4, 0x2, {{0x5, 0x4, 0x0, 0x3, 0x14, 0x66, 0x0, 0x9, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102}}}}) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000540)={'gretap0\x00', &(0x7f00000004c0)={'ip_vti0\x00', 0x0, 0x8000, 0x8000, 0x4, 0x2, {{0x5, 0x4, 0x0, 0x3, 0x14, 0x66, 0x0, 0x9, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102}}}})
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
socket$packet(0x11, 0x2, 0x300) (async)
r3 = socket$packet(0x11, 0x2, 0x300)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000008205804115000000000000109022400010000000009040000050300000009210000000122940309058103"], 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
syz_usb_connect$cdc_ecm(0x5, 0x0, 0x0, 0x0)
syz_usb_control_io(r4, 0x0, &(0x7f0000000800)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x40, 0x9, 0x1, 0x2}, &(0x7f00000005c0)={0x40, 0xb, 0x2, "d9ff"}, 0x0, 0x0, &(0x7f0000000680)={0x40, 0x17, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}}, &(0x7f00000006c0)={0x40, 0x19, 0x2, "a730"}, 0x0, &(0x7f0000000740)={0x40, 0x1c, 0x1, 0xa0}, 0x0, 0x0})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x9})
r5 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x311002, 0x0)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000000)=ANY=[@ANYBLOB="7300000200f9ee000000"])
write$cgroup_pid(r7, &(0x7f0000000100), 0x12)
r8 = socket$packet(0x11, 0x3, 0x300)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_udp_int(r9, 0x11, 0x1, 0x0, &(0x7f0000000040))
setsockopt$packet_int(r8, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', <r10=>0x0})
sendto$packet(r8, &(0x7f0000000180)="0b036800e0ff64000200475400f6a13bb1000000080086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x0, r10}, 0x14) (async)
sendto$packet(r8, &(0x7f0000000180)="0b036800e0ff64000200475400f6a13bb1000000080086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x0, r10}, 0x14)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f00000000c0)) (async)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f00000000c0))

1.190812167s ago: executing program 5 (id=5850):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
creat(0x0, 0x182)
getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000000000)=""/4091, &(0x7f0000001000)=0xffb)
r1 = socket$inet6(0xa, 0x3, 0x38)
ioprio_set$uid(0x3, 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000459bb2405804035000000000000109021b000111000000090400000195699b000905", @ANYRES32], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
connect$inet6(r1, &(0x7f0000000300)={0xa, 0x4e23, 0x41200003, @loopback, 0x7}, 0x1c)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xf338}], 0x1)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f00000000c0)=ANY=[@ANYBLOB="636f6e74657874c0"])

1.0496224s ago: executing program 1 (id=5854):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = accept4$unix(0xffffffffffffffff, 0x0, &(0x7f0000000040)=0xffffffffffffff20, 0x80800)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x875e6cd3d8a23687, &(0x7f00000003c0)=0x800, 0x4)
r3 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000000000040ef17476000000000000109022400010000000009040000010300020009210069a6c93305000905810300000c0000"], 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0x1})
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x8, 0x7, 0x4000000000000e51, 0x101, 0x5479, 0x103d, 0x9, 0x2db0, 0x32a, 0x1, 0x1, 0x1, 0x40000000009, 0x8000000000005, 0x800000068], 0x5000, 0x80cd4})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
unlinkat(0xffffffffffffff9c, 0x0, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r8, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d4c549b, 0x0, [0x9c, 0x47, 0x5, 0x249, 0x5, 0x3, 0x4, 0x7]})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_GET_SUPPORTED_HV_CPUID_cpu(r8, 0xc008aec1, &(0x7f0000000200)={0x1, 0x0, [{0x80000019, 0xf, 0x3, 0x2, 0x5, 0x1, 0x3}]})
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, 0x0)
fchdir(r7)
openat$ppp(0xffffffffffffff9c, 0x0, 0x40082, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r7, &(0x7f0000000140)={0x30, 0x5, 0x0, {0x0, 0x2, 0x3ac, 0x1000}}, 0x30)
syz_open_procfs(r1, &(0x7f0000000740)='smaps_rollup\x00')
close_range(r0, 0xffffffffffffffff, 0x0)

934.885422ms ago: executing program 6 (id=5855):
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='exfat\x00', 0x200000, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x26)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)

921.354393ms ago: executing program 6 (id=5856):
mount$binderfs(0x0, &(0x7f00000001c0)='./binderfs\x00', &(0x7f0000000280), 0x210010, &(0x7f0000000380)=ANY=[@ANYBLOB='max=00000000000000000000002,stats=global,stats='])

865.626283ms ago: executing program 6 (id=5857):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x100, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x12, r0, 0xe5441000)
getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x17, 0x0, &(0x7f0000004480)=0x4)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/warn_count', 0x200000, 0x81)
syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000bfe000/0x400000)=nil)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r2, 0xc008ae09, &(0x7f00000001c0)={0x3, 0x0, [{0x80000001, 0x6, 0x0, 0xc7, 0x6a6, 0x8, 0x7fff}, {0x80000007, 0x1, 0x5, 0x100, 0x1, 0x0, 0x47e735c3}, {0xb, 0x800, 0x4, 0x4, 0xfffffff8, 0xe, 0x4}]})
syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000034000/0x400000)=nil)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000380)={'veth1_to_team\x00', &(0x7f0000000040)=@ethtool_sfeatures={0x3b, 0x2, [{0xfffffffb, 0x5}, {0x2, 0xffff}]}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r4 = openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
pread64(r4, &(0x7f00000000c0)=""/36, 0xfffffe49, 0x800000000004)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)

864.631214ms ago: executing program 6 (id=5858):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53048fc)
close(r2)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0x3})
r3 = eventfd2(0x0, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x43, 0x0, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r3, 0x0, 0x2, r3})
socket$inet6(0xa, 0x3, 0x5)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = dup(r8)
r10 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$BTRFS_IOC_BALANCE_V2(r10, 0x40187013, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000004000/0x2000)=nil, 0x2000, 0x7, 0x13, r9, 0x8000000)
mknodat$null(r9, &(0x7f0000000140)='./file0\x00', 0x8, 0x103)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f00000001c0)=[@timestamp, @sack_perm, @window, @mss, @window, @window, @timestamp], 0x7)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000100)='illinois\x00', 0x9)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000003c0), 0x4)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

580.494779ms ago: executing program 1 (id=5859):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r1, &(0x7f00000021c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0xe)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth0_macvtap\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000180)="0b036c00e0ff64000200475400f6a13bb1000000080088484803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
listen(r4, 0xfffffff2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x181480, 0x0)
bind$bt_l2cap(r0, &(0x7f00000021c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0xffff, 0x2}, 0xe)
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x60a00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000004, 0x12, r5, 0xa0e4f000)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

559.744169ms ago: executing program 1 (id=5860):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0) (async)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000280)=0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="08004e01"], 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x4) (async)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched_retired(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@newtaction={0x94, 0x30, 0x1, 0x70bd29, 0x25dfdbfb, {}, [{0x80, 0x1, [@m_ipt={0x50, 0x19, 0x0, 0x0, {{0x8}, {0x4}, {0x27, 0x6, "a3ff70cc5ea43af9389600932a12cd9e8641d1ac468b8d7ae67b017ad2530e095a3d5d"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}, @m_ipt={0x2c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x8080}, 0x9080) (async)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r9=>0x0})
mount$bpf(0x0, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000100), 0x800000, &(0x7f0000006240)={[{}]}) (async)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r9, @ANYBLOB="08002600940900000800b700"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async, rerun: 32)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) (rerun: 32)
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={0x94, r10, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}, @NL80211_ATTR_FRAME={0x6e, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x9}, @device_b, @device_a, @initial, {0xf, 0x5}}, 0x4, @default, 0x1000, @void, @val, @val={0x3, 0x1, 0x4}, @void, @val={0x6, 0x2, 0x1ff}, @val={0x5, 0x3, {0x5, 0x97, 0x5}}, @void, @val={0x2a, 0x1, {0x0, 0x0, 0x1}}, @void, @val={0x2d, 0x1a, {0x400, 0x2, 0x5, 0x0, {0x2, 0xb7b, 0x0, 0x347, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x100, 0x1}}, @val={0x72, 0x6}, @val={0x71, 0x7, {0x69, 0x0, 0x11, 0x10, 0x1, 0x7, 0x20}}, @val={0x76, 0x6, {0x0, 0x0, 0x2f, 0x6}}}}]}, 0x94}, 0x1, 0x0, 0x0, 0xc0}, 0x4000000) (async, rerun: 32)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x28, r5, 0x800, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x6, 0x50}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x20000008}, 0x8000) (async, rerun: 32)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
request_key(&(0x7f0000000100)='asymmetric\x00', 0x0, 0x0, 0x0) (async)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
bind$packet(r1, &(0x7f0000000000)={0x11, 0x0, r12, 0x1, 0x0, 0x6, @link_local}, 0x14)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r13 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r13, 0x29, 0x16, &(0x7f0000fcb000)=0x80, 0x4) (async)
syz_usb_connect(0x0, 0x24, &(0x7f0000000580)=ANY=[@ANYBLOB="12015002f10a80085a0410520101010203010902120001064bff0f0904f808007af5ce7e"], &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0})

500.17622ms ago: executing program 1 (id=5861):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="24000000000000000100000001", @ANYRES32, @ANYRES64, @ANYBLOB="2bd5bb48db59834b9328618036678ec4c6dac89cb841b8b4c8fd04de9f9a66cd495d5a1a543b82ba037c0c6e2fa0b40f4a5b546d90c1166fdd8b667154295b2d4a8097ec97e036e379d59aabd828b8f161c5fa95c5f4965b19d5b1198519c62a8c9a5e881822c07f3fd885ebf2c5f9dbb86654f0ce2bba773c64c3dd907d6f2443419a86b521da094260c5c326d9a0b9394be9c3230a8e7da852a30998bc476ae51f7d3896d507299d2f4ea3110377b9c3fd92ab6ab97f199b667aef67538172c801b0fb99c189c40b54508934a914fc837355d7d86b5c9660c42034c90001180349f0984086644cc9b69b4f10813e01b35346b2f08400416a6167ec3b577ae3fca5fa2e21bdcdd57a56a7f3ec43ecc2d9638bc2913008fd266d3cba6da35dcb5010e352b29ec1b50b41c29b2cbea62d3caee292fb62b267e02922d2412a63c9"], 0xf0, 0x1}}], 0x1, 0x44015)
r1 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f00000001c0)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f00000007c0)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000ffff00000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f700000000000000000000000000000000000000000000000000000000000000060000000000000000050000000a004e200e8a34c38f36f0c7eb2700d609bcf41076d88144448ebe7994dd1b33d7c8787734cc315672f62261ceeede940774fd94d2767288cfb3a20882449d601ff878eedd3d57c9eb3a723b62102bd534c8a304a975d752e82cc8d5f969771c94a1d69cfd8694e29b9468fca5df65ece31ed7c209325604001fcd06adc3ac391f60a3523d6d0b4a8a"], 0x310)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2c, &(0x7f00000005c0)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000840)={'gre0\x00', &(0x7f00000007c0)={'sit0\x00', 0x0, 0x80, 0x7800, 0x6, 0x3b4f, {{0x5, 0x4, 0x3, 0x18, 0x14, 0x68, 0x0, 0x5, 0x2f, 0x0, @loopback, @private=0xa010100}}}})
syz_usb_connect$uac1(0x0, 0xdb, &(0x7f0000000180)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc9, 0x3, 0x1, 0x18, 0x20, 0x81, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x2, 0xef}, [@selector_unit={0x9, 0x24, 0x5, 0x4, 0x20, "3616863c"}, @selector_unit={0x6, 0x24, 0x5, 0x4, 0x3, 'M'}, @processing_unit={0x8, 0x24, 0x7, 0x2, 0x6, 0x9, "a1"}, @selector_unit={0x8, 0x24, 0x5, 0x4, 0x4, "1153d2"}, @input_terminal={0xc, 0x24, 0x2, 0x2, 0x202, 0x6, 0x10, 0x5, 0x0, 0x56}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0x8, 0x24, 0x2, 0x1, 0x7, 0x1, 0x9, 0x3}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x101, 0x8, 0x0, 'N'}]}, {{0x9, 0x5, 0x1, 0x9, 0x400, 0x7, 0x1, 0x9, {0x7, 0x25, 0x1, 0x0, 0x7, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xf, 0x24, 0x2, 0x1, 0x80, 0x3, 0x5, 0x0, "ccd7881401e255"}, @format_type_ii_discrete={0xd, 0x24, 0x2, 0x2, 0x81, 0x6, 0x43, "31fe6bcd"}, @as_header={0x7, 0x24, 0x1, 0xff, 0xe, 0x1002}, @format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x63, 0x2, 0x1, 0x2, "9e7e"}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0x7, 0xc, 0x2, {0x7, 0x25, 0x1, 0x3, 0xa, 0x4}}}}}}}]}}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0})
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x0, 0x2000000000032, 0xffffffffffffffff, 0x0)
ioctl$ASHMEM_SET_NAME(r0, 0x40087708, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f0000000000)={0x9, 0x80000001, 0x0, 0x10, 0x1, 0x0, [{0xffffffffffffa569, 0x4, 0x7f}]})

442.178982ms ago: executing program 7 (id=5862):
inotify_init1(0x0)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
syz_clone(0xb44040, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x2, &(0x7f00000000c0)={0x0, 0x10, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newspdinfo={0x14, 0x24, 0x1, 0x70bd2c, 0x25dfdbfe, 0x52}, 0x14}, 0x1, 0x0, 0x0, 0x4040800}, 0x0)
timer_create(0x7, &(0x7f0000000180)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
sendfile(r0, r0, 0x0, 0x7ffff000)

39.100009ms ago: executing program 1 (id=5863):
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f0000000140)='./file0\x00')
readlinkat(r1, &(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000240)=""/65, 0x41)
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020, 0x0, 0x0, <r2=>0x0}, 0x2020)
getgroups(0x2, &(0x7f0000000100)=[0xee00, <r3=>0xee01])
newfstatat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000002240)={0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x1000)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x28c4424, &(0x7f00000022c0)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id', 0x3d, r3}, 0x2c, {[{@default_permissions}, {@default_permissions}], [{@smackfsdef}, {@smackfsdef={'smackfsdef', 0x3d, 'tmpfs\x00'}}, {@fowner_gt={'fowner>', 0xee01}}, {@smackfshat={'smackfshat', 0x3d, 'tmpfs\x00'}}, {@uid_lt={'uid<', r4}}]}})
setuid(0xee01)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x400, 0x0)
read$FUSE(r5, &(0x7f00000029c0)={0x2020}, 0x2020)

2.88785ms ago: executing program 6 (id=5864):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x8}, 0x9) (async)
write(r0, &(0x7f0000000040)="240000001e005f0214f6fffffffffff8070000000000000000000000080009000d000000", 0x24)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x42002, 0x180) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x2, 0x0) (async)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})

1.49047ms ago: executing program 1 (id=5865):
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x202, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
prlimit64(0x0, 0x2, &(0x7f0000000340)={0x8000000000000000, 0x8}, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x1)
r3 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000005640)='ns/cgroup\x00')
ioctl$BTRFS_IOC_ADD_DEV(r3, 0x5000940a, 0x0)
close_range(r1, 0xffffffffffffffff, 0x2)
r4 = syz_usb_connect$cdc_ncm(0x4, 0x93, &(0x7f0000000840)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x81, 0x2, 0x1, 0x17, 0xa0, 0x7, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x9, 0x24, 0x6, 0x0, 0x1, "f4800ca3"}, {0x5, 0x24, 0x0, 0x5}, {0xd, 0x24, 0xf, 0x1, 0x4, 0x3, 0x800, 0xfd}, {0x6, 0x24, 0x1a, 0x8001, 0x1}, [@acm={0x4, 0x24, 0x2, 0xc}, @mdlm={0x15, 0x24, 0x12, 0x4}, @country_functional={0x8, 0x24, 0x7, 0xfb, 0x800, [0x6]}]}, {{0x9, 0x5, 0x81, 0x3, 0x8b95b5699c910dd3, 0x10, 0xf, 0x80}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0x4, 0x8, 0xa}}, {{0x9, 0x5, 0x3, 0x2, 0x3ff, 0x0, 0x2, 0x4}}}}}}}]}}, &(0x7f0000000380)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x310, 0x67, 0x0, 0x2, 0x20, 0xe4}, 0x10, &(0x7f0000000140)={0x5, 0xf, 0x10, 0x1, [@wireless={0xb, 0x10, 0x1, 0x4, 0xd5, 0xb8, 0x2, 0x7fff, 0x1}]}, 0x2, [{0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x1007}}, {0x51, &(0x7f00000002c0)=@string={0x51, 0x3, "50f80559255b6c4923c46def390316e3ba69ceeb6d81668bb1b6207b974cceab52aa0200b750e5e413cf4753f12b653b0bf55814760355eae059d6ae8cc51eff407f8b399d9712b43c50a6568da814"}}]})
syz_usb_control_io$cdc_ncm(r4, &(0x7f00000004c0)={0x14, &(0x7f00000003c0)={0x0, 0x24, 0x94, {0x94, 0x9, "714e8a84a69442156b688b91680a9ca3c898c538ff695e66e6c1afdb8d7344c0f8146ba2fd10332e012c1436490bfa8f06cd45938d068c31a1be967ae4ed1fe5bf7856dff80e78ffdee5c60e651a4a3377adb3617fcdce6cccfbf9539165b03c21182bfa79cdca1d9b1f13b3848d74dd8b1038f5e2d9421e4095018d5c11192f5ef35ee02ea26a79fd93ce5d6bd58570f39e"}}, &(0x7f0000000480)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f00000007c0)={0x44, &(0x7f0000000500)={0x40, 0x31, 0xe9, "030f72dc60d98ea5cfeb95d3a06c48700c44966c1be2531e4ce0b96aca158eed3e3c96f89a35e2712fd9467d9c66be265a45d734c0abd6a3e8761914dc5df31046002ae1f57a4fd8c8c1045b4ead23494e98eda6f64bb6c12c4de72508b542e2b02ddc4addd382ec87e76bae3c67e56c74d34681f19b02a48de286b635eaff9023d53c74492e5f92fdda964ccb94190332647422649257c410d06ea1fab9342bf96091ebddd501846ddfa3864d399b38e67029c31b3f63f740c174e9d0d02a569deba6d6c5ca236211fb90e4cc88e75b6c82febb52bdec7d86f309e7ad3721927f481a528b42584d31"}, &(0x7f0000000600)={0x0, 0xa, 0x1, 0xc}, &(0x7f0000000640)={0x0, 0x8, 0x1, 0xf}, &(0x7f0000000680)={0x20, 0x80, 0x1c, {0x8, 0x6, 0xfffffff6, 0x8000, 0x5, 0x5, 0x1, 0x8001, 0x6, 0x7, 0x7, 0x1ff}}, &(0x7f00000006c0)={0x20, 0x85, 0x4, 0x4}, &(0x7f0000000700)={0x20, 0x83, 0x2}, &(0x7f0000000740)={0x20, 0x87, 0x2, 0xb797}, &(0x7f0000000780)={0x20, 0x89, 0x2, 0x1}})
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000100)={0xfffffffc, 0xe7, 0x2, 0x34d, 0x7, "ea71061d0000000001000200", 0x0, 0x80})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r8 = dup(r7)
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r9, 0x29, 0x4c, 0x0, &(0x7f0000000140))
write$FUSE_DIRENTPLUS(r8, &(0x7f0000000200)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942", @ANYRES64, @ANYRES16=r6, @ANYRES64=0x0, @ANYRES8=r7], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
chdir(&(0x7f0000000280)='./file0\x00')
setsockopt$CAN_RAW_RECV_OWN_MSGS(0xffffffffffffffff, 0x65, 0x8, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.13015ms ago: executing program 5 (id=5866):
personality(0x8)
uname(&(0x7f0000000240)=""/201) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x10b200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syncfs(0xffffffffffffffff) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x183183, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xa3)
prlimit64(0x0, 0x6, &(0x7f0000000140), 0x0)
setreuid(0xee01, 0x0) (async)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r4 = fcntl$dupfd(r3, 0x406, r3)
ioctl$USBDEVFS_GETDRIVER(r4, 0x41045508, 0x0) (async)
r5 = open_tree(r4, &(0x7f0000000580)='./file0\x00', 0x89c00)
ioctl$KVM_SET_FPU(r5, 0x41a0ae8d, &(0x7f00000003c0)={'\x00', 0x8001, 0x3, 0x4, 0x0, 0x3ff, 0xf000, 0x1, '\x00', 0x800}) (async)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3})
syz_clone(0x1b4a100, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60) (async)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f00000000c0)={<r9=>r8, 0x63b6, 0x3, 0x200})
sendmsg$nl_generic(r9, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x14, 0x24, 0x42a, 0x70bd2d, 0x25dfdbfc, {0x17}}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4)

0s ago: executing program 6 (id=5867):
mkdir(&(0x7f0000000040)='./file0\x00', 0x6c)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)})
mount$incfs(&(0x7f0000000580)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000005c0), 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd63"], 0x66)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x8c)
r1 = openat$incfs(r0, &(0x7f00000001c0)='.pending_reads\x00', 0x0, 0x130)
ioctl$TIOCL_GETKMSGREDIRECT(r1, 0xc058671e, &(0x7f00000000c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
connect$unix(r3, &(0x7f0000000100)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x800, 0x0)
r5 = socket(0x2, 0x3, 0xff)
connect$inet(r5, &(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x3c, r8, 0x1, 0x0, 0xffffffff, {{}, {@void, @val={0xc, 0x99, {0x2001, 0x56}}}}, [@NL80211_ATTR_TX_RATES={0x1c, 0x10d, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x11, 0x2, [{0x2, 0x6}, {0x1, 0x1}, {0x7, 0x7}, {0x3}, {0x1, 0x9}, {0x3, 0x2}, {0x5, 0x6}, {0x2, 0x6}, {0x2, 0x7}, {0x2, 0x4}, {0x3, 0x2}, {0x3, 0x2}, {0x1}]}]}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000065}, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000180)={'vcan0\x00', 0x1})
sendmsg$key(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x18}}, 0x4020)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r9, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r9, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r9, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r9, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="82", 0x1}, {&(0x7f0000000400)='\x00', 0x1}], 0x2}}], 0x1, 0x4400c800)
sendto$inet6(r9, &(0x7f0000000140)="77213a79eda19703acd077b149f3be1e66782744c905980f98e2", 0x1a, 0x3b00, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_usb_connect$cdc_ncm(0x0, 0x72, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  289.851231][T12715] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  290.345505][T12715] Memory cgroup stats for /syz5:
[  290.345648][T12715] cache 314425344
[  290.354359][T12715] rss 143360
[  290.358766][T12715] rss_huge 0
[  290.359512][T13389] netlink: 'syz.6.4375': attribute type 12 has an invalid length.
[  290.361981][T12715] shmem 314425344
[  290.361993][T12715] mapped_file 0
[  290.362001][T12715] dirty 0
[  290.362009][T12715] writeback 0
[  290.394277][T12715] workingset_refault_anon 37
[  290.401189][T12715] workingset_refault_file 0
[  290.407894][T12715] swap 127963136
[  290.412631][T12715] swapcached 32768
[  290.417908][T12715] pgpgin 297715
[  290.422361][T12715] pgpgout 220915
[  290.426112][T12715] pgfault 68172
[  290.429747][T12715] pgmajfault 32
[  290.433259][T12715] inactive_anon 207020032
[  290.437651][T12715] active_anon 107552768
[  290.442066][T12715] inactive_file 0
[  290.445756][T12715] active_file 0
[  290.449437][T12715] unevictable 0
[  290.452958][T12715] hierarchical_memory_limit 314572800
[  290.458334][T12715] hierarchical_memsw_limit 9223372036854771712
[  290.469443][T12715] total_cache 314425344
[  290.473684][T12715] total_rss 143360
[  290.477408][T12715] total_rss_huge 0
[  290.488495][T12715] total_shmem 314425344
[  290.492683][T12715] total_mapped_file 0
[  290.496665][T12715] total_dirty 0
[  290.515986][T12715] total_writeback 0
[  290.525808][T12715] total_workingset_refault_anon 37
[  290.533657][T12715] total_workingset_refault_file 0
[  290.539194][T12715] total_swap 127963136
[  290.543477][T12715] total_swapcached 32768
[  290.547935][T12715] total_pgpgin 297715
[  290.552190][T12715] total_pgpgout 220915
[  290.556303][T12715] total_pgfault 68172
[  290.560401][T12715] total_pgmajfault 32
[  290.564392][T12715] total_inactive_anon 207020032
[  290.569431][T12715] total_active_anon 107552768
[  290.574362][T12715] total_inactive_file 0
[  290.578776][T12715] total_active_file 0
[  290.582809][T12715] total_unevictable 0
[  290.586800][T12715] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.4164,pid=12714,uid=0
[  290.602824][T12715] Memory cgroup out of memory: Killed process 12714 (syz.5.4164) total-vm:90168kB, anon-rss:1016kB, file-rss:57648kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:0
[  290.741375][T12701] syz.5.4164 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  290.751257][T12701] CPU: 1 UID: 0 PID: 12701 Comm: syz.5.4164 Not tainted syzkaller #0 1976820a860199aae9d2abf4727fc3b97aa7bbea
[  290.751290][T12701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  290.751304][T12701] Call Trace:
[  290.751311][T12701]  <TASK>
[  290.751320][T12701]  __dump_stack+0x21/0x30
[  290.751357][T12701]  dump_stack_lvl+0x10c/0x190
[  290.751381][T12701]  ? __cfi_dump_stack_lvl+0x10/0x10
[  290.751407][T12701]  ? ___ratelimit+0x3f7/0x5a0
[  290.751431][T12701]  dump_stack+0x19/0x20
[  290.751457][T12701]  dump_header+0xd7/0x490
[  290.751477][T12701]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  290.751502][T12701]  oom_kill_process+0x4c0/0x7e0
[  290.751523][T12701]  ? sched_clock_cpu+0x75/0x400
[  290.751552][T12701]  out_of_memory+0x7ee/0xbd0
[  290.751576][T12701]  ? __cfi_out_of_memory+0x10/0x10
[  290.751599][T12701]  ? mutex_lock_killable+0x92/0x1c0
[  290.751623][T12701]  ? __cfi_mutex_lock_killable+0x10/0x10
[  290.751649][T12701]  mem_cgroup_out_of_memory+0x279/0x350
[  290.751670][T12701]  ? drain_obj_stock+0xed0/0xed0
[  290.751691][T12701]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  290.751712][T12701]  try_charge_memcg+0x8f7/0xde0
[  290.751740][T12701]  ? __cfi_try_charge_memcg+0x10/0x10
[  290.751764][T12701]  ? __alloc_pages_noprof+0x31f/0x7b0
[  290.751788][T12701]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  290.751813][T12701]  ? __folio_batch_add_and_move+0x2ab/0x370
[  290.751839][T12701]  __mem_cgroup_charge+0xf6/0x410
[  290.751867][T12701]  ? _raw_spin_lock+0x8c/0x120
[  290.751895][T12701]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  290.751926][T12701]  shmem_alloc_and_add_folio+0x86d/0x1050
[  290.751952][T12701]  ? put_swap_device+0x130/0x130
[  290.751975][T12701]  ? shmem_huge_global_enabled+0x2da/0x360
[  290.751998][T12701]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  290.752020][T12701]  ? __kasan_check_write+0x18/0x20
[  290.752049][T12701]  ? _raw_spin_lock+0x8c/0x120
[  290.752078][T12701]  shmem_get_folio_gfp+0x5f0/0x1380
[  290.752102][T12701]  ? shmem_get_folio+0xc0/0xc0
[  290.752122][T12701]  ? inode_maybe_inc_iversion+0x17d/0x1e0
[  290.752150][T12701]  ? __cfi_inode_maybe_inc_iversion+0x10/0x10
[  290.752188][T12701]  ? inode_to_bdi+0x6d/0x100
[  290.752216][T12701]  shmem_write_begin+0xf4/0x270
[  290.752240][T12701]  generic_perform_write+0x32d/0x960
[  290.752271][T12701]  ? __cfi_generic_perform_write+0x10/0x10
[  290.752298][T12701]  ? down_write+0xe9/0x2a0
[  290.752323][T12701]  ? mnt_get_write_access_file+0x1af/0x3b0
[  290.752351][T12701]  ? mnt_put_write_access_file+0xc2/0x100
[  290.752377][T12701]  ? file_update_time+0x1ef/0x220
[  290.752404][T12701]  shmem_file_write_iter+0x105/0x130
[  290.752431][T12701]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  290.752456][T12701]  __kernel_write_iter+0x395/0x830
[  290.752477][T12701]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  290.752504][T12701]  ? __cfi___kernel_write_iter+0x10/0x10
[  290.752523][T12701]  ? get_dump_page+0x160/0x220
[  290.752548][T12701]  ? __asan_memset+0x39/0x50
[  290.752576][T12701]  ? iov_iter_bvec+0xc0/0x180
[  290.752601][T12701]  dump_user_range+0xb06/0xdf0
[  290.752624][T12701]  ? __cfi_dump_emit+0x10/0x10
[  290.752653][T12701]  ? __cfi_dump_user_range+0x10/0x10
[  290.752674][T12701]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  290.752704][T12701]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  290.752735][T12701]  elf_core_dump+0x2cd9/0x3810
[  290.752763][T12701]  ? __cfi_elf_core_dump+0x10/0x10
[  290.752793][T12701]  ? dump_interrupted+0xf0/0xf0
[  290.752821][T12701]  ? filp_open+0x182/0x1d0
[  290.752843][T12701]  ? 0xffffffffff600000
[  290.752859][T12701]  do_coredump+0x1bfa/0x2bd0
[  290.752890][T12701]  ? __cfi_do_coredump+0x10/0x10
[  290.752919][T12701]  ? asm_exc_page_fault+0x2b/0x30
[  290.752949][T12701]  ? __kasan_slab_free+0x6a/0x80
[  290.752970][T12701]  ? kmem_cache_free+0x1c1/0x510
[  290.753000][T12701]  ? get_signal+0xa75/0x14f0
[  290.753026][T12701]  get_signal+0x11fd/0x14f0
[  290.753049][T12701]  arch_do_signal_or_restart+0x96/0x720
[  290.753074][T12701]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  290.753100][T12701]  irqentry_exit_to_user_mode+0x4e/0xb0
[  290.753121][T12701]  irqentry_exit+0x16/0x60
[  290.753140][T12701]  exc_page_fault+0x66/0xc0
[  290.753159][T12701]  asm_exc_page_fault+0x2b/0x30
[  290.753186][T12701] RIP: 0033:0x7fd7bd78ebf1
[  290.753200][T12701] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  290.753214][T12701] RSP: 002b:000000000000a420 EFLAGS: 00010217
[  290.753231][T12701] RAX: 0000000000000000 RBX: 00007fd7bd9c5fa0 RCX: 00007fd7bd78ebe9
[  290.753244][T12701] RDX: 0000000000000000 RSI: 000000000000a420 RDI: 0000000000022080
[  290.753256][T12701] RBP: 00007fd7bd811e19 R08: 0000000000000000 R09: 0000000000000000
[  290.753267][T12701] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  290.753278][T12701] R13: 00007fd7bd9c6038 R14: 00007fd7bd9c5fa0 R15: 00007fffd5d21b48
[  290.753293][T12701]  </TASK>
[  290.753339][T12701] memory: usage 307200kB, limit 307200kB, failcnt 52955
[  291.240679][T12701] memory+swap: usage 392992kB, limit 9007199254740988kB, failcnt 0
[  291.248981][T12701] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  291.255906][T12701] Memory cgroup stats for /syz5:
[  291.256043][T12701] cache 287182848
[  291.264694][T12701] rss 139264
[  291.267919][T12701] rss_huge 0
[  291.271134][T12701] shmem 287182848
[  291.274744][T12701] mapped_file 0
[  291.278272][T12701] dirty 0
[  291.281230][T12701] writeback 0
[  291.284505][T12701] workingset_refault_anon 37
[  291.289133][T12701] workingset_refault_file 0
[  291.293620][T12701] swap 115097600
[  291.297147][T12701] swapcached 32768
[  291.300970][T12701] pgpgin 297716
[  291.306312][T12701] pgpgout 227568
[  291.309896][T12701] pgfault 68172
[  291.313457][T12701] pgmajfault 32
[  291.317099][T12701] inactive_anon 191942656
[  291.321748][T12701] active_anon 95383552
[  291.326142][T12701] inactive_file 0
[  291.335048][T12701] active_file 0
[  291.338579][T12701] unevictable 0
[  291.342067][T12701] hierarchical_memory_limit 314572800
[  291.347454][T12701] hierarchical_memsw_limit 9223372036854771712
[  291.353776][T12701] total_cache 287182848
[  291.358265][T12701] total_rss 139264
[  291.362136][T12701] total_rss_huge 0
[  291.365873][T12701] total_shmem 287182848
[  291.369658][T13425] overlayfs: failed to clone upperpath
[  291.370189][T12701] total_mapped_file 0
[  291.379721][T12701] total_dirty 0
[  291.383466][T12701] total_writeback 0
[  291.387292][T12701] total_workingset_refault_anon 37
[  291.392636][T12701] total_workingset_refault_file 0
[  291.398035][T12701] total_swap 115097600
[  291.403577][T12701] total_swapcached 32768
[  291.408155][T12701] total_pgpgin 297716
[  291.412809][T12701] total_pgpgout 227568
[  291.416904][T12701] total_pgfault 68172
[  291.421028][T12701] total_pgmajfault 32
[  291.425198][T12701] total_inactive_anon 191942656
[  291.430936][T12701] total_active_anon 95383552
[  291.435692][T12701] total_inactive_file 0
[  291.439921][T12701] total_active_file 0
[  291.443994][T12701] total_unevictable 0
[  291.447984][T12701] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.4164,pid=12701,uid=0
[  291.463267][T12701] Memory cgroup out of memory: Killed process 12701 (syz.5.4164) total-vm:90168kB, anon-rss:1016kB, file-rss:57648kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:0
[  291.558845][T13451] netlink: 'syz.1.4396': attribute type 4 has an invalid length.
[  291.581100][T13451] netlink: 'syz.1.4396': attribute type 4 has an invalid length.
[  291.627807][T13455] netlink: 124 bytes leftover after parsing attributes in process `syz.1.4397'.
[  291.914590][T12706] syz.5.4164 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  291.935941][T12706] CPU: 0 UID: 0 PID: 12706 Comm: syz.5.4164 Not tainted syzkaller #0 1976820a860199aae9d2abf4727fc3b97aa7bbea
[  291.935981][T12706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  291.935994][T12706] Call Trace:
[  291.936002][T12706]  <TASK>
[  291.936011][T12706]  __dump_stack+0x21/0x30
[  291.936044][T12706]  dump_stack_lvl+0x10c/0x190
[  291.936070][T12706]  ? __cfi_dump_stack_lvl+0x10/0x10
[  291.936097][T12706]  ? ___ratelimit+0x3f7/0x5a0
[  291.936120][T12706]  dump_stack+0x19/0x20
[  291.936146][T12706]  dump_header+0xd7/0x490
[  291.936167][T12706]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  291.936204][T12706]  oom_kill_process+0x4c0/0x7e0
[  291.936229][T12706]  ? sched_clock_cpu+0x75/0x400
[  291.936258][T12706]  out_of_memory+0x7ee/0xbd0
[  291.936282][T12706]  ? __cfi_out_of_memory+0x10/0x10
[  291.936305][T12706]  ? mutex_lock_killable+0x92/0x1c0
[  291.936330][T12706]  ? __cfi_mutex_lock_killable+0x10/0x10
[  291.936356][T12706]  mem_cgroup_out_of_memory+0x279/0x350
[  291.936378][T12706]  ? drain_obj_stock+0xed0/0xed0
[  291.936400][T12706]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  291.936421][T12706]  try_charge_memcg+0x8f7/0xde0
[  291.936445][T12706]  ? __cfi_try_charge_memcg+0x10/0x10
[  291.936467][T12706]  ? __alloc_pages_noprof+0x31f/0x7b0
[  291.936489][T12706]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  291.936511][T12706]  __mem_cgroup_charge+0xf6/0x410
[  291.936539][T12706]  ? __schedule+0x132a/0x1df0
[  291.936555][T12706]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  291.936580][T12706]  shmem_alloc_and_add_folio+0x86d/0x1050
[  291.936601][T12706]  ? put_swap_device+0x130/0x130
[  291.936619][T12706]  ? shmem_huge_global_enabled+0x2da/0x360
[  291.936637][T12706]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  291.936655][T12706]  ? __kasan_check_write+0x18/0x20
[  291.936677][T12706]  ? _raw_spin_lock+0x8c/0x120
[  291.936700][T12706]  shmem_get_folio_gfp+0x5f0/0x1380
[  291.936719][T12706]  ? shmem_get_folio+0xc0/0xc0
[  291.936735][T12706]  ? inode_maybe_inc_iversion+0x17d/0x1e0
[  291.936758][T12706]  ? __cfi_inode_maybe_inc_iversion+0x10/0x10
[  291.936781][T12706]  ? inode_to_bdi+0x6d/0x100
[  291.936803][T12706]  shmem_write_begin+0xf4/0x270
[  291.936822][T12706]  generic_perform_write+0x32d/0x960
[  291.936846][T12706]  ? __cfi_generic_perform_write+0x10/0x10
[  291.936868][T12706]  ? down_write+0xe9/0x2a0
[  291.936887][T12706]  ? mnt_get_write_access_file+0x1af/0x3b0
[  291.936909][T12706]  ? mnt_put_write_access_file+0xc2/0x100
[  291.936929][T12706]  ? file_update_time+0x1ef/0x220
[  291.936952][T12706]  shmem_file_write_iter+0x105/0x130
[  291.936972][T12706]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  291.936993][T12706]  __kernel_write_iter+0x395/0x830
[  291.937009][T12706]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  291.937030][T12706]  ? __cfi___kernel_write_iter+0x10/0x10
[  291.937046][T12706]  ? get_dump_page+0x160/0x220
[  291.937066][T12706]  ? __asan_memset+0x39/0x50
[  291.937088][T12706]  ? iov_iter_bvec+0xc0/0x180
[  291.937108][T12706]  dump_user_range+0xb06/0xdf0
[  291.937126][T12706]  ? __cfi_dump_emit+0x10/0x10
[  291.937149][T12706]  ? __cfi_dump_user_range+0x10/0x10
[  291.937165][T12706]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  291.937196][T12706]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  291.937221][T12706]  elf_core_dump+0x2cd9/0x3810
[  291.937242][T12706]  ? __cfi_elf_core_dump+0x10/0x10
[  291.937266][T12706]  ? dump_interrupted+0xf0/0xf0
[  291.937289][T12706]  ? filp_open+0x182/0x1d0
[  291.937309][T12706]  ? 0xffffffffff600000
[  291.937323][T12706]  do_coredump+0x1bfa/0x2bd0
[  291.937349][T12706]  ? __cfi_do_coredump+0x10/0x10
[  291.937372][T12706]  ? asm_exc_page_fault+0x2b/0x30
[  291.937398][T12706]  ? __kasan_slab_free+0x6a/0x80
[  291.937414][T12706]  ? kmem_cache_free+0x1c1/0x510
[  291.937439][T12706]  ? get_signal+0xa75/0x14f0
[  291.937460][T12706]  get_signal+0x11fd/0x14f0
[  291.937482][T12706]  arch_do_signal_or_restart+0x96/0x720
[  291.937506][T12706]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  291.937533][T12706]  irqentry_exit_to_user_mode+0x4e/0xb0
[  291.937554][T12706]  irqentry_exit+0x16/0x60
[  291.937573][T12706]  exc_page_fault+0x66/0xc0
[  291.937592][T12706]  asm_exc_page_fault+0x2b/0x30
[  291.937611][T12706] RIP: 0033:0x7fd7bd78ebf1
[  291.937625][T12706] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  291.937639][T12706] RSP: 002b:000000000000a420 EFLAGS: 00010217
[  291.937655][T12706] RAX: 0000000000000000 RBX: 00007fd7bd9c5fa0 RCX: 00007fd7bd78ebe9
[  291.937668][T12706] RDX: 0000000000000000 RSI: 000000000000a420 RDI: 0000000000022080
[  291.937681][T12706] RBP: 00007fd7bd811e19 R08: 0000000000000000 R09: 0000000000000000
[  291.937692][T12706] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  291.937703][T12706] R13: 00007fd7bd9c6038 R14: 00007fd7bd9c5fa0 R15: 00007fffd5d21b48
[  291.937718][T12706]  </TASK>
[  291.937811][T12706] memory: usage 307200kB, limit 307200kB, failcnt 55649
[  292.417078][T12706] memory+swap: usage 431820kB, limit 9007199254740988kB, failcnt 0
[  292.425047][T12706] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  292.432269][T12706] Memory cgroup stats for /syz5:
[  292.432344][T12706] cache 314109952
[  292.441183][T12706] rss 106496
[  292.444461][T12706] rss_huge 0
[  292.447788][T12706] shmem 314109952
[  292.452152][T12706] mapped_file 0
[  292.455621][T12706] dirty 0
[  292.458616][T12706] writeback 0
[  292.461922][T12706] workingset_refault_anon 39
[  292.466507][T12706] workingset_refault_file 0
[  292.471055][T12706] swap 127610880
[  292.474673][T12706] swapcached 385024
[  292.478500][T12706] pgpgin 317856
[  292.482046][T12706] pgpgout 241056
[  292.485592][T12706] pgfault 68770
[  292.489114][T12706] pgmajfault 34
[  292.492566][T12706] inactive_anon 190410752
[  292.496898][T12706] active_anon 124162048
[  292.501097][T12706] inactive_file 0
[  292.504720][T12706] active_file 0
[  292.508155][T12706] unevictable 0
[  292.511831][T12706] hierarchical_memory_limit 314572800
[  292.517424][T12706] hierarchical_memsw_limit 9223372036854771712
[  292.523825][T12706] total_cache 314109952
[  292.528006][T12706] total_rss 106496
[  292.532035][T12706] total_rss_huge 0
[  292.535784][T12706] total_shmem 314109952
[  292.539973][T12706] total_mapped_file 0
[  292.544084][T12706] total_dirty 0
[  292.547564][T12706] total_writeback 0
[  292.551596][T12706] total_workingset_refault_anon 39
[  292.556815][T12706] total_workingset_refault_file 0
[  292.561902][T12706] total_swap 127610880
[  292.566004][T12706] total_swapcached 385024
[  292.570477][T12706] total_pgpgin 317856
[  292.574534][T12706] total_pgpgout 241056
[  292.578615][T12706] total_pgfault 68770
[  292.582594][T12706] total_pgmajfault 34
[  292.586561][T12706] total_inactive_anon 190410752
[  292.591409][T12706] total_active_anon 124162048
[  292.596077][T12706] total_inactive_file 0
[  292.600328][T12706] total_active_file 0
[  292.604392][T12706] total_unevictable 0
[  292.608343][T12706] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.4164,pid=12718,uid=0
[  292.623257][T12706] Memory cgroup out of memory: Killed process 12718 (syz.5.4164) total-vm:90168kB, anon-rss:1016kB, file-rss:57648kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:0
[  292.721322][T12715] syz.5.4164 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  292.748488][T12715] CPU: 1 UID: 0 PID: 12715 Comm: syz.5.4164 Not tainted syzkaller #0 1976820a860199aae9d2abf4727fc3b97aa7bbea
[  292.748525][T12715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  292.748537][T12715] Call Trace:
[  292.748544][T12715]  <TASK>
[  292.748553][T12715]  __dump_stack+0x21/0x30
[  292.748585][T12715]  dump_stack_lvl+0x10c/0x190
[  292.748611][T12715]  ? __cfi_dump_stack_lvl+0x10/0x10
[  292.748636][T12715]  ? ___ratelimit+0x3f7/0x5a0
[  292.748657][T12715]  dump_stack+0x19/0x20
[  292.748682][T12715]  dump_header+0xd7/0x490
[  292.748701][T12715]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  292.748728][T12715]  oom_kill_process+0x4c0/0x7e0
[  292.748751][T12715]  ? sched_clock_cpu+0x75/0x400
[  292.748778][T12715]  out_of_memory+0x7ee/0xbd0
[  292.748800][T12715]  ? __cfi_out_of_memory+0x10/0x10
[  292.748821][T12715]  ? mutex_lock_killable+0x92/0x1c0
[  292.748845][T12715]  ? __cfi_mutex_lock_killable+0x10/0x10
[  292.748870][T12715]  mem_cgroup_out_of_memory+0x279/0x350
[  292.748916][T12715]  ? drain_obj_stock+0xed0/0xed0
[  292.748943][T12715]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  292.748963][T12715]  try_charge_memcg+0x8f7/0xde0
[  292.748990][T12715]  ? __cfi_try_charge_memcg+0x10/0x10
[  292.749017][T12715]  ? __alloc_pages_noprof+0x31f/0x7b0
[  292.749044][T12715]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  292.749069][T12715]  ? __folio_batch_add_and_move+0x2ab/0x370
[  292.749095][T12715]  __mem_cgroup_charge+0xf6/0x410
[  292.749122][T12715]  ? _raw_spin_lock+0x8c/0x120
[  292.749150][T12715]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  292.749180][T12715]  shmem_alloc_and_add_folio+0x86d/0x1050
[  292.749204][T12715]  ? put_swap_device+0x130/0x130
[  292.749226][T12715]  ? shmem_huge_global_enabled+0x2da/0x360
[  292.749249][T12715]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  292.749271][T12715]  ? __kasan_check_write+0x18/0x20
[  292.749299][T12715]  ? _raw_spin_lock+0x8c/0x120
[  292.749328][T12715]  shmem_get_folio_gfp+0x5f0/0x1380
[  292.749352][T12715]  ? shmem_get_folio+0xc0/0xc0
[  292.749372][T12715]  ? follow_page_pte+0xa5c/0xb90
[  292.749400][T12715]  ? inode_to_bdi+0x6d/0x100
[  292.749427][T12715]  shmem_write_begin+0xf4/0x270
[  292.749450][T12715]  generic_perform_write+0x32d/0x960
[  292.749480][T12715]  ? __cfi_generic_perform_write+0x10/0x10
[  292.749507][T12715]  ? down_write+0xe9/0x2a0
[  292.749532][T12715]  ? file_update_time+0xa3/0x220
[  292.749558][T12715]  shmem_file_write_iter+0x105/0x130
[  292.749583][T12715]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  292.749617][T12715]  __kernel_write_iter+0x395/0x830
[  292.749636][T12715]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  292.749661][T12715]  ? __cfi___kernel_write_iter+0x10/0x10
[  292.749679][T12715]  ? get_dump_page+0x160/0x220
[  292.749703][T12715]  ? __asan_memset+0x39/0x50
[  292.749729][T12715]  ? iov_iter_bvec+0xc0/0x180
[  292.749753][T12715]  dump_user_range+0xb06/0xdf0
[  292.749774][T12715]  ? __cfi_dump_emit+0x10/0x10
[  292.749803][T12715]  ? __cfi_dump_user_range+0x10/0x10
[  292.749821][T12715]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  292.749852][T12715]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  292.749882][T12715]  elf_core_dump+0x2cd9/0x3810
[  292.749909][T12715]  ? __cfi_elf_core_dump+0x10/0x10
[  292.749947][T12715]  ? dump_interrupted+0xf0/0xf0
[  292.749976][T12715]  ? filp_open+0x182/0x1d0
[  292.750001][T12715]  ? 0xffffffffff600000
[  292.750019][T12715]  do_coredump+0x1bfa/0x2bd0
[  292.750051][T12715]  ? __cfi_do_coredump+0x10/0x10
[  292.750080][T12715]  ? asm_exc_page_fault+0x2b/0x30
[  292.750111][T12715]  ? __kasan_slab_free+0x6a/0x80
[  292.750132][T12715]  ? kmem_cache_free+0x1c1/0x510
[  292.750161][T12715]  ? get_signal+0xa75/0x14f0
[  292.750184][T12715]  get_signal+0x11fd/0x14f0
[  292.750210][T12715]  arch_do_signal_or_restart+0x96/0x720
[  292.750239][T12715]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  292.750272][T12715]  irqentry_exit_to_user_mode+0x4e/0xb0
[  292.750299][T12715]  irqentry_exit+0x16/0x60
[  292.750323][T12715]  exc_page_fault+0x66/0xc0
[  292.750347][T12715]  asm_exc_page_fault+0x2b/0x30
[  292.750370][T12715] RIP: 0033:0x7fd7bd78ebf1
[  292.750388][T12715] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  292.750405][T12715] RSP: 002b:000000000000a420 EFLAGS: 00010217
[  292.750426][T12715] RAX: 0000000000000000 RBX: 00007fd7bd9c5fa0 RCX: 00007fd7bd78ebe9
[  292.750442][T12715] RDX: 0000000000000000 RSI: 000000000000a420 RDI: 0000000000022080
[  292.750457][T12715] RBP: 00007fd7bd811e19 R08: 0000000000000000 R09: 0000000000000000
[  292.750472][T12715] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  292.750485][T12715] R13: 00007fd7bd9c6038 R14: 00007fd7bd9c5fa0 R15: 00007fffd5d21b48
[  292.750504][T12715]  </TASK>
[  292.750513][T12715] memory: usage 304648kB, limit 307200kB, failcnt 56844
[  292.955619][T13481] x_tables: duplicate underflow at hook 1
[  293.069526][T12715] memory+swap: usage 413748kB, limit 9007199254740988kB, failcnt 0
[  293.236467][T12715] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  293.243466][T12715] Memory cgroup stats for /syz5:
[  293.243603][T12715] cache 298881024
[  293.254642][T12715] rss 172032
[  293.258031][T12715] rss_huge 0
[  293.261507][T12715] shmem 298881024
[  293.265155][T12715] mapped_file 0
[  293.268661][T12715] dirty 0
[  293.271616][T12715] writeback 0
[  293.274995][T12715] workingset_refault_anon 76
[  293.279672][T12715] workingset_refault_file 0
[  293.284230][T12715] swap 127688704
[  293.287789][T12715] swapcached 307200
[  293.298505][T12715] pgpgin 323460
[  293.302091][T12715] pgpgout 250397
[  293.305861][T12715] pgfault 68888
[  293.312091][T12715] pgmajfault 48
[  293.318514][T12715] inactive_anon 293486592
[  293.322928][T12715] active_anon 5742592
[  293.327010][T12715] inactive_file 0
[  293.338508][T12715] active_file 0
[  293.347472][T12715] unevictable 0
[  293.360103][T12715] hierarchical_memory_limit 314572800
[  293.376415][T12715] hierarchical_memsw_limit 9223372036854771712
[  293.396674][T12715] total_cache 298881024
[  293.410113][T12715] total_rss 172032
[  293.424797][T12715] total_rss_huge 0
[  293.432031][T12715] total_shmem 298881024
[  293.440671][T12715] total_mapped_file 0
[  293.449068][T12715] total_dirty 0
[  293.456890][T12715] total_writeback 0
[  293.465160][T12715] total_workingset_refault_anon 76
[  293.475862][T12715] total_workingset_refault_file 0
[  293.488497][T12715] total_swap 127688704
[  293.497002][T12715] total_swapcached 307200
[  293.507868][T12715] total_pgpgin 323460
[  293.517483][T12715] total_pgpgout 250397
[  293.525965][T12715] total_pgfault 68888
[  293.534000][T12715] total_pgmajfault 48
[  293.538069][T12715] total_inactive_anon 293486592
[  293.543600][T12715] total_active_anon 5742592
[  293.548192][T12715] total_inactive_file 0
[  293.552605][T12715] total_active_file 0
[  293.556938][T12715] total_unevictable 0
[  293.564151][T12715] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.4164,pid=12715,uid=0
[  293.579595][T12715] Memory cgroup out of memory: Killed process 12715 (syz.5.4164) total-vm:90168kB, anon-rss:1016kB, file-rss:57648kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:0
[  293.758694][T13500] overlayfs: failed to clone upperpath
[  294.088983][T13517] netlink: 'syz.6.4419': attribute type 4 has an invalid length.
[  294.096887][T13517] netlink: 3657 bytes leftover after parsing attributes in process `syz.6.4419'.
[  294.220194][T13534] netlink: 'syz.5.4426': attribute type 4 has an invalid length.
[  294.251357][T13541] overlayfs: failed to clone upperpath
[  294.687686][T13607] fuse: Unknown parameter 'gr'
[  294.894764][T13728] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  294.903547][T13728] overlayfs: missing 'lowerdir'
[  295.547477][T13760] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4462'.
[  296.224780][T13826] overlayfs: failed to clone upperpath
[  296.547257][T13853] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4496'.
[  296.552310][   T36] audit: type=1400 audit(1757416025.506:24754): avc:  denied  { setattr } for  pid=13854 comm="syz.1.4497" path="/" dev="configfs" ino=1333 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  296.579900][   T36] audit: type=1400 audit(1757416025.506:24755): avc:  denied  { ioctl } for  pid=13854 comm="syz.1.4497" path="/" dev="configfs" ino=1333 ioctlcmd=0xae46 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  296.668575][T13859] netlink: 'syz.6.4498': attribute type 4 has an invalid length.
[  296.676402][T13859] netlink: 17 bytes leftover after parsing attributes in process `syz.6.4498'.
[  296.713153][T13867] 9pnet_fd: Insufficient options for proto=fd
[  296.726177][T13869] overlay: Unknown parameter 'audit'
[  296.808638][T13882] overlayfs: failed to clone upperpath
[  296.954285][   T36] audit: type=1400 audit(1757416025.906:24756): avc:  denied  { setattr } for  pid=13893 comm="syz.5.4514" name="KEY" dev="sockfs" ino=45444 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  297.547596][T13918] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4523'.
[  297.557764][T13920] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4523'.
[  297.837084][T13946] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4531'.
[  297.837311][T13947] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4531'.
[  297.871396][T13951] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4533'.
[  298.002664][T13981] veth1: entered allmulticast mode
[  298.009952][T13980] veth1: left allmulticast mode
[  298.379137][T13991] 9pnet_fd: Insufficient options for proto=fd
[  298.492696][T14021] netlink: 'syz.6.4555': attribute type 4 has an invalid length.
[  299.174415][T14065] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4571'.
[  299.222507][T14089] overlayfs: failed to clone upperpath
[  299.915444][T14145] overlayfs: failed to clone upperpath
[  299.937143][   T36] audit: type=1326 audit(2000000001.450:24757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14149 comm="syz.2.4602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef358ebe9 code=0x7ffc0000
[  299.968852][   T36] audit: type=1326 audit(2000000001.450:24758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14149 comm="syz.2.4602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef358ebe9 code=0x7ffc0000
[  299.993031][   T36] audit: type=1326 audit(2000000001.490:24759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14149 comm="syz.2.4602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f6ef358ebe9 code=0x7ffc0000
[  300.022245][   T36] audit: type=1326 audit(2000000001.490:24760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14149 comm="syz.2.4602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef358ebe9 code=0x7ffc0000
[  300.046332][   T36] audit: type=1326 audit(2000000001.490:24761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14149 comm="syz.2.4602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6ef358ebe9 code=0x7ffc0000
[  300.070580][   T36] audit: type=1326 audit(2000000001.490:24762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14149 comm="syz.2.4602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef358ebe9 code=0x7ffc0000
[  300.094630][   T36] audit: type=1326 audit(2000000001.490:24763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14149 comm="syz.2.4602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6ef358ebe9 code=0x7ffc0000
[  300.846502][T14226] netlink: 'syz.2.4630': attribute type 1 has an invalid length.
[  301.677906][T14265] veth0: entered promiscuous mode
[  301.683392][   T36] kauditd_printk_skb: 16 callbacks suppressed
[  301.683407][   T36] audit: type=1326 audit(2000000003.200:24780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14264 comm="syz.6.4644" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x0
[  301.817244][   T36] audit: type=1326 audit(2000000003.330:24781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14273 comm="syz.1.4647" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe93a18ebe9 code=0x0
[  302.475258][T14324] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4662'.
[  302.510909][T14264] veth0: left promiscuous mode
[  302.570367][T14353] tmpfs: Bad value for 'huge'
[  302.617133][T14359] netlink: 35 bytes leftover after parsing attributes in process `syz.6.4675'.
[  302.628716][T14359] netlink: 35 bytes leftover after parsing attributes in process `syz.6.4675'.
[  303.185657][T14432] netlink: 'syz.6.4704': attribute type 1 has an invalid length.
[  303.317108][   T36] audit: type=1400 audit(2000000004.830:24782): avc:  denied  { nlmsg_tty_audit } for  pid=14454 comm="syz.6.4713" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  303.393474][T14472] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4713'.
[  303.429871][T14487] .N: renamed from veth0_to_bond (while UP)
[  303.522892][   T36] audit: type=1400 audit(2000000005.040:24783): avc:  denied  { execstack } for  pid=14491 comm="syz.6.4725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  303.601838][T14507] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4730'.
[  321.622378][T14538] 9pnet_fd: Insufficient options for proto=fd
[  321.659838][T14549] netlink: 'syz.1.4735': attribute type 4 has an invalid length.
[  321.678516][T14549] netlink: 'syz.1.4735': attribute type 4 has an invalid length.
[  321.690989][T14549] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4735'.
[  322.126789][T14561] 9pnet_fd: p9_fd_create_tcp (14561): problem connecting socket to 127.0.0.1
[  323.240464][T14629] overlayfs: failed to clone upperpath
[  324.113132][T14688] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4791'.
[  324.284191][T14696] 9pnet_fd: Insufficient options for proto=fd
[  324.297598][T14699] overlayfs: failed to clone upperpath
[  325.229674][T14731] netlink: 68 bytes leftover after parsing attributes in process `syz.5.4807'.
[  325.263588][T14737] incfs: Options parsing error. -22
[  325.268918][T14737] incfs: mount failed -22
[  325.274987][   T36] audit: type=1326 audit(2000000026.790:24784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14736 comm="syz.5.4810" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd7bd78ebe9 code=0x0
[  325.374649][T14745] netlink: 'syz.2.4812': attribute type 16 has an invalid length.
[  325.382613][T14745] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.4812'.
[  325.560747][T14752] 9pnet_fd: Insufficient options for proto=fd
[  326.616894][T14784] overlayfs: failed to clone upperpath
[  327.133072][T14801] netlink: 8568 bytes leftover after parsing attributes in process `syz.5.4830'.
[  327.151279][T14803] 9pnet_fd: Insufficient options for proto=fd
[  327.431651][T14814] netlink: 56 bytes leftover after parsing attributes in process `syz.2.4835'.
[  327.691464][T14829] netlink: 'syz.2.4840': attribute type 1 has an invalid length.
[  327.798088][T14831] netlink: 88 bytes leftover after parsing attributes in process `syz.5.4839'.
[  327.811655][T14837] netlink: 'syz.6.4843': attribute type 4 has an invalid length.
[  327.907330][   T36] audit: type=1326 audit(2000000285.423:24785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.6.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x7ffc0000
[  327.931353][   T36] audit: type=1326 audit(2000000285.423:24786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.6.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x7ffc0000
[  327.955145][   T36] audit: type=1326 audit(2000000285.443:24787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.6.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f071fd8ebe9 code=0x7ffc0000
[  327.979678][   T36] audit: type=1326 audit(2000000285.443:24788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.6.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x7ffc0000
[  328.003474][   T36] audit: type=1326 audit(2000000285.443:24789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.6.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f071fd8ebe9 code=0x7ffc0000
[  328.027525][   T36] audit: type=1326 audit(2000000285.443:24790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.6.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x7ffc0000
[  328.051663][   T36] audit: type=1326 audit(2000000285.443:24791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.6.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f071fd8ebe9 code=0x7ffc0000
[  328.076203][   T36] audit: type=1326 audit(2000000285.443:24792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.6.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x7ffc0000
[  328.100020][   T36] audit: type=1326 audit(2000000285.443:24793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.6.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f071fd8ebe9 code=0x7ffc0000
[  328.585788][T14909] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1056 sclass=netlink_xfrm_socket pid=14909 comm=syz.5.4865
[  328.620239][T14913] netlink: 92 bytes leftover after parsing attributes in process `syz.5.4866'.
[  328.920110][T14928] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4872'.
[  329.457946][T14941] overlayfs: failed to clone upperpath
[  329.991500][T12911] bridge_slave_1: left allmulticast mode
[  329.997352][T12911] bridge_slave_1: left promiscuous mode
[  330.003028][T12911] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.010481][T12911] bridge_slave_0: left allmulticast mode
[  330.016155][T12911] bridge_slave_0: left promiscuous mode
[  330.022134][T12911] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.138275][T12911] veth1_macvtap: left promiscuous mode
[  330.144130][T12911] veth0_vlan: left promiscuous mode
[  330.206475][T14975] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.213665][T14975] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.220901][T14975] bridge_slave_0: entered allmulticast mode
[  330.227206][T14975] bridge_slave_0: entered promiscuous mode
[  330.233895][T14975] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.241803][T14975] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.248942][T14975] bridge_slave_1: entered allmulticast mode
[  330.255075][T14975] bridge_slave_1: entered promiscuous mode
[  330.291603][T14975] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.298824][T14975] bridge0: port 2(bridge_slave_1) entered forwarding state
[  330.306079][T14975] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.313132][T14975] bridge0: port 1(bridge_slave_0) entered forwarding state
[  330.331295][T12986] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.338814][T12986] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.347959][T12951] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.355048][T12951] bridge0: port 1(bridge_slave_0) entered forwarding state
[  330.364107][T12986] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.371289][T12986] bridge0: port 2(bridge_slave_1) entered forwarding state
[  330.393375][T14975] veth0_vlan: entered promiscuous mode
[  330.404250][T14975] veth1_macvtap: entered promiscuous mode
[  330.446552][T14995] /dev/rnullb0: Can't lookup blockdev
[  330.559419][T15002] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  330.559448][T15002] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:10
[  330.707252][T15012] 9pnet_fd: Insufficient options for proto=fd
[  330.848120][T15038] overlayfs: failed to clone upperpath
[  330.904269][T15057] netlink: 393 bytes leftover after parsing attributes in process `syz.6.4913'.
[  331.014815][T15071] netlink: 'syz.6.4917': attribute type 4 has an invalid length.
[  331.303607][T15074] netlink: 'syz.6.4918': attribute type 12 has an invalid length.
[  331.651952][   T36] kauditd_printk_skb: 15 callbacks suppressed
[  331.651968][   T36] audit: type=1326 audit(2000000289.173:24809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14917 comm="syz.1.4869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93a18ebe9 code=0x7fc00000
[  331.681321][T15078] fuse: Bad value for 'fd'
[  331.682418][   T36] audit: type=1326 audit(2000000289.183:24810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14916 comm="syz.5.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7bd78ebe9 code=0x7fc00000
[  331.687810][T15078] 9pnet: p9_errstr2errno: server reported unknown error 
[  332.323697][T15125] overlayfs: failed to resolve './file0': -2
[  332.377421][T15129] overlayfs: failed to clone upperpath
[  332.470423][T15163] 9pnet_fd: Insufficient options for proto=fd
[  332.576919][   T36] audit: type=1400 audit(2000000290.093:24811): avc:  denied  { setattr } for  pid=15169 comm="syz.1.4952" name="PINGv6" dev="sockfs" ino=50197 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  332.605981][T15172] overlayfs: missing 'lowerdir'
[  332.608108][T15174] bridge_slave_1: mtu less than device minimum
[  332.697176][T15201] overlayfs: failed to clone upperpath
[  333.187373][T15225] overlayfs: failed to clone lowerpath
[  333.764083][T15274] x_tables: duplicate entry at hook 1
[  333.784304][T15279] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4995'.
[  334.010075][T15282] 9pnet_fd: Insufficient options for proto=fd
[  334.348221][T15293] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4999'.
[  334.888967][   T36] audit: type=1326 audit(2000000292.413:24812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15305 comm="syz.5.5005" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd7bd78ebe9 code=0x0
[  335.223241][T15309] netlink: 'syz.6.5006': attribute type 46 has an invalid length.
[  335.232203][T15309] overlay: Unknown parameter 'smackfsdef'
[  335.753498][T15351] IPv4: Oversized IP packet from 127.202.26.0
[  335.881272][T15387] fuse: Unknown parameter '0x0000000000000003'
[  336.299690][T15398] fuse: Unknown parameter '�0x000000000000000a'
[  336.362330][T15401] 9pnet_fd: Insufficient options for proto=fd
[  336.650710][T15407] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=65280 sclass=netlink_xfrm_socket pid=15407 comm=syz.6.5039
[  336.663683][T15406] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=65280 sclass=netlink_xfrm_socket pid=15406 comm=syz.6.5039
[  336.797838][T15425] netlink: 'syz.7.5045': attribute type 4 has an invalid length.
[  337.557539][T15462] veth0_to_bridge: mtu less than device minimum
[  337.564285][T15463] veth0_to_bridge: mtu less than device minimum
[  337.626050][T15470] netlink: 288 bytes leftover after parsing attributes in process `syz.1.5062'.
[  337.694593][T15500] 9pnet_fd: Insufficient options for proto=fd
[  337.701804][T15500] netlink: 'syz.1.5071': attribute type 12 has an invalid length.
[  338.422102][T15519] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5077'.
[  338.438990][T15521] overlayfs: failed to clone upperpath
[  338.526328][   T36] audit: type=1326 audit(2000000296.043:24813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15523 comm="syz.5.5079" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd7bd78ebe9 code=0x0
[  338.549750][   T36] audit: type=1326 audit(2000000296.043:24814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15523 comm="syz.5.5079" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd7bd78ebe9 code=0x0
[  339.051292][   T36] audit: type=1107 audit(2000000296.573:24815): pid=15565 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  339.405819][T15589] overlayfs: failed to clone upperpath
[  339.412355][T15589] overlayfs: failed to resolve './cgroup': -2
[  339.633929][T15597] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5103'.
[  339.848206][T12951] syzkaller0: tun_net_xmit 76
[  339.851153][T15614] syzkaller0: create flow: hash 233144933 index 1
[  339.853162][T12951] syzkaller0: tun_net_xmit 48
[  339.864952][T15614] syzkaller0: delete flow: hash 233144933 index 1
[  340.128128][T15634] overlayfs: failed to clone upperpath
[  340.175985][T15640] SELinux:  Context system_u:object_r:boot_t:s0 is not valid (left unmapped).
[  340.185358][   T36] audit: type=1400 audit(2000000297.713:24816): avc:  denied  { relabelto } for  pid=15639 comm="syz.5.5118" name="rnullb0" dev="tmpfs" ino=2035 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:boot_t:s0"
[  340.212252][   T36] audit: type=1400 audit(2000000297.713:24817): avc:  denied  { associate } for  pid=15639 comm="syz.5.5118" name="rnullb0" dev="tmpfs" ino=2035 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:boot_t:s0"
[  340.248735][   T36] audit: type=1326 audit(2000000297.763:24818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15590 comm="syz.1.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93a18ebe9 code=0x7fc00000
[  340.275753][   T36] audit: type=1326 audit(2000000297.763:24819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15590 comm="syz.1.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe93a18ebe9 code=0x7fc00000
[  340.302147][   T36] audit: type=1326 audit(2000000297.763:24820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15590 comm="syz.1.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93a18ebe9 code=0x7fc00000
[  340.326924][   T36] audit: type=1326 audit(2000000297.763:24821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15590 comm="syz.1.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93a18ebe9 code=0x7fc00000
[  340.352485][   T36] audit: type=1326 audit(2000000297.763:24822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15590 comm="syz.1.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93a18ebe9 code=0x7fc00000
[  340.379243][T15662] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2049 sclass=netlink_route_socket pid=15662 comm=syz.5.5125
[  340.447068][T15673] overlayfs: failed to clone upperpath
[  340.904078][T15687] overlay: ./file1 is not a directory
[  340.928555][T15693] netlink: 188 bytes leftover after parsing attributes in process `syz.5.5136'.
[  340.959189][T15698] tmpfs: Unknown parameter '��'
[  341.025236][T15706] overlayfs: failed to resolve './file1': -2
[  341.564192][T15741] overlayfs: failed to clone upperpath
[  341.570348][T15741] /dev/rnullb0: Can't lookup blockdev
[  341.648277][T15748] overlayfs: missing 'lowerdir'
[  342.030044][T15777] 9pnet_fd: Insufficient options for proto=fd
[  342.092552][T15793] 8021q: VLANs not supported on ip6tnl0
[  342.867322][T15828] overlayfs: failed to clone upperpath
[  342.874612][T15828] netlink: 52 bytes leftover after parsing attributes in process `syz.6.5182'.
[  342.883984][T15828] netlink: 52 bytes leftover after parsing attributes in process `syz.6.5182'.
[  343.019591][T15842] overlayfs: failed to clone upperpath
[  343.606321][   T36] kauditd_printk_skb: 42 callbacks suppressed
[  343.606342][   T36] audit: type=1400 audit(2000000301.123:24865): avc:  denied  { mounton } for  pid=15882 comm="syz.6.5202" path="/" dev="configfs" ino=1333 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  343.761943][T15894] netlink: 188 bytes leftover after parsing attributes in process `syz.5.5205'.
[  343.984358][T15904] netlink: 'syz.5.5207': attribute type 3 has an invalid length.
[  343.992150][T15904] netlink: 'syz.5.5207': attribute type 3 has an invalid length.
[  343.999997][T15904] netlink: 'syz.5.5207': attribute type 3 has an invalid length.
[  344.532323][T15913] fuse: Bad value for 'fd'
[  344.925475][   T36] audit: type=1400 audit(2000000302.443:24866): avc:  denied  { read } for  pid=15924 comm="syz.1.5214" name="file0" dev="tmpfs" ino=1364 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  344.948228][   T36] audit: type=1400 audit(2000000302.443:24867): avc:  denied  { open } for  pid=15924 comm="syz.1.5214" path="/249/file0" dev="tmpfs" ino=1364 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  345.112426][T15929] overlayfs: failed to clone upperpath
[  345.222680][T15954] batadv_slave_1: entered promiscuous mode
[  345.296579][T15954] 9pnet_fd: Insufficient options for proto=fd
[  345.312935][T15953] batadv_slave_1: left promiscuous mode
[  345.600168][T15986] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5231'.
[  345.618594][T15986] erspan0: default FDB implementation only supports local addresses
[  346.097491][T16019] fuse: Bad value for 'fd'
[  346.120095][   T36] audit: type=1400 audit(2000000303.643:24868): avc:  denied  { write } for  pid=16018 comm="syz.7.5243" name="usbmon9" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  346.174247][T16020] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  346.184424][T16020] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2003790892 (4007581784 ns) > initial count (3403735274 ns). Using initial count to start timer.
[  346.610412][T16036] overlayfs: failed to clone upperpath
[  346.665495][T16041] sit0: entered promiscuous mode
[  346.671357][T16041] netlink: 'syz.6.5250': attribute type 1 has an invalid length.
[  346.679357][T16041] netlink: 1 bytes leftover after parsing attributes in process `syz.6.5250'.
[  346.696879][T16044] netlink: 5 bytes leftover after parsing attributes in process `syz.6.5251'.
[  347.226970][T16056] �����9: renamed from xfrm0 (while UP)
[  347.516167][T16073] netlink: 100 bytes leftover after parsing attributes in process `syz.5.5260'.
[  347.567795][T16078] netlink: 'syz.5.5261': attribute type 30 has an invalid length.
[  347.655866][   T36] audit: type=1400 audit(2000000305.173:24869): avc:  denied  { execute } for  pid=16088 comm="syz.5.5266" path="/dev/rnullb0" dev="tmpfs" ino=2035 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:boot_t:s0"
[  347.987776][T16123] 2N: renamed from vcan0 (while UP)
[  348.315575][T16169] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5292'.
[  348.338613][T16171] netlink: 'syz.6.5293': attribute type 4 has an invalid length.
[  348.347016][T16171] netlink: 'syz.6.5293': attribute type 4 has an invalid length.
[  348.578871][T16188] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5299'.
[  348.612403][T16201] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5302'.
[  348.818960][T16215] tipc: Started in network mode
[  348.823965][T16215] tipc: Node identity ac14142f, cluster identity 4711
[  348.830947][T16215] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  349.389470][   T13] tipc: Left network mode
[  349.652926][T16229] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5311'.
[  350.034580][   T36] audit: type=1326 audit(2000000307.553:24870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.6.5314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x50000
[  350.058375][   T36] audit: type=1326 audit(2000000307.553:24871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.6.5314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x50000
[  350.082111][   T36] audit: type=1326 audit(2000000307.553:24872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.6.5314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x50000
[  350.105711][   T36] audit: type=1326 audit(2000000307.553:24873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.6.5314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x50000
[  350.129267][   T36] audit: type=1326 audit(2000000307.553:24874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.6.5314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x50000
[  350.152917][   T36] audit: type=1326 audit(2000000307.553:24875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.6.5314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x50000
[  350.176636][   T36] audit: type=1326 audit(2000000307.553:24876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.6.5314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x50000
[  350.210398][   T36] audit: type=1326 audit(2000000307.553:24877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.6.5314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x50000
[  350.233955][   T36] audit: type=1326 audit(2000000307.553:24878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.6.5314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x50000
[  350.257691][   T36] audit: type=1326 audit(2000000307.553:24879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.6.5314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f071fd8ebe9 code=0x50000
[  351.122494][T16291] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  351.156129][T16293] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[  351.173871][T16293] rust_binder: Write failure EINVAL in pid:55
[  351.274565][T16302] netlink: 'syz.7.5333': attribute type 4 has an invalid length.
[  351.304502][   T13] Bluetooth: hci0: Frame reassembly failed (-84)
[  351.399762][T16313] overlayfs: failed to clone upperpath
[  352.266480][T16327] No source specified
[  352.894651][T16349] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=66 sclass=netlink_audit_socket pid=16349 comm=syz.1.5349
[  352.962574][T16356] 9pnet_fd: Insufficient options for proto=fd
[  353.158833][T16386] 9pnet_fd: Insufficient options for proto=fd
[  353.318525][  T628] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  353.321834][   T53] Bluetooth: hci0: command 0x1003 tx timeout
[  353.855483][T16407] overlayfs: failed to clone upperpath
[  353.876979][T16399] bridge0: port 1(bridge_slave_0) entered blocking state
[  353.884243][T16399] bridge0: port 1(bridge_slave_0) entered disabled state
[  353.891553][T16399] bridge_slave_0: entered allmulticast mode
[  353.898211][T16399] bridge_slave_0: entered promiscuous mode
[  353.904408][   T13] tipc: Disabling bearer <udp:syz2>
[  353.909929][   T13] tipc: Left network mode
[  353.914455][T16399] bridge0: port 2(bridge_slave_1) entered blocking state
[  353.921647][T16399] bridge0: port 2(bridge_slave_1) entered disabled state
[  353.928789][T16399] bridge_slave_1: entered allmulticast mode
[  353.934912][T16399] bridge_slave_1: entered promiscuous mode
[  353.941572][   T13] veth0_vlan: left promiscuous mode
[  354.032517][T16399] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.039634][T16399] bridge0: port 2(bridge_slave_1) entered forwarding state
[  354.047105][T16399] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.054340][T16399] bridge0: port 1(bridge_slave_0) entered forwarding state
[  354.072752][T12911] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.080180][T12911] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.089725][T12951] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.096804][T12951] bridge0: port 1(bridge_slave_0) entered forwarding state
[  354.105881][T12911] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.113163][T12911] bridge0: port 2(bridge_slave_1) entered forwarding state
[  354.125503][T16416] /dev/rnullb0: Can't lookup blockdev
[  354.141978][T16399] veth0_vlan: entered promiscuous mode
[  354.153099][T16399] veth1_macvtap: entered promiscuous mode
[  355.053182][T16472] rust_binder: Write failure EFAULT in pid:7
[  355.149591][T16487] devpts: called with bogus options
[  355.446780][T16512] binder: Unknown parameter 'defcontext01777777777777777777777'
[  355.455018][T16513] netlink: 'syz.6.5402': attribute type 12 has an invalid length.
[  355.477071][T16517] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  355.487530][   T36] kauditd_printk_skb: 27780 callbacks suppressed
[  355.487550][   T36] audit: type=1400 audit(2000000313.013:52660): avc:  denied  { relabelto } for  pid=16516 comm="syz.6.5403" name="file0" dev="tmpfs" ino=59 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  355.521080][   T36] audit: type=1400 audit(2000000313.013:52661): avc:  denied  { associate } for  pid=16516 comm="syz.6.5403" name="file0" dev="tmpfs" ino=59 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[  355.725519][   T36] audit: type=1400 audit(2000000313.243:52662): avc:  denied  { unlink } for  pid=16399 comm="syz-executor" name="file0" dev="tmpfs" ino=59 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  355.732015][T16520] loop2: detected capacity change from 0 to 7
[  355.761641][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  355.771362][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  355.779429][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  355.788747][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  355.795865][T16524] overlayfs: failed to clone lowerpath
[  355.797165][T16520]  loop2: unable to read partition table
[  355.808740][T16520] loop_reread_partitions: partition scan of loop2 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  355.818081][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  355.831685][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  355.840101][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  355.849330][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  355.866323][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  355.875543][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  355.884123][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  355.893401][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  355.904524][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  355.906422][T16541] netlink: 68 bytes leftover after parsing attributes in process `syz.1.5410'.
[  355.913899][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  355.918335][T16540] netlink: 140 bytes leftover after parsing attributes in process `syz.6.5411'.
[  355.942203][T16540] netlink: 48 bytes leftover after parsing attributes in process `syz.6.5411'.
[  355.980099][T16551] tipc: Started in network mode
[  355.985243][T16551] tipc: Node identity 40000000000000000000000000000001, cluster identity 4711
[  355.994324][T16551] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  356.025023][   T36] audit: type=1326 audit(2000000313.543:52663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16494 comm="syz.5.5398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7bd78ebe9 code=0x7fc00000
[  356.144526][T16575] rust_binder: Failed to vm_insert_page(35184372101120): vma_addr:35184372097024 i:1 err:EFAULT
[  356.144553][T16575] rust_binder: Error in use_page_slow: EFAULT
[  356.155207][T16575] rust_binder: use_range failure EFAULT
[  356.161479][T16575] rust_binder: Failed to allocate buffer. len:4144, is_oneway:false
[  356.167096][T16575] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  356.175594][T16575] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:49
[  356.187379][T16575] rust_binder: Write failure EFAULT in pid:49
[  356.411317][   T36] audit: type=1400 audit(2000000313.933:52664): avc:  denied  { write } for  pid=16578 comm="syz.7.5425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  356.678483][  T949] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[  356.829586][  T949] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  356.840615][  T949] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  356.853819][  T949] usb 7-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[  356.862992][  T949] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.871630][  T949] usb 7-1: config 0 descriptor??
[  356.876914][T16577] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  357.091580][  T949] usbhid 7-1:0.0: can't add hid device: -71
[  357.097748][  T949] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  357.107498][  T949] usb 7-1: USB disconnect, device number 7
[  357.161293][T16611] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5435'.
[  357.170799][T16611] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5435'.
[  357.268483][T16628] netlink: 72 bytes leftover after parsing attributes in process `syz.1.5440'.
[  357.498456][  T949] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  357.658469][  T949] usb 7-1: Using ep0 maxpacket: 8
[  357.666114][  T949] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  357.675546][  T949] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.684028][  T949] usb 7-1: Product: syz
[  357.688238][  T949] usb 7-1: Manufacturer: syz
[  357.693350][  T949] usb 7-1: SerialNumber: syz
[  357.906741][  T949] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 8 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  358.010883][   T36] audit: type=1400 audit(2000000315.523:52665): avc:  denied  { getopt } for  pid=16660 comm="syz.7.5445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  358.113071][T16666] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5447'.
[  358.130259][  T949] usb 7-1: USB disconnect, device number 8
[  358.137374][  T949] usblp0: removed
[  358.173193][T16662] bridge0: port 1(bridge_slave_0) entered blocking state
[  358.180341][T16662] bridge0: port 1(bridge_slave_0) entered disabled state
[  358.187422][T16662] bridge_slave_0: entered allmulticast mode
[  358.194001][T16662] bridge_slave_0: entered promiscuous mode
[  358.200429][T16662] bridge0: port 2(bridge_slave_1) entered blocking state
[  358.207811][T16662] bridge0: port 2(bridge_slave_1) entered disabled state
[  358.214967][T16662] bridge_slave_1: entered allmulticast mode
[  358.221590][T16662] bridge_slave_1: entered promiscuous mode
[  358.249727][T16683] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  358.249764][T16683] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:81
[  358.275446][T12911] bridge_slave_1: left allmulticast mode
[  358.290412][T12911] bridge_slave_1: left promiscuous mode
[  358.296172][T12911] bridge0: port 2(bridge_slave_1) entered disabled state
[  358.303793][T12911] bridge_slave_0: left allmulticast mode
[  358.309723][T12911] bridge_slave_0: left promiscuous mode
[  358.315388][T12911] bridge0: port 1(bridge_slave_0) entered disabled state
[  358.414920][T12951] bridge0: port 1(bridge_slave_0) entered blocking state
[  358.422075][T12951] bridge0: port 1(bridge_slave_0) entered forwarding state
[  358.431711][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  358.438812][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  358.450573][T12911] veth1_macvtap: left promiscuous mode
[  358.456085][T12911] veth0_vlan: left promiscuous mode
[  358.479422][T16685] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  358.479451][T16685] rust_binder: Read failure Err(EFAULT) in pid:83
[  358.521562][T16705] netlink: 'syz.1.5455': attribute type 4 has an invalid length.
[  358.537464][T16705] netlink: 'syz.1.5455': attribute type 4 has an invalid length.
[  358.566151][T16662] veth0_vlan: entered promiscuous mode
[  358.576221][T16662] veth1_macvtap: entered promiscuous mode
[  358.644547][   T36] audit: type=1400 audit(2000000316.163:52666): avc:  denied  { write } for  pid=16708 comm="syz.6.5456" name="hwrng" dev="devtmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  359.011016][T16725] rust_binder: Write failure EINVAL in pid:87
[  359.139865][T16735] netlink: 'syz.7.5465': attribute type 4 has an invalid length.
[  359.164947][T16737] binder: Unknown parameter './binderfs'
[  359.619347][   T36] audit: type=1326 audit(2000000317.143:52667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16753 comm="syz.6.5472" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f94bc98ebe9 code=0x0
[  359.777242][   T36] audit: type=1326 audit(2000000317.293:52668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16755 comm="syz.1.5473" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe93a18ebe9 code=0x0
[  360.250957][   T36] audit: type=1400 audit(2000000317.773:52669): avc:  denied  { write } for  pid=16762 comm="syz.7.5476" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  360.250968][T16763] random: crng reseeded on system resumption
[  360.552071][T16773] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  360.612848][T16774] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:74
[  361.175728][   T36] kauditd_printk_skb: 1 callbacks suppressed
[  361.175752][   T36] audit: type=1400 audit(2000000318.693:52671): avc:  denied  { accept } for  pid=16792 comm="syz.1.5488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  362.196215][T16816] overlayfs: missing 'lowerdir'
[  362.229290][T12951] Bluetooth: hci0: Frame reassembly failed (-84)
[  362.590902][T16826] new mount options do not match the existing superblock, will be ignored
[  362.600371][T16826] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5500'.
[  362.848489][   T45] usb 6-1: new full-speed USB device number 17 using dummy_hcd
[  362.999509][   T45] usb 6-1: config 0 has an invalid interface number: 239 but max is 0
[  363.007938][   T45] usb 6-1: config 0 has no interface number 0
[  363.014136][   T45] usb 6-1: config 0 interface 239 altsetting 0 endpoint 0x1 has invalid maxpacket 991, setting to 64
[  363.025053][   T45] usb 6-1: config 0 interface 239 altsetting 0 endpoint 0x82 has invalid maxpacket 511, setting to 64
[  363.037271][   T45] usb 6-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  363.046405][   T45] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  363.054582][   T45] usb 6-1: Product: syz
[  363.058778][   T45] usb 6-1: Manufacturer: syz
[  363.063381][   T45] usb 6-1: SerialNumber: syz
[  363.068529][   T45] usb 6-1: config 0 descriptor??
[  363.278535][   T45] asix 6-1:0.239 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  363.288949][   T45] asix 6-1:0.239: probe with driver asix failed with error -71
[  363.299322][   T45] usb 6-1: USB disconnect, device number 17
[  363.432928][   T36] audit: type=1400 audit(2000000320.953:52672): avc:  denied  { setattr } for  pid=16843 comm="syz.7.5506" path="/dev/fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  363.493001][T16849] rust_binder: Write failure EFAULT in pid:130
[  363.557735][T16858] rust_binder: Read failure Err(EAGAIN) in pid:133
[  363.617309][T16869] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5515'.
[  363.781351][T16870] rust_binder: Failed to allocate buffer. len:120, is_oneway:false
[  363.781480][T16870] rust_binder: Failed to allocate buffer. len:24, is_oneway:true
[  363.784556][   T36] audit: type=1400 audit(2000000321.303:52673): avc:  denied  { map } for  pid=16868 comm="syz.7.5515" path="/proc/136/task" dev="proc" ino=55597 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  364.278476][   T53] Bluetooth: hci0: command 0x1003 tx timeout
[  364.279317][  T628] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  364.316330][T16881] rust_binder: Write failure EINVAL in pid:90
[  364.506610][   T36] audit: type=1400 audit(2000000322.020:52674): avc:  denied  { remount } for  pid=16898 comm="syz.7.5527" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  364.662186][T16909] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=16909 comm=syz.7.5530
[  364.688474][ T8096] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  364.731055][T16912] /dev/rnullb0: Can't lookup blockdev
[  364.757024][T16914] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:156
[  364.849797][ T8096] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  364.902053][ T8096] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  364.906037][T16925] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5537'.
[  364.913398][ T8096] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  364.938601][ T8096] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.948627][ T8096] usb 7-1: Product: syz
[  364.952892][ T8096] usb 7-1: Manufacturer: syz
[  364.957570][ T8096] usb 7-1: SerialNumber: syz
[  365.003347][T16932] SELinux: security_context_str_to_sid () failed with errno=-22
[  365.167488][   T36] audit: type=1400 audit(2000000322.680:52675): avc:  denied  { bind } for  pid=16951 comm="syz.5.5549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  365.172836][T16953] overlay: filesystem on ./bus not supported as upperdir
[  365.528531][  T949] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  365.644331][T16965] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5554'.
[  365.655735][  T236] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  365.664732][  T236] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  365.688509][  T949] usb 6-1: Using ep0 maxpacket: 32
[  365.708873][ T8096] usb 7-1: 0:2 : does not exist
[  365.719610][  T949] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  365.720563][ T8096] usb 7-1: cannot find UAC_HEADER
[  365.736312][  T949] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  365.738733][ T8096] snd-usb-audio 7-1:1.1: probe with driver snd-usb-audio failed with error -22
[  365.758582][ T8096] usb 7-1: USB disconnect, device number 9
[  365.768370][  T949] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  365.777621][  T949] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  365.787571][  T949] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  365.797609][  T949] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  365.810919][  T949] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  365.820156][  T949] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.829114][  T949] usb 6-1: config 0 descriptor??
[  365.851940][T16968] netlink: 'syz.6.5555': attribute type 4 has an invalid length.
[  366.037011][  T949] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 18 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  366.049265][  T949] usb 6-1: USB disconnect, device number 18
[  366.055831][  T949] usblp0: removed
[  366.188523][   T45] usb 7-1: new full-speed USB device number 10 using dummy_hcd
[  366.339850][   T45] usb 7-1: unable to get BOS descriptor or descriptor too short
[  366.348122][   T45] usb 7-1: not running at top speed; connect to a high speed hub
[  366.356788][   T45] usb 7-1: config 1 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  366.370333][   T45] usb 7-1: config 1 interface 0 has no altsetting 0
[  366.379990][   T45] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  366.389156][   T45] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.397271][   T45] usb 7-1: Manufacturer: 탈ᖩ쒸阡翀⎇碭밨񦅡
[  366.404083][   T45] usb 7-1: SerialNumber: syz
[  366.478485][ T8096] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  366.609895][T16976] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  366.621867][   T45] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 7 proto 1 vid 0x0525 pid 0xA4A8
[  366.628684][ T8096] usb 6-1: Using ep0 maxpacket: 32
[  366.635684][   T45] usb 7-1: USB disconnect, device number 10
[  366.639357][ T8096] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  366.645540][   T45] usblp0: removed
[  366.652215][ T8096] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  366.664832][ T8096] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  366.674040][ T8096] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  366.683879][ T8096] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  366.693618][ T8096] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  366.706604][ T8096] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  366.715688][ T8096] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.725189][ T8096] usb 6-1: config 0 descriptor??
[  367.133171][ T8096] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 19 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  367.154544][ T8096] usb 6-1: USB disconnect, device number 19
[  367.162862][ T8096] usblp0: removed
[  367.213729][   T36] audit: type=1400 audit(2000000324.730:52676): avc:  denied  { remount } for  pid=16980 comm="syz.6.5559" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=filesystem permissive=1
[  367.214045][T16982] nsfs: Unknown parameter 'fd'
[  367.306246][T16986] binder: Unknown parameter 'fscontext?}'
[  367.306508][T16987] binder: Unknown parameter 'fscontext?}'
[  367.651713][T16989] rust_binder: 51: no such ref 3
[  367.888532][   T45] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  368.039636][   T45] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  368.052662][   T45] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  368.061799][   T45] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.070478][   T45] usb 6-1: config 0 descriptor??
[  368.103498][   T36] audit: type=1326 audit(2000000325.620:52677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16949 comm="syz.1.5548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93a18ebe9 code=0x7fc00000
[  368.477308][   T45] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  368.484830][   T45] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  368.492461][   T45] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  368.499905][   T45] plantronics 0003:047F:FFFF.0006: report_id 0 is invalid
[  368.507031][   T45] plantronics 0003:047F:FFFF.0006: item 0 0 1 8 parsing failed
[  368.514746][   T45] plantronics 0003:047F:FFFF.0006: parse failed
[  368.521106][   T45] plantronics 0003:047F:FFFF.0006: probe with driver plantronics failed with error -22
[  368.680191][   T10] usb 6-1: USB disconnect, device number 20
[  368.983418][   T36] audit: type=1326 audit(2000000326.500:52678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17005 comm="syz.7.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f0b8ebe9 code=0x50000
[  369.006903][   T36] audit: type=1326 audit(2000000326.500:52679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17005 comm="syz.7.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f0b8ebe9 code=0x50000
[  369.009148][T17007] netlink: 'syz.6.5566': attribute type 1 has an invalid length.
[  369.031009][   T36] audit: type=1326 audit(2000000326.500:52680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17005 comm="syz.7.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f0b8ebe9 code=0x50000
[  369.061792][   T36] audit: type=1326 audit(2000000326.500:52681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17005 comm="syz.7.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f0b8ebe9 code=0x50000
[  369.085151][   T36] audit: type=1326 audit(2000000326.500:52682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17005 comm="syz.7.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f0b8ebe9 code=0x50000
[  369.095828][T17010] sock: sock_set_timeout: `syz.6.5566' (pid 17010) tries to set negative timeout
[  369.108840][   T36] audit: type=1326 audit(2000000326.500:52683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17005 comm="syz.7.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f0b8ebe9 code=0x50000
[  369.141383][   T36] audit: type=1326 audit(2000000326.500:52684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17005 comm="syz.7.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f0b8ebe9 code=0x50000
[  369.164815][   T36] audit: type=1326 audit(2000000326.500:52685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17005 comm="syz.7.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f0b8ebe9 code=0x50000
[  369.206042][T17013] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  369.270587][T17015] rust_binder: Error while translating object.
[  369.270641][T17015] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  369.288794][T17015] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:55
[  369.381919][T17017] loop2: detected capacity change from 0 to 7
[  369.407046][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  369.416437][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  369.425431][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  369.434627][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  369.442581][T17017]  loop2: unable to read partition table
[  369.450426][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  369.459617][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  369.468191][T17017] loop_reread_partitions: partition scan of loop2 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  369.468208][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  369.490926][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  369.503660][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  369.512948][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  369.521117][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  369.530584][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  369.538864][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  369.548297][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  369.557474][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  369.566682][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  369.574663][T17019]  loop2: unable to read partition table
[  369.575053][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  369.590339][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  369.850383][T17030] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  369.863947][T17030] rust_binder: Write failure EINVAL in pid:130
[  369.864467][T17030] netlink: 'syz.6.5574': attribute type 27 has an invalid length.
[  369.912912][  T236] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  369.958569][T17039] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5578'.
[  369.979909][T17039] input: syz1 as /devices/virtual/input/input10
[  370.068461][  T236] usb 6-1: Using ep0 maxpacket: 16
[  370.079527][  T236] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  370.098464][  T236] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  370.108371][  T236] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  370.128461][  T236] usb 6-1: config 1 interface 0 has no altsetting 0
[  370.136752][  T236] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  370.146146][  T236] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.158455][  T236] usb 6-1: Product: syz
[  370.162686][  T236] usb 6-1: Manufacturer: syz
[  370.167339][  T236] usb 6-1: SerialNumber: syz
[  370.938841][ T8096] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  370.970582][T17068] overlayfs: failed to resolve './file0redirect_dir=follow': -2
[  371.037205][T17072] overlayfs: failed to clone upperpath
[  371.108475][ T8096] usb 7-1: Using ep0 maxpacket: 8
[  371.122978][ T8096] usb 7-1: unable to get BOS descriptor or descriptor too short
[  371.131956][ T8096] usb 7-1: config 6 has an invalid interface number: 248 but max is 0
[  371.146425][ T8096] usb 7-1: config 6 has no interface number 0
[  371.158923][ T8096] usb 7-1: config 6 interface 248 has no altsetting 0
[  371.172303][ T8096] usb 7-1: New USB device found, idVendor=045a, idProduct=5210, bcdDevice= 1.01
[  371.187157][ T8096] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.195846][ T8096] usb 7-1: Product: syz
[  371.200688][ T8096] usb 7-1: Manufacturer: syz
[  371.213553][ T8096] usb 7-1: SerialNumber: syz
[  371.242207][T17085] veth1_macvtap: left promiscuous mode
[  371.252101][T17085] macsec0: entered promiscuous mode
[  371.426451][ T8096] ums-karma 7-1:6.248: USB Mass Storage device detected
[  371.464521][ T8096] usb 7-1: USB disconnect, device number 11
[  371.810378][T17094] netlink: 'syz.1.5596': attribute type 13 has an invalid length.
[  371.957665][T17104] cgroup: release_agent respecified
[  372.483432][T17113] /dev/nbd6: Can't lookup blockdev
[  372.492653][T17113] /dev/nbd6: Can't lookup blockdev
[  372.624907][  T236] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 21 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  372.653356][  T236] usb 6-1: USB disconnect, device number 21
[  372.660676][  T236] usblp0: removed
[  372.660891][T17124] rust_binder: Write failure EFAULT in pid:186
[  372.666461][T17126] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  372.675330][T17123] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  372.691206][T17129] x_tables: duplicate underflow at hook 1
[  372.697212][T17123] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:65
[  372.701570][T17130] x_tables: duplicate underflow at hook 1
[  372.739864][T17127] rust_binder: Error in use_page_slow: ESRCH
[  372.739891][T17127] rust_binder: use_range failure ESRCH
[  372.756039][T17127] rust_binder: Failed to allocate buffer. len:1048, is_oneway:false
[  372.782984][T17137] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000001 not found
[  372.795610][T17127] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  372.802640][T17127] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:157
[  372.812627][T17137] rust_binder: Write failure EINVAL in pid:70
[  372.891348][T17138] kernel profiling enabled (shift: 0)
[  372.947138][T17142] rust_binder: 17142 RLIMIT_NICE not set
[  372.953471][  T236] rust_binder: 17141: removing orphan mapping 0:1192
[  373.002198][T17138] syz.5.5610: vmalloc error: size 318767104, failed to allocated page array size 622592, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0
[  373.026058][T17138] CPU: 1 UID: 0 PID: 17138 Comm: syz.5.5610 Not tainted syzkaller #0 1976820a860199aae9d2abf4727fc3b97aa7bbea
[  373.026095][T17138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  373.026107][T17138] Call Trace:
[  373.026114][T17138]  <TASK>
[  373.026122][T17138]  __dump_stack+0x21/0x30
[  373.026153][T17138]  dump_stack_lvl+0x10c/0x190
[  373.026177][T17138]  ? __cfi_dump_stack_lvl+0x10/0x10
[  373.026203][T17138]  ? _raw_spin_unlock_irqrestore+0x4a/0x70
[  373.026233][T17138]  dump_stack+0x19/0x20
[  373.026257][T17138]  warn_alloc+0x1bc/0x2a0
[  373.026282][T17138]  ? kasan_save_free_info+0x4a/0x60
[  373.026309][T17138]  ? __cfi_warn_alloc+0x10/0x10
[  373.026333][T17138]  ? __get_vm_area_node+0x1dc/0x3a0
[  373.026358][T17138]  ? profile_init+0xdb/0x280
[  373.026376][T17138]  __vmalloc_node_range_noprof+0x68e/0x1420
[  373.026402][T17138]  ? irq_work_queue+0xc2/0x160
[  373.026425][T17138]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  373.026450][T17138]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[  373.026505][T17138]  ? __asan_memset+0x39/0x50
[  373.026532][T17138]  ? __alloc_pages_noprof+0xbf/0x7b0
[  373.026556][T17138]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  373.026582][T17138]  ? profile_init+0xdb/0x280
[  373.026598][T17138]  vzalloc_noprof+0xfd/0x1d0
[  373.026623][T17138]  ? profile_init+0xdb/0x280
[  373.026641][T17138]  ? __cfi_vzalloc_noprof+0x10/0x10
[  373.026666][T17138]  ? profile_init+0x81/0x280
[  373.026682][T17138]  ? __kmalloc_noprof+0x2ad/0x450
[  373.026710][T17138]  ? __cfi_profiling_store+0x10/0x10
[  373.026730][T17138]  ? __cfi_profiling_store+0x10/0x10
[  373.026749][T17138]  profile_init+0xdb/0x280
[  373.026765][T17138]  ? __cfi_profiling_store+0x10/0x10
[  373.026784][T17138]  profiling_store+0x76/0x100
[  373.026803][T17138]  kobj_attr_store+0x73/0xa0
[  373.026831][T17138]  ? __cfi_kobj_attr_store+0x10/0x10
[  373.026860][T17138]  sysfs_kf_write+0x13e/0x160
[  373.026888][T17138]  kernfs_fop_write_iter+0x2fb/0x4d0
[  373.026913][T17138]  ? __cfi_sysfs_kf_write+0x10/0x10
[  373.026940][T17138]  vfs_write+0x694/0xe80
[  373.026959][T17138]  ? __cfi_kernfs_fop_write_iter+0x10/0x10
[  373.026984][T17138]  ? __cfi_vfs_write+0x10/0x10
[  373.027002][T17138]  ? __cfi_mutex_lock+0x10/0x10
[  373.027025][T17138]  ksys_write+0x141/0x250
[  373.027042][T17138]  ? xfd_validate_state+0x68/0x150
[  373.027068][T17138]  ? __cfi_ksys_write+0x10/0x10
[  373.027086][T17138]  ? __kasan_check_write+0x18/0x20
[  373.027112][T17138]  ? fpregs_restore_userregs+0x11d/0x260
[  373.027135][T17138]  __x64_sys_write+0x7f/0x90
[  373.027153][T17138]  x64_sys_call+0x271c/0x2ee0
[  373.027180][T17138]  do_syscall_64+0x58/0xf0
[  373.027207][T17138]  ? clear_bhb_loop+0x50/0xa0
[  373.027231][T17138]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  373.027255][T17138] RIP: 0033:0x7f3d42f8ebe9
[  373.027272][T17138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.027290][T17138] RSP: 002b:00007f3d43e0a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  373.027313][T17138] RAX: ffffffffffffffda RBX: 00007f3d431c6090 RCX: 00007f3d42f8ebe9
[  373.027330][T17138] RDX: 0000000000000028 RSI: 00002000000001c0 RDI: 000000000000000c
[  373.027344][T17138] RBP: 00007f3d43011e19 R08: 0000000000000000 R09: 0000000000000000
[  373.027357][T17138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  373.027371][T17138] R13: 00007f3d431c6128 R14: 00007f3d431c6090 R15: 00007ffffb4c6a88
[  373.027388][T17138]  </TASK>
[  373.027396][T17138] Mem-Info:
[  373.206370][T17162] netlink: 'syz.1.5619': attribute type 1 has an invalid length.
[  373.209051][T17138] active_anon:31882 inactive_anon:3 isolated_anon:0
[  373.209051][T17138]  active_file:19703 inactive_file:5022 isolated_file:0
[  373.209051][T17138]  unevictable:15443 dirty:111 writeback:0
[  373.209051][T17138]  slab_reclaimable:4668 slab_unreclaimable:86782
[  373.209051][T17138]  mapped:29457 shmem:17335 pagetables:1097
[  373.209051][T17138]  sec_pagetables:0 bounce:0
[  373.209051][T17138]  kernel_misc_reclaimable:0
[  373.209051][T17138]  free:1443856 free_pcp:7168 free_cma:0
[  373.320866][T17182] SELinux: security_context_str_to_sid (E�) failed with errno=-22
[  373.327966][T17138] Node 0 active_anon:124728kB inactive_anon:12kB active_file:78812kB inactive_file:20088kB unevictable:61772kB isolated(anon):0kB isolated(file):0kB mapped:122028kB dirty:444kB writeback:0kB shmem:66540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8180kB pagetables:4388kB sec_pagetables:0kB all_unreclaimable? no
[  373.350457][T17182] SELinux: security_context_str_to_sid (--^$-) failed with errno=-22
[  373.351898][T17138] DMA32 free:2960212kB boost:0kB min:19088kB low:23860kB high:28632kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2965952kB mlocked:0kB bounce:0kB free_pcp:5740kB local_pcp:4512kB free_cma:0kB
[  373.506451][T17138] lowmem_reserve[]: 0 3921 3921
[  373.511549][T17138] Normal free:2838024kB boost:0kB min:25964kB low:32452kB high:38940kB reserved_highatomic:0KB free_highatomic:0KB active_anon:124592kB inactive_anon:12kB active_file:78812kB inactive_file:20088kB unevictable:61772kB writepending:444kB present:5242880kB managed:4016120kB mlocked:0kB bounce:0kB free_pcp:8532kB local_pcp:1848kB free_cma:0kB
[  373.543694][T17138] lowmem_reserve[]: 0 0 0
[  373.548055][T17138] DMA32: 3*4kB (M) 3*8kB (M) 3*16kB (M) 4*32kB (M) 4*64kB (M) 3*128kB (M) 4*256kB (M) 4*512kB (M) 5*1024kB (UM) 5*2048kB (M) 718*4096kB (M) = 2960212kB
[  373.564720][T17138] Normal: 462*4kB (UME) 598*8kB (UME) 822*16kB (UME) 362*32kB (UME) 69*64kB (UME) 127*128kB (UME) 99*256kB (UME) 63*512kB (UM) 64*1024kB (UME) 26*2048kB (UM) 637*4096kB (UM) = 2837576kB
[  373.591686][T17138] 56789 total pagecache pages
[  373.596419][T17138] 4 pages in swap cache
[  373.600692][T17138] Free swap  = 124364kB
[  373.604834][T17138] Total swap = 124996kB
[  373.609251][T17138] 2097051 pages RAM
[  373.613143][T17138] 0 pages HighMem/MovableOnly
[  373.617810][T17138] 351533 pages reserved
[  373.622412][T17138] 0 pages cma reserved
[  373.627425][T17138] Memory allocations:
[  373.631599][T17138]          0 B        0 init/main.c:1370 func:do_initcalls
[  373.638982][T17138]          0 B        0 init/do_mounts.c:186 func:mount_root_generic
[  373.647026][T17138]          0 B        0 init/do_mounts.c:158 func:do_mount_root
[  373.654764][T17138]          0 B        0 init/do_mounts.c:352 func:mount_nodev_root
[  373.662698][T17138]          0 B        0 init/do_mounts_rd.c:241 func:rd_load_image
[  373.670721][T17138]          0 B        0 init/do_mounts_rd.c:72 func:identify_ramdisk_image
[  373.679489][T17138]          0 B        0 init/initramfs.c:507 func:unpack_to_rootfs
[  373.687476][T17138]          0 B        0 init/initramfs.c:508 func:unpack_to_rootfs
[  373.695518][T17138]          0 B        0 init/initramfs.c:509 func:unpack_to_rootfs
[  373.703443][T17138]          0 B        0 init/initramfs.c:101 func:find_link
[  373.838500][  T236] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  373.988479][  T236] usb 7-1: Using ep0 maxpacket: 32
[  373.994615][  T236] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  374.003089][  T236] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  374.011869][  T236] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  374.021057][  T236] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  374.030905][  T236] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  374.032584][T17202] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5632'.
[  374.042014][  T236] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  374.062774][  T236] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  374.072024][ T8096] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  374.079653][  T236] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.088972][  T236] usb 7-1: config 0 descriptor??
[  374.239683][ T8096] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  374.250658][ T8096] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  374.260419][ T8096] usb 6-1: New USB device found, idVendor=056a, idProduct=00b9, bcdDevice= 0.00
[  374.269567][ T8096] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.278113][ T8096] usb 6-1: config 0 descriptor??
[  374.295222][  T236] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 12 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  374.308015][  T236] usb 7-1: USB disconnect, device number 12
[  374.314709][  T236] usblp0: removed
[  374.728508][   T45] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  374.878475][   T45] usb 7-1: Using ep0 maxpacket: 32
[  374.884702][   T45] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  374.893337][   T45] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  374.904442][T17198] syzkaller0: create flow: hash 1445920974 index 1
[  374.907204][   T45] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  374.914748][ T8096] usbhid 6-1:0.0: can't add hid device: -71
[  374.921638][   T45] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  374.931104][ T8096] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  374.937124][   T45] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  374.946499][ T8096] usb 6-1: USB disconnect, device number 22
[  374.956253][   T45] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  374.961586][   T36] kauditd_printk_skb: 25586 callbacks suppressed
[  374.961602][   T36] audit: type=1326 audit(2000000332.480:78272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17206 comm="syz.1.5634" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe93a18ebe9 code=0x0
[  374.973086][   T45] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  375.011325][T17198] syzkaller0: delete flow: hash 1445920974 index 1
[  375.011341][   T45] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  375.012102][   T45] usb 7-1: config 0 descriptor??
[  375.117888][T17221] tmpfs: Unknown parameter 'no�'
[  375.232876][   T45] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 13 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  375.632962][ T8096] usb 7-1: USB disconnect, device number 13
[  375.637972][T17225] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  375.650221][T17225] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  375.652410][ T8096] usblp0: removed
[  375.683759][T17230] rust_binder: Failed copying into alloc: EFAULT
[  375.683786][T17230] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[  375.690413][T17230] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  375.698794][T17230] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:185
[  375.731208][T17232] loop0: detected capacity change from 0 to 7
[  375.751012][    C1] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  375.756055][T17236] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  375.760229][    C1] Buffer I/O error on dev loop0, logical block 0, async page read
[  375.760535][    C1] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  375.786122][    C1] Buffer I/O error on dev loop0, logical block 0, async page read
[  375.794032][T17232]  loop0: unable to read partition table
[  375.800291][T17232] loop_reread_partitions: partition scan of loop0 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  375.849785][T17240] Invalid logical block size (7)
[  375.858013][    C0] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  375.869803][    C0] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  375.878996][    C0] Buffer I/O error on dev loop0, logical block 0, async page read
[  375.887563][    C0] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  375.896764][    C0] Buffer I/O error on dev loop0, logical block 0, async page read
[  375.905857][    C0] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  375.915063][    C0] Buffer I/O error on dev loop0, logical block 0, async page read
[  375.923450][    C0] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  375.932723][    C0] Buffer I/O error on dev loop0, logical block 0, async page read
[  375.948468][    C0] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  375.957671][    C0] Buffer I/O error on dev loop0, logical block 0, async page read
[  375.990301][T12986] Bluetooth: hci0: Frame reassembly failed (-84)
[  376.348510][   T45] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  376.478496][   T45] usb 6-1: device descriptor read/64, error -71
[  376.497468][T17268] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  376.497474][T17270] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  376.718473][   T45] usb 6-1: device descriptor read/64, error -71
[  376.749661][   T36] audit: type=1400 audit(2000000334.270:78273): avc:  denied  { relabelfrom } for  pid=17267 comm="syz.1.5654" name="NETLINK" dev="sockfs" ino=56933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  376.958521][   T45] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  377.088470][   T45] usb 6-1: device descriptor read/64, error -71
[  377.328533][   T45] usb 6-1: device descriptor read/64, error -71
[  377.438576][   T45] usb usb6-port1: attempt power cycle
[  377.778504][   T45] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  377.799480][   T45] usb 6-1: device descriptor read/8, error -71
[  377.929564][   T45] usb 6-1: device descriptor read/8, error -71
[  378.038482][   T53] Bluetooth: hci0: command 0x1003 tx timeout
[  378.039098][  T628] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  378.065112][T17273] rust_binder: Write failure EINVAL in pid:203
[  378.178506][   T45] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  378.209510][   T45] usb 6-1: device descriptor read/8, error -71
[  378.339462][   T45] usb 6-1: device descriptor read/8, error -71
[  378.448543][   T45] usb usb6-port1: unable to enumerate USB device
[  378.971971][T17280] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 112, size: 141)
[  378.971993][T17280] rust_binder: Error while translating object.
[  378.982599][T17280] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  378.988895][T17280] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:210
[  379.248505][   T45] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  379.304001][T17286] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  379.409566][   T45] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  379.420540][   T45] usb 7-1: New USB device found, idVendor=0458, idProduct=501b, bcdDevice= 0.00
[  379.429760][   T45] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.438281][   T45] usb 7-1: config 0 descriptor??
[  379.518497][ T8096] usb 6-1: new full-speed USB device number 27 using dummy_hcd
[  379.620270][   T36] audit: type=1326 audit(2000000337.140:78274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17298 comm="syz.1.5667" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe93a18ebe9 code=0x0
[  379.669642][ T8096] usb 6-1: config 0 has an invalid interface number: 196 but max is 0
[  379.677858][ T8096] usb 6-1: config 0 has no interface number 0
[  379.685476][ T8096] usb 6-1: New USB device found, idVendor=0582, idProduct=0044, bcdDevice=d3.17
[  379.694571][ T8096] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.702590][ T8096] usb 6-1: Product: syz
[  379.706746][ T8096] usb 6-1: Manufacturer: syz
[  379.711524][ T8096] usb 6-1: SerialNumber: syz
[  379.716774][ T8096] usb 6-1: config 0 descriptor??
[  379.892116][   T45] kye 0003:0458:501B.0007: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  379.903767][   T45] kye 0003:0458:501B.0007: hidraw0: USB HID v0.00 Device [HID 0458:501b] on usb-dummy_hcd.6-1/input0
[  379.914912][   T45] kye 0003:0458:501B.0007: tablet-enabling feature report not found
[  379.924991][   T45] kye 0003:0458:501B.0007: tablet enabling failed
[  379.930539][T17284] pim6reg1: entered promiscuous mode
[  379.937176][T17284] pim6reg1: entered allmulticast mode
[  379.980840][   T45] usb 6-1: USB disconnect, device number 27
[  380.492007][T17313] netlink: 'syz.5.5671': attribute type 1 has an invalid length.
[  380.738505][ T8096] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  380.888485][ T8096] usb 6-1: Using ep0 maxpacket: 32
[  380.894848][ T8096] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  380.903801][ T8096] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  380.912431][ T8096] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  380.921504][ T8096] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  380.931282][ T8096] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  380.940946][ T8096] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  380.954175][ T8096] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  380.963299][ T8096] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.971825][ T8096] usb 6-1: config 0 descriptor??
[  381.109010][   T36] audit: type=1400 audit(2000000338.630:78275): avc:  denied  { lock } for  pid=17333 comm="syz.1.5679" path="socket:[57765]" dev="sockfs" ino=57765 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  381.110142][T17334] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  381.178901][ T8096] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 28 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  381.190948][ T8096] usb 6-1: USB disconnect, device number 28
[  381.197388][ T8096] usblp0: removed
[  381.281919][T17348] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  381.291128][T17348] overlayfs: missing 'lowerdir'
[  381.297138][T17348] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5682'.
[  381.358474][T17346] /dev/rnullb0: Can't lookup blockdev
[  381.618517][   T31] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  381.768488][   T31] usb 6-1: Using ep0 maxpacket: 32
[  381.774866][   T31] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  381.783266][   T31] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  381.791973][   T31] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  381.801034][   T31] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  381.810721][   T31] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  381.820594][   T31] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  381.833570][   T31] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  381.842691][   T31] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  381.851473][   T31] usb 6-1: config 0 descriptor??
[  382.010971][   T45] usb 7-1: USB disconnect, device number 14
[  382.061345][T17370] binder: Bad value for 'stats'
[  382.258848][   T31] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 29 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  382.271862][   T31] usb 6-1: USB disconnect, device number 29
[  382.278330][   T31] usblp0: removed
[  382.342154][T17374] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000001 not found
[  382.350643][T17374] rust_binder: Write failure EINVAL in pid:203
[  382.398585][   T45] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  382.423062][T17382] can: request_module (can-proto-0) failed.
[  382.558476][   T45] usb 7-1: Using ep0 maxpacket: 8
[  382.564600][   T45] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[  382.572934][   T45] usb 7-1: config 179 has no interface number 0
[  382.579212][   T45] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  382.590344][   T45] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  382.601625][   T45] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  382.612849][   T45] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  382.624334][   T45] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  382.637812][   T45] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  382.646843][   T45] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.655841][T17372] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  382.867623][T17372] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  382.876426][T17372] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  382.885455][   T31] input: Generic X-Box pad as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:179.65/input/input11
[  382.996577][T17400] overlayfs: failed to resolve './file1': -2
[  383.004608][   T13] bridge_slave_1: left allmulticast mode
[  383.010543][   T13] bridge_slave_1: left promiscuous mode
[  383.016274][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.023506][T17402] overlayfs: failed to clone upperpath
[  383.029336][   T13] bridge_slave_0: left allmulticast mode
[  383.035030][   T13] bridge_slave_0: left promiscuous mode
[  383.040723][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.058504][   T45] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  383.170902][   T13] veth1_macvtap: left promiscuous mode
[  383.176538][   T13] veth0_vlan: left promiscuous mode
[  383.208707][   T45] usb 6-1: Using ep0 maxpacket: 32
[  383.223219][   T45] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  383.235570][   T45] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  383.246985][   T45] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  383.258503][   T45] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  383.267692][   T45] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.278884][   T45] usb 6-1: config 0 descriptor??
[  383.289866][ T8096] usb 7-1: USB disconnect, device number 15
[  383.289944][    C1] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  383.304485][    C1] dummy_hcd dummy_hcd.6: timer fired with no URBs pending?
[  383.311915][T17391] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  383.320099][   T45] hub 6-1:0.0: USB hub found
[  383.337061][T17418] tipc: Trying to set illegal importance in message
[  383.489704][T17428] netlink: 'syz.7.5709': attribute type 29 has an invalid length.
[  383.497705][T17428] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5709'.
[  383.722019][   T45] hub 6-1:0.0: config failed, can't read hub descriptor (err -22)
[  383.818644][   T36] audit: type=1400 audit(2000000341.340:78276): avc:  denied  { remove_name } for  pid=17429 comm="syz.6.5710" name="binder0" dev="binder" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  383.842076][   T36] audit: type=1400 audit(2000000341.340:78277): avc:  denied  { unlink } for  pid=17429 comm="syz.6.5710" name="binder0" dev="binder" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  383.868940][T17432] netlink: 'syz.6.5711': attribute type 4 has an invalid length.
[  383.890022][T17434] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:233
[  384.071831][T17446] rust_binder: Write failure EFAULT in pid:244
[  384.223334][T17453] 9pnet_fd: Insufficient options for proto=fd
[  384.325005][T17461] netlink: 'syz.6.5723': attribute type 4 has an invalid length.
[  384.333481][T17461] netlink: 'syz.6.5723': attribute type 4 has an invalid length.
[  384.441540][   T45] usbhid 6-1:0.0: can't add hid device: -71
[  384.453729][   T45] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  384.462729][T17474] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:107
[  384.478796][   T45] usb 6-1: USB disconnect, device number 30
[  384.669877][T17474] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0
[  384.677305][T17474] rust_binder: Write failure EINVAL in pid:107
[  384.677484][T17485] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  384.812248][   T45] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  384.837517][   T45] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  384.988478][  T236] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  385.148464][  T236] usb 7-1: Using ep0 maxpacket: 8
[  385.155055][  T236] usb 7-1: unable to get BOS descriptor or descriptor too short
[  385.163922][  T236] usb 7-1: config 6 has an invalid interface number: 141 but max is 0
[  385.172516][  T236] usb 7-1: config 6 has no interface number 0
[  385.179062][  T236] usb 7-1: config 6 interface 141 has no altsetting 0
[  385.187458][  T236] usb 7-1: New USB device found, idVendor=413c, idProduct=8195, bcdDevice=b1.d6
[  385.196893][  T236] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  385.205187][  T236] usb 7-1: Product: syz
[  385.209549][  T236] usb 7-1: Manufacturer: syz
[  385.214161][  T236] usb 7-1: SerialNumber: syz
[  385.432367][  T236] usb 7-1: USB disconnect, device number 16
[  385.660817][T17521] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17521 comm=syz.5.5740
[  385.840717][   T36] audit: type=1400 audit(2000000343.360:78278): avc:  denied  { setattr } for  pid=17551 comm="syz.5.5747" name="SCO" dev="sockfs" ino=59556 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  385.999112][T17563] overlayfs: conflicting options: verity=require,redirect_dir=nofollow
[  386.058095][T12911] Bluetooth: hci0: Frame reassembly failed (-84)
[  386.071893][T17574] 9pnet_fd: Insufficient options for proto=fd
[  386.096920][T17576] netlink: 180 bytes leftover after parsing attributes in process `syz.5.5754'.
[  386.512052][T17580] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5755'.
[  386.521446][T17580] rust_binder: Write failure EFAULT in pid:214
[  386.778757][T17583] rust_binder: Error while translating object.
[  386.785024][T17583] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  386.791375][T17583] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:187
[  386.902818][T17598] ptm ptm4: ldisc open failed (-12), clearing slot 4
[  386.932451][T17603] SELinux:  Context system_u:object_r:inetd_exec_t:s0 is not valid (left unmapped).
[  386.942256][   T36] audit: type=1400 audit(2000000344.460:78279): avc:  denied  { relabelto } for  pid=17602 comm="syz.5.5761" name="60" dev="tmpfs" ino=351 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:inetd_exec_t:s0"
[  386.969573][   T36] audit: type=1400 audit(2000000344.460:78280): avc:  denied  { associate } for  pid=17602 comm="syz.5.5761" name="60" dev="tmpfs" ino=351 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:inetd_exec_t:s0"
[  386.996779][   T36] audit: type=1400 audit(2000000344.490:78281): avc:  denied  { write } for  pid=16662 comm="syz-executor" name="60" dev="tmpfs" ino=351 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:inetd_exec_t:s0"
[  387.023271][   T36] audit: type=1400 audit(2000000344.490:78282): avc:  denied  { remove_name } for  pid=16662 comm="syz-executor" name="file1" dev="tmpfs" ino=356 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:inetd_exec_t:s0"
[  387.050296][   T36] audit: type=1400 audit(2000000344.490:78283): avc:  denied  { rmdir } for  pid=16662 comm="syz-executor" name="60" dev="tmpfs" ino=351 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:inetd_exec_t:s0"
[  387.509763][T17615] /dev/rnullb0: Can't lookup blockdev
[  387.540763][T17622] fuseblk: Bad value for 'fd'
[  387.554687][T12911] Bluetooth: hci1: Frame reassembly failed (-84)
[  387.720257][T17630] 9pnet_fd: Insufficient options for proto=fd
[  388.119030][T17625] Bluetooth: hci0: command 0x1003 tx timeout
[  388.119038][  T628] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  388.468516][  T236] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  388.620601][  T236] usb 7-1: Using ep0 maxpacket: 16
[  388.629027][  T236] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  388.648486][  T236] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  388.659980][  T236] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  388.670975][T17785] 9pnet_fd: Insufficient options for proto=fd
[  388.678473][  T236] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  388.686635][  T236] usb 7-1: Product: syz
[  388.696708][  T236] usb 7-1: Manufacturer: syz
[  388.701366][  T236] usb 7-1: SerialNumber: syz
[  388.936732][   T36] audit: type=1400 audit(2000000346.450:78284): avc:  denied  { open } for  pid=17774 comm="syz.6.5773" path="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  388.958883][   T36] audit: type=1400 audit(2000000346.450:78285): avc:  denied  { write } for  pid=17774 comm="syz.6.5773" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  388.982022][  T236] usb 7-1: 0:2 : does not exist
[  388.988777][  T236] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[  389.001815][  T236] usb 7-1: USB disconnect, device number 17
[  389.361267][T17792] fuse: Unknown parameter 'group_id'
[  389.374464][T17794] netlink: 'syz.1.5780': attribute type 33 has an invalid length.
[  389.382371][T17794] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5780'.
[  389.503835][   T36] audit: type=1400 audit(2000000347.020:78286): avc:  denied  { mounton } for  pid=17809 comm="syz.6.5785" path="/95/file0/bus" dev="bpf" ino=59816 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1
[  389.503941][T17810] overlayfs: missing 'workdir'
[  389.537466][   T36] audit: type=1400 audit(2000000347.050:78287): avc:  denied  { remount } for  pid=17809 comm="syz.6.5785" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  389.558483][   T53] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  389.558552][  T628] Bluetooth: hci1: command 0x1003 tx timeout
[  389.597655][   T36] audit: type=1400 audit(2000000347.110:78288): avc:  denied  { unmount } for  pid=16399 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  390.078541][  T461] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  390.111547][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.118917][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.126255][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.132901][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.139345][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.145653][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.152241][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.158679][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.164937][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.171135][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.177281][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.183490][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.189748][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.195963][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.202340][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.208590][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.214795][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.221049][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.227263][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.233460][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.239618][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.245743][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.251914][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.258028][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.264291][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.268447][  T461] usb 7-1: Using ep0 maxpacket: 32
[  390.270671][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.277285][  T461] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  390.282260][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.291260][  T461] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  390.297298][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.306033][  T461] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  390.312158][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.321270][  T461] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  390.327865][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.336985][  T461] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  390.343223][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.352818][  T461] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  390.359111][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.372141][  T461] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  390.378202][T17840] 9pnet_fd: Insufficient options for proto=fd
[  390.387264][  T461] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  390.401854][  T461] usb 7-1: config 0 descriptor??
[  390.470249][T17846] rust_binder: 17845 RLIMIT_NICE not set
[  390.609347][  T461] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 18 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  390.628791][  T461] usb 7-1: USB disconnect, device number 18
[  390.635244][  T461] usblp0: removed
[  390.808475][T17833] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  390.817022][T17833] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  390.928490][  T461] usb 7-1: new low-speed USB device number 19 using dummy_hcd
[  391.078471][  T461] usb 7-1: Invalid ep0 maxpacket: 32
[  391.208494][  T461] usb 7-1: new low-speed USB device number 20 using dummy_hcd
[  391.275330][T17861] binder: Unknown parameter 'defcontext01777777777777777777777'
[  391.284180][T17861] overlay: Unknown parameter 'smackfsfloor'
[  391.358496][  T461] usb 7-1: Invalid ep0 maxpacket: 32
[  391.363916][  T461] usb usb7-port1: attempt power cycle
[  391.461985][T17876] pim6reg1: entered promiscuous mode
[  391.467321][T17876] pim6reg1: entered allmulticast mode
[  391.561006][T17882] netlink: 165 bytes leftover after parsing attributes in process `syz.7.5808'.
[  391.571137][T17882] rust_binder: 250: no such ref 1
[  391.576191][T17882] rust_binder: inc_ref_done called when no active inc_refs
[  391.576205][T17882] rust_binder: inc_ref_done called when no active inc_refs
[  391.583432][T17882] rust_binder: BC_REQUEST_DEATH_NOTIFICATION invalid ref 1
[  391.597915][T17882] rust_binder: BC_REQUEST_DEATH_NOTIFICATION invalid ref 1
[  391.605124][T17882] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:250
[  391.605954][T17882] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  391.615150][T17882] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:250
[  391.718499][  T461] usb 7-1: new low-speed USB device number 21 using dummy_hcd
[  391.748790][  T461] usb 7-1: Invalid ep0 maxpacket: 32
[  391.878478][  T461] usb 7-1: new low-speed USB device number 22 using dummy_hcd
[  391.898850][  T461] usb 7-1: Invalid ep0 maxpacket: 32
[  391.904248][  T461] usb usb7-port1: unable to enumerate USB device
[  392.785879][T17894] binder: Unknown parameter 'fscontext?}'
[  392.925837][T17909] rust_binder: Read failure Err(EAGAIN) in pid:263
[  392.926023][T17909] rust_binder: Read failure Err(EAGAIN) in pid:263
[  392.949839][T17913] ./cgroup: Can't lookup blockdev
[  392.963218][T17913] loop2: detected capacity change from 0 to 7
[  392.979106][T17915] incfs: Can't find or create .index dir in ./file0
[  392.985912][T17915] incfs: mount failed -30
[  393.007985][T17915] syzkaller0: entered promiscuous mode
[  393.013552][T17915] syzkaller0: entered allmulticast mode
[  393.019701][T17917] binder: Unknown parameter 'stats�b'
[  393.097176][T17930] rust_binder: Write failure EFAULT in pid:279
[  393.735249][T17949] overlayfs: failed to clone upperpath
[  393.748866][T17949] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  393.757904][T17949] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  393.780672][T17953] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  393.978541][   T45] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  393.996023][T17960] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5840'.
[  394.006110][T17960] tmpfs: Unknown parameter 'mpo�'
[  394.006110][T17961] tmpfs: Unknown parameter 'mpo�'
[  394.035269][T17966] netlink: 288 bytes leftover after parsing attributes in process `syz.1.5842'.
[  394.068629][T17974] 9pnet_fd: Insufficient options for proto=fd
[  394.080740][T17977] netlink: 288 bytes leftover after parsing attributes in process `syz.1.5846'.
[  394.128478][   T45] usb 6-1: Using ep0 maxpacket: 32
[  394.134786][   T45] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  394.146448][   T45] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  394.156772][   T45] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  394.169826][   T45] usb 6-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  394.179097][   T45] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  394.188288][   T45] usb 6-1: config 0 descriptor??
[  394.609275][T17983] /dev/rnullb0: Can't lookup blockdev
[  394.623742][   T36] kauditd_printk_skb: 3 callbacks suppressed
[  394.623758][   T36] audit: type=1326 audit(2000000352.140:78292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17984 comm="syz.1.5849" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe93a18ebe9 code=0x0
[  394.798511][   T45] usbhid 6-1:0.0: can't add hid device: -71
[  394.804573][   T45] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  394.813552][   T45] usb 6-1: USB disconnect, device number 32
[  395.638500][  T461] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  395.653812][T18002] /dev/rnullb0: Can't lookup blockdev
[  395.668486][T18004] binder: Bad value for 'stats'
[  395.800020][  T461] usb 6-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  395.811687][  T461] usb 6-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  395.822710][  T461] usb 6-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  395.834179][  T461] usb 6-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  395.843708][  T461] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  395.852683][T17987] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  396.061383][T17987] binder: Unknown parameter 'context�8�'
[  396.067419][  T461] aiptek 6-1:17.0: Aiptek using 400 ms programming speed
[  396.075075][  T461] input: Aiptek as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:17.0/input/input12
[  396.089446][  T461] usb 6-1: USB disconnect, device number 33
[  396.563146][T18026] 9pnet_fd: Insufficient options for proto=fd
[  396.619159][T18030] ------------[ cut here ]------------
[  396.624668][T18030] WARNING: CPU: 1 PID: 18030 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[  396.634607][T18030] Modules linked in:
[  396.638515][T18030] CPU: 1 UID: 0 PID: 18030 Comm: syz.5.5866 Not tainted syzkaller #0 1976820a860199aae9d2abf4727fc3b97aa7bbea
[  396.650248][T18030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  396.660604][T18030] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[  396.666509][T18030] Code: 00 48 8b 5d a0 74 08 48 89 df e8 c2 4e 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d e9 18 e0 20 04 cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[  396.686356][T18030] RSP: 0018:ffffc9000454fc88 EFLAGS: 00010202
[  396.692600][T18030] RAX: 1ffffd1ffff81582 RBX: ffffc90004fea8e8 RCX: ffffffff816dc9a9
[  396.700592][T18030] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc0ac10
[  396.708696][T18030] RBP: ffffc9000454fcf0 R08: ffffe8ffffc0ac17 R09: 1ffffd1ffff81582
[  396.716665][T18030] R10: dffffc0000000000 R11: fffff91ffff81583 R12: dffffc0000000000
[  396.724643][T18030] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc0ac10
[  396.732631][T18030] FS:  000055557638d500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  396.741719][T18030] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  396.748362][T18030] CR2: 00002000000c1038 CR3: 000000012cc0c000 CR4: 00000000003526b0
[  396.756366][T18030] Call Trace:
[  396.759680][T18030]  <TASK>
[  396.762617][T18030]  kvm_put_kvm+0x1100/0x12b0
[  396.767205][T18030]  ? __cfi_kvm_vm_release+0x10/0x10
[  396.772425][T18030]  kvm_vm_release+0x47/0x70
[  396.777022][T18030]  __fput+0x1fe/0xa00
[  396.781028][T18030]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  396.786585][T18030]  ____fput+0x20/0x30
[  396.790576][T18030]  task_work_run+0x1e3/0x250
[  396.795249][T18030]  ? __cfi_task_work_run+0x10/0x10
[  396.800376][T18030]  ? __kasan_check_write+0x18/0x20
[  396.805500][T18030]  resume_user_mode_work+0x36/0x50
[  396.810630][T18030]  syscall_exit_to_user_mode+0x64/0xb0
[  396.816185][T18030]  do_syscall_64+0x64/0xf0
[  396.820641][T18030]  ? clear_bhb_loop+0x50/0xa0
[  396.825497][T18030]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  396.831435][T18030] RIP: 0033:0x7f3d42f8ebe9
[  396.835843][T18030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.855671][T18030] RSP: 002b:00007ffffb4c6be8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  396.864159][T18030] RAX: 0000000000000000 RBX: 00007f3d431c7da0 RCX: 00007f3d42f8ebe9
[  396.872182][T18030] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  396.880193][T18030] RBP: 00007f3d431c7da0 R08: 0000000000000000 R09: 00000017fb4c6edf
[  396.888173][T18030] R10: 000000000003fd08 R11: 0000000000000246 R12: 0000000000060fa9
[  396.896150][T18030] R13: 00007f3d431c5fa0 R14: ffffffffffffffff R15: 00007ffffb4c6d00
[  396.904248][T18030]  </TASK>
[  396.907278][T18030] ---[ end trace 0000000000000000 ]---