last executing test programs: 4.064463689s ago: executing program 3 (id=333): sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="a8000000030101020000000000000000000000060c001880080001400000800018000d80140005"], 0xa8}, 0x1, 0x0, 0x0, 0x40000001}, 0x40) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000080)=ANY=[@ANYBLOB='l\x00\x00\x00f\x00'], 0x6c}], 0x1}, 0x0) socket$netlink(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x8000}, 0x4) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(r2, 0xc0286687, 0x0) sendto$packet(r2, &(0x7f0000000180)="0b03feff4f00021202004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140), 0x14) openat$snapshot(0xffffffffffffff9c, 0x0, 0x20000, 0x0) 4.04790114s ago: executing program 3 (id=334): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) socket$packet(0x11, 0x2, 0x300) write$tun(r0, &(0x7f0000000000)={@void, @void, @eth={@random="ab7a8e422240", @link_local, @val={@val={0x88a8, 0x7, 0x1, 0x24}}, {@ipv4={0x8902, @udp={{0x5, 0x4, 0x2, 0x15, 0x5c, 0x61, 0x6e00, 0x84, 0x11, 0x0, @private=0xa010101, @multicast1}, {0x4e22, 0x4e23, 0x48, 0x0, @wg=@cookie={0x3, 0x2, "562d9ba90683726398023d5cc4caf439005d46e2e099bfb9", "eb835fb65c8b9ae493d4fb662704b8db08835fefb6a4d7ea9378cfc98b077903"}}}}}}}, 0x72) 3.952101394s ago: executing program 3 (id=335): syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) r0 = socket$inet6(0xa, 0x3, 0x8) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0x20, 0x10}, 0x4c000) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000040)=0x639b, 0x4) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000000)=0x10001, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x44, 0x4) (async) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x44, 0x4) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000540)=0x2, 0x4) (async) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000540)=0x2, 0x4) sendmmsg$inet6(r0, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)'], 0x28}}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000001e00)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x0, 0x0) (async) recvmmsg(r0, &(0x7f0000001e00)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x0, 0x0) 3.396517902s ago: executing program 2 (id=342): sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="a8000000030101020000000000000000000000060c001880080001400000800018000d80140005"], 0xa8}, 0x1, 0x0, 0x0, 0x40000001}, 0x40) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000080)=ANY=[@ANYBLOB='l\x00\x00\x00f\x00'], 0x6c}], 0x1}, 0x0) socket$netlink(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x8000}, 0x4) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(r2, 0xc0286687, 0x0) sendto$packet(r2, &(0x7f0000000180)="0b03feff4f00021202004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140), 0x14) openat$snapshot(0xffffffffffffff9c, 0x0, 0x20000, 0x0) 3.322501375s ago: executing program 2 (id=343): syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x3214, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x6, 0x36, &(0x7f00000002c0)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x40085503, &(0x7f0000000000)=0x4b) 3.139173244s ago: executing program 3 (id=345): arch_prctl$ARCH_SET_CPUID(0x1012, 0xfffffffffffffffe) arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r2, 0x1, 0x0, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="40010000100001000000000800000000ac1414bb00000000000000000000000000000000000000000000000000000001000200004e2000500000200016000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=r1], 0x140}}, 0x24000058) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, 0x0, &(0x7f0000000580)) r3 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r3, 0x400448c8, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)={0x34, 0x10, 0x21, 0x70bd26, 0x0, {0x3}, [@nested={0x20, 0x1, 0x0, 0x1, [@nested={0x1c, 0x116, 0x0, 0x1, [@nested={0x15, 0xd4, 0x0, 0x1, [@nested={0x4, 0x15}, @typed={0x4, 0x131}, @generic="1060dc3ba303b31d58"]}]}]}]}, 0x34}}, 0x80) r5 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10) shutdown(r5, 0x0) recvfrom(r5, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb) socket$xdp(0x2c, 0x3, 0x0) 2.506625986s ago: executing program 2 (id=347): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r2 = socket$packet(0x11, 0xa, 0x300) setsockopt$sock_int(r2, 0x1, 0x28, &(0x7f0000000000)=0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup(r3) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', @remote}) write$tun(r1, &(0x7f0000000280)={@val={0xa, 0x9100}, @void, @eth={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x9, 0x6, '\x00', 0x18, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_na={0x88, 0x0, 0x0, 0xf0, '\x00', @empty}}}}}}}, 0x52) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010028bd70000000000003000000400001802c0004001400010005000000ac14140f00000000000000001400020002400000ffffffff00000000000000000d0001007564703a73"], 0x54}}, 0x0) 2.42437204s ago: executing program 2 (id=351): sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="a8000000030101020000000000000000000000060c001880080001400000800018000d80140005"], 0xa8}, 0x1, 0x0, 0x0, 0x40000001}, 0x40) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000080)=ANY=[@ANYBLOB='l\x00\x00\x00f\x00'], 0x6c}], 0x1}, 0x0) socket$netlink(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x8000}, 0x4) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(r2, 0xc0286687, 0x0) sendto$packet(r2, &(0x7f0000000180)="0b03feff4f00021202004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140), 0x14) openat$snapshot(0xffffffffffffff9c, 0x0, 0x20000, 0x0) 2.421863s ago: executing program 2 (id=353): r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(r0, &(0x7f0000002f80)=[{{&(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000300)={0x2, 0x4e23, @remote}, 0x10, 0x0, 0x0, &(0x7f00000000c0)=[@ip_retopts={{0x14, 0x0, 0x7, {[@generic={0x94, 0x2}]}}}], 0x18}}], 0x2, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0xfa, 0x8, 0x7fffffff}]}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100ff2bbe11a5ce7879edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9", 0x32, 0x20000000, 0x0, 0x0) (async) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, 0x0}], 0x1, 0x31, 0x0, 0x0) (async) openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/devices\x00', 0x0, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8001, 0x3, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x2000000b, 0x20000000, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0x1002, 0x6, 0x7, 0xfffffffc, 0x5, 0x4, 0x0, 0x7, 0x3c1b, 0x2, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0x8e661, 0x7, 0x7, 0x3, 0x1000008, 0x4c74, 0x80000000, 0x242, 0x6, 0xc, 0x0, 0x8071, 0x7, 0x6, 0xffffffff, 0x7, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x4, 0x3, 0xa8000000, 0x80, 0x0, 0x5, 0x80, 0x8, 0x4, 0x1, 0x43], [0x10000007, 0x5, 0x8000012d, 0x8004, 0x5, 0xfffffff3, 0x129432e2, 0xc8, 0xf9, 0xe, 0x2bf, 0x1, 0x9, 0xfffffffc, 0x4, 0x10001, 0x0, 0x5, 0x2e, 0x4, 0x4, 0x78, 0xea4, 0xfff, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0x1000d, 0x4e0, 0x2, 0x4, 0xb, 0x3, 0x9, 0x4, 0xd, 0xe1, 0x47, 0x8000, 0xffffffff, 0xfe000000, 0xfffe, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x3, 0xfffffff8, 0x3], [0x5, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0x8, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x2, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0xc, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x3, 0x800003, 0x200, 0x83, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x2000005, 0x6, 0xac8, 0xbf, 0x4002, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x9, 0x1c, 0x120000, 0x3, 0x1, 0x80a2ed, 0x4, 0x25], [0x8000009, 0xbb33, 0x7, 0x9, 0x5, 0x938, 0x6, 0x6, 0x12, 0xb9, 0xce7, 0x1ff, 0x2, 0xfffffffb, 0x5, 0x3, 0x101, 0x10000, 0xa, 0x7fff, 0xffff, 0xa620, 0x1, 0x78b, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x1, 0xfffff000, 0x5, 0x8000003, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x101, 0xa1f, 0xf44, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0x1ff, 0xfffffffb]}, 0x45c) (async, rerun: 64) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) (async, rerun: 64) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)=@x86={0x3, 0x1, 0xfb, 0x0, 0x10005, 0x5, 0x3, 0xd4, 0x7, 0x2, 0x4, 0x1, 0x0, 0x7, 0x3, 0xd6, 0x5, 0x9, 0x6, '\x00', 0x8, 0x1}) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2.325254314s ago: executing program 2 (id=359): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, 0x0, 0x0) clock_getres(0x5, 0x0) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x2004050, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c77cade2b831c", @ANYRES8=r0, @ANYBLOB=',aname=#\',\x00']) ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(r2, 0x4068aea3, &(0x7f0000000000)={0xcc, 0x0, 0x1}) r3 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000380)={'team_slave_0\x00', &(0x7f0000000200)=@ethtool_sset_info={0x18, 0x0, 0x101}}) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r2, 0x4068aea3, &(0x7f0000000240)={0xa8, 0x0, 0x1}) r4 = socket(0x1e, 0x5, 0x0) landlock_create_ruleset(&(0x7f0000000340)={0xe, 0x0, 0x1}, 0x18, 0x3) connect$tipc(r4, &(0x7f0000000180)=@name={0x1e, 0x2, 0x0, {{}, 0x2}}, 0x10) connect$tipc(r4, &(0x7f0000000100)=@id={0x1e, 0x3, 0x3, {0x4e22, 0x3}}, 0x10) syz_usb_connect(0x5, 0x24, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r3, @ANYRES32=r1, @ANYRES32=r2, @ANYRESHEX=r1, @ANYRES8=r2, @ANYRES32=r3, @ANYRES16=r3, @ANYRESHEX=r0, @ANYRES16=r2, @ANYRES32=r3], 0x0) ioctl$EVIOCGNAME(r2, 0x80404506, &(0x7f00000001c0)=""/93) 2.230847989s ago: executing program 3 (id=361): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000440)=@ethtool_ringparam={0xe, 0x300, 0xffffffff, 0x0, 0x0, 0x1202, 0x80, 0x400e}}) 2.230741019s ago: executing program 3 (id=362): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000007d00)=[{&(0x7f00000001c0)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="b9ee0ff7d26ea15414acae22072ed7c24c08df4ec3bcec1e5bc5655e631f11ca15862d2cce2d50d3b0e2fa11e9d7ca267860ee5242680025814eee6351923d75b35548ce12a4f7d38dcd64750590092c6a77577ec03e009d295befe1ad44c3b797af43e4645bc0f6a57c0e9f0f69cdc4b36b79f69b0073194cc4788d2203633ae9ae5419f2d113a22e424f0f5bb21e94a8a4833b6ce82f70d48a2a65fc9049e58e322c5f978f3a2b642e3c7c25265159fb21f8e624"], 0x1c}], 0x1}, 0x80) r1 = socket$inet(0x2, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x10) sendto$inet(r1, 0x0, 0x0, 0x8004, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10) sendto$inet(r1, &(0x7f0000000040)="f50dff0071798871", 0x8, 0x800, &(0x7f0000000100)={0x2, 0x4e22, @multicast1}, 0x10) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pipe(&(0x7f0000000040)={0xffffffffffffffff}) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x1, 0x8}) setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x3e, &(0x7f00002cef88), 0x0) r4 = syz_usb_connect(0x0, 0x36, &(0x7f0000000540)=ANY=[@ANYBLOB="120141014813442024040075ee69010203010902240001000010000904b8070259d1ca000905060200020d0006090582020002"], 0x0) syz_usb_control_io$uac1(r4, 0x0, 0x0) syz_usb_control_io(r4, 0x0, &(0x7f0000000480)={0x84, &(0x7f0000000940)={0x40, 0xa, 0x4, "a0e763a8"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r4, 0x0, 0x0) syz_usb_control_io$uac1(r4, 0x0, &(0x7f0000000640)={0x44, &(0x7f0000000200)={0x0, 0xc, 0x4, "ca258375"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r4, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000000)=ANY=[@ANYBLOB="601004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r4, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r4, 0x0, &(0x7f00000005c0)={0x1c, &(0x7f0000000100)=ANY=[@ANYBLOB="205aba"], 0x0, 0x0}) linkat(r3, &(0x7f0000000080)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1000) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000000)={0x10, 0x0, &(0x7f0000000080)=[@clear_death], 0x0, 0x0, 0x0}) 1.543605583s ago: executing program 1 (id=369): r0 = userfaultfd(0x1) r1 = syz_open_dev$MSR(&(0x7f0000000000), 0x2, 0x0) ioctl$XFS_IOC_ERROR_INJECTION(r0, 0x40085874, &(0x7f0000000040)={r1, 0x878}) r2 = socket(0x1d, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000440)=@ethtool_ringparam={0xe, 0x0, 0xfffffffc, 0x0, 0x0, 0x1202, 0x80, 0x400c, 0x2}}) 1.539038704s ago: executing program 1 (id=370): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, 0x0, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000140)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, 0x0) r3 = dup2(r1, r1) syz_usb_connect$cdc_ncm(0x6, 0x9b, &(0x7f0000000040)=ANY=[@ANYBLOB="12015002020000002505a1a44000010203010902890002010420040904000001020d0000052406000105240006000d240f0106000000020006000606241a05ed0d0724140e00400005241500001524120004a317a88b045e4f01a607c0ffcb7e392a0c"], 0x0) syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf0002010650000900000000020d00000524060001082400a9b30d240f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c0900030424020204240200042402024424"], 0x0) syz_usb_connect(0x6, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12015002881f4320da040d251dea0102030109021b0001040580090904e001018b359e0909"], 0x0) syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_fuse_handle_req(r3, 0x0, 0x0, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000040)=0x1) accept4(r0, 0x0, 0x0, 0x800) 1.362764272s ago: executing program 0 (id=371): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup(r0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) openat$cgroup_ro(r1, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x0, 0x0) syz_usb_connect$uac1(0x2, 0x79, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000300000020f80600b04000010203010902670003010890000904000000010100000a24010200110002010207240802f00100090401000001020000090401010101020000090501090800030507072501080705000904020000ff02"], &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x3d}) 959.617232ms ago: executing program 1 (id=372): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x2003) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[], 0x17c}, 0x1, 0x0, 0x0, 0x24008004}, 0x40044) r3 = gettid() r4 = socket$igmp(0x2, 0x3, 0x2) getpeername$inet(r4, &(0x7f0000000180)={0x2, 0x0, @loopback}, &(0x7f00000001c0)=0x10) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = syz_open_procfs(r3, &(0x7f0000000140)='net/mcfilter6\x00') r7 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r7, 0x1, 0xa, &(0x7f0000000000)=0x3, 0x4) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r7, 0x6, 0x23, &(0x7f0000000080)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f00000000c0)=0x40) setsockopt$inet_int(r5, 0x0, 0x6, &(0x7f0000000100)=0x13, 0x4) sigaltstack(&(0x7f0000000000)={0x0, 0x80000001, 0x54797c198fc260f8}, 0x0) sigaltstack(&(0x7f0000000080)={0x0, 0x3}, 0x0) r8 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r8, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x35}}, 0x20000}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) ustat(0x105, 0x0) setsockopt$inet6_group_source_req(r8, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108) preadv(r6, &(0x7f0000000000)=[{&(0x7f0000000d00)=""/93, 0x5d}, {&(0x7f0000000d80)=""/4096, 0x1000}], 0x2, 0xb, 0x100) 959.341072ms ago: executing program 1 (id=373): r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0xa000, 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) inotify_init() r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_VOICE(r1, 0x112, 0x13, 0x0, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000140)={r2}, &(0x7f0000000180)={'enc=', 'raw', ' hash=', {'sha256-arm64\x00'}}, 0x0, 0x0) r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080), 0x280, 0x0) fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400) ioctl$BLKREPORTZONE(r3, 0xc0101282, &(0x7f00000000c0)={0x4, 0xa, 0x0, [{0x80000000, 0x13, 0x4, 0xb, 0xc2, 0x1, 0x3, '\x00', 0x10000}, {0xe0f, 0xad52, 0xffffffffffffffa1, 0x7, 0xb7, 0x40, 0x7, '\x00', 0x1ff}, {0x5, 0x906, 0x4, 0x2, 0x2, 0x7, 0x0, '\x00', 0x8}, {0x0, 0x4937, 0x80000001, 0x8, 0x9, 0x2, 0x9, '\x00', 0x10001}, {0x10001, 0x1ffe000000, 0x3, 0x6, 0x0, 0xf8, 0x80, '\x00', 0x32b5}, {0x4, 0x8135, 0xe0, 0xd, 0x7, 0x1, 0x3, '\x00', 0xfffffffffffffffb}, {0x6dab, 0x800, 0x9, 0xa4, 0x8, 0x2, 0x0, '\x00', 0x9b0}, {0x7, 0x7fffffff, 0x8, 0xf8, 0x4, 0x4, 0x8, '\x00', 0xff}, {0x7fffffffffffffff, 0x4, 0x7, 0x0, 0xac, 0x9, 0x0, '\x00', 0x69b}, {0x5, 0x112, 0x7, 0x1c, 0x0, 0x68, 0x6, '\x00', 0x2a}]}) ioctl$PTP_SYS_OFFSET(r0, 0x43403d05, 0x0) 958.734173ms ago: executing program 1 (id=374): r0 = socket$inet6(0xa, 0x2, 0x0) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000003000/0x2000)=nil) brk(0x20000005b000) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f00000008c0)={0x1c, 0x2, 0x3, 0x201, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x23}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000) brk(0x200000ffc000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x7, @empty, 0x3}, 0x1c) socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000001200)=[{&(0x7f00000001c0)="580000001400add427323b472545b45603117fffffff81004e210f227f000001925aa80020007b00090080007f000006e809000000ff0000f0c30e54e03ac71002000000ffffffffffffffffffe7ee0000000000000000020000000022b5f073851492682056c38e923ce792622c518d6039a2da145f0070871cba72b73f941778d9542d365cb7d06cdd3aa69ec71867ce2c822b1146159d8a16971de7fdb009430b72291364fee02924396e319e81fc649bf8bdf115c6", 0xb7}], 0x1) 422.000489ms ago: executing program 1 (id=375): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=@newspdinfo={0x1c, 0x24, 0x800, 0x70bd2c, 0x25dfdbff, 0x7, [@XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004041}, 0x20004004) sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="28965488", @ANYBLOB="000328bd7000fedbdf2501000000000000000b000000000c001473797a30"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x4) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x37, [0xfffffff8, 0x8, 0x5, 0x9, 0x7f, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1, 0x8, 0xd, 0x4, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10000, 0x0, 0x91, 0x4, 0x4, 0x16, 0x2, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x80, 0x2, 0x2, 0x2, 0x7, 0x1, 0x5, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x4, 0x19, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x5, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x8000, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x8, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x7, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x8003, 0x8, 0x14000, 0x1, 0x9]}, 0x45c) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0x8], 0x25000, 0x304}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = dup(r4) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 164.791132ms ago: executing program 0 (id=376): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r0) sendmsg$TIPC_CMD_SET_NETID(r0, &(0x7f0000002840)={0x0, 0x0, &(0x7f0000002800)={&(0x7f0000000000)={0x24, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {0xf00}, {0x8, 0x2, 0x1000}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x40) 104.124525ms ago: executing program 0 (id=377): r0 = socket$key(0xf, 0x3, 0x2) (async) socket$nl_xfrm(0x10, 0x3, 0x6) (async) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x100) io_setup(0x202, &(0x7f0000000200)=0x0) io_submit(r2, 0x1, &(0x7f0000000480)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x4, r1, &(0x7f0000000340)="8b", 0x1, 0x6}]) (async) socket$vsock_stream(0x28, 0x1, 0x0) (async) sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000300)=ANY=[@ANYBLOB="c400000019000100fcffffff00000000200100000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000020000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a00000000000000000000008040000000000000000008000000000000000000000000000000000c0015005b07350005000000"], 0xc4}}, 0x0) sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="021600000a0000000000000000000000080012000007a18208"], 0x50}}, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) (async) add_key$fscrypt_provisioning(&(0x7f0000000740), 0x0, &(0x7f00000007c0)={0x2, 0x48, @b}, 0x48, 0xffffffffffffffff) setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, &(0x7f0000000140)={'filter\x00', 0x7, 0x4, 0x3a0, 0x0, 0x0, 0x1d0, 0x2b8, 0x2b8, 0x2b8, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x388, 0x5}}}, {{@arp={@initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x34}, 0xffffffff, 0xffffff00, 0x6, 0x9, {@empty, {[0x0, 0xff, 0xff, 0xff, 0xff, 0xff]}}, {@empty, {[0x0, 0xff, 0x0, 0xff]}}, 0x5, 0x12d, 0x5201, 0x6, 0x4739, 0x0, 'tunl0\x00', 'nr0\x00', {}, {0xff}, 0x0, 0x61}, 0xc0, 0xe8, 0x0, {0xa00}}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffb}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x6, 0x0, 0x3}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f0) 79.740285ms ago: executing program 0 (id=378): r0 = socket$nl_generic(0x10, 0x3, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0}, &(0x7f0000000480)=0xc) mount$bpf(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x2000000, &(0x7f0000000500)=ANY=[@ANYBLOB='uZid', @ANYRESHEX=r1, @ANYBLOB=',\x00']) r2 = socket$inet6(0xa, 0x2, 0x0) r3 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f0000000140)={0x30, 0x5, 0x0, {0x0, 0x1, 0x1cd, 0xfffffff9}}, 0x30) setsockopt$inet6_int(r2, 0x29, 0x100000000001f, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xc) mkdirat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x80) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000040)={0xff, 0x8000000}) r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x103a00, 0x0) ioctl$IOC_PR_PREEMPT(r5, 0x401870cb, 0x0) 63.464217ms ago: executing program 0 (id=379): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001fe7dffeb91d123720ac9a6881fd2d6090fde7037d9bbbe5767d5fa0ca140fd09071e2a75e158a5be2c832d01166a8a31e1ac1729fdfdd0ba4ce54f12428ffa07a4d9709", @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf25140000000c00078008000200faffffff"], 0x20}, 0x1, 0x0, 0x0, 0x4800}, 0x894) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000005200010000000000000000000200000008000100", @ANYRES64], 0x1c}}, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r3) sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="bc0000009be9f6a2f2783e921e33eb27f817f8e4214cc8705d068c6539b7d2d5354e635d8f2dbbf2baa0521ee22f77445140275777ce483938dc431a48d70ff548f2541bb971", @ANYRES16=r4, @ANYBLOB="01002abd7000fddbdf250c00000008003700020000003c00508005000200020000000800040087adf4700500020000000000050009000200000009000100dbf8550cd40000000400050006000400faa3000005000800010000000d000a00d85f8d0d7a62d4a8490000001100070059b6add215a89851d8155de8040000000a00060008021100000000002c006e8004000200040001000400010004000100040001000400010004000200040001000400010004000200"], 0xbc}, 0x1, 0x0, 0x0, 0xa000}, 0x4000) ioctl$sock_SIOCETHTOOL(r3, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x8, 0x0, 0xfffffffe}}) 0s ago: executing program 0 (id=380): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x74, 0x101301) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x200000000000, 0x0) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000003280)={0x73622a85, 0xa, 0x4}) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0}) r4 = dup3(r3, r2, 0x0) r5 = socket$can_bcm(0x1d, 0x2, 0x2) setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x41, &(0x7f0000000000)=0x62b9, 0x4) write$binfmt_elf32(r4, &(0x7f0000000880)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x1, 0x5, 0xe, 0x6, 0x3, 0x6, 0x3, 0x382, 0x38, 0x10e, 0x1, 0x0, 0x20, 0x2, 0x1, 0x6, 0xdef9}, [{0x1, 0xfffff801, 0x6, 0x6, 0x7fffffff, 0xcf, 0x3, 0x6}, {0x6, 0xe28, 0xc, 0x9, 0x5, 0xffffffff, 0xffffff50, 0x4}], "f7dcf86a2dc65136ba0ef7a870fc84c5c539c5c8b433bf00589b5bce486eb04fbcf656956df43036737ed19051ea714be96a8698dbff1226beebe37d3adbf4b661a2da2c2f8253ea093c2b1d946302d4845fe6d711962cbfb54f084bac679c", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x7d7) connect$can_bcm(r5, &(0x7f00000005c0), 0x10) recvmmsg(r5, &(0x7f00000099c0)=[{{0x0, 0x0, 0x0}, 0x8000}], 0x1, 0x10002, 0x0) sendmsg$can_bcm(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x10000000000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0xfffffffffffffffd}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0xffffffffffffff67, 0x0, 0x0}) fsetxattr$security_selinux(r5, &(0x7f0000000280), &(0x7f0000000400)='system_u:object_r:newrole_exec_t:s0\x00', 0x24, 0x3) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000800)={@ptr={0x66642a85, 0x0, 0x0, 0x0, 0x2, 0x2a}, @ptr={0x77682a85, 0x20000000, 0x0, 0x0, 0x1, 0x26}, @fda={0x66646185, 0x9, 0x1, 0xbb}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1040}], 0x0, 0x0, 0x0}) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_netfilter(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380400001100010400000000000000000a00000008000200", @ANYRES32, @ANYBLOB="1c040080170413"], 0x438}}, 0x0) ioctl$EVIOCGKEYCODE(r1, 0x80084504, 0x0) r8 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r8, &(0x7f0000000080)={0xa, 0x4e21, 0x5875, @mcast1, 0x4}, 0x1c) r9 = syz_open_procfs(0x0, &(0x7f00000005c0)='net/udplite6\x00') preadv(r9, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/236, 0xec}], 0x1, 0xfc, 0xfffff001) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.255' (ED25519) to the list of known hosts. [ 25.148610][ T36] audit: type=1400 audit(1773784481.760:64): avc: denied { mounton } for pid=282 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 25.152346][ T282] cgroup: Unknown subsys name 'net' [ 25.171489][ T36] audit: type=1400 audit(1773784481.760:65): avc: denied { mount } for pid=282 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 25.199318][ T36] audit: type=1400 audit(1773784481.790:66): avc: denied { unmount } for pid=282 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 25.200080][ T282] cgroup: Unknown subsys name 'devices' [ 25.368019][ T282] cgroup: Unknown subsys name 'hugetlb' [ 25.373777][ T282] cgroup: Unknown subsys name 'rlimit' [ 25.569074][ T36] audit: type=1400 audit(1773784482.180:67): avc: denied { setattr } for pid=282 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 25.593152][ T36] audit: type=1400 audit(1773784482.180:68): avc: denied { mounton } for pid=282 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 25.618064][ T36] audit: type=1400 audit(1773784482.180:69): avc: denied { mount } for pid=282 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 25.642616][ T284] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 25.651510][ T36] audit: type=1400 audit(1773784482.260:70): avc: denied { relabelto } for pid=284 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 25.677417][ T36] audit: type=1400 audit(1773784482.260:71): avc: denied { write } for pid=284 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 25.703675][ T36] audit: type=1400 audit(1773784482.310:72): avc: denied { read } for pid=282 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 25.705142][ T282] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 25.729209][ T36] audit: type=1400 audit(1773784482.310:73): avc: denied { open } for pid=282 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 26.592056][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.599659][ T289] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.606980][ T289] bridge_slave_0: entered allmulticast mode [ 26.613777][ T289] bridge_slave_0: entered promiscuous mode [ 26.620717][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.628271][ T289] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.635568][ T289] bridge_slave_1: entered allmulticast mode [ 26.641936][ T289] bridge_slave_1: entered promiscuous mode [ 26.690564][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.697765][ T290] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.704960][ T290] bridge_slave_0: entered allmulticast mode [ 26.711399][ T290] bridge_slave_0: entered promiscuous mode [ 26.719508][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.726965][ T290] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.734308][ T290] bridge_slave_1: entered allmulticast mode [ 26.741065][ T290] bridge_slave_1: entered promiscuous mode [ 26.773975][ T292] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.781091][ T292] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.788318][ T292] bridge_slave_0: entered allmulticast mode [ 26.794797][ T292] bridge_slave_0: entered promiscuous mode [ 26.803247][ T292] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.810397][ T292] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.817535][ T292] bridge_slave_1: entered allmulticast mode [ 26.823995][ T292] bridge_slave_1: entered promiscuous mode [ 26.873875][ T291] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.881108][ T291] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.888346][ T291] bridge_slave_0: entered allmulticast mode [ 26.894695][ T291] bridge_slave_0: entered promiscuous mode [ 26.904423][ T291] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.911564][ T291] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.918798][ T291] bridge_slave_1: entered allmulticast mode [ 26.925046][ T291] bridge_slave_1: entered promiscuous mode [ 27.048170][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.055268][ T290] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.062682][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.069814][ T290] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.081188][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.088401][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.096434][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.103616][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.137232][ T292] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.144327][ T292] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.151696][ T292] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.158803][ T292] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.176532][ T291] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.183912][ T291] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.191885][ T291] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.198973][ T291] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.243123][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.251048][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.259688][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.267272][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.274760][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.283800][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.292150][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.302278][ T44] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.309394][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.329538][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.336677][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.344446][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.351630][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.359492][ T44] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.366711][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.374438][ T44] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.381538][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.398489][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.405676][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.416430][ T44] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.423521][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.483259][ T290] veth0_vlan: entered promiscuous mode [ 27.508831][ T290] veth1_macvtap: entered promiscuous mode [ 27.522671][ T289] veth0_vlan: entered promiscuous mode [ 27.534021][ T292] veth0_vlan: entered promiscuous mode [ 27.542996][ T291] veth0_vlan: entered promiscuous mode [ 27.561560][ T289] veth1_macvtap: entered promiscuous mode [ 27.588074][ T290] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 27.614230][ T292] veth1_macvtap: entered promiscuous mode [ 27.644451][ T291] veth1_macvtap: entered promiscuous mode [ 27.655852][ T333] process 'syz.2.3' launched './file1' with NULL argv: empty string added [ 27.819842][ T343] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 27.939544][ T348] netlink: 72 bytes leftover after parsing attributes in process `syz.1.6'. [ 28.206241][ T330] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 28.355586][ T330] usb 1-1: Using ep0 maxpacket: 16 [ 28.363792][ T330] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 28.373097][ T330] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 28.381201][ T330] usb 1-1: Product: syz [ 28.385388][ T330] usb 1-1: Manufacturer: syz [ 28.390259][ T330] usb 1-1: SerialNumber: syz [ 28.400982][ T330] r8152-cfgselector 1-1: Unknown version 0x0000 [ 28.407759][ T330] r8152-cfgselector 1-1: config 0 descriptor?? [ 28.835665][ T46] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 28.987170][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 28.998473][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64 [ 29.009691][ T46] usb 2-1: New USB device found, idVendor=0404, idProduct=0755, bcdDevice= 0.00 [ 29.019335][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 29.029970][ T46] usb 2-1: config 0 descriptor?? [ 29.035420][ T367] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 29.249967][ T367] netlink: 'syz.1.13': attribute type 5 has an invalid length. [ 29.267670][ T367] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 120, limit: 120, size: 4096) [ 29.267712][ T367] rust_binder: Error while translating object. [ 29.278548][ T367] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 29.285118][ T367] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:19 [ 29.755543][ T330] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 29.922955][ T330] usb 4-1: New USB device found, idVendor=07cf, idProduct=6802, bcdDevice= 0.40 [ 29.934708][ T330] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 29.943507][ T330] usb 4-1: Product: syz [ 29.948352][ T330] usb 4-1: Manufacturer: syz [ 29.953105][ T330] usb 4-1: SerialNumber: syz [ 30.273627][ T36] kauditd_printk_skb: 73 callbacks suppressed [ 30.273648][ T36] audit: type=1400 audit(1773784486.880:147): avc: denied { unmount } for pid=292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 30.306919][ T330] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -2 [ 30.321310][ T350] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 30.330575][ T330] usb 4-1: USB disconnect, device number 2 [ 30.346925][ T332] udevd[332]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 30.378376][ T415] FAULT_INJECTION: forcing a failure. [ 30.378376][ T415] name failslab, interval 1, probability 0, space 0, times 1 [ 30.397567][ T415] CPU: 0 UID: 0 PID: 415 Comm: syz.1.29 Not tainted syzkaller #0 6e9554c60025b20768244e67b1d15d7ce813f552 [ 30.397607][ T415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 30.397627][ T415] Call Trace: [ 30.397634][ T415] [ 30.397643][ T415] __dump_stack+0x21/0x30 [ 30.397683][ T415] dump_stack_lvl+0x140/0x1c0 [ 30.397708][ T415] ? __cfi_dump_stack_lvl+0x10/0x10 [ 30.397736][ T415] dump_stack+0x19/0x20 [ 30.397763][ T415] should_fail_ex+0x3d7/0x530 [ 30.397790][ T415] should_failslab+0xac/0x100 [ 30.397809][ T415] kmem_cache_alloc_noprof+0x42/0x410 [ 30.397843][ T415] ? vm_area_alloc+0x3f/0x190 [ 30.397859][ T415] vm_area_alloc+0x3f/0x190 [ 30.397872][ T415] mmap_region+0xd08/0x1d60 [ 30.397918][ T415] ? __kernel_text_address+0x11/0x40 [ 30.397944][ T415] ? __cfi_mmap_region+0x10/0x10 [ 30.397972][ T415] ? __cfi_arch_get_unmapped_area_topdown+0x10/0x10 [ 30.398010][ T415] ? __kasan_check_read+0x15/0x20 [ 30.398032][ T415] ? __get_unmapped_area+0x406/0x470 [ 30.398071][ T415] do_mmap+0xb85/0x13c0 [ 30.398100][ T415] ? __cfi_do_mmap+0x10/0x10 [ 30.398125][ T415] ? down_write_killable+0xee/0x2d0 [ 30.398151][ T415] ? __cfi_down_write_killable+0x10/0x10 [ 30.398168][ T415] vm_mmap_pgoff+0x36e/0x4b0 [ 30.398189][ T415] ? __cfi_vm_mmap_pgoff+0x10/0x10 [ 30.398228][ T415] ? ksys_write+0x1f3/0x260 [ 30.398258][ T415] ksys_mmap_pgoff+0xfa/0x1e0 [ 30.398286][ T415] __x64_sys_mmap+0x121/0x140 [ 30.398315][ T415] x64_sys_call+0x13bf/0x2ee0 [ 30.398337][ T415] do_syscall_64+0x57/0xf0 [ 30.398373][ T415] ? clear_bhb_loop+0x50/0xa0 [ 30.398401][ T415] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 30.398434][ T415] RIP: 0033:0x7f234079c799 [ 30.398458][ T415] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 30.398478][ T415] RSP: 002b:00007f23416d4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 30.398498][ T415] RAX: ffffffffffffffda RBX: 00007f2340a15fa0 RCX: 00007f234079c799 [ 30.398528][ T415] RDX: 0000000002000003 RSI: 0000000000b36000 RDI: 0000200000000000 [ 30.398544][ T415] RBP: 00007f23416d4090 R08: ffffffffffffffff R09: 0000000000000000 [ 30.398558][ T415] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000001 [ 30.398571][ T415] R13: 00007f2340a16038 R14: 00007f2340a15fa0 R15: 00007ffeffc995c8 [ 30.398589][ T415] [ 30.662730][ T36] audit: type=1400 audit(1773784487.270:148): avc: denied { write } for pid=418 comm="syz.1.31" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 30.663018][ T419] netlink: 156 bytes leftover after parsing attributes in process `syz.1.31'. [ 30.682939][ T36] audit: type=1400 audit(1773784487.270:149): avc: denied { nlmsg_write } for pid=418 comm="syz.1.31" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 30.726759][ T350] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 30.738184][ T350] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 30.748003][ T350] usb 3-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 30.757228][ T350] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 30.766203][ T350] usb 3-1: config 0 descriptor?? [ 30.828684][ T66] r8152-cfgselector 1-1: USB disconnect, device number 2 [ 30.971323][ T36] audit: type=1400 audit(1773784487.580:150): avc: denied { ioctl } for pid=421 comm="syz.0.32" path="socket:[4683]" dev="sockfs" ino=4683 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 31.052651][ T36] audit: type=1400 audit(1773784487.660:151): avc: denied { map } for pid=421 comm="syz.0.32" path="socket:[4683]" dev="sockfs" ino=4683 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 31.075755][ T36] audit: type=1400 audit(1773784487.690:152): avc: denied { read } for pid=421 comm="syz.0.32" path="socket:[4683]" dev="sockfs" ino=4683 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 31.178253][ T350] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0 [ 31.187735][ T350] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0 [ 31.195204][ T350] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0 [ 31.206104][ T350] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0 [ 31.213703][ T350] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0 [ 31.223968][ T350] playstation 0003:054C:0DF2.0001: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.2-1/input0 [ 31.378232][ T350] playstation 0003:054C:0DF2.0001: Invalid byte count transferred, expected 20 got 0 [ 31.387918][ T350] playstation 0003:054C:0DF2.0001: Failed to retrieve DualSense pairing info: -22 [ 31.398246][ T350] playstation 0003:054C:0DF2.0001: Failed to get MAC address from DualSense [ 31.407232][ T350] playstation 0003:054C:0DF2.0001: Failed to create dualsense. [ 31.423264][ T350] playstation 0003:054C:0DF2.0001: probe with driver playstation failed with error -22 [ 31.459451][ T36] audit: type=1400 audit(1773784488.060:153): avc: denied { setopt } for pid=437 comm="syz.1.36" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 31.493280][ T36] audit: type=1400 audit(1773784488.060:154): avc: denied { connect } for pid=437 comm="syz.1.36" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 31.514048][ T36] audit: type=1400 audit(1773784488.060:155): avc: denied { write } for pid=437 comm="syz.1.36" laddr=fe80::a8aa:aaff:feaa:aaaa lport=6 faddr=fc00::1 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 31.629956][ T36] audit: type=1400 audit(1773784488.240:156): avc: denied { create } for pid=439 comm="syz.1.37" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 31.650726][ T440] netlink: 64 bytes leftover after parsing attributes in process `syz.1.37'. [ 31.662907][ T440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 31.672100][ T440] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 31.682045][ T440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 31.691122][ T440] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 32.230963][ T453] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 32.239687][ T453] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 32.563144][ T463] SELinux: policydb string length 536870920 does not match expected length 8 [ 32.572547][ T463] SELinux: failed to load policy [ 32.751750][ T476] netlink: 68 bytes leftover after parsing attributes in process `syz.0.50'. [ 32.773996][ T476] netlink: 'syz.0.50': attribute type 1 has an invalid length. [ 32.945938][ T490] FAULT_INJECTION: forcing a failure. [ 32.945938][ T490] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 32.959274][ T490] CPU: 1 UID: 0 PID: 490 Comm: syz.0.56 Not tainted syzkaller #0 6e9554c60025b20768244e67b1d15d7ce813f552 [ 32.959307][ T490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 32.959319][ T490] Call Trace: [ 32.959327][ T490] [ 32.959335][ T490] __dump_stack+0x21/0x30 [ 32.959369][ T490] dump_stack_lvl+0x140/0x1c0 [ 32.959398][ T490] ? __cfi_dump_stack_lvl+0x10/0x10 [ 32.959429][ T490] ? do_vfs_ioctl+0x182d/0x2010 [ 32.959461][ T490] ? __ia32_compat_sys_ioctl+0x920/0x920 [ 32.959493][ T490] dump_stack+0x19/0x20 [ 32.959518][ T490] should_fail_ex+0x3d7/0x530 [ 32.959542][ T490] should_fail+0xf/0x20 [ 32.959564][ T490] should_fail_usercopy+0x1e/0x30 [ 32.959590][ T490] _copy_from_user+0x20/0xa0 [ 32.959620][ T490] kvm_vm_ioctl+0x72b/0xc60 [ 32.959647][ T490] ? __cfi_kvm_vm_ioctl+0x10/0x10 [ 32.959675][ T490] ? ioctl_has_perm+0x408/0x500 [ 32.959701][ T490] ? has_cap_mac_admin+0xd0/0xd0 [ 32.959743][ T490] ? proc_fail_nth_write+0x184/0x220 [ 32.959768][ T490] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 32.959797][ T490] ? selinux_file_ioctl+0x732/0x1480 [ 32.959821][ T490] ? vfs_write+0x9a4/0xf90 [ 32.959848][ T490] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 32.959873][ T490] ? __cfi_vfs_write+0x10/0x10 [ 32.959900][ T490] ? __kasan_check_write+0x18/0x20 [ 32.959929][ T490] ? mutex_unlock+0x90/0x240 [ 32.959961][ T490] ? __cfi_mutex_unlock+0x10/0x10 [ 32.959990][ T490] ? __fget_files+0x2c5/0x340 [ 32.960024][ T490] ? __fget_files+0x2c5/0x340 [ 32.960056][ T490] ? bpf_lsm_file_ioctl+0xd/0x20 [ 32.960084][ T490] ? security_file_ioctl+0x3e/0x110 [ 32.960109][ T490] ? __cfi_kvm_vm_ioctl+0x10/0x10 [ 32.960136][ T490] __se_sys_ioctl+0x132/0x1b0 [ 32.960170][ T490] __x64_sys_ioctl+0x7f/0xa0 [ 32.960201][ T490] x64_sys_call+0x1878/0x2ee0 [ 32.960230][ T490] do_syscall_64+0x57/0xf0 [ 32.960266][ T490] ? clear_bhb_loop+0x50/0xa0 [ 32.960296][ T490] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 32.960324][ T490] RIP: 0033:0x7f223719c799 [ 32.960342][ T490] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 32.960360][ T490] RSP: 002b:00007f2238099028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 32.960384][ T490] RAX: ffffffffffffffda RBX: 00007f2237415fa0 RCX: 00007f223719c799 [ 32.960399][ T490] RDX: 0000200000000380 RSI: 000000004068aea3 RDI: 0000000000000005 [ 32.960413][ T490] RBP: 00007f2238099090 R08: 0000000000000000 R09: 0000000000000000 [ 32.960427][ T490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 32.960439][ T490] R13: 00007f2237416038 R14: 00007f2237415fa0 R15: 00007ffc7e6be8b8 [ 32.960458][ T490] [ 33.253675][ T350] usb 3-1: USB disconnect, device number 2 [ 33.330662][ T496] netlink: 36 bytes leftover after parsing attributes in process `syz.0.59'. [ 33.535695][ T420] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 33.686681][ T420] usb 4-1: config 84 has an invalid interface number: 116 but max is 0 [ 33.695084][ T420] usb 4-1: config 84 has an invalid descriptor of length 251, skipping remainder of the config [ 33.706322][ T420] usb 4-1: config 84 has no interface number 0 [ 33.712982][ T420] usb 4-1: config 84 interface 116 has no altsetting 0 [ 33.722339][ T420] usb 4-1: New USB device found, idVendor=18ec, idProduct=3290, bcdDevice= a.66 [ 33.732132][ T420] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 33.740417][ T420] usb 4-1: Product: syz [ 33.744686][ T420] usb 4-1: Manufacturer: syz [ 33.749480][ T420] usb 4-1: SerialNumber: syz [ 33.775740][ T66] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 33.919821][ T509] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 33.926999][ T66] usb 1-1: Using ep0 maxpacket: 8 [ 33.930369][ T509] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 33.942875][ T66] usb 1-1: unable to get BOS descriptor or descriptor too short [ 33.944331][ T509] SELinux: Context system_u:object_r:system_map_t:s0 is not valid (left unmapped). [ 33.955719][ T66] usb 1-1: New USB device found, idVendor=0944, idProduct=0204, bcdDevice= 0.40 [ 33.969515][ T66] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 33.977643][ T66] usb 1-1: Product: 땵嫛䷵簓仱獤㓛櫵䵉⭫ẉ膺볒阋찤늲’쎦怣洈᛿聻ೞ⥲㎇ᚒᨆះ牸搰泖㡱똲硴稞䪕ᅫ逄Ⓠꃁ☽﨡ᢙ㹔冪澛湷먑ឞ嫳 [ 33.996803][ T66] usb 1-1: Manufacturer: ఌ [ 34.001504][ T66] usb 1-1: SerialNumber: 혧炱洉肷뢁睥願❺䌨ꦱ㙠毗篁郎쇿옽鮏뜹垬誈쓙㘫嬵幺굆⁂穕鈅훍䕮ꇟᑆ༇ţꬣꅾ懰❴ﻋ贗蔩稜톈ꘇ뷃⿮鳘௬毫籍ӓ豮툹ﯶ먷끰ᄈ熚붧丧繌繳풼힡犻ႁ鳎父﫱・킚炯榙냐륃໚䏏῿耯ꊤ⚸멆罐ꆝ캠퓸띆ꮉ왐堤퐩␾䫫땑諌聃꺨 [ 34.065700][ T420] usb 4-1: USB disconnect, device number 3 [ 34.111505][ T46] usbhid 2-1:0.0: can't add hid device: -32 [ 34.121119][ T46] usbhid 2-1:0.0: probe with driver usbhid failed with error -32 [ 34.163887][ T517] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 34.173349][ T517] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 34.256237][ T66] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 34.263725][ T66] usb 1-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 34.276430][ T66] usb 1-1: USB disconnect, device number 3 [ 35.175524][ T350] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 35.325497][ T350] usb 4-1: Using ep0 maxpacket: 32 [ 35.333040][ T350] usb 4-1: unable to get BOS descriptor or descriptor too short [ 35.342515][ T350] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 35.354963][ T350] usb 4-1: New USB device found, idVendor=2b53, idProduct=0024, bcdDevice= 0.40 [ 35.365508][ T350] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 35.373585][ T350] usb 4-1: Product: syz [ 35.378630][ T350] usb 4-1: Manufacturer: syz [ 35.383278][ T350] usb 4-1: SerialNumber: syz [ 35.598190][ T350] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 35.609019][ T350] snd-usb-audio 4-1:1.1: probe with driver snd-usb-audio failed with error -22 [ 35.628213][ T350] snd-usb-audio 4-1:1.2: probe with driver snd-usb-audio failed with error -22 [ 35.638896][ T350] usb 4-1: USB disconnect, device number 4 [ 35.651982][ T349] udevd[349]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.2/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 35.692862][ T560] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 35.701608][ T560] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 35.710518][ T560] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 35.719517][ T560] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 35.727592][ T542] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 35.886768][ T542] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 35.897766][ T542] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 35.907594][ T542] usb 3-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 35.916741][ T542] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 35.925494][ T542] usb 3-1: config 0 descriptor?? [ 36.337210][ T542] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0 [ 36.345679][ T542] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0 [ 36.353146][ T542] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0 [ 36.360988][ T542] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0 [ 36.364493][ T36] kauditd_printk_skb: 34 callbacks suppressed [ 36.364545][ T36] audit: type=1400 audit(1773784492.980:191): avc: denied { mounton } for pid=563 comm="syz.1.88" path="/proc/66/cgroup" dev="proc" ino=6557 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 36.369188][ T542] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0 [ 36.405500][ T350] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 36.414300][ T542] playstation 0003:054C:0DF2.0002: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.2-1/input0 [ 36.487028][ T36] audit: type=1400 audit(1773784493.080:192): avc: denied { append } for pid=568 comm="syz.0.89" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 36.545109][ T542] playstation 0003:054C:0DF2.0002: Invalid byte count transferred, expected 20 got 0 [ 36.554966][ T542] playstation 0003:054C:0DF2.0002: Failed to retrieve DualSense pairing info: -22 [ 36.564864][ T542] playstation 0003:054C:0DF2.0002: Failed to get MAC address from DualSense [ 36.574068][ T542] playstation 0003:054C:0DF2.0002: Failed to create dualsense. [ 36.583030][ T350] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 36.594417][ T350] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 36.607474][ T542] playstation 0003:054C:0DF2.0002: probe with driver playstation failed with error -22 [ 36.617493][ T350] usb 4-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 36.641364][ T350] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 36.663822][ T350] usb 4-1: config 0 descriptor?? [ 37.073180][ T350] playstation 0003:054C:0DF2.0003: unknown main item tag 0x0 [ 37.080719][ T350] playstation 0003:054C:0DF2.0003: unknown main item tag 0x0 [ 37.088559][ T350] playstation 0003:054C:0DF2.0003: unknown main item tag 0x0 [ 37.096245][ T350] playstation 0003:054C:0DF2.0003: unknown main item tag 0x0 [ 37.103866][ T350] playstation 0003:054C:0DF2.0003: unknown main item tag 0x0 [ 37.112480][ T350] playstation 0003:054C:0DF2.0003: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.3-1/input0 [ 37.251873][ T36] audit: type=1400 audit(1773784493.860:193): avc: denied { unmount } for pid=291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 37.276240][ T350] playstation 0003:054C:0DF2.0003: Invalid byte count transferred, expected 20 got 0 [ 37.286435][ T350] playstation 0003:054C:0DF2.0003: Failed to retrieve DualSense pairing info: -22 [ 37.295922][ T350] playstation 0003:054C:0DF2.0003: Failed to get MAC address from DualSense [ 37.305439][ T350] playstation 0003:054C:0DF2.0003: Failed to create dualsense. [ 37.316499][ T350] playstation 0003:054C:0DF2.0003: probe with driver playstation failed with error -22 [ 37.393888][ T583] syzkaller0: entered promiscuous mode [ 37.399585][ T583] syzkaller0: entered allmulticast mode [ 37.488128][ T585] netlink: 'syz.1.95': attribute type 33 has an invalid length. [ 37.566901][ T587] syzkaller0: entered promiscuous mode [ 37.572540][ T587] syzkaller0: entered allmulticast mode [ 37.634581][ T36] audit: type=1400 audit(1773784494.240:194): avc: denied { relabelfrom } for pid=590 comm="syz.1.98" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 37.662971][ T36] audit: type=1400 audit(1773784494.240:195): avc: denied { relabelto } for pid=590 comm="syz.1.98" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 37.889062][ T594] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 37.897855][ T594] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 37.975569][ T46] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 38.126683][ T46] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 38.138990][ T46] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 38.148137][ T46] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 38.156237][ T46] usb 1-1: Product: syz [ 38.160453][ T46] usb 1-1: SerialNumber: syz [ 38.425937][ T601] syzkaller0: entered promiscuous mode [ 38.431594][ T601] syzkaller0: entered allmulticast mode [ 38.470080][ T350] usb 3-1: USB disconnect, device number 3 [ 38.486893][ T603] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 38.494625][ T603] SELinux: failed to load policy [ 38.611846][ T36] audit: type=1400 audit(1773784495.220:196): avc: denied { create } for pid=612 comm="syz.1.107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 38.631317][ T36] audit: type=1400 audit(1773784495.220:197): avc: denied { getopt } for pid=612 comm="syz.1.107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 38.650916][ T36] audit: type=1400 audit(1773784495.220:198): avc: denied { mount } for pid=612 comm="syz.1.107" name="/" dev="configfs" ino=2625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 38.673785][ T36] audit: type=1400 audit(1773784495.220:199): avc: denied { search } for pid=612 comm="syz.1.107" name="/" dev="configfs" ino=2625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 38.695943][ T36] audit: type=1400 audit(1773784495.220:200): avc: denied { read } for pid=612 comm="syz.1.107" name="/" dev="configfs" ino=2625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 39.129905][ T542] usb 4-1: USB disconnect, device number 5 [ 39.175498][ T46] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 39.182127][ T46] cdc_ncm 1-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 39.189891][ T46] cdc_ncm 1-1:1.0: setting rx_max = 2048 [ 39.297198][ T640] kvm: kvm [639]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00 [ 39.306275][ T640] kvm: kvm [639]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00 [ 39.378314][ T46] cdc_ncm 1-1:1.0: setting tx_max = 184 [ 39.392568][ T46] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 39.419845][ T46] usb 1-1: USB disconnect, device number 4 [ 39.431115][ T46] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP) [ 39.489013][ T648] capability: warning: `syz.2.119' uses deprecated v2 capabilities in a way that may be insecure [ 39.508225][ T648] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=648 comm=syz.2.119 [ 39.655132][ T667] tipc: Started in network mode [ 39.665588][ T667] tipc: Node identity , cluster identity 4711 [ 39.672187][ T667] tipc: Failed to obtain node identity [ 39.678083][ T667] tipc: Enabling of bearer rejected, failed to enable media [ 40.026679][ T709] fuse: Bad value for 'max_read' [ 40.033199][ T704] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000 [ 40.183654][ T719] netlink: 5 bytes leftover after parsing attributes in process `syz.1.137'. [ 40.270387][ T722] netlink: 8 bytes leftover after parsing attributes in process `syz.0.138'. [ 40.449156][ T727] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 40.462534][ T727] Zero length message leads to an empty skb [ 40.754805][ T739] mmap: syz.1.146 (739) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 40.808237][ T739] pim6reg1: tun_chr_ioctl cmd 1074025677 [ 40.855589][ T739] pim6reg1: linktype set to 517 [ 41.242993][ T758] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 41.252783][ T758] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 41.264594][ T758] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 41.281588][ T758] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 41.393272][ T36] kauditd_printk_skb: 41 callbacks suppressed [ 41.393292][ T36] audit: type=1400 audit(1773784498.010:240): avc: denied { connect } for pid=753 comm="syz.2.151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 41.498740][ T36] audit: type=1400 audit(1773784498.110:241): avc: denied { mounton } for pid=764 comm="syz.0.155" path="/28/file0" dev="tmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 41.566100][ T36] audit: type=1400 audit(1773784498.180:242): avc: denied { create } for pid=772 comm="syz.3.157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 41.586373][ T36] audit: type=1400 audit(1773784498.190:243): avc: denied { bind } for pid=772 comm="syz.3.157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 41.806808][ T777] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 41.815627][ T420] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 41.815739][ T777] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 41.955635][ T420] usb 4-1: device descriptor read/64, error -71 [ 42.195567][ T420] usb 4-1: device descriptor read/64, error -71 [ 42.342923][ T791] netlink: 'syz.2.163': attribute type 12 has an invalid length. [ 42.385010][ T36] audit: type=1400 audit(1773784498.990:244): avc: denied { bind } for pid=795 comm="syz.1.165" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 42.426087][ T36] audit: type=1400 audit(1773784499.040:245): avc: denied { write } for pid=797 comm="syz.0.166" name="binder1" dev="binder" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 42.451851][ T420] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 42.593599][ T36] audit: type=1400 audit(1773784499.200:246): avc: denied { mounton } for pid=802 comm="syz.0.168" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 42.617827][ T420] usb 4-1: device descriptor read/64, error -71 [ 42.648267][ T815] netlink: 'syz.1.172': attribute type 4 has an invalid length. [ 42.701415][ T815] kvm: kvm [814]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0xfffffc18 [ 42.716414][ T815] kvm: kvm [814]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x186) = 0xfffffc18 [ 42.725778][ T815] kvm: kvm [814]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x187) = 0xfffffc18 [ 42.875553][ T420] usb 4-1: device descriptor read/64, error -71 [ 42.970843][ T36] audit: type=1400 audit(1773784499.580:247): avc: denied { mount } for pid=823 comm="syz.1.176" name="/" dev="ramfs" ino=8795 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 42.996812][ T420] usb usb4-port1: attempt power cycle [ 43.062353][ T826] fuse: Bad value for 'fd' [ 43.066948][ T36] audit: type=1400 audit(1773784499.670:248): avc: denied { mounton } for pid=823 comm="syz.1.176" path="/file0" dev="ramfs" ino=8797 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1 [ 43.162406][ T36] audit: type=1400 audit(1773784499.770:249): avc: denied { create } for pid=829 comm="syz.1.178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 43.288255][ T837] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 43.299907][ T837] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 43.355487][ T420] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 43.376967][ T420] usb 4-1: device descriptor read/8, error -71 [ 43.511415][ T420] usb 4-1: device descriptor read/8, error -71 [ 43.755619][ T66] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 43.763477][ T420] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 43.786912][ T420] usb 4-1: device descriptor read/8, error -71 [ 43.832951][ T853] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=853 comm=syz.1.186 [ 43.845864][ T853] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2584 sclass=netlink_route_socket pid=853 comm=syz.1.186 [ 43.879217][ T855] x_tables: unsorted underflow at hook 3 [ 43.916577][ T420] usb 4-1: device descriptor read/8, error -71 [ 43.926858][ T66] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 43.940787][ T66] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 43.954083][ T66] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 43.954184][ T858] sit0: entered promiscuous mode [ 43.954214][ T66] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 43.968635][ T858] netlink: 'syz.1.188': attribute type 1 has an invalid length. [ 43.977888][ T66] usb 3-1: config 0 descriptor?? [ 43.989812][ T858] netlink: 'syz.1.188': attribute type 3 has an invalid length. [ 44.026457][ T420] usb usb4-port1: unable to enumerate USB device [ 44.054239][ T861] netlink: 'syz.1.189': attribute type 27 has an invalid length. [ 44.062139][ T862] netlink: 'syz.1.189': attribute type 27 has an invalid length. [ 44.200023][ T66] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 44.207700][ T66] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 44.215161][ T66] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 44.222749][ T66] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 44.230220][ T66] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 44.237748][ T66] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 44.245202][ T66] plantronics 0003:047F:FFFF.0004: item fetching failed at offset 13/15 [ 44.254495][ T66] plantronics 0003:047F:FFFF.0004: parse failed [ 44.261319][ T66] plantronics 0003:047F:FFFF.0004: probe with driver plantronics failed with error -22 [ 44.399740][ T66] usb 3-1: USB disconnect, device number 4 [ 44.447236][ T867] fuse: Unknown parameter '' [ 44.899180][ T877] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 44.927940][ T877] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 45.038822][ T883] fuse: Bad value for 'fd' [ 45.085101][ T885] x_tables: unsorted underflow at hook 3 [ 45.372305][ T898] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 45.398749][ T898] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 45.415999][ T898] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 45.434888][ T898] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 45.471342][ T898] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 45.486598][ T898] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 45.495951][ T898] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 45.511601][ T898] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 45.545506][ T898] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 45.556634][ T898] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 45.605478][ T350] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 45.775538][ T350] usb 3-1: Using ep0 maxpacket: 16 [ 45.808297][ T350] usb 3-1: unable to get BOS descriptor or descriptor too short [ 45.817213][ T910] rust_binder: Error while translating object. [ 45.817267][ T910] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 45.827619][ T350] usb 3-1: New USB device found, idVendor=0e41, idProduct=4249, bcdDevice= 0.40 [ 45.831458][ T910] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:201 [ 45.837442][ T350] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 45.886528][ T913] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=913 comm=syz.1.208 [ 45.905520][ T350] usb 3-1: Product: syz [ 45.915494][ T350] usb 3-1: Manufacturer: syz [ 45.920340][ T350] usb 3-1: SerialNumber: syz [ 45.975658][ T916] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 45.975701][ T916] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:206 [ 46.139538][ T350] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 46.170936][ T350] usb 3-1: unit 7 not found! [ 46.194856][ T350] usb 3-1: USB disconnect, device number 5 [ 46.227354][ T332] udevd[332]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 46.460935][ T36] kauditd_printk_skb: 13 callbacks suppressed [ 46.460954][ T36] audit: type=1400 audit(1773784503.070:263): avc: denied { mounton } for pid=938 comm="syz.1.218" path="/proc/217/task" dev="proc" ino=10479 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 46.503369][ T942] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 46.513622][ T942] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 46.524447][ T942] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 46.534418][ T942] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 46.545510][ T31] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 46.555227][ T36] audit: type=1400 audit(1773784503.160:264): avc: denied { map } for pid=941 comm="syz.1.219" path="socket:[11405]" dev="sockfs" ino=11405 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 46.566860][ T942] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 46.589690][ T942] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 46.666924][ T36] audit: type=1400 audit(1773784503.280:265): avc: denied { getopt } for pid=945 comm="syz.2.220" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 46.708016][ T31] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 46.720364][ T36] audit: type=1400 audit(1773784503.320:266): avc: denied { create } for pid=948 comm="syz.2.221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 46.741530][ T31] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 46.752827][ T31] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 46.754732][ T36] audit: type=1326 audit(1773784503.360:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=951 comm="syz.2.222" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f45ffb9c799 code=0x0 [ 46.763423][ T31] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 46.785506][ T36] audit: type=1326 audit(1773784503.360:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=951 comm="syz.2.222" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f45ffb9c799 code=0x0 [ 46.820188][ T31] usb 4-1: Manufacturer: syz [ 46.831188][ T31] usb 4-1: config 0 descriptor?? [ 46.867846][ T36] audit: type=1400 audit(1773784503.480:269): avc: denied { ioctl } for pid=951 comm="syz.2.222" path="/51/file2" dev="tmpfs" ino=282 ioctlcmd=0x583c scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 46.914632][ T36] audit: type=1400 audit(1773784503.520:270): avc: denied { nlmsg_read } for pid=956 comm="syz.2.223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 47.011149][ T36] audit: type=1400 audit(1773784503.620:271): avc: denied { bind } for pid=960 comm="syz.2.225" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 47.032421][ T36] audit: type=1400 audit(1773784503.620:272): avc: denied { name_bind } for pid=960 comm="syz.2.225" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 47.193046][ T970] raw_sendmsg: syz.0.228 forgot to set AF_INET. Fix it! [ 47.267976][ T420] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 47.359902][ T987] FAULT_INJECTION: forcing a failure. [ 47.359902][ T987] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 47.373749][ T987] CPU: 0 UID: 0 PID: 987 Comm: syz.0.233 Not tainted syzkaller #0 6e9554c60025b20768244e67b1d15d7ce813f552 [ 47.373787][ T987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 47.373800][ T987] Call Trace: [ 47.373808][ T987] [ 47.373817][ T987] __dump_stack+0x21/0x30 [ 47.373851][ T987] dump_stack_lvl+0x140/0x1c0 [ 47.373877][ T987] ? __cfi_dump_stack_lvl+0x10/0x10 [ 47.373908][ T987] dump_stack+0x19/0x20 [ 47.373934][ T987] should_fail_ex+0x3d7/0x530 [ 47.373964][ T987] should_fail_alloc_page+0xec/0x110 [ 47.373986][ T987] __alloc_pages_noprof+0x1c0/0x7e0 [ 47.374025][ T987] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 47.374050][ T987] ? __alloc_pages_noprof+0x35f/0x7e0 [ 47.374078][ T987] pte_alloc_one+0x92/0x530 [ 47.374113][ T987] ? __cfi_pte_alloc_one+0x10/0x10 [ 47.374212][ T987] ? _raw_spin_unlock+0x45/0x60 [ 47.374239][ T987] ? __pmd_alloc+0x5a6/0x9a0 [ 47.374260][ T987] __pte_alloc+0x79/0x440 [ 47.374288][ T987] ? __cfi___pte_alloc+0x10/0x10 [ 47.374316][ T987] copy_page_range+0x33b6/0x39a0 [ 47.374343][ T987] ? kasan_save_track+0x3e/0x80 [ 47.374373][ T987] ? __kasan_slab_alloc+0x73/0x90 [ 47.374392][ T987] ? kmem_cache_alloc_noprof+0xd1/0x410 [ 47.374419][ T987] ? anon_vma_fork+0x1f4/0x610 [ 47.374446][ T987] ? copy_process+0x124a/0x3290 [ 47.374468][ T987] ? do_syscall_64+0x57/0xf0 [ 47.374500][ T987] ? __cfi_copy_page_range+0x10/0x10 [ 47.374528][ T987] ? mas_store+0x89d/0xce0 [ 47.374544][ T987] ? __kasan_check_read+0x15/0x20 [ 47.374566][ T987] ? __vma_enter_locked+0x24d/0x3c0 [ 47.374592][ T987] ? __cfi_mas_store+0x10/0x10 [ 47.374608][ T987] ? anon_vma_fork+0x499/0x610 [ 47.374630][ T987] ? dup_userfaultfd+0xae/0x700 [ 47.374657][ T987] copy_mm+0x10e2/0x1d70 [ 47.374678][ T987] ? copy_signal+0x6a0/0x6a0 [ 47.374697][ T987] ? _raw_spin_lock+0x92/0x120 [ 47.374718][ T987] ? __asan_memset+0x39/0x50 [ 47.374740][ T987] ? __init_rwsem+0x110/0x1f0 [ 47.374762][ T987] ? copy_signal+0x4d4/0x6a0 [ 47.374781][ T987] copy_process+0x124a/0x3290 [ 47.374807][ T987] ? __cfi_copy_process+0x10/0x10 [ 47.374825][ T987] ? proc_fail_nth_write+0x184/0x220 [ 47.374846][ T987] kernel_clone+0x233/0x830 [ 47.374866][ T987] ? __cfi_kernel_clone+0x10/0x10 [ 47.374887][ T987] __x64_sys_clone+0x1b7/0x230 [ 47.374908][ T987] ? __cfi___x64_sys_clone+0x10/0x10 [ 47.374934][ T987] ? __kasan_check_read+0x15/0x20 [ 47.374957][ T987] x64_sys_call+0x2b3c/0x2ee0 [ 47.374982][ T987] do_syscall_64+0x57/0xf0 [ 47.375003][ T987] ? clear_bhb_loop+0x50/0xa0 [ 47.375026][ T987] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 47.375056][ T987] RIP: 0033:0x7f223719c799 [ 47.375074][ T987] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 47.375089][ T987] RSP: 002b:00007f2238098fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 47.375108][ T987] RAX: ffffffffffffffda RBX: 00007f2237415fa0 RCX: 00007f223719c799 [ 47.375122][ T987] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 47.375137][ T987] RBP: 00007f2238099090 R08: 0000000000000000 R09: 0000000000000000 [ 47.375148][ T987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 47.375159][ T987] R13: 00007f2237416038 R14: 00007f2237415fa0 R15: 00007ffc7e6be8b8 [ 47.375175][ T987] [ 47.740576][ T420] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30 [ 47.751568][ T420] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 47.761935][ T420] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196 [ 47.778264][ T420] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 47.788481][ T420] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 47.807490][ T420] usb 3-1: config 0 descriptor?? [ 47.854825][ T995] netlink: 'syz.1.237': attribute type 1 has an invalid length. [ 47.864785][ T995] netlink: 204 bytes leftover after parsing attributes in process `syz.1.237'. [ 47.946603][ T31] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0005/input/input7 [ 47.981447][ T31] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0005/input/input8 [ 47.996796][ T31] input: syz Touch Strip as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0005/input/input9 [ 48.032903][ T31] input: syz Dial as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0005/input/input10 [ 48.071885][ T420] usbhid 3-1:0.0: can't add hid device: -71 [ 48.078783][ T1001] random: crng reseeded on system resumption [ 48.110449][ T420] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 48.195679][ T31] uclogic 0003:256C:006D.0005: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.3-1/input0 [ 48.216092][ T420] usb 3-1: USB disconnect, device number 6 [ 48.233509][ T31] usb 4-1: USB disconnect, device number 10 [ 48.263079][ T1010] fido_id[1010]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory [ 48.293841][ T1009] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 48.304144][ T1009] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 48.319657][ T1009] random: crng reseeded on system resumption [ 48.608586][ T1024] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 48.617998][ T1024] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 48.731603][ T1029] syzkaller1: entered promiscuous mode [ 48.737587][ T1029] syzkaller1: entered allmulticast mode [ 49.105321][ T1045] netlink: 'syz.3.253': attribute type 16 has an invalid length. [ 49.375534][ T46] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 49.535513][ T46] usb 3-1: Using ep0 maxpacket: 32 [ 49.546492][ T46] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 49.563630][ T46] usb 3-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice= 0.40 [ 49.575168][ T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 49.587973][ T46] usb 3-1: Product: syz [ 49.592403][ T46] usb 3-1: Manufacturer: syz [ 49.597465][ T46] usb 3-1: SerialNumber: syz [ 49.657378][ T1059] SELinux: failed to load policy [ 49.810922][ T1047] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 49.821777][ T1047] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 49.835923][ T46] usb 3-1: USB disconnect, device number 7 [ 49.895482][ T350] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 50.033041][ T1061] netlink: 8 bytes leftover after parsing attributes in process `syz.1.260'. [ 50.055474][ T350] usb 1-1: Using ep0 maxpacket: 16 [ 50.063416][ T350] usb 1-1: config 1 has an invalid interface number: 105 but max is 0 [ 50.072518][ T350] usb 1-1: config 1 has no interface number 0 [ 50.079022][ T350] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 50.089396][ T350] usb 1-1: config 1 interface 105 altsetting 2 endpoint 0x82 has invalid maxpacket 29248, setting to 1024 [ 50.101407][ T350] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 1024 [ 50.112088][ T350] usb 1-1: config 1 interface 105 has no altsetting 0 [ 50.120704][ T350] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 50.130065][ T350] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 50.138328][ T350] usb 1-1: Product: syz [ 50.142792][ T350] usb 1-1: Manufacturer: syz [ 50.147452][ T350] usb 1-1: SerialNumber: syz [ 50.152964][ T1059] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 50.161236][ T1059] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 50.503627][ T1079] fuse: Unknown parameter 'rKDI4-N000:00000000040;S[fŅVX5\rpm8000000000000000000000000000000000000000000300000000000000000000' [ 50.569961][ T1059] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 50.578170][ T1059] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 50.797897][ T350] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: -71 [ 50.821264][ T350] aqc111 1-1:1.105: probe with driver aqc111 failed with error -71 [ 50.830730][ T1084] FAULT_INJECTION: forcing a failure. [ 50.830730][ T1084] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 50.845388][ T350] usb 1-1: USB disconnect, device number 5 [ 50.854465][ T1084] CPU: 0 UID: 0 PID: 1084 Comm: syz.3.270 Not tainted syzkaller #0 6e9554c60025b20768244e67b1d15d7ce813f552 [ 50.854503][ T1084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 50.854519][ T1084] Call Trace: [ 50.854527][ T1084] [ 50.854544][ T1084] __dump_stack+0x21/0x30 [ 50.854586][ T1084] dump_stack_lvl+0x140/0x1c0 [ 50.854618][ T1084] ? __cfi_dump_stack_lvl+0x10/0x10 [ 50.854654][ T1084] ? check_stack_object+0x12b/0x150 [ 50.854693][ T1084] dump_stack+0x19/0x20 [ 50.854728][ T1084] should_fail_ex+0x3d7/0x530 [ 50.854765][ T1084] should_fail+0xf/0x20 [ 50.854795][ T1084] should_fail_usercopy+0x1e/0x30 [ 50.854832][ T1084] _copy_to_user+0x24/0xa0 [ 50.854869][ T1084] simple_read_from_buffer+0xed/0x160 [ 50.854913][ T1084] proc_fail_nth_read+0x1aa/0x220 [ 50.854944][ T1084] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 50.854979][ T1084] ? bpf_lsm_file_permission+0xd/0x20 [ 50.855009][ T1084] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 50.855041][ T1084] vfs_read+0x289/0xcb0 [ 50.855079][ T1084] ? __cfi_vfs_read+0x10/0x10 [ 50.855111][ T1084] ? __kasan_check_write+0x18/0x20 [ 50.855147][ T1084] ? mutex_lock+0x97/0x1d0 [ 50.855188][ T1084] ? __cfi_mutex_lock+0x10/0x10 [ 50.855229][ T1084] ? __fget_files+0x2c5/0x340 [ 50.855272][ T1084] ksys_read+0x145/0x260 [ 50.855308][ T1084] ? __cfi_ksys_read+0x10/0x10 [ 50.855346][ T1084] ? __kasan_check_read+0x15/0x20 [ 50.855395][ T1084] __x64_sys_read+0x7f/0x90 [ 50.855430][ T1084] x64_sys_call+0x2638/0x2ee0 [ 50.855460][ T1084] do_syscall_64+0x57/0xf0 [ 50.855487][ T1084] ? clear_bhb_loop+0x50/0xa0 [ 50.855515][ T1084] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 50.855542][ T1084] RIP: 0033:0x7f8767f5cfce [ 50.855562][ T1084] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 50.855580][ T1084] RSP: 002b:00007f8768ee5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 50.855603][ T1084] RAX: ffffffffffffffda RBX: 00007f8768ee66c0 RCX: 00007f8767f5cfce [ 50.855619][ T1084] RDX: 000000000000000f RSI: 00007f8768ee60a0 RDI: 0000000000000005 [ 50.855634][ T1084] RBP: 00007f8768ee6090 R08: 0000000000000000 R09: 0000000000000000 [ 50.855647][ T1084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 50.855660][ T1084] R13: 00007f8768216038 R14: 00007f8768215fa0 R15: 00007fff97f32a78 [ 50.855679][ T1084] [ 51.118614][ T1088] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 51.158531][ T1088] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 52.075516][ T330] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 52.246757][ T330] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 52.257983][ T330] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 52.267916][ T330] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 52.281032][ T330] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 52.290166][ T330] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 52.299283][ T330] usb 1-1: config 0 descriptor?? [ 52.330718][ T36] kauditd_printk_skb: 18 callbacks suppressed [ 52.330738][ T36] audit: type=1400 audit(1773784508.940:291): avc: denied { connect } for pid=1129 comm="syz.3.287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 52.417428][ T1132] FAULT_INJECTION: forcing a failure. [ 52.417428][ T1132] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 52.431042][ T1132] CPU: 0 UID: 0 PID: 1132 Comm: syz.3.288 Not tainted syzkaller #0 6e9554c60025b20768244e67b1d15d7ce813f552 [ 52.431087][ T1132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 52.431105][ T1132] Call Trace: [ 52.431119][ T1132] [ 52.431128][ T1132] __dump_stack+0x21/0x30 [ 52.431170][ T1132] dump_stack_lvl+0x140/0x1c0 [ 52.431205][ T1132] ? __cfi_dump_stack_lvl+0x10/0x10 [ 52.431241][ T1132] ? unwind_get_return_address+0x51/0x90 [ 52.431275][ T1132] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 52.431306][ T1132] dump_stack+0x19/0x20 [ 52.431340][ T1132] should_fail_ex+0x3d7/0x530 [ 52.431376][ T1132] should_fail_alloc_page+0xec/0x110 [ 52.431405][ T1132] __alloc_pages_noprof+0x1c0/0x7e0 [ 52.431437][ T1132] ? stack_trace_save+0xaa/0x100 [ 52.431463][ T1132] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 52.431503][ T1132] ? kasan_save_track+0x4f/0x80 [ 52.431541][ T1132] ? kasan_save_alloc_info+0x40/0x50 [ 52.431576][ T1132] ? new_inode+0x25/0x1e0 [ 52.431604][ T1132] ? proc_pid_make_inode+0x25/0x140 [ 52.431643][ T1132] ? proc_pident_instantiate+0x6d/0x2c0 [ 52.431683][ T1132] ? proc_pident_lookup+0x1c7/0x270 [ 52.431722][ T1132] ? proc_tid_base_lookup+0x2f/0x40 [ 52.431755][ T1132] ? do_filp_open+0x1f5/0x440 [ 52.431784][ T1132] ? do_sys_openat2+0x134/0x1d0 [ 52.431815][ T1132] ? __x64_sys_openat+0x13a/0x170 [ 52.431841][ T1132] ? x64_sys_call+0xe69/0x2ee0 [ 52.431880][ T1132] __pud_alloc+0xb0/0x8f0 [ 52.431902][ T1132] ? __cfi___pud_alloc+0x10/0x10 [ 52.431948][ T1132] handle_mm_fault+0x1906/0x1bf0 [ 52.431993][ T1132] ? __cfi_handle_mm_fault+0x10/0x10 [ 52.432033][ T1132] ? find_vma+0xd3/0x120 [ 52.432072][ T1132] ? lock_mm_and_find_vma+0xb8/0x390 [ 52.432120][ T1132] do_user_addr_fault+0x4c9/0x11e0 [ 52.432162][ T1132] exc_page_fault+0x58/0xc0 [ 52.432192][ T1132] asm_exc_page_fault+0x2b/0x30 [ 52.432226][ T1132] RIP: 0010:rep_movs_alternative+0x30/0xa0 [ 52.432258][ T1132] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 52.432278][ T1132] RSP: 0018:ffffc90010457a50 EFLAGS: 00050202 [ 52.432305][ T1132] RAX: 00007ffffffff001 RBX: 0000000000000018 RCX: 0000000000000018 [ 52.432326][ T1132] RDX: 0000000000000001 RSI: 0000200000000100 RDI: ffffc90010457bb0 [ 52.432344][ T1132] RBP: ffffc90010457a70 R08: ffffc90010457bc7 R09: 1ffff9200208af78 [ 52.432368][ T1132] R10: dffffc0000000000 R11: fffff5200208af79 R12: 1ffff9200208af5c [ 52.432385][ T1132] R13: dffffc0000000000 R14: ffffc90010457bb0 R15: 0000200000000100 [ 52.432407][ T1132] ? _copy_from_user+0x6d/0xa0 [ 52.432441][ T1132] rfcomm_dev_ioctl+0x245/0x2150 [ 52.432480][ T1132] ? __cfi_rfcomm_dev_ioctl+0x10/0x10 [ 52.432519][ T1132] ? ioctl_has_perm+0x39a/0x500 [ 52.432554][ T1132] ? has_cap_mac_admin+0xd0/0xd0 [ 52.432588][ T1132] ? proc_fail_nth_write+0x184/0x220 [ 52.432621][ T1132] ? bt_sock_ioctl+0xe8/0x280 [ 52.432649][ T1132] rfcomm_sock_ioctl+0x7c/0xa0 [ 52.432686][ T1132] sock_do_ioctl+0x118/0x330 [ 52.432724][ T1132] ? sock_show_fdinfo+0xd0/0xd0 [ 52.432763][ T1132] ? __cfi_vfs_write+0x10/0x10 [ 52.432794][ T1132] ? __kasan_check_write+0x18/0x20 [ 52.432829][ T1132] ? mutex_unlock+0x90/0x240 [ 52.432881][ T1132] sock_ioctl+0x5b5/0x7f0 [ 52.432918][ T1132] ? __cfi_sock_ioctl+0x10/0x10 [ 52.432953][ T1132] ? __fget_files+0x2c5/0x340 [ 52.432987][ T1132] ? bpf_lsm_file_ioctl+0xd/0x20 [ 52.433009][ T1132] ? security_file_ioctl+0x3e/0x110 [ 52.433035][ T1132] ? __cfi_sock_ioctl+0x10/0x10 [ 52.433071][ T1132] __se_sys_ioctl+0x132/0x1b0 [ 52.433112][ T1132] __x64_sys_ioctl+0x7f/0xa0 [ 52.433153][ T1132] x64_sys_call+0x1878/0x2ee0 [ 52.433191][ T1132] do_syscall_64+0x57/0xf0 [ 52.433225][ T1132] ? clear_bhb_loop+0x50/0xa0 [ 52.433262][ T1132] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 52.433296][ T1132] RIP: 0033:0x7f8767f9c799 [ 52.433326][ T1132] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 52.433347][ T1132] RSP: 002b:00007f8768ee6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 52.433375][ T1132] RAX: ffffffffffffffda RBX: 00007f8768215fa0 RCX: 00007f8767f9c799 [ 52.433398][ T1132] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004 [ 52.433416][ T1132] RBP: 00007f8768ee6090 R08: 0000000000000000 R09: 0000000000000000 [ 52.433436][ T1132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.433452][ T1132] R13: 00007f8768216038 R14: 00007f8768215fa0 R15: 00007fff97f32a78 [ 52.433478][ T1132] [ 52.932911][ T1135] ======================================================= [ 52.932911][ T1135] WARNING: The mand mount option has been deprecated and [ 52.932911][ T1135] and is ignored by this kernel. Remove the mand [ 52.932911][ T1135] option from the mount to silence this warning. [ 52.932911][ T1135] ======================================================= [ 52.971955][ T36] audit: type=1400 audit(1773784509.540:292): avc: denied { remount } for pid=1134 comm="syz.2.289" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 53.105853][ T1141] Invalid logical block size (9) [ 53.109309][ T330] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x2 [ 53.118367][ T330] plantronics 0003:047F:FFFF.0006: unknown main item tag 0xd [ 53.126016][ T1141] netlink: 'syz.2.292': attribute type 46 has an invalid length. [ 53.126138][ T330] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving [ 53.143913][ T330] plantronics 0003:047F:FFFF.0006: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 53.180772][ T1144] 9pnet_fd: Insufficient options for proto=fd [ 53.188050][ T36] audit: type=1400 audit(1773784509.800:293): avc: denied { name_bind } for pid=1143 comm="syz.1.293" src=516 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hi_reserved_port_t tclass=udp_socket permissive=1 [ 53.213223][ T36] audit: type=1400 audit(1773784509.820:294): avc: denied { mount } for pid=1143 comm="syz.1.293" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 53.395563][ T46] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 53.406523][ T36] audit: type=1400 audit(1773784510.020:295): avc: denied { connect } for pid=1113 comm="syz.0.280" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 53.427149][ T36] audit: type=1400 audit(1773784510.040:296): avc: denied { write } for pid=1113 comm="syz.0.280" path="socket:[13768]" dev="sockfs" ino=13768 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 53.435681][ T330] usb 1-1: USB disconnect, device number 6 [ 53.458203][ T36] audit: type=1400 audit(1773784510.040:297): avc: denied { read } for pid=1113 comm="syz.0.280" path="socket:[13768]" dev="sockfs" ino=13768 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 53.483295][ T36] audit: type=1400 audit(1773784510.040:298): avc: denied { getopt } for pid=1113 comm="syz.0.280" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 53.535264][ T36] audit: type=1400 audit(1773784510.140:299): avc: denied { create } for pid=1154 comm="syz.1.297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 53.578626][ T1163] FAULT_INJECTION: forcing a failure. [ 53.578626][ T1163] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 53.584078][ T1162] FAULT_INJECTION: forcing a failure. [ 53.584078][ T1162] name failslab, interval 1, probability 0, space 0, times 0 [ 53.592439][ T1163] CPU: 0 UID: 0 PID: 1163 Comm: syz.1.299 Not tainted syzkaller #0 6e9554c60025b20768244e67b1d15d7ce813f552 [ 53.592525][ T1163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 53.592559][ T1163] Call Trace: [ 53.592581][ T1163] [ 53.592610][ T1163] __dump_stack+0x21/0x30 [ 53.592699][ T1163] dump_stack_lvl+0x140/0x1c0 [ 53.592772][ T1163] ? __cfi_dump_stack_lvl+0x10/0x10 [ 53.592840][ T1163] ? check_stack_object+0x12b/0x150 [ 53.592918][ T1163] dump_stack+0x19/0x20 [ 53.592993][ T1163] should_fail_ex+0x3d7/0x530 [ 53.593073][ T1163] should_fail+0xf/0x20 [ 53.593137][ T1163] should_fail_usercopy+0x1e/0x30 [ 53.593211][ T1163] _copy_to_user+0x24/0xa0 [ 53.593293][ T1163] simple_read_from_buffer+0xed/0x160 [ 53.593357][ T1163] proc_fail_nth_read+0x1aa/0x220 [ 53.593422][ T1163] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 53.593487][ T1163] ? bpf_lsm_file_permission+0xd/0x20 [ 53.593543][ T1163] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 53.593607][ T1163] vfs_read+0x289/0xcb0 [ 53.593690][ T1163] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 53.593808][ T1163] ? __cfi_vfs_read+0x10/0x10 [ 53.593881][ T1163] ? __kasan_check_write+0x18/0x20 [ 53.593955][ T1163] ? mutex_lock+0x97/0x1d0 [ 53.594039][ T1163] ? __cfi_mutex_lock+0x10/0x10 [ 53.594123][ T1163] ? __fget_files+0x2c5/0x340 [ 53.594254][ T1163] ksys_read+0x145/0x260 [ 53.594348][ T1163] ? __cfi_ksys_read+0x10/0x10 [ 53.594425][ T1163] ? __kasan_check_read+0x15/0x20 [ 53.594500][ T1163] __x64_sys_read+0x7f/0x90 [ 53.594576][ T1163] x64_sys_call+0x2638/0x2ee0 [ 53.594661][ T1163] do_syscall_64+0x57/0xf0 [ 53.594733][ T1163] ? clear_bhb_loop+0x50/0xa0 [ 53.594803][ T1163] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 53.594886][ T1163] RIP: 0033:0x7f234075cfce [ 53.594932][ T1163] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 53.594984][ T1163] RSP: 002b:00007f23416d3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 53.595087][ T1163] RAX: ffffffffffffffda RBX: 00007f23416d46c0 RCX: 00007f234075cfce [ 53.595146][ T1163] RDX: 000000000000000f RSI: 00007f23416d40a0 RDI: 0000000000000006 [ 53.595202][ T1163] RBP: 00007f23416d4090 R08: 0000000000000000 R09: 0000000000000000 [ 53.595244][ T1163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.595277][ T1163] R13: 00007f2340a16038 R14: 00007f2340a15fa0 R15: 00007ffeffc995c8 [ 53.595334][ T1163] [ 53.853008][ T46] usb 3-1: Using ep0 maxpacket: 8 [ 53.853003][ T1162] CPU: 0 UID: 0 PID: 1162 Comm: syz.3.300 Not tainted syzkaller #0 6e9554c60025b20768244e67b1d15d7ce813f552 [ 53.853040][ T1162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 53.853078][ T1162] Call Trace: [ 53.853111][ T1162] [ 53.853147][ T1162] __dump_stack+0x21/0x30 [ 53.853274][ T1162] dump_stack_lvl+0x140/0x1c0 [ 53.853357][ T1162] ? __cfi_dump_stack_lvl+0x10/0x10 [ 53.853432][ T1162] dump_stack+0x19/0x20 [ 53.853534][ T1162] should_fail_ex+0x3d7/0x530 [ 53.853609][ T1162] should_failslab+0xac/0x100 [ 53.853662][ T1162] __kmalloc_node_track_caller_noprof+0x68/0x4f0 [ 53.853741][ T1162] ? is_bpf_text_address+0x17b/0x1a0 [ 53.853817][ T1162] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCsahuowfGyxPf_6ashmem+0xb4/0x200 [ 53.853923][ T1162] krealloc_noprof+0x8d/0x130 [ 53.854001][ T1162] _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCsahuowfGyxPf_6ashmem+0xb4/0x200 [ 53.854097][ T1162] ? arch_stack_walk+0x10a/0x170 [ 53.854174][ T1162] ? __cfi__RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCsahuowfGyxPf_6ashmem+0x10/0x10 [ 53.854281][ T1162] ? __kasan_check_write+0x18/0x20 [ 53.854358][ T1162] _RNvXs1_CsahuowfGyxPf_6ashmemNtB5_6AshmemNtNtCs1ewLyjEZ7Le_6kernel10miscdevice10MiscDevice5ioctl+0xd6d/0x3a50 [ 53.854456][ T1162] ? kasan_save_track+0x3e/0x80 [ 53.854561][ T1162] ? kasan_save_alloc_info+0x40/0x50 [ 53.854629][ T1162] ? __kasan_slab_alloc+0x73/0x90 [ 53.854701][ T1162] ? inode_init_always_gfp+0x756/0x9e0 [ 53.854772][ T1162] ? alloc_inode+0xc5/0x270 [ 53.854824][ T1162] ? new_inode+0x25/0x1e0 [ 53.854876][ T1162] ? proc_pid_make_inode+0x25/0x140 [ 53.854954][ T1162] ? proc_pident_instantiate+0x6d/0x2c0 [ 53.855049][ T1162] ? proc_pident_lookup+0x1c7/0x270 [ 53.855128][ T1162] ? proc_tid_base_lookup+0x2f/0x40 [ 53.855192][ T1162] ? path_openat+0x1315/0x34f0 [ 53.855245][ T1162] ? do_filp_open+0x1f5/0x440 [ 53.855301][ T1162] ? do_sys_openat2+0x134/0x1d0 [ 53.855367][ T1162] ? __x64_sys_openat+0x13a/0x170 [ 53.855423][ T1162] ? __cfi__RNvXs1_CsahuowfGyxPf_6ashmemNtB5_6AshmemNtNtCs1ewLyjEZ7Le_6kernel10miscdevice10MiscDevice5ioctl+0x10/0x10 [ 53.855547][ T1162] ? avc_has_perm_noaudit+0x26c/0x360 [ 53.855623][ T1162] ? __asan_memcpy+0x5a/0x80 [ 53.855697][ T1162] ? avc_has_perm_noaudit+0x28a/0x360 [ 53.855786][ T1162] ? avc_has_perm+0x155/0x240 [ 53.855869][ T1162] ? __cfi_avc_has_perm+0x10/0x10 [ 53.855968][ T1162] ? kasan_save_alloc_info+0x40/0x50 [ 53.856064][ T1162] ? selinux_file_open+0x46c/0x630 [ 53.856131][ T1162] ? __cfi_selinux_file_open+0x10/0x10 [ 53.856212][ T1162] ? avc_has_extended_perms+0x80b/0xe70 [ 53.856285][ T1162] ? __asan_memcpy+0x5a/0x80 [ 53.856360][ T1162] ? avc_has_extended_perms+0x969/0xe70 [ 53.856436][ T1162] ? __asan_set_shadow_00+0x12/0x20 [ 53.856501][ T1162] ? do_vfs_ioctl+0x182d/0x2010 [ 53.856587][ T1162] ? arch_stack_walk+0x10a/0x170 [ 53.856676][ T1162] ? __ia32_compat_sys_ioctl+0x920/0x920 [ 53.856772][ T1162] ? _parse_integer+0x2e/0x40 [ 53.856846][ T1162] ? ioctl_has_perm+0x39a/0x500 [ 53.856910][ T1162] ? has_cap_mac_admin+0xd0/0xd0 [ 53.856978][ T1162] ? proc_fail_nth_write+0x184/0x220 [ 53.857051][ T1162] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 53.857123][ T1162] ? selinux_file_ioctl+0x732/0x1480 [ 53.857187][ T1162] ? vfs_write+0x9a4/0xf90 [ 53.857261][ T1162] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 53.857355][ T1162] ? __cfi_vfs_write+0x10/0x10 [ 53.857428][ T1162] ? __kasan_check_write+0x18/0x20 [ 53.857495][ T1162] ? mutex_unlock+0x90/0x240 [ 53.857581][ T1162] ? __cfi_mutex_unlock+0x10/0x10 [ 53.857664][ T1162] ? __fget_files+0x2c5/0x340 [ 53.857750][ T1162] ? __fget_files+0x2c5/0x340 [ 53.857837][ T1162] _RNvMs4_NtCs1ewLyjEZ7Le_6kernel10miscdeviceINtB5_16MiscdeviceVTableNtCsahuowfGyxPf_6ashmem6AshmemE5ioctlB14_+0xb7/0x150 [ 53.857945][ T1162] ? security_file_ioctl+0x3e/0x110 [ 53.858011][ T1162] ? __cfi__RNvMs4_NtCs1ewLyjEZ7Le_6kernel10miscdeviceINtB5_16MiscdeviceVTableNtCsahuowfGyxPf_6ashmem6AshmemE5ioctlB14_+0x10/0x10 [ 53.858084][ T1162] __se_sys_ioctl+0x132/0x1b0 [ 53.858114][ T1162] __x64_sys_ioctl+0x7f/0xa0 [ 53.858153][ T1162] x64_sys_call+0x1878/0x2ee0 [ 53.858261][ T1162] do_syscall_64+0x57/0xf0 [ 53.858341][ T1162] ? clear_bhb_loop+0x50/0xa0 [ 53.858416][ T1162] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 53.858490][ T1162] RIP: 0033:0x7f8767f9c799 [ 53.858543][ T1162] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 53.858597][ T1162] RSP: 002b:00007f8768ee6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 53.858663][ T1162] RAX: ffffffffffffffda RBX: 00007f8768215fa0 RCX: 00007f8767f9c799 [ 53.858714][ T1162] RDX: 0000200000001e80 RSI: 0000000040087708 RDI: 0000000000000003 [ 53.858749][ T1162] RBP: 00007f8768ee6090 R08: 0000000000000000 R09: 0000000000000000 [ 53.858782][ T1162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.858817][ T1162] R13: 00007f8768216038 R14: 00007f8768215fa0 R15: 00007fff97f32a78 [ 53.858870][ T1162] [ 54.088729][ T36] audit: type=1400 audit(1773784510.690:300): avc: denied { read write } for pid=1170 comm="syz.0.303" name="usbmon7" dev="devtmpfs" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 54.106515][ T46] usb 3-1: config 1 has an invalid interface number: 128 but max is 1 [ 54.400908][ T46] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 54.411213][ T46] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 54.422324][ T46] usb 3-1: config 1 has no interface number 0 [ 54.429364][ T46] usb 3-1: config 1 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 54.448368][ T46] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 54.459546][ T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 54.467639][ T46] usb 3-1: Product: syz [ 54.472197][ T46] usb 3-1: Manufacturer: syz [ 54.478869][ T46] usb 3-1: SerialNumber: syz [ 54.489810][ T46] cdc_wdm 3-1:1.128: skipping garbage [ 54.496975][ T46] cdc_wdm 3-1:1.128: probe with driver cdc_wdm failed with error -22 [ 54.616597][ T1193] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12336 sclass=netlink_route_socket pid=1193 comm=syz.1.311 [ 54.630144][ T1187] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=1187 comm=syz.0.309 [ 54.644104][ T1187] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1024 sclass=netlink_route_socket pid=1187 comm=syz.0.309 [ 54.658287][ T1187] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1187 comm=syz.0.309 [ 54.671253][ T1187] IPv6: NLM_F_CREATE should be specified when creating new route [ 54.679269][ T1187] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 54.686592][ T1187] IPv6: NLM_F_CREATE should be set when creating new route [ 54.693906][ T1187] IPv6: NLM_F_CREATE should be set when creating new route [ 54.704938][ T350] usb 3-1: USB disconnect, device number 8 [ 54.716096][ T1197] netlink: 'syz.1.311': attribute type 27 has an invalid length. [ 54.752534][ T1197] sit0: left promiscuous mode [ 54.770501][ T1199] Invalid argument reading file caps for ./file0 [ 54.783784][ T1197] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.791211][ T1197] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.015523][ T46] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 55.166681][ T46] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30 [ 55.177766][ T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 55.187567][ T46] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196 [ 55.200790][ T46] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 55.209878][ T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.218934][ T46] usb 4-1: config 0 descriptor?? [ 55.270209][ T1212] netlink: 'syz.2.314': attribute type 27 has an invalid length. [ 55.525011][ T1226] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 55.533700][ T1226] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 55.626435][ T46] holtek_kbd 0003:04D9:A055.0007: unknown main item tag 0x0 [ 55.633942][ T46] holtek_kbd 0003:04D9:A055.0007: unknown main item tag 0x0 [ 55.641381][ T46] holtek_kbd 0003:04D9:A055.0007: unknown main item tag 0x7 [ 55.645568][ T1208] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 55.649905][ T46] holtek_kbd 0003:04D9:A055.0007: unknown main item tag 0x0 [ 55.664386][ T46] holtek_kbd 0003:04D9:A055.0007: unknown main item tag 0x4 [ 55.671830][ T31] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 55.679471][ T46] holtek_kbd 0003:04D9:A055.0007: unknown main item tag 0x0 [ 55.688360][ T46] holtek_kbd 0003:04D9:A055.0007: hidraw0: USB HID v10.00 Device [HID 04d9:a055] on usb-dummy_hcd.3-1/input0 [ 55.805500][ T1208] usb 3-1: Using ep0 maxpacket: 16 [ 55.812206][ T1208] usb 3-1: unable to get BOS descriptor or descriptor too short [ 55.820696][ T1208] usb 3-1: config 4 has an invalid interface number: 103 but max is 0 [ 55.829070][ T1208] usb 3-1: config 4 has no interface number 0 [ 55.833060][ T46] usb 4-1: USB disconnect, device number 11 [ 55.838295][ T1208] usb 3-1: New USB device found, idVendor=04dd, idProduct=8004, bcdDevice=46.e1 [ 55.846286][ T31] usb 1-1: Using ep0 maxpacket: 32 [ 55.854344][ T1208] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 55.865074][ T1208] usb 3-1: Product: syz [ 55.866104][ T31] usb 1-1: config 0 has an invalid interface number: 184 but max is 0 [ 55.870068][ T1208] usb 3-1: Manufacturer: syz [ 55.880478][ T31] usb 1-1: config 0 has no interface number 0 [ 55.884560][ T1208] usb 3-1: SerialNumber: syz [ 55.889943][ T31] usb 1-1: config 0 interface 184 has no altsetting 0 [ 55.902070][ T31] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 55.911404][ T31] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 55.919862][ T31] usb 1-1: Product: syz [ 55.924108][ T31] usb 1-1: Manufacturer: syz [ 55.928767][ T31] usb 1-1: SerialNumber: syz [ 55.934293][ T31] usb 1-1: config 0 descriptor?? [ 55.940379][ T31] smsc75xx v1.0.0 [ 56.217983][ T1238] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 56.226605][ T1238] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 56.298928][ T1208] usb 3-1: bad CDC descriptors [ 56.316048][ T1242] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 56.324573][ T1208] usb 3-1: USB disconnect, device number 9 [ 56.327716][ T1242] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 56.543194][ T31] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 56.554279][ T31] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 56.764978][ T31] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 56.776184][ T31] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 56.786113][ T31] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 56.796578][ T31] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 56.817959][ T31] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71 [ 56.830561][ T31] usb 1-1: USB disconnect, device number 7 [ 57.569125][ T31] usb 1-1: new full-speed USB device number 8 using dummy_hcd [ 57.598082][ T1277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'. [ 57.607226][ T1277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'. [ 57.617383][ T1278] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'. [ 57.626565][ T1277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'. [ 57.635669][ T1277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'. [ 57.644623][ T1277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'. [ 57.653679][ T1277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'. [ 57.662600][ T1277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'. [ 57.671579][ T1277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'. [ 57.680495][ T1277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'. [ 57.731185][ T31] usb 1-1: unable to get BOS descriptor or descriptor too short [ 57.739506][ T31] usb 1-1: not running at top speed; connect to a high speed hub [ 57.748425][ T31] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 138, changing to 4 [ 57.759634][ T36] kauditd_printk_skb: 14 callbacks suppressed [ 57.759652][ T36] audit: type=1326 audit(1773784514.360:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1257 comm="syz.1.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234079c799 code=0x7fc00000 [ 57.791887][ T36] audit: type=1326 audit(1773784514.360:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1257 comm="syz.1.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f234079c799 code=0x7fc00000 [ 57.815674][ T36] audit: type=1326 audit(1773784514.360:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1257 comm="syz.1.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234079c799 code=0x7fc00000 [ 57.839411][ T36] audit: type=1326 audit(1773784514.360:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1257 comm="syz.1.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234079c799 code=0x7fc00000 [ 57.863460][ T31] usb 1-1: New USB device found, idVendor=041e, idProduct=3042, bcdDevice= 0.40 [ 57.872971][ T36] audit: type=1326 audit(1773784514.360:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1257 comm="syz.1.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234079c799 code=0x7fc00000 [ 57.875527][ T31] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.899157][ T36] audit: type=1326 audit(1773784514.360:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1257 comm="syz.1.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234079c799 code=0x7fc00000 [ 57.923444][ T31] usb 1-1: Product: syz [ 57.933967][ T31] usb 1-1: Manufacturer: syz [ 57.938737][ T31] usb 1-1: SerialNumber: syz [ 57.943881][ T36] audit: type=1326 audit(1773784514.360:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1257 comm="syz.1.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234079c799 code=0x7fc00000 [ 57.967338][ T36] audit: type=1326 audit(1773784514.360:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1257 comm="syz.1.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234079c799 code=0x7fc00000 [ 57.990808][ T36] audit: type=1326 audit(1773784514.360:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1257 comm="syz.1.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234079c799 code=0x7fc00000 [ 58.014191][ T36] audit: type=1326 audit(1773784514.360:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1257 comm="syz.1.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234079c799 code=0x7fc00000 [ 58.060187][ T1288] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 58.067759][ T1290] netlink: 'syz.3.345': attribute type 1 has an invalid length. [ 58.162810][ T1270] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 58.171465][ T1270] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 58.184124][ T31] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 58.191156][ T31] usb 1-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 58.204550][ T31] usb 1-1: USB disconnect, device number 8 [ 58.688575][ T1300] syzkaller1: entered allmulticast mode [ 58.695296][ T1300] tipc: Enabling of bearer rejected, failed to enable media [ 58.760134][ T1312] rust_binder: Write failure EFAULT in pid:182 [ 58.877052][ T1323] rust_binder: 188: no such ref 2 [ 59.023053][ T1342] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.033763][ T1342] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.115534][ T31] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 59.215499][ T1206] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 59.245535][ T31] usb 3-1: device descriptor read/64, error -71 [ 59.365491][ T1206] usb 4-1: Using ep0 maxpacket: 32 [ 59.372859][ T1206] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 59.381197][ T1206] usb 4-1: config 0 has no interface number 0 [ 59.387400][ T1206] usb 4-1: config 0 interface 184 has no altsetting 0 [ 59.396058][ T1206] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 59.405180][ T1206] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 59.413300][ T1206] usb 4-1: Product: syz [ 59.417574][ T1206] usb 4-1: Manufacturer: syz [ 59.422184][ T1206] usb 4-1: SerialNumber: syz [ 59.427741][ T1206] usb 4-1: config 0 descriptor?? [ 59.433577][ T1206] smsc75xx v1.0.0 [ 59.485552][ T31] usb 3-1: device descriptor read/64, error -71 [ 59.606150][ T1351] netlink: 'syz.1.368': attribute type 27 has an invalid length. [ 59.631855][ T1353] can: request_module (can-proto-0) failed. [ 59.657852][ T1355] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.666532][ T1355] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.725705][ T31] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 59.865675][ T31] usb 3-1: device descriptor read/64, error -71 [ 60.039297][ T1206] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 60.050214][ T1206] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 60.065494][ T46] usb 1-1: new full-speed USB device number 9 using dummy_hcd [ 60.105518][ T31] usb 3-1: device descriptor read/64, error -71 [ 60.220184][ T31] usb usb3-port1: attempt power cycle [ 60.227748][ T46] usb 1-1: unable to get BOS descriptor or descriptor too short [ 60.235986][ T46] usb 1-1: not running at top speed; connect to a high speed hub [ 60.245832][ T46] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 60.267333][ T46] usb 1-1: string descriptor 0 read error: -22 [ 60.273599][ T46] usb 1-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice= 0.40 [ 60.282796][ T46] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 60.293890][ T46] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 60.515923][ T46] usb 1-1: USB disconnect, device number 9 [ 60.565564][ T31] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 60.594426][ T31] usb 3-1: device descriptor read/8, error -71 [ 60.661094][ T1206] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -61 [ 60.672109][ T1206] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -61 [ 60.681932][ T1206] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -61 [ 60.691610][ T1206] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -61 [ 60.726811][ T31] usb 3-1: device descriptor read/8, error -71 [ 60.866281][ T1336] rust_binder: BC_CLEAR_DEATH_NOTIFICATION invalid ref 0 [ 60.975506][ T31] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 61.014405][ T31] usb 3-1: device descriptor read/8, error -71 [ 61.050266][ T1372] x_tables: duplicate underflow at hook 1 [ 61.146563][ T31] usb 3-1: device descriptor read/8, error -71 [ 61.208775][ T1379] rust_binder: Failure when writing BR_NOOP at beginning of buffer. [ 61.208809][ T1379] rust_binder: Read failure Err(EFAULT) in pid:205 [ 61.218295][ T1379] SELinux: Context system_u:object_r:newrole_exec_t:s0 is not valid (left unmapped). [ 61.236338][ T1378] rust_binder: Error while translating object. [ 61.236427][ C0] BUG: TASK stack guard page was hit at ffffc9000e9dfff8 (stack is ffffc9000e9e0000..ffffc9000e9e8000) [ 61.236474][ C0] Oops: stack guard page: 0000 [#1] PREEMPT SMP KASAN PTI [ 61.236524][ C0] CPU: 0 UID: 0 PID: 1378 Comm: syz.0.380 Not tainted syzkaller #0 6e9554c60025b20768244e67b1d15d7ce813f552 [ 61.236569][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 61.236585][ C0] RIP: 0010:get_stack_info_noinstr+0x1a/0x130 [ 61.236633][ C0] Code: b8 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 49 89 d6 49 89 f4 49 89 ff 21 01 00 00 b3 01 84 c0 75 0f 65 48 8b 05 d3 ac 65 7a 49 39 c4 [ 61.236658][ C0] RSP: 0018:ffffc9000e9e0000 EFLAGS: 00010286 [ 61.236683][ C0] RAX: ffff888113d93900 RBX: ffffc9000e9e0108 RCX: ffffc9000e9e0108 [ 61.236707][ C0] RDX: ffffc9000e9e00e8 RSI: ffff888113d93900 RDI: ffffc9000e9e00d8 [ 61.236729][ C0] RBP: ffffc9000e9e0028 R08: ffffc9000e9e0147 R09: 0000000000000000 [ 61.236748][ C0] R10: ffffc9000e9e00e8 R11: fffff52001d3c029 R12: ffff888113d93900 [ 61.236772][ C0] R13: ffffc9000e9e00d8 R14: ffffc9000e9e00e8 R15: ffffc9000e9e00d8 [ 61.236794][ C0] FS: 00007f22380996c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 61.236821][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 61.236841][ C0] CR2: ffffc9000e9dfff8 CR3: 000000010df18000 CR4: 00000000003526b0 [ 61.236867][ C0] DR0: 0000000000000f80 DR1: 0000000000000000 DR2: 0000000000000000 [ 61.236887][ C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 61.236904][ C0] Call Trace: [ 61.236912][ C0] [ 61.236926][ C0] get_stack_info+0x3e/0x100 [ 61.236965][ C0] __unwind_start+0x20b/0x410 [ 61.237000][ C0] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 61.237030][ C0] arch_stack_walk+0xf2/0x170 [ 61.237070][ C0] stack_trace_save+0xaa/0x100 [ 61.237105][ C0] ? __cfi_stack_trace_save+0x10/0x10 [ 61.237131][ C0] ? __asan_memset+0x39/0x50 [ 61.237169][ C0] save_stack+0x125/0x240 [ 61.237196][ C0] ? free_contig_range+0x260/0x260 [ 61.237231][ C0] ? __reset_page_owner+0x450/0x450 [ 61.237259][ C0] ? zone_page_state_add+0x43/0x90 [ 61.237299][ C0] ? kvm_sched_clock_read+0x15/0x30 [ 61.237328][ C0] ? sched_clock_noinstr+0xd/0x30 [ 61.237367][ C0] __set_page_owner+0x8e/0x600 [ 61.237395][ C0] ? __zone_watermark_ok+0x134/0x630 [ 61.237427][ C0] ? __cfi___set_page_owner+0x10/0x10 [ 61.237455][ C0] ? kasan_unpoison+0x4a/0x70 [ 61.237491][ C0] post_alloc_hook+0x3b8/0x3f0 [ 61.237528][ C0] ? __cfi_post_alloc_hook+0x10/0x10 [ 61.237558][ C0] ? gfp_to_alloc_flags_cma+0x1c0/0x1c0 [ 61.237594][ C0] ? _raw_spin_trylock+0xb5/0x140 [ 61.237627][ C0] ? __cfi__raw_spin_trylock+0x10/0x10 [ 61.237662][ C0] prep_new_page+0x20/0x120 [ 61.237688][ C0] get_page_from_freelist+0x496e/0x4a20 [ 61.237732][ C0] ? __alloc_pages_noprof+0x7e0/0x7e0 [ 61.237765][ C0] ? static_key_count+0x45/0x70 [ 61.237791][ C0] ? gfp_to_alloc_flags_cma+0x96/0x1c0 [ 61.237829][ C0] ? lruvec_init+0x1c1/0x280 [ 61.237867][ C0] __alloc_pages_noprof+0x35f/0x7e0 [ 61.237908][ C0] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 61.237941][ C0] ? unwind_get_return_address+0x51/0x90 [ 61.237973][ C0] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 61.238000][ C0] ? arch_stack_walk+0x10a/0x170 [ 61.238039][ C0] ? stack_trace_save+0xaa/0x100 [ 61.238065][ C0] stack_depot_save_flags+0x672/0x800 [ 61.238101][ C0] ? __kernel_text_address+0x11/0x40 [ 61.238135][ C0] kasan_save_track+0x4f/0x80 [ 61.238172][ C0] ? kasan_save_track+0x3e/0x80 [ 61.238211][ C0] ? kasan_save_free_info+0x4a/0x60 [ 61.238238][ C0] ? __kasan_slab_free+0x5f/0x80 [ 61.238278][ C0] ? kfree+0x158/0x440 [ 61.238309][ C0] ? krealloc_noprof+0xfa/0x130 [ 61.238343][ C0] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0xc6/0x200 [ 61.238394][ C0] ? _RNvXs9_NtNtCs1ewLyjEZ7Le_6kernel4sync3arcINtB5_3ArcNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoENtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4dropBR_+0x1a9/0x2b0 [ 61.238456][ C0] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x1247/0x21a0 [ 61.238501][ C0] ? _RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x153b/0x5360 [ 61.238587][ C0] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCskDQVOo9v79Q_16rust_binder_main10allocation10AllocationEBK_+0x26/0x1a0 [ 61.238641][ C0] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x6c90/0x8370 [ 61.238681][ C0] ? _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x390/0x2070 [ 61.238731][ C0] ? _RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_24oneway_transaction_innerEB8_+0x2f5/0xb80 [ 61.238777][ C0] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x1988/0xa0f0 [ 61.238813][ C0] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x1019/0x55c0 [ 61.238853][ C0] ? __se_sys_ioctl+0x132/0x1b0 [ 61.238891][ C0] ? __x64_sys_ioctl+0x7f/0xa0 [ 61.238929][ C0] ? x64_sys_call+0x1878/0x2ee0 [ 61.238967][ C0] ? do_syscall_64+0x57/0xf0 [ 61.238997][ C0] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 61.239039][ C0] ? _RNvMs_NtNtCs1ewLyjEZ7Le_6kernel5alloc9allocatorNtB4_7Kmalloc14aligned_layout+0x9a/0x180 [ 61.239078][ C0] kasan_save_free_info+0x4a/0x60 [ 61.239109][ C0] __kasan_slab_free+0x5f/0x80 [ 61.239149][ C0] kfree+0x158/0x440 [ 61.239182][ C0] ? krealloc_noprof+0xfa/0x130 [ 61.239218][ C0] krealloc_noprof+0xfa/0x130 [ 61.239256][ C0] _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0xc6/0x200 [ 61.239306][ C0] ? __cfi__RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0x10/0x10 [ 61.239357][ C0] ? __kasan_slab_free+0x6a/0x80 [ 61.239394][ C0] ? kfree+0x158/0x440 [ 61.239427][ C0] ? krealloc_noprof+0xfa/0x130 [ 61.239464][ C0] ? __cfi__RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main4nodeNtB5_4Node16remove_node_info+0x10/0x10 [ 61.239502][ C0] ? krealloc_noprof+0xfa/0x130 [ 61.239547][ C0] _RNvXs9_NtNtCs1ewLyjEZ7Le_6kernel4sync3arcINtB5_3ArcNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoENtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4dropBR_+0x1a9/0x2b0 [ 61.239610][ C0] ? __cfi__RNvXs9_NtNtCs1ewLyjEZ7Le_6kernel4sync3arcINtB5_3ArcNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoENtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4dropBR_+0x10/0x10 [ 61.239674][ C0] ? __kasan_check_write+0x18/0x20 [ 61.239708][ C0] ? _raw_spin_lock+0x92/0x120 [ 61.239739][ C0] ? __cfi__raw_spin_lock+0x10/0x10 [ 61.239772][ C0] _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x1247/0x21a0 [ 61.239816][ C0] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x10/0x10 [ 61.239865][ C0] ? _RNvMs3_NtCskDQVOo9v79Q_16rust_binder_main11range_allocINtB5_14RangeAllocatorNtNtB7_10allocation14AllocationInfoE11reserve_newB7_+0x2418/0x3d40 [ 61.239916][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.239950][ C0] ? __asan_set_shadow_00+0x12/0x20 [ 61.239980][ C0] ? _RNvMs3_NtCskDQVOo9v79Q_16rust_binder_main11range_allocINtB5_14RangeAllocatorNtNtB7_10allocation14AllocationInfoE11reserve_newB7_+0x2aa5/0x3d40 [ 61.240032][ C0] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ea/0x3d0 [ 61.240078][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.240111][ C0] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ea/0x3d0 [ 61.240154][ C0] ? __cfi__RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x10/0x10 [ 61.240200][ C0] ? __cgroup_account_cputime+0xa5/0xd0 [ 61.240228][ C0] ? __kasan_check_write+0x18/0x20 [ 61.240258][ C0] ? _raw_spin_lock+0x92/0x120 [ 61.240289][ C0] ? __cfi__raw_spin_lock+0x10/0x10 [ 61.240318][ C0] ? update_curr+0xf8/0x9e0 [ 61.240357][ C0] ? _RINvMs4_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x69b/0xc60 [ 61.240402][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.240432][ C0] ? _RINvMs4_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x5e6/0xc60 [ 61.240479][ C0] ? __cfi__RINvMs4_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x10/0x10 [ 61.240531][ C0] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ea/0x3d0 [ 61.240575][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.240607][ C0] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ea/0x3d0 [ 61.240651][ C0] ? __cfi__RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x10/0x10 [ 61.240696][ C0] ? psi_task_switch+0xad/0xa10 [ 61.240728][ C0] ? __kasan_check_write+0x18/0x20 [ 61.240761][ C0] ? __cfi__raw_spin_lock+0x10/0x10 [ 61.240794][ C0] ? _RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x302/0x5360 [ 61.240853][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.240886][ C0] _RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x153b/0x5360 [ 61.240947][ C0] ? irqentry_exit+0x4a/0x60 [ 61.240972][ C0] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 61.241000][ C0] ? stack_depot_save_flags+0x399/0x800 [ 61.241034][ C0] ? kasan_save_track+0x4f/0x80 [ 61.241071][ C0] ? kasan_save_track+0x3e/0x80 [ 61.241107][ C0] ? kasan_save_alloc_info+0x40/0x50 [ 61.241142][ C0] ? __kasan_kmalloc+0x96/0xb0 [ 61.241166][ C0] ? __kmalloc_node_track_caller_noprof+0x251/0x4f0 [ 61.241200][ C0] ? krealloc_noprof+0x8d/0x130 [ 61.241236][ C0] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCskDQVOo9v79Q_16rust_binder_main+0xb4/0x200 [ 61.241277][ C0] ? __cfi__RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x10/0x10 [ 61.241334][ C0] ? __asan_memset+0x39/0x50 [ 61.241365][ C0] ? __asan_set_shadow_00+0x12/0x20 [ 61.241395][ C0] ? _RINvMsj_NtNtCs1ewLyjEZ7Le_6kernel4sync3arcINtB6_9UniqueArcINtNtNtCsb7ts3l0a5c3_4core3mem12maybe_uninit11MaybeUninitNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoEE13pin_init_withNtNtB11_7convert10InfallibleINtNtNtBa_4init10___internal11InitClosureNCNvMs1_B1R_B1P_3news_0B1P_B31_EEB1T_+0x3bd/0x990 [ 61.241475][ C0] ? __cfi__RINvMsj_NtNtCs1ewLyjEZ7Le_6kernel4sync3arcINtB6_9UniqueArcINtNtNtCsb7ts3l0a5c3_4core3mem12maybe_uninit11MaybeUninitNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoEE13pin_init_withNtNtB11_7convert10InfallibleINtNtNtBa_4init10___internal11InitClosureNCNvMs1_B1R_B1P_3news_0B1P_B31_EEB1T_+0x10/0x10 [ 61.241577][ C0] ? kasan_save_alloc_info+0x40/0x50 [ 61.241610][ C0] ? __kasan_kmalloc+0x96/0xb0 [ 61.241633][ C0] ? _RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x181/0x2d0 [ 61.241681][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.241715][ C0] ? _RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x1c8/0x2d0 [ 61.241763][ C0] ? __cfi__RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x10/0x10 [ 61.241808][ C0] ? _raw_spin_unlock+0x45/0x60 [ 61.241841][ C0] ? _RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main4nodeNtB5_4Node16insert_node_info+0x3d3/0x4f0 [ 61.241881][ C0] ? _RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x1c8/0x2d0 [ 61.241929][ C0] ? __cfi__RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x10/0x10 [ 61.241974][ C0] ? desc_read+0x202/0x3e0 [ 61.242000][ C0] ? __kasan_check_write+0x18/0x20 [ 61.242031][ C0] ? desc_read+0x1ab/0x3e0 [ 61.242057][ C0] ? prb_first_seq+0x109/0x1d0 [ 61.242080][ C0] ? __cfi_prb_first_seq+0x10/0x10 [ 61.242129][ C0] ? __kasan_check_write+0x18/0x20 [ 61.242163][ C0] ? desc_read+0x1ab/0x3e0 [ 61.242185][ C0] ? __kasan_check_read+0x15/0x20 [ 61.242219][ C0] ? this_cpu_in_panic+0x56/0x90 [ 61.242242][ C0] ? _prb_read_valid+0x9f3/0xa80 [ 61.242269][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.242303][ C0] ? data_alloc+0x4d0/0x7e0 [ 61.242348][ C0] ? desc_read+0x202/0x3e0 [ 61.242372][ C0] ? __kasan_check_write+0x18/0x20 [ 61.242405][ C0] ? desc_read+0x1ab/0x3e0 [ 61.242431][ C0] ? prb_first_seq+0x109/0x1d0 [ 61.242455][ C0] ? __cfi_prb_first_seq+0x10/0x10 [ 61.242494][ C0] ? __kasan_check_write+0x18/0x20 [ 61.242536][ C0] ? desc_read+0x1ab/0x3e0 [ 61.242560][ C0] ? __kasan_check_read+0x15/0x20 [ 61.242589][ C0] ? this_cpu_in_panic+0x56/0x90 [ 61.242617][ C0] ? _prb_read_valid+0x9f3/0xa80 [ 61.242642][ C0] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 61.242676][ C0] ? _RNvMs_NtNtCs1ewLyjEZ7Le_6kernel5alloc9allocatorNtB4_7Kmalloc14aligned_layout+0x9a/0x180 [ 61.242714][ C0] ? __cfi__RNvMs_NtNtCs1ewLyjEZ7Le_6kernel5alloc9allocatorNtB4_7Kmalloc14aligned_layout+0x10/0x10 [ 61.242751][ C0] ? prb_read_valid+0x80/0x80 [ 61.242777][ C0] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 61.242812][ C0] ? up+0x10a/0x1b0 [ 61.242836][ C0] ? __cfi_up+0x10/0x10 [ 61.242859][ C0] ? krealloc_noprof+0xfa/0x130 [ 61.242896][ C0] ? _RNvNtCs1ewLyjEZ7Le_6kernel5alloc20dangling_from_layout+0x11/0x20 [ 61.242930][ C0] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0xed/0x200 [ 61.242981][ C0] ? __cfi_llist_add_batch+0x10/0x10 [ 61.243008][ C0] ? __cfi__RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0x10/0x10 [ 61.243060][ C0] ? __cfi_console_unlock+0x10/0x10 [ 61.243087][ C0] ? tick_nohz_tick_stopped+0x4c/0x60 [ 61.243118][ C0] ? __irq_work_queue_local+0xc4/0x260 [ 61.243152][ C0] ? irq_work_queue+0xc2/0x160 [ 61.243181][ C0] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main6thread18ScatterGatherStateEEB16_+0x3a3/0x660 [ 61.243235][ C0] ? __cfi_vprintk_emit+0x10/0x10 [ 61.243265][ C0] ? _RINvMNtCskDQVOo9v79Q_16rust_binder_main10allocationNtB3_10Allocation5writeyEB5_+0x470/0x750 [ 61.243306][ C0] ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main6thread18ScatterGatherStateEEB16_+0x10/0x10 [ 61.243362][ C0] ? vprintk_default+0x2a/0x40 [ 61.243396][ C0] ? vprintk+0x93/0xa0 [ 61.243429][ C0] ? _printk+0xde/0x140 [ 61.243455][ C0] ? __cfi___check_object_size+0x10/0x10 [ 61.243492][ C0] ? __cfi__printk+0x10/0x10 [ 61.243525][ C0] ? _copy_from_user+0x87/0xa0 [ 61.243562][ C0] _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCskDQVOo9v79Q_16rust_binder_main10allocation10AllocationEBK_+0x26/0x1a0 [ 61.243616][ C0] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCskDQVOo9v79Q_16rust_binder_main10allocation13NewAllocationEBK_+0x5b/0x80 [ 61.243669][ C0] _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x6c90/0x8370 [ 61.243728][ C0] ? __cfi__RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x10/0x10 [ 61.243824][ C0] ? cgroup_rstat_updated+0x141/0x810 [ 61.243872][ C0] ? __cfi_cgroup_rstat_updated+0x10/0x10 [ 61.243913][ C0] ? is_bpf_text_address+0x17b/0x1a0 [ 61.243946][ C0] ? __cgroup_account_cputime+0xa5/0xd0 [ 61.243974][ C0] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 61.244005][ C0] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 61.244040][ C0] ? kvm_sched_clock_read+0x15/0x30 [ 61.244065][ C0] ? sched_clock_noinstr+0xd/0x30 [ 61.244109][ C0] ? __kasan_check_write+0x18/0x20 [ 61.244144][ C0] ? __switch_to+0xc4f/0x1300 [ 61.244178][ C0] ? __cfi_sched_clock_cpu+0x10/0x10 [ 61.244210][ C0] ? __cfi___switch_to+0x10/0x10 [ 61.244243][ C0] ? psi_task_switch+0xad/0xa10 [ 61.244272][ C0] ? __kasan_check_write+0x18/0x20 [ 61.244306][ C0] ? finish_task_switch+0x1d9/0x760 [ 61.244334][ C0] ? __switch_to_asm+0x3d/0x70 [ 61.244371][ C0] ? __schedule+0x1357/0x1ea0 [ 61.244408][ C0] ? __sched_text_start+0x10/0x10 [ 61.244444][ C0] ? kasan_save_alloc_info+0x40/0x50 [ 61.244476][ C0] ? __kasan_kmalloc+0x96/0xb0 [ 61.244499][ C0] ? preempt_schedule_irq+0xab/0x110 [ 61.244543][ C0] ? __cfi_preempt_schedule_irq+0x10/0x10 [ 61.244581][ C0] ? _RNvMs5_NtCs1ewLyjEZ7Le_6kernel6bitmapNtB5_6Bitmap7set_bit+0xa7/0x250 [ 61.244616][ C0] ? __cfi__RNvMs5_NtCs1ewLyjEZ7Le_6kernel6bitmapNtB5_6Bitmap7set_bit+0x10/0x10 [ 61.244654][ C0] ? raw_irqentry_exit_cond_resched+0x32/0x40 [ 61.244691][ C0] ? irqentry_exit+0x4a/0x60 [ 61.244715][ C0] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 61.244745][ C0] ? __kasan_check_write+0x18/0x20 [ 61.244776][ C0] ? mutex_unlock+0x90/0x240 [ 61.244815][ C0] ? __cfi_mutex_unlock+0x10/0x10 [ 61.244853][ C0] ? _RNvMso_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_14RawVacantEntrymINtNtNtB7_4list3arc7ListArcNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoKyd703a5263dcc8650_EE6insertB1r_+0xff/0x150 [ 61.244913][ C0] ? _RNvMso_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_14RawVacantEntrymINtNtNtB7_4list3arc7ListArcNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoKyd703a5263dcc8650_EE6insertB1r_+0x114/0x150 [ 61.244973][ C0] ? __asan_set_shadow_00+0x12/0x20 [ 61.245004][ C0] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process23insert_or_update_handle+0x1145/0x1db0 [ 61.245048][ C0] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process23insert_or_update_handle+0x10/0x10 [ 61.245102][ C0] ? irqentry_exit+0x4a/0x60 [ 61.245135][ C0] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 61.245173][ C0] ? __cfi__RNvMs5_NtCs1ewLyjEZ7Le_6kernel6bitmapNtB5_6Bitmap7set_bit+0x10/0x10 [ 61.245210][ C0] ? raw_irqentry_exit_cond_resched+0x32/0x40 [ 61.245247][ C0] ? irqentry_exit+0x4a/0x60 [ 61.245270][ C0] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 61.245301][ C0] _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x390/0x2070 [ 61.245352][ C0] ? mutex_unlock+0x90/0x240 [ 61.245388][ C0] ? __cfi__RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x10/0x10 [ 61.245430][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.245467][ C0] ? __asan_set_shadow_00+0x12/0x20 [ 61.245488][ C0] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0xbd3/0x21a0 [ 61.245527][ C0] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x10/0x10 [ 61.245562][ C0] ? _RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main4nodeNtB5_4Node22update_refcount_locked+0x41a/0x8a0 [ 61.245608][ C0] ? __cfi__RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main4nodeNtB5_4Node22update_refcount_locked+0x10/0x10 [ 61.245654][ C0] ? __kasan_check_write+0x18/0x20 [ 61.245688][ C0] ? _raw_spin_lock+0x92/0x120 [ 61.245719][ C0] ? __cfi__raw_spin_lock+0x10/0x10 [ 61.245749][ C0] ? __kasan_check_write+0x18/0x20 [ 61.245783][ C0] ? mutex_unlock+0x90/0x240 [ 61.245820][ C0] ? __cfi_mutex_unlock+0x10/0x10 [ 61.245856][ C0] ? _raw_spin_unlock+0x45/0x60 [ 61.245889][ C0] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main4nodeNtB5_7NodeRef5clone+0x2e7/0x3a0 [ 61.245923][ C0] ? avc_has_perm_noaudit+0x26c/0x360 [ 61.245960][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.245998][ C0] ? avc_has_perm_noaudit+0x28a/0x360 [ 61.246032][ C0] ? avc_has_perm+0x155/0x240 [ 61.246068][ C0] ? __cfi__RNvNtCs1ewLyjEZ7Le_6kernel5error9to_result+0x10/0x10 [ 61.246102][ C0] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process20get_transaction_node+0x6f/0x540 [ 61.246151][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.246183][ C0] ? selinux_binder_transaction+0x165/0x1d0 [ 61.246222][ C0] ? bpf_lsm_binder_transaction+0xd/0x20 [ 61.246258][ C0] _RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_24oneway_transaction_innerEB8_+0x2f5/0xb80 [ 61.246305][ C0] ? __cfi__RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_24oneway_transaction_innerEB8_+0x10/0x10 [ 61.246356][ C0] ? __kasan_check_write+0x18/0x20 [ 61.246391][ C0] ? _raw_spin_lock+0x92/0x120 [ 61.246420][ C0] ? __cfi__raw_spin_lock+0x10/0x10 [ 61.246452][ C0] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x1514/0xa0f0 [ 61.246487][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.246529][ C0] _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x1988/0xa0f0 [ 61.246583][ C0] ? __cfi__RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x10/0x10 [ 61.246684][ C0] ? is_bpf_text_address+0x17b/0x1a0 [ 61.246721][ C0] ? kernel_text_address+0xa9/0xe0 [ 61.246749][ C0] ? __kernel_text_address+0x11/0x40 [ 61.246782][ C0] ? unwind_get_return_address+0x51/0x90 [ 61.246812][ C0] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 61.246839][ C0] ? arch_stack_walk+0x10a/0x170 [ 61.246881][ C0] ? is_bpf_text_address+0x17b/0x1a0 [ 61.246916][ C0] ? kernel_text_address+0xa9/0xe0 [ 61.246947][ C0] ? __kernel_text_address+0x11/0x40 [ 61.246979][ C0] ? unwind_get_return_address+0x51/0x90 [ 61.247007][ C0] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 61.247035][ C0] ? arch_stack_walk+0x10a/0x170 [ 61.247072][ C0] ? stack_depot_save_flags+0x38/0x800 [ 61.247109][ C0] ? kasan_save_track+0x4f/0x80 [ 61.247146][ C0] ? kasan_save_track+0x3e/0x80 [ 61.247180][ C0] ? kasan_save_alloc_info+0x40/0x50 [ 61.247212][ C0] ? __kasan_kmalloc+0x96/0xb0 [ 61.247239][ C0] ? __kmalloc_node_track_caller_noprof+0x251/0x4f0 [ 61.247277][ C0] ? krealloc_noprof+0x8d/0x130 [ 61.247312][ C0] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCskDQVOo9v79Q_16rust_binder_main+0xb4/0x200 [ 61.247351][ C0] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process18get_current_thread+0x6e2/0x1be0 [ 61.247404][ C0] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x3ef/0x55c0 [ 61.247444][ C0] ? __se_sys_ioctl+0x132/0x1b0 [ 61.247482][ C0] ? __x64_sys_ioctl+0x7f/0xa0 [ 61.247528][ C0] ? x64_sys_call+0x1878/0x2ee0 [ 61.247561][ C0] ? do_syscall_64+0x57/0xf0 [ 61.247595][ C0] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 61.247636][ C0] ? kasan_save_alloc_info+0x40/0x50 [ 61.247667][ C0] ? __kasan_kmalloc+0x96/0xb0 [ 61.247691][ C0] ? __kmalloc_node_track_caller_noprof+0x251/0x4f0 [ 61.247727][ C0] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCskDQVOo9v79Q_16rust_binder_main+0xb4/0x200 [ 61.247772][ C0] ? krealloc_noprof+0xfa/0x130 [ 61.247808][ C0] ? _RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreelINtNtNtB7_4sync3arc3ArcNtNtCskDQVOo9v79Q_16rust_binder_main6thread6ThreadEE9raw_entryB1e_+0x416/0x580 [ 61.247872][ C0] ? _raw_spin_lock+0x92/0x120 [ 61.247901][ C0] ? __cfi__RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreelINtNtNtB7_4sync3arc3ArcNtNtCskDQVOo9v79Q_16rust_binder_main6thread6ThreadEE9raw_entryB1e_+0x10/0x10 [ 61.247966][ C0] ? __kasan_check_write+0x18/0x20 [ 61.247997][ C0] ? _raw_spin_lock+0x92/0x120 [ 61.248028][ C0] ? __cfi__raw_spin_lock+0x10/0x10 [ 61.248059][ C0] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process18get_current_thread+0xdaf/0x1be0 [ 61.248111][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.248146][ C0] ? _raw_spin_unlock+0x45/0x60 [ 61.248174][ C0] ? __asan_set_shadow_00+0x12/0x20 [ 61.248205][ C0] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process18get_current_thread+0x9ab/0x1be0 [ 61.248260][ C0] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 61.248313][ C0] ? detach_entity_load_avg+0x7b0/0x7b0 [ 61.248353][ C0] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 61.248385][ C0] ? update_curr+0x6c1/0x9e0 [ 61.248422][ C0] ? __cfi_min_vruntime_cb_rotate+0x10/0x10 [ 61.248462][ C0] ? __enqueue_entity+0x58a/0x630 [ 61.248501][ C0] ? kvm_sched_clock_read+0x15/0x30 [ 61.248536][ C0] ? sched_clock_noinstr+0xd/0x30 [ 61.248576][ C0] ? avc_has_perm_noaudit+0x26c/0x360 [ 61.248610][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.248645][ C0] ? avc_has_perm_noaudit+0x28a/0x360 [ 61.248682][ C0] ? avc_has_perm+0x155/0x240 [ 61.248715][ C0] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main4node7NodeRefEEB16_+0xe4/0x400 [ 61.248773][ C0] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel4sync3arc3ArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtNtB1o_4node4NodeEEEB1o_+0xf9/0x1f0 [ 61.248831][ C0] ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel4sync3arc3ArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtNtB1o_4node4NodeEEEB1o_+0x10/0x10 [ 61.248893][ C0] ? __kasan_check_write+0x18/0x20 [ 61.248927][ C0] ? _raw_spin_lock+0x92/0x120 [ 61.248958][ C0] ? __cfi__raw_spin_lock+0x10/0x10 [ 61.248989][ C0] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process14set_as_manager+0x4eb/0x9b0 [ 61.249040][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.249075][ C0] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process14set_as_manager+0x6c4/0x9b0 [ 61.249130][ C0] ? __kasan_check_write+0x18/0x20 [ 61.249163][ C0] ? _raw_spin_lock+0x92/0x120 [ 61.249195][ C0] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0xfc3/0x55c0 [ 61.249235][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.249266][ C0] _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x1019/0x55c0 [ 61.249310][ C0] ? detach_entity_load_avg+0x7b0/0x7b0 [ 61.249350][ C0] ? __cfi__RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x10/0x10 [ 61.249389][ C0] ? update_curr+0x6c1/0x9e0 [ 61.249425][ C0] ? __cfi_min_vruntime_cb_rotate+0x10/0x10 [ 61.249470][ C0] ? __enqueue_entity+0x58a/0x630 [ 61.249515][ C0] ? cgroup_rstat_updated+0x141/0x810 [ 61.249556][ C0] ? __cfi_cgroup_rstat_updated+0x10/0x10 [ 61.249597][ C0] ? __cgroup_account_cputime+0xa5/0xd0 [ 61.249626][ C0] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 61.249656][ C0] ? update_curr+0x50c/0x9e0 [ 61.249695][ C0] ? update_load_avg+0x506/0x1990 [ 61.249724][ C0] ? __calc_delta+0x280/0x280 [ 61.249758][ C0] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 61.249795][ C0] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 61.249827][ C0] ? __kasan_check_write+0x18/0x20 [ 61.249860][ C0] ? resched_curr+0x119/0x440 [ 61.249896][ C0] ? __cfi_resched_curr+0x10/0x10 [ 61.249930][ C0] ? detach_entity_load_avg+0x7b0/0x7b0 [ 61.249969][ C0] ? __kasan_check_read+0x15/0x20 [ 61.250004][ C0] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 61.250035][ C0] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 61.250068][ C0] ? update_curr+0xf8/0x9e0 [ 61.250105][ C0] ? xfd_validate_state+0x68/0x140 [ 61.250136][ C0] ? save_fpregs_to_fpstate+0x196/0x220 [ 61.250164][ C0] ? __kasan_check_write+0x18/0x20 [ 61.250196][ C0] ? __switch_to+0xc4f/0x1300 [ 61.250232][ C0] ? __cfi___switch_to+0x10/0x10 [ 61.250266][ C0] ? finish_task_switch+0x139/0x760 [ 61.250295][ C0] ? calibrate_delay_converge+0x281/0x2e0 [ 61.250334][ C0] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 61.250362][ C0] ? update_curr+0xf8/0x9e0 [ 61.250401][ C0] ? update_load_avg+0x506/0x1990 [ 61.250428][ C0] ? __calc_delta+0x280/0x280 [ 61.250470][ C0] ? update_load_avg+0x506/0x1990 [ 61.250502][ C0] ? __kasan_check_read+0x15/0x20 [ 61.250544][ C0] ? update_cfs_group+0x127/0x250 [ 61.250580][ C0] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 61.250614][ C0] ? kvm_sched_clock_read+0x15/0x30 [ 61.250638][ C0] ? xfd_validate_state+0x68/0x140 [ 61.250672][ C0] ? save_fpregs_to_fpstate+0x196/0x220 [ 61.250698][ C0] ? __kasan_check_write+0x18/0x20 [ 61.250732][ C0] ? __switch_to+0xc4f/0x1300 [ 61.250766][ C0] ? __cfi___switch_to+0x10/0x10 [ 61.250798][ C0] ? psi_task_switch+0x59e/0xa10 [ 61.250831][ C0] ? _raw_spin_unlock+0x45/0x60 [ 61.250858][ C0] ? finish_task_switch+0x139/0x760 [ 61.250889][ C0] ? __switch_to_asm+0x3d/0x70 [ 61.250923][ C0] ? __schedule+0x1357/0x1ea0 [ 61.250957][ C0] ? avc_has_extended_perms+0x80b/0xe70 [ 61.250993][ C0] ? __asan_memcpy+0x5a/0x80 [ 61.251024][ C0] ? avc_has_extended_perms+0x969/0xe70 [ 61.251063][ C0] ? __asan_set_shadow_00+0x12/0x20 [ 61.251093][ C0] ? do_vfs_ioctl+0x182d/0x2010 [ 61.251129][ C0] ? __ia32_compat_sys_ioctl+0x920/0x920 [ 61.251176][ C0] ? schedule+0xc5/0x240 [ 61.251209][ C0] ? futex_unqueue+0x136/0x160 [ 61.251241][ C0] ? ioctl_has_perm+0x39a/0x500 [ 61.251273][ C0] ? __kasan_check_read+0x15/0x20 [ 61.251303][ C0] ? has_cap_mac_admin+0xd0/0xd0 [ 61.251336][ C0] ? futex_wait+0x2ac/0x7b0 [ 61.251370][ C0] ? __cfi_futex_wait+0x10/0x10 [ 61.251404][ C0] ? selinux_file_ioctl+0x732/0x1480 [ 61.251436][ C0] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 61.251470][ C0] ? do_futex+0x32a/0x510 [ 61.251514][ C0] ? __cfi_do_futex+0x10/0x10 [ 61.251547][ C0] ? __fget_files+0x2c5/0x340 [ 61.251583][ C0] ? bpf_lsm_file_ioctl+0xd/0x20 [ 61.251612][ C0] ? security_file_ioctl+0x3e/0x110 [ 61.251637][ C0] ? __cfi__RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x10/0x10 [ 61.251679][ C0] __se_sys_ioctl+0x132/0x1b0 [ 61.251718][ C0] __x64_sys_ioctl+0x7f/0xa0 [ 61.251774][ C0] x64_sys_call+0x1878/0x2ee0 [ 61.251810][ C0] do_syscall_64+0x57/0xf0 [ 61.251864][ C0] ? clear_bhb_loop+0x50/0xa0 [ 61.251898][ C0] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 61.251930][ C0] RIP: 0033:0x7f223719c799 [ 61.251952][ C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 61.251976][ C0] RSP: 002b:00007f2238099028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 61.252003][ C0] RAX: ffffffffffffffda RBX: 00007f2237415fa0 RCX: 00007f223719c799 [ 61.252025][ C0] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000005 [ 61.252044][ C0] RBP: 00007f2237232c99 R08: 0000000000000000 R09: 0000000000000000 [ 61.252060][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 61.252073][ C0] R13: 00007f2237416038 R14: 00007f2237415fa0 R15: 00007ffc7e6be8b8 [ 61.252099][ C0] [ 61.252108][ C0] Modules linked in: [ 61.252138][ C0] ---[ end trace 0000000000000000 ]--- [ 61.252157][ C0] RIP: 0010:get_stack_info_noinstr+0x1a/0x130 [ 61.252199][ C0] Code: b8 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 49 89 d6 49 89 f4 49 89 ff 21 01 00 00 b3 01 84 c0 75 0f 65 48 8b 05 d3 ac 65 7a 49 39 c4 [ 61.252220][ C0] RSP: 0018:ffffc9000e9e0000 EFLAGS: 00010286 [ 61.252245][ C0] RAX: ffff888113d93900 RBX: ffffc9000e9e0108 RCX: ffffc9000e9e0108 [ 61.252265][ C0] RDX: ffffc9000e9e00e8 RSI: ffff888113d93900 RDI: ffffc9000e9e00d8 [ 61.252284][ C0] RBP: ffffc9000e9e0028 R08: ffffc9000e9e0147 R09: 0000000000000000 [ 61.252305][ C0] R10: ffffc9000e9e00e8 R11: fffff52001d3c029 R12: ffff888113d93900 [ 61.252324][ C0] R13: ffffc9000e9e00d8 R14: ffffc9000e9e00e8 R15: ffffc9000e9e00d8 [ 61.252345][ C0] FS: 00007f22380996c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 61.252371][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 61.252390][ C0] CR2: ffffc9000e9dfff8 CR3: 000000010df18000 CR4: 00000000003526b0 [ 61.252415][ C0] DR0: 0000000000000f80 DR1: 0000000000000000 DR2: 0000000000000000 [ 61.252433][ C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 61.252452][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 61.253032][ C0] Kernel Offset: disabled