last executing test programs:

1m34.62832528s ago: executing program 3 (id=266):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder1\x00', 0x802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0x2301, 0x400000000000001})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$poke(0x4, r2, &(0x7f0000001040), 0x282d)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200)
r4 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
read(r4, &(0x7f0000000080)=""/9, 0x9)
unlinkat(r3, &(0x7f00000003c0)='./file2\x00', 0x200)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001000010700000000e9ffffff0a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x4046014}, 0x400c0)
sendmsg$TIPC_NL_BEARER_GET(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000001440)={0x254, 0x0, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xb}]}, @TIPC_NLA_MON={0x4c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xa5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xfff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffffe}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xde8}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xfffffffc}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}]}, @TIPC_NLA_LINK={0xb4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x225}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_NODE={0x118, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9a}, @TIPC_NLA_NODE_ID={0x1c, 0x3, "dc256d9c20851011717aa02329fbabd4dafad3fd72bb7b88"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0xe5, 0x3, "b7652226f1bee67fe395921852b7c0717d9964b8fa4380f7fea449b040be278d96a953ae6f20adfdba0776abe81277b01a4692af29d8522d56a123dfe59171869a50e94311a29be636921c038684cbd17eb0dad551f0d638bdec9761360a5d46ada54ca33e791f3dcecaf32b0b3ea1290f21d338e578f38330f7345b778d18bdc8986cded169f871a5e8ece8c830a81d10438f0df2ee6b2d087a635e6f28a45e3eac3cf4181a3910975d96094772c5e0dc30be7cda7cdaeb6af8972d22357c5dae9a8ff7146f5f3d0c8b718cc7342e257870728dc60acf4e3eef14bb22251bda76"}]}]}, 0x254}, 0x1, 0x0, 0x0, 0x480c1}, 0x20004008)
recvmmsg(r5, &(0x7f0000005080)=[{{0x0, 0x0, &(0x7f00000031c0)=[{&(0x7f0000000280)=""/198, 0xc6}, {&(0x7f0000000380)=""/174, 0xae}, {&(0x7f0000000440)=""/4086, 0xff6}, {&(0x7f0000002f40)=""/233, 0xe9}], 0x4}, 0x390}, {{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, 0x0}, 0x6}], 0x3, 0x12040, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313, 0x3}], 0x0, 0x1000000, 0x0})

1m34.62806906s ago: executing program 3 (id=267):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x50, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70"})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0xd8b817d4be3b30f7, 0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000040)={0x4, <r1=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000140)=0x7fffffffffffffff})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})

1m34.576172221s ago: executing program 3 (id=268):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0)
ioctl$BLKIOOPT(r0, 0x1279, &(0x7f00000002c0))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', 0x0, 0x69, 0x2)
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB='max=\x00'])

1m34.552943901s ago: executing program 3 (id=269):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="c4e241056335660f3881a16debd364660f35c4e195f671e0c4c2e90a470fb9890b00000f3266bad00466ed960f20e035000001000f22e00f785c6200", 0x3c}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r3, 0x8982, &(0x7f0000000040)={0x3, 'vlan0\x00', {0x2}, 0x9})
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r4, 0x11, 0xb, &(0x7f00000002c0)=0x3ff, 0x4)
r5 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f138d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade5b175c0a9b2ce9c95d92fb386758", 0x5c}], 0x1}, 0x0)
sendto(r5, &(0x7f0000000000)="a0711a8b600e040e50b398c9ee6f0fa08b633a0beb3c6529c9f614841ffdcd36872e581fb64a84b537cac17302ecb8355cde0e616c4ec4fbea2c11a704b7e7b514fbc0d74629841e5dd8a2b38666a89a94f06ee9c878e350f4ec3e31ecab15815cea1e4e40a54bc9c53b0bdfd43d4298008ae6826e70e534735d54f154cde41bfa98e2a197baabd70f5db4549793e6a8cf5648a82fd8420a0300a00af48738c85429e2c4b3059f5df4fb0587cfc8ff602332a0982021b824d2e5107a198bc0d1d4b28c96f20a39a22b7052f5d84e3818bde18d884e33692a529c451456467ad1dc8eb1d93d4d9f1ceb44abc24614378c856b8f0ff5e1170e7d690fed4440ed", 0xff, 0x44800, &(0x7f0000000100)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xff}, 0x80)

1m34.460533263s ago: executing program 3 (id=270):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000100)={0x0, 0x8000, 0x0, 0x9, 0x1}, 0x20)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_TIOCINQ(r2, 0x541b, &(0x7f0000000100))
r3 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029a0003010000000904000000010100000a24010000000201020c24020000000000000800000524050000082407000000009e0c240700000000a3e82f07070d240701060000fd80000000e80924030000000001"], 0x0)
syz_usb_control_io(r3, &(0x7f0000000140)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x407}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r3, &(0x7f0000001840)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000b40)={0x84, &(0x7f0000000500)={0x40, 0x1, 0x2, "3aec"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r3, 0x0, &(0x7f00000009c0)={0x84, &(0x7f00000002c0)={0x40, 0xf, 0x2, '\x00\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f00000001c0)=0x10)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000180)=ANY=[@ANYBLOB='defcontext=\"'])
sendfile(r0, r0, 0x0, 0x5e7d)

1m32.486252337s ago: executing program 3 (id=290):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x12, r1, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000080)='memory.events\x00', 0x0, 0x0)
r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180)=0xfd)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @fda={0x66646185, 0x8, 0x2, 0x40}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

1m17.296771598s ago: executing program 32 (id=290):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x12, r1, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000080)='memory.events\x00', 0x0, 0x0)
r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180)=0xfd)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @fda={0x66646185, 0x8, 0x2, 0x40}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

3.728716286s ago: executing program 4 (id=1481):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0xc1c, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c1ae2008448e5750c3a3d5733b4a2486788550e6353e9b12cc09750d5b9dcd2aedba61d0520e99a51e880d3dd78a2b502029deac1860cf50885f8bf5119491c6b1e06492e98ca64e5e32afbb3b0630cb35b58640afc2188a232f77968c18d2d0e8f91c974edcb3198b4520f530acacb12017216338cc479de3651e8f15f1672397c730e3ca2a189ca4cc85f35dd46aeb67b6a2eb7268a653b190d8ba670490d50f761c1fa25f1954d8fe6bcb15dbc23698c945262b991e6245b9a25b12b13c87bf8a8a06f51784007abd06e01a0c03ee80b236fabb5b22ce797c4d8a739ac96dcf16c93f454463d3631c4cdd2dea6732a486015dc9937ee4e6efbfff46bdd8887094ca4bd94d995f411421c7ef07f949fcc10132f58b7c99a871780d92464594c930b80596baab77b0d68a05d71ca8a1888f3128f12aebac362c4d80870ab3d9f2e77d51f9af16472faff98dda1e0133c8bc2510345d5eb1d64bce64761f4cc39ac6655902338bf1335dc55393995af4447ed1aa4c50bfacd576842560abca3e6c74dcea6dd03d36f9e7f8bda2cf33e3b7da195fba79f5a60421e19910f1fef31b9fa52064ce9ee8c415746a3cab47a8ad8477e9f21e9ee804a85dc568439b95c01bbbc3fa16a8c26bd81b01b8849795b2370f591e2a8e175cd465a600a541839bc734271b4b3afb2303dc1cf12bee00080ad10658c97672ad023e89f23d9301b5dbf1a7ba6d6c2b8dbd300f05f36a095f188b56fd3ba8e871aaf22e2128696e7232cb22f4f5404a3d1256a11665caaead326faad340031cafb99edbceba7bac44c7d2720aedba9cb708dae55b192a1e31835fae8756f062c151f6778b1d93c2d1f8b479ae9bbe1255abcef9beaa95b558fbbc9a979d46580aa85b10f160b438bea64f23b8e605ce34d2b46bbf8bfbfa683b10f55b3d30c58675dd1a524495e5d42c7d02dc60b853e8b3ed2caf41cd24a8a1d044e27d48b2184bac00730f7c20a1ba2bb6b6a5381a3d359d8e721504bbbce18ee49031b48c278a5730f31fb83f6cf32ac98326b722d3e2d7b38a7b80b94a3eb2b69fb1aefc8c0bbe431191f0ed76141a8365621e4f7118dd4465b4642bdb0af21d30c8cfb1d5201852c0428b1983d91f706e814c1395888b1c2a3516ea20a93d868e27c3c9b68a9cda4befc389b57661a4ff37137628ec96bcb625fd10324625ac1589c2918c66f811a323a19ab30bcf28fc20b64176e319d58f74578093e32ba9f51b255693dda9514ff43f6ef6010143554305073e94be322daa024cb7efcf405ea4924bfa72633b766365fee1d59d1a94717450657ff3b72853785e91f94ca1502b129eafa718633bec1557fb1e0ae2887e6e8c0fdd9f3f99de03c0af7364781766520d90c15b0e2a4c43613089dbecc4dd68be74204809f0270370097642d54388ccbb54b58be8b5796eac48ef5f17752eaa7301f075faee593aae71ee0e0ca1f45a22e7cede3597f14a344796ceec33e98b3b89e031c0d757e83d5093322d9afc9898f80b2e9bb17bc8b2b164d048c1b912f6cd92979df629efcb94968cca6e65b9b078677698fa4937a2ec23edd00971a5505ecc65fe150d3d00a34e52cc64951937fc79014b0df8d2c9c35f06209f45556278fa7ecfc70a92eca165bbd493686fb4c0cd607cec994657149a61da2e09414944c557be54908197724174247194d435b25bf78ec4cc164a574662eb4d1e4d784a6ea0c71dd1a16e53a7b8a27fcec679346afe90a05e06b276fe972d5e1d3486e0452d0a9a1636ab9c517f371a0592ef34513a9a4"})
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x8, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}}, [@tmpl={0x44, 0x5, [{{@in6=@private2, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x2, 0x4, 0x3}]}]}, 0xfc}}, 0x48000)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=ANY=[@ANYBLOB="a0000000210001000000000000000000fc0200000000000000000000000000006401010200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000050001100ac1414aa0000000000000000000004007f000001000000000000000000000000fe880000000000000000000000000101fe8000000000000000000000000000aa3c040000020000000a"], 0xa0}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

3.714661106s ago: executing program 4 (id=1483):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
syz_usb_connect(0x2, 0x432, &(0x7f0000000100)={{0x12, 0x1, 0x110, 0xbd, 0x33, 0xa3, 0x40, 0x7c9, 0x12, 0x482e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x420, 0x1, 0x5, 0x53, 0x50, 0x0, [{{0x9, 0x4, 0xaa, 0x3, 0xe, 0x4a, 0x49, 0xdd, 0x6, [@uac_control={{0xa, 0x24, 0x1, 0x10, 0xc}, [@selector_unit={0x6, 0x24, 0x5, 0x5, 0x2, 'L'}, @output_terminal={0x9, 0x24, 0x3, 0x1, 0x307, 0x2, 0x6, 0x1}, @extension_unit={0xc, 0x24, 0x8, 0x3, 0x40, 0x7, "7682459163"}]}], [{{0x9, 0x5, 0xb, 0x8, 0x10, 0x0, 0x6, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x8, 0x5}]}}, {{0x9, 0x5, 0xe, 0x0, 0x400, 0x5, 0x5, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x7, 0xa5f}, @generic={0x101, 0x13, "5661b1d52220f398d8aa3780450814edec10cea20995db45878d4a62cc795684057db34ee118b3badec4aa3b8e55ae44f3ecf0c5864af4b2c6e7bc7a8d07de327b8d49f43f61aa0eebc68738e48bc3df55864c916d39bd6049877a32879e0c05231a31a0a1241ea7e0036ea03c657d6937b7d8235051cfaef080ce57c1954c6d2075fa0b33804a3062ef175445f35affb88355c8f1877e8720979254092802699c8356f77e673cea1fa57624c439b531fef3165901d87117be38c8c01cac1c3807772a0557bc1abed696b0892f323c441e8bb5258db5cb06a2e6b5cec67f86afc4b71aaefe02b83e9f2280f579026ad70055a984cc377b92b60e41c8ddd476"}]}}, {{0x9, 0x5, 0xb, 0x0, 0x400, 0x9, 0xec, 0xd, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x9, 0x3}]}}, {{0x9, 0x5, 0x8, 0x3, 0x200, 0x6, 0x16, 0x7}}, {{0x9, 0x5, 0xc, 0x2, 0x3ff, 0x6, 0x31, 0x65, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x8, 0x1}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x81, 0x8}]}}, {{0x9, 0x5, 0x1, 0x8, 0x40, 0x80, 0x4, 0x0, [@generic={0xe0, 0xa, "5ed661daddadbd29e848188e9ea774f2bc663c5dbafa2c0b0427ee0a513bbbc74d754efa67c07ca30c72fe312d682d6f74bf303c02cb41280f1cddc0de0ffa49aee824e28579f75a6f60e27e30cb4dda12af42560b96247606290bf68e08ad1685000d7ab54267bf570554aee42a32e9fdc7024e87a2ea645971a2ee710d6cb0132ab70aadff5f8f688660396dcc13885bfeb69527068da9fce461fc6a511e956b8e9bbad195a99596eccc483b6b7b43bd5cabff648852b7becc3793c7a1fc84e082ac991ab298c2a96a058d7f73482ab71b598f9bf62949d060446dedee"}]}}, {{0x9, 0x5, 0x80, 0x0, 0x10, 0xde, 0x7, 0x7f, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0xd}]}}, {{0x9, 0x5, 0xd, 0x1, 0x8, 0x9, 0x6, 0x1}}, {{0x9, 0x5, 0xe, 0x10, 0x400, 0xe, 0x7f, 0x3}}, {{0x9, 0x5, 0x5, 0x1, 0x400, 0x9, 0x5, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x4, 0x7}, @generic={0xb2, 0xc, "5b2c102feca58c2c22e2ae54091435bedbcc24db555138d32db8f45d0a6b644a3a6d4bdac2da713aeaa64fffa83dbb186e617701c182b7f48b0d6c676ef272f74fd46771eb89372ed945ab5f788f72f72fb1e3064f4b6a52219cd9bd1e7a3ea151ba1bd4784e56bf8aa94564c8b3f6e177146913ad4af8c02979b054498716263c1331e9175c64326efcbe4326864ebe8ff021be18b50cf23e1b9c203e8fc674c254f058ee87ccad23f889866ea9af88"}]}}, {{0x9, 0x5, 0xe, 0x8, 0x40, 0x8, 0x3, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x4, 0x10}]}}, {{0x9, 0x5, 0x8, 0x10, 0xe15167d690879979, 0xab, 0xb5, 0xc7, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x0, 0x1}, @generic={0x7e, 0x11, "b29cda09c36af6b3eea719feee05938fdfc3dd6b6434775ad8431a6260c2e8ecef2c0e0f57ad9269fc989361ff8885067c2df8d0c0df9461685d401784164142dcd9a53bc8fff0ac65fcc56c624d02ff79282a83ba02db3a0ca3d8b04006e911902053dafbb5803f1ce290add109f5f725b2cb681215bea9eede10b6"}]}}, {{0x9, 0x5, 0xb, 0x1, 0x200, 0x0, 0x68, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xad, 0x1}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0x8, 0x5}]}}, {{0x9, 0x5, 0xd, 0x0, 0x10, 0xf7, 0x5e, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x9, 0x5}, @uac_iso={0x7, 0x25, 0x1, 0x83, 0x9, 0x1}]}}]}}]}}]}}, &(0x7f0000000680)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x210, 0x3, 0x12, 0x0, 0x8, 0x9}, 0xff, &(0x7f0000000540)={0x5, 0xf, 0xff, 0x5, [@generic={0x8f, 0x10, 0x0, "bd114364258b2daf4ffdbecc7889d81abd9a212fb76d8634ef1e4d16a8577e9b8bb141d4b7df20fb18b6cdefa094e4522f89fe800591193a5a850d0d7e5650fb4001c8e243f8810e105f88bb8d21088897e086303868f36360304025ef7d8520aef2015dd8542bbe441e8e05074f7c4c4d8e978a42f1d7760060461b08be6fd0edc4e1137696d8792e345ff7"}, @generic={0x45, 0x10, 0x1, "c92e3729f6c104b2092cbe12d4f7ea9b57e177388de6d3b0adfe731b15d9f9893e3ca5cac9346da4b737749b83512b3dcfb6594b4604818aadb2d733df979ef82a54"}, @ext_cap={0x7, 0x10, 0x2, 0x16, 0xe, 0x4, 0x8}, @ss_container_id={0x14, 0x10, 0x4, 0x9, "1fd42fa65ab5d36a028780f5010094f0"}, @wireless={0xb, 0x10, 0x1, 0x2, 0x3, 0x6, 0xf9, 0x3, 0x1}]}, 0x2, [{0x4, &(0x7f0000000080)=@lang_id={0x4, 0x3, 0x280a}}, {0x17, &(0x7f0000000640)=ANY=[@ANYBLOB="17037baefd62da1af2e7756abf6ed41282433449"]}]})
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x13, r1, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)

2.428546058s ago: executing program 4 (id=1502):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000980), 0x0, 0x0)
ioctl$SIOCGSKNS(r3, 0x894c, 0x0)
getsockopt$netlink(r2, 0x10e, 0x8, &(0x7f0000000040)=""/60, &(0x7f0000000080)=0x3c)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x3e, 0x4, @tid=r1}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
sendfile(r0, r0, 0x0, 0x7ffff000)
socketpair(0x15, 0x5, 0x1, &(0x7f0000000040))

2.279149211s ago: executing program 4 (id=1509):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0xc1f, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c1ae2008448e5750c3a3d5733b4a2486788550e6353e9b12cc09750d5b9dcd2aedba61d0520e99a51e880d3dd78a2b502029deac1860cf50885f8bf5119491c6b1e06492e98ca64e5e32afbb3b0630cb35b58640afc2188a232f77968c18d2d0e8f91c974edcb3198b4520f530acacb12017216338cc479de3651e8f15f1672397c730e3ca2a189ca4cc85f35dd46aeb67b6a2eb7268a653b190d8ba670490d50f761c1fa25f1954d8fe6bcb15dbc23698c945262b991e6245b9a25b12b13c87bf8a8a06f51784007abd06e01a0c03ee80b236fabb5b22ce797c4d8a739ac96dcf16c93f454463d3631c4cdd2dea6732a486015dc9937ee4e6efbfff46bdd8887094ca4bd94d995f411421c7ef07f949fcc10132f58b7c99a871780d92464594c930b80596baab77b0d68a05d71ca8a1888f3128f12aebac362c4d80870ab3d9f2e77d51f9af16472faff98dda1e0133c8bc2510345d5eb1d64bce64761f4cc39ac6655902338bf1335dc55393995af4447ed1aa4c50bfacd576842560abca3e6c74dcea6dd03d36f9e7f8bda2cf33e3b7da195fba79f5a60421e19910f1fef31b9fa52064ce9ee8c415746a3cab47a8ad8477e9f21e9ee804a85dc568439b95c01bbbc3fa16a8c26bd81b01b8849795b2370f591e2a8e175cd465a600a541839bc734271b4b3afb2303dc1cf12bee00080ad10658c97672ad023e89f23d9301b5dbf1a7ba6d6c2b8dbd300f05f36a095f188b56fd3ba8e871aaf22e2128696e7232cb22f4f5404a3d1256a11665caaead326faad340031cafb99edbceba7bac44c7d2720aedba9cb708dae55b192a1e31835fae8756f062c151f6778b1d93c2d1f8b479ae9bbe1255abcef9beaa95b558fbbc9a979d46580aa85b10f160b438bea64f23b8e605ce34d2b46bbf8bfbfa683b10f55b3d30c58675dd1a524495e5d42c7d02dc60b853e8b3ed2caf41cd24a8a1d044e27d48b2184bac00730f7c20a1ba2bb6b6a5381a3d359d8e721504bbbce18ee49031b48c278a5730f31fb83f6cf32ac98326b722d3e2d7b38a7b80b94a3eb2b69fb1aefc8c0bbe431191f0ed76141a8365621e4f7118dd4465b4642bdb0af21d30c8cfb1d5201852c0428b1983d91f706e814c1395888b1c2a3516ea20a93d868e27c3c9b68a9cda4befc389b57661a4ff37137628ec96bcb625fd10324625ac1589c2918c66f811a323a19ab30bcf28fc20b64176e319d58f74578093e32ba9f51b255693dda9514ff43f6ef6010143554305073e94be322daa024cb7efcf405ea4924bfa72633b766365fee1d59d1a94717450657ff3b72853785e91f94ca1502b129eafa718633bec1557fb1e0ae2887e6e8c0fdd9f3f99de03c0af7364781766520d90c15b0e2a4c43613089dbecc4dd68be74204809f0270370097642d54388ccbb54b58be8b5796eac48ef5f17752eaa7301f075faee593aae71ee0e0ca1f45a22e7cede3597f14a344796ceec33e98b3b89e031c0d757e83d5093322d9afc9898f80b2e9bb17bc8b2b164d048c1b912f6cd92979df629efcb94968cca6e65b9b078677698fa4937a2ec23edd00971a5505ecc65fe150d3d00a34e52cc64951937fc79014b0df8d2c9c35f06209f45556278fa7ecfc70a92eca165bbd493686fb4c0cd607cec994657149a61da2e09414944c557be54908197724174247194d435b25bf78ec4cc164a574662eb4d1e4d784a6ea0c71dd1a16e53a7b8a27fcec679346afe90a05e06b276fe972d5e1d3486e0452d0a9a1636ab9c517f371a0592ef34513a9a4e961cd"})
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x8, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}}, [@tmpl={0x44, 0x5, [{{@in6=@private2, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x2, 0x4, 0x3}]}]}, 0xfc}}, 0x48000)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=ANY=[@ANYBLOB="a0000000210001000000000000000000fc0200000000000000000000000000006401010200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000050001100ac1414aa0000000000000000000004007f000001000000000000000000000000fe880000000000000000000000000101fe8000000000000000000000000000aa3c040000020000000a"], 0xa0}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

2.241194112s ago: executing program 4 (id=1513):
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@remote, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e22, 0x6, 0x4e22, 0x0, 0x2, 0x0, 0x20, 0x33}, {0x535, 0x5, 0x80, 0x1, 0x4, 0x4000000000003, 0xfe6, 0xa}, {0x8c, 0x7, 0xf5dc, 0xec}, 0x1ff, 0x6e6bbf, 0x2, 0x0, 0x2, 0x3}, {{@in=@remote, 0x4d2, 0xff}, 0xa, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x3501, 0x4, 0x1, 0x9, 0x94d, 0x3, 0x3e8e}}, 0xe8)
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x8241, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x18, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
sendto$inet(r3, &(0x7f0000000240)="b76dde7f", 0x4, 0x404c851, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/power/pm_async', 0x1, 0x0)
write$cgroup_pid(r5, &(0x7f00000004c0)=0xffffffffffffffff, 0x12)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000001c0)={0x1fd, 0x0, 0x10000, 0x2000, &(0x7f0000001000/0x2000)=nil})
getdents64(r5, &(0x7f0000000100)=""/141, 0x8d)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x2, 0xffff1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000000)={[{0x80000000, 0x3, 0xc2, 0x4f, 0x40, 0x6, 0x2, 0x1, 0x34, 0x44, 0x8, 0x0, 0x9}, {0xb, 0x1, 0x6, 0x8, 0x8, 0xfc, 0x4, 0x3, 0xa, 0x13, 0x4, 0x6}, {0x0, 0x7, 0xd, 0x10, 0x25, 0x9, 0x0, 0xfb, 0x4, 0x5, 0x0, 0x2, 0x4}], 0x9})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x3fffffffffffffff, 0x81, 0xfffffffffffffffd, 0x8, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x103, 0x0, 0x0, 0xe, 0x7fffffffffffffff, 0x0, 0xfffffffffffffffd], 0xeeee8000, 0x2011c0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000700)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000000)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r7, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f00000021c0)=ANY=[@ANYBLOB="3d8879"])

1.17292488s ago: executing program 0 (id=1548):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0xc1f, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c1ae2008448e5750c3a3d5733b4a2486788550e6353e9b12cc09750d5b9dcd2aedba61d0520e99a51e880d3dd78a2b502029deac1860cf50885f8bf5119491c6b1e06492e98ca64e5e32afbb3b0630cb35b58640afc2188a232f77968c18d2d0e8f91c974edcb3198b4520f530acacb12017216338cc479de3651e8f15f1672397c730e3ca2a189ca4cc85f35dd46aeb67b6a2eb7268a653b190d8ba670490d50f761c1fa25f1954d8fe6bcb15dbc23698c945262b991e6245b9a25b12b13c87bf8a8a06f51784007abd06e01a0c03ee80b236fabb5b22ce797c4d8a739ac96dcf16c93f454463d3631c4cdd2dea6732a486015dc9937ee4e6efbfff46bdd8887094ca4bd94d995f411421c7ef07f949fcc10132f58b7c99a871780d92464594c930b80596baab77b0d68a05d71ca8a1888f3128f12aebac362c4d80870ab3d9f2e77d51f9af16472faff98dda1e0133c8bc2510345d5eb1d64bce64761f4cc39ac6655902338bf1335dc55393995af4447ed1aa4c50bfacd576842560abca3e6c74dcea6dd03d36f9e7f8bda2cf33e3b7da195fba79f5a60421e19910f1fef31b9fa52064ce9ee8c415746a3cab47a8ad8477e9f21e9ee804a85dc568439b95c01bbbc3fa16a8c26bd81b01b8849795b2370f591e2a8e175cd465a600a541839bc734271b4b3afb2303dc1cf12bee00080ad10658c97672ad023e89f23d9301b5dbf1a7ba6d6c2b8dbd300f05f36a095f188b56fd3ba8e871aaf22e2128696e7232cb22f4f5404a3d1256a11665caaead326faad340031cafb99edbceba7bac44c7d2720aedba9cb708dae55b192a1e31835fae8756f062c151f6778b1d93c2d1f8b479ae9bbe1255abcef9beaa95b558fbbc9a979d46580aa85b10f160b438bea64f23b8e605ce34d2b46bbf8bfbfa683b10f55b3d30c58675dd1a524495e5d42c7d02dc60b853e8b3ed2caf41cd24a8a1d044e27d48b2184bac00730f7c20a1ba2bb6b6a5381a3d359d8e721504bbbce18ee49031b48c278a5730f31fb83f6cf32ac98326b722d3e2d7b38a7b80b94a3eb2b69fb1aefc8c0bbe431191f0ed76141a8365621e4f7118dd4465b4642bdb0af21d30c8cfb1d5201852c0428b1983d91f706e814c1395888b1c2a3516ea20a93d868e27c3c9b68a9cda4befc389b57661a4ff37137628ec96bcb625fd10324625ac1589c2918c66f811a323a19ab30bcf28fc20b64176e319d58f74578093e32ba9f51b255693dda9514ff43f6ef6010143554305073e94be322daa024cb7efcf405ea4924bfa72633b766365fee1d59d1a94717450657ff3b72853785e91f94ca1502b129eafa718633bec1557fb1e0ae2887e6e8c0fdd9f3f99de03c0af7364781766520d90c15b0e2a4c43613089dbecc4dd68be74204809f0270370097642d54388ccbb54b58be8b5796eac48ef5f17752eaa7301f075faee593aae71ee0e0ca1f45a22e7cede3597f14a344796ceec33e98b3b89e031c0d757e83d5093322d9afc9898f80b2e9bb17bc8b2b164d048c1b912f6cd92979df629efcb94968cca6e65b9b078677698fa4937a2ec23edd00971a5505ecc65fe150d3d00a34e52cc64951937fc79014b0df8d2c9c35f06209f45556278fa7ecfc70a92eca165bbd493686fb4c0cd607cec994657149a61da2e09414944c557be54908197724174247194d435b25bf78ec4cc164a574662eb4d1e4d784a6ea0c71dd1a16e53a7b8a27fcec679346afe90a05e06b276fe972d5e1d3486e0452d0a9a1636ab9c517f371a0592ef34513a9a4e961cd"})
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x48000)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=ANY=[@ANYBLOB="a0000000210001000000000000000000fc0200000000000000000000000000006401010200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000050001100ac1414aa0000000000000000000004007f000001000000000000000000000000fe880000000000000000000000000101fe8000000000000000000000000000aa3c040000020000000a"], 0xa0}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

1.15669517s ago: executing program 0 (id=1549):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x4, 0x3, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000006c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x25, &(0x7f0000000100)={0x0, 0x2, 0x80000000000fffe, 0x40000001})
fcntl$lock(r2, 0x6, &(0x7f0000000080)={0x0, 0x2, 0x1, 0x9})
fcntl$lock(r2, 0x5, &(0x7f00000000c0)={0x1, 0x1, 0x401, 0x401})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
recvfrom$inet_nvme(r4, 0x0, 0x0, 0x10000, 0x0, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000080)={0x1, r4})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/kheaders.tar.xz', 0x220f00, 0x228)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$NS_GET_USERNS(0xffffffffffffffff, 0x8004b707, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x2082, 0x0)
close(r6)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x8004)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r9, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r10 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x4, r10, r10, r10, 0x1)

1.100304722s ago: executing program 2 (id=1552):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000180)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000000)={@fda={0x66646185, 0x8, 0x1, 0x28}, @fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000080)={0x0, 0x20, 0x38}}, 0x1000}], 0x0, 0x0, 0x0})

1.093765471s ago: executing program 2 (id=1553):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000240)={'fscrypt:', @desc3}, &(0x7f0000001580)={0x0, "e5cf9087c0bc4eecd575619bf7fe717b09a75040d67944bdf74658aa573ec7ec5fd9ecb3bf2ad2cceb6d2f7879709ab2db2fcfa073f7ab9055774346282c82cc", 0x17}, 0x48, 0xfffffffffffffffb)
keyctl$update(0x2, r1, &(0x7f0000001600)='a`h', 0x3)
ioprio_set$uid(0x3, 0x0, 0x0)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
read(r2, &(0x7f0000000040)=""/141, 0x8d)
read$FUSE(0xffffffffffffffff, &(0x7f0000001640)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
prlimit64(r3, 0xe, &(0x7f0000000000)={0x9, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
r4 = syz_clone(0x1000000, 0x0, 0xfffffd11, 0x0, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r5)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r6 = syz_open_procfs(r4, &(0x7f0000000040)='stat\x00')
pread64(r6, &(0x7f0000000140)=""/15, 0xf, 0x4)
sendfile(r2, r2, 0x0, 0x7ffff000)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), r6)
sendmsg$TIPC_CMD_SHOW_PORTS(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, r8, 0x1, 0x70bd28, 0x25dfdbfc}, 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x24048800)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x6b59)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000a00)=ANY=[@ANYBLOB="400000001900150000000000ffffffff0a0000000202000000000000240009801c00000000000000080005"], 0x40}], 0x1}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r10 = socket(0x10, 0x3, 0x0)
sendto$inet6(r10, &(0x7f0000000100)="c10e000018001f06b9409b0dffff110d0207be040205060506100a044300040018000000fac8388827a685a168d9a44604094565360c648dcaaf6c26c291214549932fde4a460c89b6ec0cff3959547f509058ba86c902fc3a10004a320c0400160005000a00000000000000000000080756ede4ccbe5880", 0xec1, 0x0, 0x0, 0x9e5e111c47e3504f)
r11 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)

818.083056ms ago: executing program 2 (id=1554):
r0 = socket(0x8000000010, 0x2, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b86803000aab087a0400000001481193210001c0f0030584050060100000000081039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x3a) (async)
r2 = dup3(r1, r1, 0x80000) (async)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) (async)
sigaltstack(&(0x7f0000002180)={&(0x7f0000001180)=""/4096, 0x1, 0x1000}, 0x0) (async)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='devices.list\x00', 0x275a, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f0000000740)={0x4, 0x5, 0x0, {0x0, 0x6}}, 0x30) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000000000/0x2000)=nil, 0x2000}, 0x3}) (async)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{}, {0x0, 0x989680}}, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
setsockopt$inet_mtu(r3, 0x0, 0xa, &(0x7f0000000140)=0x1, 0x4)
write$UHID_CREATE2(r6, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0) (async)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af04, 0x0) (async)
setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, &(0x7f0000000080)=0x2, 0x4) (async)
pread64(r2, &(0x7f0000000000)=""/97, 0x61, 0x28) (async)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

817.204546ms ago: executing program 2 (id=1555):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1181})
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r2 = signalfd4(r0, &(0x7f0000000000), 0x8, 0x800)
mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, r1, 0x0, 0x110, r2, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f0000000100)={{}, 'syz0\x00'})
ioctl$UI_SET_KEYBIT(r4, 0x40045565, 0x1fa)
ioctl$UI_DEV_CREATE(r4, 0x5501)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000140)={0x8, 0x0, &(0x7f0000000040)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000e00)=[@request_death={0x400c6313}, @clear_death={0x400c6313}], 0x0, 0x0, 0x0})

802.739876ms ago: executing program 2 (id=1556):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r1, &(0x7f0000000000), 0x2002) (async)
r2 = socket(0x10, 0x803, 0x0)
sendto(r2, &(0x7f00000005c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x20000090, 0x0, 0x0) (async)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)={"c467b883b4b2c597c3c27fd16f348e5fa553805a7d48036535e0ec821a76bd1ba148daaaff10b33c03b09688af41dc349665db532bd99683fb1ab31efc9250fa7882b91c9afca084a6904a475d430b2041f26e051eb3edf02d5282c79bef1655c35782b131461cdc62cbaffd9ed45aa64bd33cd3b4ccb4f30a1554986d5d0b71128a5b0a21d776d73bb6f9ef6a3def008f73a272400ea71eca582e5f8952a63f0d9fa2ad6e6a13448ae3a63d7dfe8fd8d3e69277ddff563a53afe380cbd8410d276f1bcfc0b2d56d4ec7dae0c14d0b5c268aae7845ba633e2006a360f72465a859c1d314d9372f2cd5734990ae3510fb855bfd5156d5f21d72156ba5a9de914d8639e305a05c127122103b59b5f82d2a82ba8ab6f1b678c0c3329b61b5d0a77fe1ac79a6daffbf4fafb536ef7d90cde846f51f64b58a28e3f34d1c370e70cb95e0ea6a9de0ca4aff44557cd4b9d8f7c6c76d90b5b57b9661bfbb383632a2bf89f70a87d669f51903c04cc9576cca9556b703379a45d52a65e427889d7556ed0b057154be6a6f95c78e03cb0afb5336c3da54c3ef06001488a3d8ce21e5b6c440b5c6ef5a4f5f7fdeecc52ba9695b06b38e20abed372afbd6f371b52146cf7fb8cb188f4e3b7c73ae2fe785f9953690a681c30be5f8d45ca6e6e2638a0ec2b353e6b37f7ab0c93f34b4c334f68f15b9476b40f7ecade2aa57ccf5ddec999b990b9b6e0aeacd8a6477e502a8a202ec7bad030000003a7249fdab39a9368a8cafdf87cd6ae485c4bbd0100ad4e2d6a1186bcbd2854f95a241cc4eeec67d397fdd6f94786eded36e4e811c5f5235e892c4588721438aabe14611b5e9ac053e268bbc2e7ff044687b1259243f8da86bc00165dd7764041e6d5b4fe4accfe3cd2ae6379f92ae37aaf9122d167bb037de518a8370e0c5809700f390e24122c79c4b4eaf4694715eec8dfcba19ee202b64f0d7063224cb0e0e3d50ad306f8cc69980b1c90b10d1dd3453065da2a36f53f5a075ca8b07ec431bef6f7ec3837ff256a0a8a230ddcd2dbc6fab975ddfd2cec7fdc343c68926c08958e80a8de323bd483654c7e60dee6656c126343b73325aeb29746df12de5e8ea24c5b827c983737a43faa31d6b3b8fa50fe098c5861a6a8496e9d66a3545b09fe802dbd6b36bcb073c49722d9ee65f87c5cf173f987e74b2497b62ca92c9c4b4c68cc1978804fc147ae04b916b26e4e6be536921f14361fd6b510d76b936e2fbe03cd68cc0a043781240e311561d3e04ddbc0b041a9c4c749b122c2cbff764c1d3dc057b33b2bea8aae76b6ddb7ea64ae2ff38e65e15db9f9412151cd64927d982eebc76512452ce2479ce10b9fa3504274011fafac6f9912ed769cd42ab17b25eb9eb852a40e4a9e2ac7b3ce0c656b3b0b7fd818e8d7b458d6482f6f4ccbba5d0f74f702b00b7848c3d78"}) (async)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
r3 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe0000009058202"], 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000200)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r4 = syz_usb_connect(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$uac1(r4, 0x0, 0x0) (async)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x42002, 0x180)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeec, 0x8031, 0xffffffffffffffff, 0x4000) (async)
write$cgroup_int(r5, &(0x7f00000001c0)=0x700, 0x12) (async)
recvmmsg(r2, &(0x7f0000002000)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000900)=""/4104, 0x1008}], 0x1}, 0x401}], 0x1, 0x40010022, 0x0) (async)
socket(0x3, 0x2, 0xfffffffc) (async)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x9}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108) (async)
r6 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r6, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) (async)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r7, 0xffffffffffffffff, 0x0)
r8 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r8, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote, 0x1000}}}, 0x108) (async)
r9 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r9, &(0x7f0000000040)="e2", 0x12d8) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x2}, {0x6}]}) (async)
syz_usb_control_io$cdc_ecm(r4, &(0x7f0000000500)={0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="00085b0000005b30a9024ea5b4f8621d799a6e3dfa533b1b39323935bab3d8cfdaee8dd1afb82e735dedd69f85670766f47da8e538980e505b45e472892b8f39b5fc91ed22f4da4b9fcc1e0984d42af4bc9eecc9633af51ec9debdc11e1402b7c0"], &(0x7f0000000480)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000740)={0x1c, &(0x7f0000000600)={0x40, 0x3, 0xf2, "ffaca80194a46a1ca1be32b3a97002598329815831da54757db99e89fad44072a13030a143231c4dcfeb01ac640082c1423d4b041b917468d34c7d7c3619d28e807e819c32fc5cfea3a21698b9c291689980a56159b17f58933a7f0fc6f62eac8b72e1664783243ac149efc422dc041b924407a88710bdcb058e46f74f50b71d0eee846208a06bcc213dc8d9162a39e8824153b4d81f264929faf30b01507523d30fdc556f11ab1cc9f4001fa96feb45d43cf25610d7e84017706e4b884c932d11d42561bc3bf02d740d3abfcb2404dacd7e2c298a93608e1e37b7dfa5be822bf572f89a9de74d27d689ea0b6da701fbb6fd"}, &(0x7f0000000540)={0x0, 0xa, 0x1, 0xb}, &(0x7f0000000700)={0x0, 0x8, 0x1, 0xd}})

544.382671ms ago: executing program 0 (id=1560):
timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000140))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x28, &(0x7f0000000000)=0x3ff, 0x4)
rt_sigprocmask(0x2, &(0x7f0000000040)={[0xffff]}, &(0x7f0000000080), 0x8)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x2}}, 0x2e)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x8, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00', 0x3}}}, 0x3a)
r4 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r4, 0x0)
ioctl$PPPIOCGFLAGS(r3, 0x8004745a, 0x0)
kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, &(0x7f0000000580)=""/176, 0xb0)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', 0x0, 0x120020, &(0x7f0000000000)=ANY=[@ANYBLOB='defcontext', @ANYRESOCT])
timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000140)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) (async)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
socket$key(0xf, 0x3, 0x2) (async)
setsockopt$sock_int(r1, 0x1, 0x28, &(0x7f0000000000)=0x3ff, 0x4) (async)
rt_sigprocmask(0x2, &(0x7f0000000040)={[0xffff]}, &(0x7f0000000080), 0x8) (async)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x2}}, 0x2e) (async)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x8, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00', 0x3}}}, 0x3a) (async)
memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0) (async)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r4, 0x0) (async)
ioctl$PPPIOCGFLAGS(r3, 0x8004745a, 0x0) (async)
kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0) (async)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) (async)
getdents(r5, &(0x7f0000000580)=""/176, 0xb0) (async)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', 0x0, 0x120020, &(0x7f0000000000)=ANY=[@ANYBLOB='defcontext', @ANYRESOCT]) (async)

543.630371ms ago: executing program 0 (id=1561):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='devices.list\x00', 0x275a, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000740)={0x30}, 0x30)
io_setup(0x7, &(0x7f0000000080)=<r2=>0x0)
clock_gettime(0x0, &(0x7f0000000140)) (async)
io_pgetevents(r2, 0x3, 0x3, &(0x7f00000000c0)=[{}, {}, {}], 0x0, 0x0) (async)
io_destroy(r2)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000100)={0x2})

538.078541ms ago: executing program 0 (id=1562):
getgroups(0x2, &(0x7f0000005e00)=[<r0=>0x0, <r1=>0x0])
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@broadcast, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x67, 0x0, 0xee01}, {0x20}, {0x0, 0x63c}, 0xc6, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x4d2, 0x32}, 0xa, @in6=@private0, 0x0, 0x2}}, 0xe8)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000140)=0xc)
getgroups(0x5, &(0x7f0000000180)=[r0, r1, r4, r1, r0])
sendmmsg$inet6(r3, &(0x7f0000000a80)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xe00}}], 0x1, 0x0)
dup2(r2, r3)
setregid(r1, r1)
r5 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = fcntl$getown(r5, 0x9)
syz_open_procfs(r6, &(0x7f00000000c0)='status\x00')
syz_usb_connect$uac1(0x2, 0xad, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010003000000106b1d010140000102030109029b00030156c0020904000000010100000a24010101bb02010211240602040503000a00080003000200050524050e0f0f2406020804020002000a000900040524040201092406050201060000092403030303050506090401002afb58ae256b74cbeaa3ae5a7cce38b200010200000904010101010200000905010920009301090725010003480f0904020000010200000904020101010200000905820920000d020407250126080300"], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0})
ioctl$ASHMEM_SET_SIZE(r5, 0x40087703, 0x9250)
r7 = socket(0x1e, 0x805, 0x0)
listen(r7, 0xffff)
connect$tipc(r7, &(0x7f0000000040)=@name={0x1e, 0x2, 0x2, {{0x41, 0x1}}}, 0x10)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r5, 0x0)

342.303674ms ago: executing program 2 (id=1563):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='freezer.parent_freezing\x00', 0x275a, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x20c01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040))
syz_usb_connect$uac1(0x0, 0xaa, &(0x7f00000003c0)=ANY=[@ANYRESDEC=r3], &(0x7f0000000900)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x300, 0x2, 0x7, 0xac, 0x40, 0x8}, 0x1c, &(0x7f0000000340)=ANY=[@ANYRESOCT=r1], 0x4, [{0x44, &(0x7f0000000a40)=@string={0x44, 0x3, "acf4eaef1ee3784dd4fdac00f0f2d19240c661dbecb700f2f11d4fcf08d71a3d1ca8ef720c95c8867019da2abcc80dc8c8354208df5a12a65d95b23fbba1b7c45f91"}}, {0xdb, &(0x7f0000000600)=@string={0xdb, 0x3, "df6fe674362734f1b117964aa1c08704ff07b36cb2f28b88826914621b00afd7695a7c3afbaec742a9a178f836596dac73074d2aad685333e6d0408d77970872f600ce447964fcfe2e5a69c2f9c953d2285df499fc1bb87b3ca3c548bf23fbd4df17215e11002630dcfb70902b2c4981a918f303f3227bd0a532770225e0d4d84decf45007ee17698734a76648bf5ee89eac90b7ab3067b13d32a2c0910e63d155bf8c03db7b338b32bf38d113601df7b369f47fab8d3adc2c02aec9a40f70e6f30f939e28aedbae09bb28a0d34d5ac64947f66c9d0cbf29d8"}}, {0xe6, &(0x7f0000000700)=@string={0xe6, 0x3, "caa6c3d0bd12bac842bd2e95ed072e3e0a1c3e302bd566276a30231cc7ee5979c8e8b7de2509bdbc140b81d47dec5731a0d2d78b72c0cc8ba6cc7dc49f66e67eac1f6eb65e2a91286d31368b67938f75af17788b7530b5525071d7fe986d2f4d5364fe139c79fa16934f7c94d274bed7103ef9ee6c86dc12733390ec298333b8b184037da1d59b0fa5c16168685f436fcda3971415c478a7fb7123db7f010014c108b0a355be5c61a4b207b4c84566c75f4d917faebf270271105f6e81c2fdbe4f654b3421cdb6dc68292769868fe686b53cce76a3c3d7306ef18791f4147928a08b6662"}}, {0x100, &(0x7f0000000800)=ANY=[@ANYRES8=r2]}]})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0xc003, 0x3, 0x5, 0x0, 0x4, 0x7, 0xd, 0xb9, 0x0, 0xe, 0x5, 0x204}, {0x804, 0x1, 0x4, 0x45, 0x7, 0xff, 0x2, 0xff, 0x0, 0x4, 0x4, 0x7b, 0x20c}, {0x1, 0x6, 0x18, 0x5, 0x80, 0xfd, 0x3, 0x2, 0x0, 0x70, 0x4, 0x7}], 0xfbffffff})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000980)={[0x5ffffffffff, 0x1000000003, 0x3, 0x43, 0x1fffffc, 0x4, 0x2004cb, 0x0, 0x21000000, 0x6703, 0x5, 0xffffffffffffffff, 0x200004, 0x1, 0x5], 0x4, 0x42})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28012, r5, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
fchmod(r0, 0x20049549e2a2d659)
r8 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY_LEVEL(r8, 0x0, 0x2, &(0x7f00000000c0)=0x5, 0x4)
getsockopt$WPAN_SECURITY_LEVEL(r8, 0x0, 0x2, 0x0, &(0x7f0000000040))
write$FUSE_GETXATTR(r0, &(0x7f0000000000)={0x18, 0xfffffffffffffffe, 0x0, {0x7}}, 0x28)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xfeb5, &(0x7f0000000180)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="a4000000f637dc59bbfb40724f8b3ba00176fa37b5010ef1e725300b5bdc690571a948c6", @ANYRES16=r0, @ANYBLOB="10002cbd7000fbdbdf254c0000005000a9004993527478347b7be4d1c31e4948ab4a137f2e2881ecf31bc1500bec47e03c860a1068b78b91fb4690427c3866a0cf51bb663a607cca6f9c58a2e0048dd2a5154516d681176e118875f9602d08000300000000000c00a70002000000000000000e9eca0000000a00a70004000000000000000e00a80066697273746e616d65000000"], 0xa4}, 0x1, 0x0, 0x0, 0x4000800}, 0x24004080)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="540100001000130726bd70040000000000000000000000000000000000000001ff0100000000000000000000000000014e220000000040000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414bb000000000000000000000000000000003200000000000000000000000000ffffac141400000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000006000000000000000000000000000000000000000000000000008000fcffffff000000000a000100210000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0004"], 0x154}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched_retired(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=@newtaction={0x44, 0x32, 0xc20bc6c7745b97d7, 0x70bd29, 0x25dfdbfc, {}, [{0x30, 0x1, [@m_ipt={0x2c, 0x1, 0x0, 0x0, {{0x6}, {0x4}, {0x4, 0x6, "6516855f934867c09382f6fc2ca3f9a7ebbe300b4232b920f4fb461b62cbbf9d357fabf46b113dee45e1e6d104ff656fcfb1fdad8ae2107855aa8db84cb973a68eef61f64d2adcfe0858f4efa4b1bfa617e5cffdcabf9c50d2348a3d4f1dd348843adbf7e0a3d102950cc31ec39a0a29126cbca1962a96d3c5ff9294ecf58566056c428f9c50"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x60006004}, 0x9080)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom0\x00', 0x0, 0x0)

222.791587ms ago: executing program 1 (id=1564):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x517102, 0x20)
r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000380)=ANY=[])
bind$bt_sco(r0, &(0x7f0000000340)={0x1f, @none}, 0x8)
setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000080), 0x2)
openat$dir(0xffffffffffffff9c, &(0x7f0000002a00)='./file0\x00', 0x40, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000041c0)={0x0, 0x2, 0x1, 0xfffffffffffffffc})
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$P9_RSETATTR(r1, &(0x7f00000002c0)={0x7, 0x1b, 0x1}, 0x7)
read$FUSE(r4, &(0x7f0000006300)={0x2020, 0x0, <r5=>0x0, <r6=>0x0}, 0x2020)
r7 = accept4$nfc_llcp(r2, 0x0, &(0x7f0000000140), 0x800)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r7, 0x8982, &(0x7f0000000280)={0x8, 'caif0\x00', {'veth1_to_bond\x00'}, 0x9})
write$FUSE_INIT(r4, &(0x7f0000000040)={0x50, 0x0, r5, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r2, &(0x7f00000042c0)={&(0x7f0000004200)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000004280)={&(0x7f0000004240)={0x14, 0x3, 0x2, 0x201, 0x0, 0x0, {0xa, 0x0, 0x2}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4044081}, 0x10)
syz_fuse_handle_req(r3, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000004300)={0x20, 0x0, 0x0, {0x0, 0x6}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
read$FUSE(r3, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0xa8002, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="81000000000000006b0000000000000008000000e4ffffff"])
syz_fuse_handle_req(r3, 0x0, 0x0, 0x0)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x20c01, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r11, 0x5000943f, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='net/nf_conntrack\x00')
pread64(r7, &(0x7f0000033240)=""/102389, 0x18ff5, 0xe)
syz_clone(0x9c140800, &(0x7f00000004c0)="e1f72377dab5c7135d5402706802257fdc975ff14820f7d97a61ecfb0048de98e5a5f10498728d8820bc88f6cc5c1b9fd93ccf2231a45a5d05912cac0147d216d0bf5b4afa6b2b531faa624d13549d338a8ca445757c56ca55b4c0e2a4165d7aa664d239edf5229bd231dc3844587fdf8f30e781737fd7766d6ba293dfe05f4e16554dadb657b2affb2dce78e2ba5e8e65dff5876ccc3fc49ec1880c404e34c66b322910aa0a4619afac2190e7999893111738c04b935fc4da238363d4cc35724c976b87a75cc776eefc2189d113f8e6e31fb9bc3b5afcc7819f44a2225d45d31433b76aa30cecc1401b0d6a3b439bc67d14ed6f7788611a5fe4e6d4fcc3ddbda4fb4331245a582534dcd54391cda6ac4a60725b5a295e045d2d7f6afa96f6e701eb041bd9e3212aa8cd388db6bb27b72ff8c01225482dcd5c373d619167011f1aad0b46b57a6822fef5265c3c08c08ecfbf1f1759f7219a98a2ef01fb9adc424ebbdf164fb2eaaad8a91a551a4ead829099579e0a490ca40f08d2d23f81ae26dca7f43db33236284bd7727b215b0d5a841d408346d697a0814ed0708194681f91c69d8950a65a0c47eaad208f7a3ee149dbde72c86ddfaa8739b4f5731b93b759b56286804e1da6a201a179493c0a7d1df46543d7bd9ad4ef2eccfd2a05f93d52b4c7327d8ffff0c7f4feb38744e8e1181778049a5f6070fee58423c04189096a5c10d07288a19a5d70253b1ee980e5963fc261983dc7c6a496745ba2bcbb0e0e02d9821de439138727a1eae954e782ea8ae5eec2c6dfa8386eaf05ae49c9fb2e4d410c573d0b8c16419a0a006d9ceb036a7dbd2b328fefc8439dbd8aeb6ba185f336facd210a7fef9a125704211ab9d9aeac2736478b650bc5a41b9ef8e69228829ef01197d22d6198ff9e2f5a208763acca25e20e8f3bb9788374c3f472dd19e0683aee7229b74be49be3c51ec7f3ab360c1306a770b0c008cc5237ecf4e5461b14cc68eb09b1db6372f84ef3fb22e74137d50558c58a124595805aa88b21d36ba11b9b896c9601bda7aeb888935e1c473b34febd549eb250013e02bb0a54134128220fe079101d20756cbd58d59b21a31d5b63d24c7bbde0d3f907545ccc7c02c669bd60b4b5c2c61f456e9aa29f2ec7be14dd1aabbbb2ccc9c3472e28fcb5a1f488fbae871fc346d9ea484a0f470f1bbcb894b8586a71fd1697cddd2a40e6479ba1188357c4cc9d872f8b3097b602f84e91242b2568ad6e040ceefa081ba5ddc9860b5871333244535bd6c5b0158be994c3393f652f659ef9910631793b356ff2809f4b308d31dfd4c07c8382419c39f7c231100cc25a3be5977da26016af8b4c5cc5f0514959db5de7a0e46f857f9eba1f16749019baad36b179fd19d8cadc7eeb073c80116285c0b7db6703103f14eee7f2332aeee4d22e284320a82525bad08cda59c99b88607190b8409d542ff2b4f090ee8a0049d116e888500f2e5083299daa8178ee7d5f5a1c3612d27ac0e2469d275834a3e48ec3494b67d7f453f5fa3ca4dc0a73afb17f5007300f40132ea68fe85b1f8605486a992bd15379a31fec2f403653b5da973835804ec2c17fa8a834dfdf49fc5a40f929eb463fa5b8db7b6b755e3ead8f4e59ed61d57df3a68acc8b4deb00aaa2e14901a4a0c1de63ccf6ec0144cc7b7000a9f9fea21c7da6b22c1db22f3bf9d1cf9c5eabe8250834d334c4e33c8ffc5c6c92eab8975b3ac45bb282a351565d0efef6fce0877797081d8ecbb7e9a2f1b1b94c650c9a847d84940161f997783989e6f983ab4d441df0a74fdd5a1beb76d280b5f4470a14535b32cdd7334b098aa355b2a87dad26e36f44be1cdc9aa06664bbca65dc8373f77088592ff66f0c8b3412e0b4c5c133a6e562fde12793ee36618b3d7bd2dfc6f43c8e2af8f9f87abcc4b1ef810c128523813b51b56f626c3ca77bb527f2006c751cc17b50018db21096ae904089dc1b3fc34612669493950cc27a8667c48ee56d6d76f058852119f1795811a11c89d233959b13c73ad50bc4f07bcc924cb3e7d1fa1f858aa45aaf3d79879776d728e302c5415444a10af3079758fe288f429e2800826458f008a53d6b617981e4c1b300178ee2beda158588a1615accc2909d02809de1c80a1c180790aa4a539685d5baec7714a1ac2925a9185ea776072d8fe156e86980ee66dd45b1b8173296a821c3dfa78e93c885946365013d528cec33a6812963d4916cb35a149a6d4462f65b3ed3ef73616b76806e10f4c9bc1cc8d273bad44af0155282d2088fb3809c7b04ebae0c1a0451c394031d3542a8c2aa66b515352ce2a4fa62b50ebe643e78022fbdf9465f25d17a7c2f70f1cac7525c56dc220ae439bec936799b86c4d2ce9c83396367b295359095c9a3f8a919d22cc9e6613b2afc23595b100d5a15f8649f2d8bf1e64ec6c1f7108ad4b2bc17c49ae963ab6e763324ea064e489081ea6ecee857047beedab62fb6348bc44fdb5761b55a8be31a2fa9dbbf286aeb63fe6d836f00cf7689e20dd698890739a448f6b3037c6c1995c7d1e723f679b5bc535f2d35c4b48bad4cbd7e633ab244a2d0caf2e2e61f912932e41ee3a2625bfd1dda04843bc310f51abd335e641361ff79dfe773e0d2d5506cf9e3af0a550978740961e5c21a09b1a40b00c95453bd83fb8bb0cf601e7be44e505b4d3858cfddbf56e88ed6f9d452097c4460c671d92340c1ecf99f4652755594dd05b04150a68f8886023b3e20ec0ccdad009705d80196b19490bfc78d60ac8eaf4d597a937ab62c584f4b22b3f19a5e8f96038cc38207f8d115494d6c3650537308a63865f246f4e0daadaabdd50bc7baf6c9c8cef74578543c56cef4d474fcd0212f8d9d666b6529954af69eab5404b49fafa4377dafb25555691f54012d3cbc1411109eaf7c71d9b5c9bec15e36d1c5efba4f77dd4c96fe55364719e39d5563bbce9c2bc587927ef2fa74015004476aa78404bc28c0ae770604d8a4d8ff36d63aee0f5db496ffb5a16057e777fd961e8dc868fc807fa299423cab838a9f0be9457a0d6bf01aa3ad73ae07ad0facd4e4beb23a95226aab898e0f005da8e375309e7461de1e86361d2acd8eb9b4e1cb154c15a40b0cc2585af9bc0f8810015e4f800827b9599d12b6803fcce192b26f22b36a8ebd3c3c60930d65814e959594c045a5c1f001fb09288f0e90ac9108cacfa27898032c45a24abcfcb78ef694d4fd34914f8ca0c5e2fb8d9fbe808a09059199c42837b738972f0ff686219aceae60c5ad0ab92fe24fe0e046506e1ac3254c47e8c3cdb674165b3d603834f58320d813374ad0614c1a7e5559b235f49acc0b984793ec061ce847d87ede8e31f9df0692126f67bb95431e77d57b6287e5d6ce5f4227b4a6aa4903310e7aecaf48e5b915067d254fdfacd85df7c758d0481d6e24f7bfaf3bbb0c8693923f31dff4cbb786210d37b3fc6e30c55220f5776616d395b2d56058fd6eaafefda3df26adc57b20a11e1d7f16243d1d14c5c12c1c0127a4d3c6abb4e44ee1169ebbb030e20dbc5b0b3a6b7c9224ee690739d35712daf587b77fe530c2e703c8d561050126e5cf7fe4c93e93b5cca486fa1ca49ac441d495396a5023525a72ba552d1e2d18b952ea1458a2ede391e77a31aa77bbf95e446451708dc128b364292db286be6e362df3804db613aa54f008e71e0d3fbc3d17a1dc064116daa157d5234e86aaf16aee3b25e4f9576c467e91ce1c89e336ae7fb63649ed176eea9888972a7d90c4a2eae06fe1d7301884ffccefcfd823800ed473647e5b72e5dd020ea511abf626abd93cc1238536cd39ff8008949035275e723b8bdd36f7627474359ef7f8f5ad3c51c2a4108af757b30f0a55e41adcbccc5343899e9f9c22b06779c9985061380547a2b13eb7c55891c18f1e4cca5d04c7cc6f95a15dd6281bb3fe6a64e2b7cd427869e8969d6b67e012d1578e16e7cd3c32e424efd601eb10c66096832ca5f914c1ddbcf3c3ee3508dab18737c0d09d3a6cbd79d194df4e779e4cfc803f0d50baa3ea25417188ca504273b9da448e883ed9a68c837afbb5f511edc07615a114b972a8f069a707f8d52ff693a4d890af8204b2635d9b32ef9b557518efb7589196732cc1f078d0674ecbdfd8064540b511e9d3a33c974c4773c1600523c55b4358210bbe35e0a78c64335bc0da0546c3324320cfad2aa21f15127d5e96c589152ef084abf299cc3b80eb4ab0007edecc7c9b94ea59b634415ae41e84429463c176e15ac1afed7e49fa0e5e412169987ea62a3f62617a73d1de2554cf4f2bbe28bb4ded7dcd555a4458e1051e60db48cea1d72b3f49ee9bda11de0f7436b4c3ad485cd303416fed25282eda2657b048a621b895a468a7a83d161f796c3767a3dd599678f8e44d26043ce0a685d0d852e745415a690b723470ce1817d5bfdb6b7458bdbe70ca162fc75a7b0c096410d9e2e94fab13418cf9616b908424b1d1f04a026d180b064b7fc3d616871f8fabb1b6d6fac49c4eb1a083cb78f9915fc5b377e30569205a5042a0377ca97e126381995af9fe11ff4cba49e43956a94785f6b1b16d6804c90496e89da6e19ae87afb3794e427ce990a07b6d40883752e904380b65c0b75c189ceb94127d4ee5d65147196ea45d81c21d35c4b08b36fed188f4358e2eb62e79848add05f2de85f85531c9bf7d8cbb3c5b7ceb98d7ffd1755898520637c3bca41464eea1c34f48f137190008ce672a2de919d8ca2f77376b8e84eeec36ad35b2d003afea63dc537946c6aaac92b1955ba7642b73a4b0a6888a59460af2af10677d914829f70a6eba7a9a7a73ce2ad46cc023f8dbb118f360a09eda4c60c9ed62fc1023b1d17bbe4826e2bb6bfe6ea9fe599f6622312085f9dfb6b5ac020060dd77cf1c63f32d3d6ee4ef1508a91ec9b550637b2243c1f93b4773b0b03ea67b807459078dbcdfb82d83479b564d1c6a0fcf4313e12bed151400b92abc0a6174669715582b3e089ba6f4654698900480c0dd0417ba12cf8b3b8a96d93a1a87bb9c4ae388fa7c98e7533dbc18678b2988c89b85dbf4dbec4aee99a810d20a3cb647f0037ba043e7f7cf5210621b44ed5f1fe83a03308a07788f2d5e7715a4d955f21278babebe419dc0f378e792d25cb4ecfffde6053758cf1f5bd27b89746f86fafffcf23bd59abe6b156476b8bef74dfa251ebf39113a65baf54f1047b3f241d33f22b6d68e169407fb12aa6396b74467f6cd821b58a4f238860c8c12fb7cb38c5ead5d708a9e3e0b18541adb4292b7842474a0ade14f1af4162a6af0efa5c03ca1d60b2be2ea1306c96608ab7162bf3b268b020fcff7fcd722236e7ce6fd81120c0cb48c6324e7c02f6e18d705cf4c9e7ed3dcd7b453f4e6ee6295ad3aa5a994fae08bd24203f5b3452046791b3a8c7740d9271e65010136ce48d2fef7d7c9d23725504a0e8a63eaa212f6534ee3dd66b36d5403d796d10bf75d8622d290f5fc0b8c4c808f7fddd9d646bd1b7336ab6337d73945e5bd1316c528f71658f0d64967cd03e8d3cd5114412581f9163fabd267db85ca2ba7001703676abe7c7b9b525f13b072786a2bacc3f547deaede202afd17fcd64db582128ce9fee100dc6a146ba6b7e5e7ac1e38ff20a91ed490c86ae07a1102213116b8645e5f0d7a530a35256c9e97a84ff9958e909e292bc4129050aab1bc44d65ac395a3b279655ed5bb5b4a4cd38b8e4013c9ed9f6cdb80ebeaa1623ee5ace91ec786e50a1ad766acc45d9b37cff4e1b", 0x1000, &(0x7f0000000100), &(0x7f0000000180), &(0x7f00000014c0)="ecc045b09f86602dfa44b3f3d3705d0751f86caf0c04856d3fe1d3e947e69af101b51e799255b168c37139e64a3cccef0c4c35a647c1b88921c633dc5614df616275361d30023366f400aab6860af70d7a32ed2e646b0d1a5decd0050d2ed80824fe1c971cf33b1efc51eabeacc51f78c35cc77abe5e37bd9b2136652376582bf9bcb8b838c62544a89e0e958fb4b0afcb7f4d032a3a7c6ab27eb76759b747cc14dc5b96a0251abff4ea6bb7a0b7aaa2d8e5b8bc857d2b5f6acef9c2c2cdb071df4b85d2f43d4a5bfd21dfafed49ee8422b6d9741b307814fd2d8de45d640074920a9c6cc88ed5595887db6c61045f08ae99f0d4a880ee2c973eae4271b91b05cbd9efac138fe39291f1fd5c90420f45ae48c410cdff381e5c9c74208a34fa141d7dec1e17bc25826cbeae450b7ecd6861d9c73e395d9d779a11ee3cdc2bc93c4c01151c94848e34ce6114a1c2806eb20cbd0e85cb38c05886335cdf088a7189c022f9613cf6ddf36b6e003ce99a5dc885a09c3f0a72f7dc06a29095dfdb2b5466003333b0949e74360832f6dbfbd88555081c7970fd8e2d3ba67babf9fb8667e2353680819dcfdbc584af24bae928ad5c2140f2127064a7fbc9fcb0c9f9d73b05d2a3de3a3edacd1adacf6af9387898389901abc32f4571e19fdbacee42c7d97204b988459afeddef564fb6b3fd52118259ace326340d33d3196b6a5e6c964d51bb1f9edc4a91103fa9aa358856a9f2abfb7c4203dd785e16918a55469a25a102ef72c91a791bfd6cc149ae7bc55b916a0bd8a2d2bc8a5d3a51bfeae4e4759b206f9771555d4bf8462cfe66aa2dcd77b3b7cd5af548018e82ea8fb101f9345a73526dae0c2c66bb9c3a27304f6692c3812cd20565c2641cd53e574723838c5e7ea41a2e94bbdabb4e3f88dad1accb37a09ba77af4691dc03b69e5880abb5d3bfb8b264c7ca363832ee65c02b6f108009ad0649aec8fb82cc89689bd5293f14dab79b95de54e8e60f9e687a975e8719a98cd4c623d72fb76ef5140f2e051637255f1513a71e873ed10ef356a609ff19358bf08e3c3c205b15ba7bea86dfaca67edddef4d0940f3011d3fd00b22090e6f330977a51c07a9fbdf396b6c0239c8893e30cd70804d39757ff640789f341f4858dc638dfa928d182afaa6a6127b3aee9c0777a030a715e2e416bd21ef44ed2334104340f24389e336f56f6f1fc6329850a263e0ead9da9380804720f4103fe2a337623aad454ac258115ab1644a7baf406e4aeac28a44d1da848463c6f0ebed3845e2548b323375cd3c7c65069be81838b6b83bff839dec21500ba709796e69f80911f1843cfce9b78ac6658d277ac9239331a191ca82239bc8d37257af5b77ee47b8c3cfdd2a9403897b6785a03cd89acb00fdf6dbe7327e21471ceeb8d7b87b716bc1370016af938c9b2f65e706d4c98f408a81929eca350bcb789296a826892ecf01be6de8efcb1aef9905f9441441d6e8b1e4f6d4c4d5aea365a47bd1012240db91a0c5bf1a155aa22fba670d914d1165a928f96f7c6f79b059a4658cbc4748ea9ed43ddae9fc4f811c8e86913ede54af208a8354c88ce02af7c5c9b8dd94cce467be6337f1240bd68dba19b242d115017cb4c942b783a1bfd576bfdbe6ba18101da64de87f229a6f68483b8b0c5dd0b638b1d72a79a1cba22792d4129bcf0510ae84011220d7b1010ca13dd4e1bc65b81e1eeaf79823deba16cc1febfcf6f5999663f5e75862f310f6f6e40ed91b08764d7eaa9979d48b644d1350d8dd734146f467149c229b63aa52d74bf4d244a1bde7659b834495f08f51206ee7a1a42d292c1939bf6660bec81d0c84e3539f428bb5504dcde2d553c365827693dde18e382524df6cc41516a183b708ee27f2747a4d7a14b2d00a4bc503ceacfa665155f4286c2daacb242d221e546ecc7a9a3695f3dfc83ff828cc5ba3259cf5c44855facb27347e3302f84c2d308e53f70e623d65b5f7d8b7e7658375c2da610a1e35a3fb0f41e26cb12a48d151b1ae77ed32b940c4bb2fcc95e0bc5fad355ec01ca110a87b3aba606e103ac2edc46d623e33e6fb875e9492a11ed1f61de12077181ea0656368ad50a97e901f6048ce2c6a40e05c21a8c6c1dde656d7e6e2d1461efe5c017fb21f66b551f16ae8fc6811932c7d46780501be72a70bb4cb45b5ecdc5693422362843bcf5c561c799a370b34d5cfbbf69c5d5a2f333120cd67fbd19b58055b937ae2d06c51ba4806bf4e2da9e28c2f010b11ebe55d32903c8ec169985e35b24d90c3455da57a2bead581c4f591e075bb0af7dfd6efa6b5b4fc9455a869385460c8b70b131866609c6ab1379b3007dec2fbf854e2a55df1a9028f7538eaf3dd2a7412ee118a943eddd06caf1b83dfcbf57fbe51e66283ec37de6df5c0d8d18e7e9fa42c1c16fc4ae53e733d15cbc19a2bd00347419908008ca6a2012f239aa45ebf4fb99e77ac8c0fd023f18d1a9b542fa52031f1695407df3c2e89457a5e86a90928e85c4d4f9e1272ee2e16d5360dd9a92bc1315879833efa983716a4da01478a25d86f74b3adf1a02671529474b12d1bfaa81a8a72223b64962d01ce6c32b1ddf5bf4d3f292704db4117d911a684052cf3b75cd09ece99de9dc26fefd6f3449d2dad4f90b00adc3060060a55459b4dd1d55936ecf79a99d27625f21fbdf9af7a71589e9e0db239984f3498341f89a12eaa8d5ed77de9d7304893c6d4552bbe2fc00e6a842914fa972982eab3376df2dd451c39d78d62ead836bd0410ac4cf89f4ae27f0980d75a0458072c56cbb056be97cdf878ba22e7db02bc920f97e8ceaa03053f8ec6398edf9eb1636c884f9c3776371e21ec6f6671da41273015ab951112d15b393aa6b88db41bbcfebb2242d9d6bdc818acfcd371330acf277eb148940a9ad26b1b6648ac5dd66afd9f6260db1dc7f7406ad18e12183f90f2fad71ada6ba427aaa9d36a0a91006ee12a8ddb779fd2a6a4161009d5225f15361325362592a9084e3b86ca01ef30efec364ff8455ba0545b447c4f911d3c5d9d9869fdd20ca4b58c087035d0deaafbc1dbb4950cd5a08bd0bedb1a356aea8d9d90b30383ff16de192084a9265ef17552035636d01aa56b9d1465a3bb00c2e0206585feb623a2c2b40278376c9c2c4ee4856757f07f21d225be35d3ef59017165aa2c780ec9aae65fd9578d98139eec9aed59e4c7fee6ab9c7f6f3b1d55d69b574ab3c4ae2588c1b260ca3fd321f6c506fc0b2a5463f834de257284268274f48d8d3ac1e605f2d4c562923b47ae48d690c1aa814cdb4c33da6ba70debad8cfa05a2fd22b095bb3ea4cc7aa1b203a5592b47297d3a0b5d0d7cb1890f9994d67bcc68d3960360fc1ff5422983f80339354b43eccf61e6c30281d27a81623906d5c9ee7dd91e1eca150808361c76036fd0d14ec584f87b272e28af43d5ccfedf7867f48c928acb23e0b5f7c2b65b4c44fc332195dff73a5ce67ce8b96246e9cde14b4547f4647e6a361ca7f09603c20a1825bbb357d310598fba4e9b4aad918e4c0cde35e2c8481ebfe0d8f8ce2323f23690ee4b5a229b28826349b187d62bd97242c6ac88a4d5696bd4b1790665a03f89d3c53d900acb5f604e154ba2769025067153f4aa7536e202b4b67f76dd2dafcbbf3ee3f859b4fe6b8fe8496d3d0441586e78905485511adafa13f986ab9c11f982553e3498e7b3dd2b1332ec7bf42bd66fd6dd3b8f0c679648236a16c4b450d536efaaac6cc12915ccf2169ab603d361b3fd8c81dafcb92f1de81a26de39a403742c4f59f7e5160a7fd9974834b59462cba9689ff09da3d1d8fb1a4e66cc6cc1a2f5cf03325d71c7f6c60198d9ba627a0f5958bb72a143aa2203b2bb5277d8ba179b3d8d4f05d2c57b98f782b3401fa8b08fb9866377c6e5972a846c28588d4f27c17441b769d4ee7ebbf22d380eb18fc644f2cf59397942a2e7f2d7e5c8a02b7598fc7ca34a41067f3954350727805fef59c3f3b3ac8d1362c74cb73fa2df0a8cd9aae52a960808c1ea896fd0de9f1475ecb6f1c2049a5e45e675e280dcf0db45c75d57526cfdb759694f17db813768443619ec5a21a9663df552060d72b931d37a01319e884046bcbba7909939a8de6271b090b25f96ef775e2d5e49ffd964225e7fd85d2630939ac4f506d46b33a9a5724effeeb223bad7fa7b4a4cda0fbfaaf426a3ab4eab2083610bb3e23d483829768cd3642f7c670a1f49f99c13f0aebefc29baa136a3c57c9c8415f4594ca2a995755cac1a1adbceb2b46d862311f1f77514b2028ba6ee95db00506a08d1f544b353ff0cda498ae640724d7a7c0ae4b15b23ea0ab620f62a5b4a38c1b3aaec70bd8c61fa0d805dae6fd058f8123fa61ba2b096040c3b4762fe11fa49ceefebe9c1bb722d4855e8e0b9b8ad93c2143002c146d98deb86fea7f66d4c0d5a4e32a2f150012dbbd7d169d370b4b71a0a0b2d81c624b8ba81f87b8898c99633782a84c8257668808af5fc3c3184be4804681c456a0a45b0cb25d7c1cc6b628a5748ddb3b2052a77002aa7944aa0a2e564b6ffe4a6e7e7a28f4ecd0ae7f63e77b17e96872fb6af12e4f443ed77cf6832127f28d322f8948e44495920bafffd6f74a4ab4b7d03b65b65c0ad97c3624e985dc0cef8ee6c41c22499b566fbe8231a86dc9a5f15044fa55c7feaaf29671dd6c974ea13b7865c7ea24050e8d84b08dcf7193e0916958b4d6042f9dd169daf9a6dc187ae4adc66cdd3fcf5a6f2849817baf035d528130ecaf2d372e76a3a52d61d16ad5d0273dc0237d3a4d3e7f0bb4452da74f591a013062d28e699ce5314ae85c3cb9f6ef34b6ec2570bbe0977dc387af964f07579d046cde4bfc73fd76b763e04032fad4f0c71894cdf86ab01635d5c7954d3372c0edf0e100b4da34d4753669d0f3a0a0572272f5a94f6ab2622da4da9ec19d101089008cd442010f468f7a984f997b9cd3eef58a1afea7d1108111074f0d864d5582a7dbba7867f04fed6d397022b23da2ae6eeff84a39d97cd814203331cf8dd1e647cfc9430b047c332da31d1c102c152fbc5e0e0f5620ba4650ff3ea76e61bb5d9e5ac5f99e1745ff88ab61567c3b8cb2e12dcdf7df20bf6fb3c1757fc0af7f680a8a1aea91378a8a909b16649872a9eb4b887af7337d54324cb61c9005d0f4e258c1d141620616dc528033697df9b5633fd588430d19006be9bf68158006801cccc71c7db1601891cde959c148779860c8d30e2d0c288a55b6227c5bfa1da986259690697333ec4788d5f3b9badc41795ddb5067999b1a79586098f603b38c049f9992e05ab63412de57a2ab23d89bb8a898355dce9a728e1222e4c1e0d214ec9e455dde06f3c590d792dba5ae3a9852350557d74f2e28e561eb14ab4314e522b119593cf433f7c323841e7da03e07faeb34a067b27eebf74b170b90077b2d437ef08cd58c5ca3eb7e537c60d6f7aa9f9223fcd1a99dfe4d39c3601926b7a1331eec073a2e041a454bc0b0f46694bb91b1a5d07a99237932f86a4117b4ed7d0fb33a236d9da55ac0d98b6758187ba8ef065dc05ed61293e65de670d4d2d6ae8b775f6359bce812a748022a4cc346735d5c8c117b960af19440c146ac528954378e000174d0b155fc3710f85c8327dddcf36fd3ded87ee8216530254cc3cc0cb45bdc44fd5ccad5f2c5951a8fd5487a683a00457377d879bbb264a6ba02c0dcf896f484b95b4551d66e5265dfa6e1a92d715c4db88e2d399b687ce00f187f18994335ca220c13935f5f3")
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs2\x00', &(0x7f0000004340), 0x1000900, &(0x7f0000000300)=ANY=[@ANYRES32=r5, @ANYRES64=r6])

222.106317ms ago: executing program 1 (id=1565):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x48081, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000580)="55dd"})

221.818087ms ago: executing program 1 (id=1566):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000640)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r4, &(0x7f0000000440)=@file={0x1, './file1\x00'}, 0x6e)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000280)={@ptr={0x73682a85, 0x0, 0x0, 0x0, 0x0, 0x80000000004}, @fd={0x66642a85, 0x0, r2}, @flat=@weak_handle={0x77682a85, 0x1, 0x2}}, &(0x7f0000000240)={0x0, 0x28, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})

221.065557ms ago: executing program 1 (id=1567):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0xc1f, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c1ae2008448e5750c3a3d5733b4a2486788550e6353e9b12cc09750d5b9dcd2aedba61d0520e99a51e880d3dd78a2b502029deac1860cf50885f8bf5119491c6b1e06492e98ca64e5e32afbb3b0630cb35b58640afc2188a232f77968c18d2d0e8f91c974edcb3198b4520f530acacb12017216338cc479de3651e8f15f1672397c730e3ca2a189ca4cc85f35dd46aeb67b6a2eb7268a653b190d8ba670490d50f761c1fa25f1954d8fe6bcb15dbc23698c945262b991e6245b9a25b12b13c87bf8a8a06f51784007abd06e01a0c03ee80b236fabb5b22ce797c4d8a739ac96dcf16c93f454463d3631c4cdd2dea6732a486015dc9937ee4e6efbfff46bdd8887094ca4bd94d995f411421c7ef07f949fcc10132f58b7c99a871780d92464594c930b80596baab77b0d68a05d71ca8a1888f3128f12aebac362c4d80870ab3d9f2e77d51f9af16472faff98dda1e0133c8bc2510345d5eb1d64bce64761f4cc39ac6655902338bf1335dc55393995af4447ed1aa4c50bfacd576842560abca3e6c74dcea6dd03d36f9e7f8bda2cf33e3b7da195fba79f5a60421e19910f1fef31b9fa52064ce9ee8c415746a3cab47a8ad8477e9f21e9ee804a85dc568439b95c01bbbc3fa16a8c26bd81b01b8849795b2370f591e2a8e175cd465a600a541839bc734271b4b3afb2303dc1cf12bee00080ad10658c97672ad023e89f23d9301b5dbf1a7ba6d6c2b8dbd300f05f36a095f188b56fd3ba8e871aaf22e2128696e7232cb22f4f5404a3d1256a11665caaead326faad340031cafb99edbceba7bac44c7d2720aedba9cb708dae55b192a1e31835fae8756f062c151f6778b1d93c2d1f8b479ae9bbe1255abcef9beaa95b558fbbc9a979d46580aa85b10f160b438bea64f23b8e605ce34d2b46bbf8bfbfa683b10f55b3d30c58675dd1a524495e5d42c7d02dc60b853e8b3ed2caf41cd24a8a1d044e27d48b2184bac00730f7c20a1ba2bb6b6a5381a3d359d8e721504bbbce18ee49031b48c278a5730f31fb83f6cf32ac98326b722d3e2d7b38a7b80b94a3eb2b69fb1aefc8c0bbe431191f0ed76141a8365621e4f7118dd4465b4642bdb0af21d30c8cfb1d5201852c0428b1983d91f706e814c1395888b1c2a3516ea20a93d868e27c3c9b68a9cda4befc389b57661a4ff37137628ec96bcb625fd10324625ac1589c2918c66f811a323a19ab30bcf28fc20b64176e319d58f74578093e32ba9f51b255693dda9514ff43f6ef6010143554305073e94be322daa024cb7efcf405ea4924bfa72633b766365fee1d59d1a94717450657ff3b72853785e91f94ca1502b129eafa718633bec1557fb1e0ae2887e6e8c0fdd9f3f99de03c0af7364781766520d90c15b0e2a4c43613089dbecc4dd68be74204809f0270370097642d54388ccbb54b58be8b5796eac48ef5f17752eaa7301f075faee593aae71ee0e0ca1f45a22e7cede3597f14a344796ceec33e98b3b89e031c0d757e83d5093322d9afc9898f80b2e9bb17bc8b2b164d048c1b912f6cd92979df629efcb94968cca6e65b9b078677698fa4937a2ec23edd00971a5505ecc65fe150d3d00a34e52cc64951937fc79014b0df8d2c9c35f06209f45556278fa7ecfc70a92eca165bbd493686fb4c0cd607cec994657149a61da2e09414944c557be54908197724174247194d435b25bf78ec4cc164a574662eb4d1e4d784a6ea0c71dd1a16e53a7b8a27fcec679346afe90a05e06b276fe972d5e1d3486e0452d0a9a1636ab9c517f371a0592ef34513a9a4e961cd"})
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x48000)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=ANY=[@ANYBLOB="a0000000210001000000000000000000fc0200000000000000000000000000006401010200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000050001100ac1414aa0000000000000000000004007f000001000000000000000000000000fe880000000000000000000000000101fe8000000000000000000000000000aa3c040000020000000a"], 0xa0}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

211.631367ms ago: executing program 1 (id=1568):
r0 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000240)={'fscrypt:', @desc3}, &(0x7f0000001580)={0x0, "e5cf9087c0bc4eecd575619bf7fe717b09a75040d67944bdf74658aa573ec7ec5fd9ecb3bf2ad2cceb6d2f7879709ab2db2fcfa073f7ab9055774346282c82cc", 0x17}, 0x48, 0xfffffffffffffffb)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
keyctl$update(0x2, r0, &(0x7f0000001600)='a`h', 0x3)
ioprio_set$uid(0x3, 0x0, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f0000000340)={{'\x00', 0x3}, {0xf6}, 0x0, 0x0, 0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)="c279e1311d18f3cd98678c89eabff28d49450392050b129a788c1cfc136ba236e6a3f5554b0e8e8331420bf6baace2b1a49071efb6a4e476882936daf9da2c4237559e40482136cf449e06d3ca8d2ce2dd8ae0d05d7941f347d8951ced322301e7c21401dbd34d66f6fb3f9af59a78f2a1ffb65033f08fbe58540eb6d7884d0590576cba2238d5d1a24a928106842af17b0b09990ac66be6ce2b5361c56965f7e3445a35", 0xa4, 0x0, &(0x7f0000003680)={0x2, 0x100d, {0x1, 0xc, 0x0, "", 0x1000, "c8687aa6ea2edfa05fa8a7711274c534dc6c15541012fcdf66d44461e09249b4a40cca37ab05865696139d60ac978525923ed9999e2aec3108bc4d7a02c9f3860275cdce4ea75a430d8831f8fafd64cdefa8517c1790833519f94a4da79e1c4b34706750ffb23cf522de6930f1618b760022213758127d69c08bc16ba6b9e90926d219d9b3c7bb6b9f906077bc07b5631b872d46f38784efa187d2d6857189a4874beabc38f628b39d675aacb342a4066d339aa500e24f67e54ee83146c6f348934e4643a3311ec54bee0a2cbd98f8afbbd27f2244c94e1c0af39fe4f340bc904b9c9e696f2f5dcbca3f33cd42cc8a3e7a563b99d4b2d80546ace7ba7f6ecd8b8ebe543d2aa36464cd07773162d12eb29545d55bf2bef288361739596645317e15ed3c6dda271eefe393f10a7c70d6107a677a35a55b2f2008f920ead02dc8629451b00ba25e6bdb52131f51121b8bd84f55b2afd838a8039c0f7dfc44bf8fd38e383c1dcd61ea30385f53eb3387cd786bdc6117b936be5a78438a29bc26654ecf1ecfa612a71e0b5f3803e5b6b449fd3d6ef6684b7e72c8c0bf5b60d201c9aa91e560a6df827d911a7843bfa556989f05d90d639d691441a76affc1393d2c63f8fa7ddfa992e85b7a80c6744e43d95febc935e939f87c2c54cf204d37b352a5926d7710943380f300807cc81bcd3997bd8dd3f407af777e029983d2d41596186a5d33c679a40f51463af3bf4f9c5c00af8fa516512b7f38b233fd7370fcc6c92a88e7d41242f2e217f56f8d671d1dbacc1b7d94d9944a57c4b5353c9dfe765a3a6be2863e3e65f68cefc74b3e32f231c78c34f566d86dc29ab7327a74b5755340cafc9cdeb7d808ac44808f700af46c40a38d4d2fca4150057dc1337e7c3c718535130d1c3f8d546e15a336c0414cf88da9b76ed0fed827c7adb306afaa3a4b730b3d4410a6c28050f2b8565e36cfb853e362783663b8978b64c5ea5dc1a1cc0f6d290d16da5f361f109af123c5b42d861a32d5f226fca8e73beb6d2e384c003205a3e8b1f4641cbdb546dc54ed176e2cbfb46a971823227ad357023aa572c0e2a8490cea306314e65c453714781c044c050333a8c90cf4a02f6c3a8643e4f04ef6d348476ff1cb27bc5fbb0b69ac829caaaa2b9e605ffcd6b6da62cd24ae68566b84ecc336601496f8837708273cf1b07604b7381644aca273a947ba0cbd81ef1bc95e99cb3c3ac912e9944ba3670b991625ee5bd03f0f1fe59de7d5a2880a597c1167754eb925e4f6873da4548cb6d9ff6ab9684b60964e8e00746488a4e04a3eb559cd3cda2b3ae7fec5213a828aa125bb157db9aa5e8fcdeefd16ed095df0900030da2193f1f6de50f9722a3a0ca87184e344d435d77aaa3a57188913834b56c0447c10325be0ea21a1217836896f286dee6624bc24dc191518dd1d97a9538d6593ed15aa3d9bbe92fc58d244789af00be775ff710a7fe61e7e7440dc14ffc9e4acc69024867467a3bb7d60a2cfba84e00c41c49c459a4709976e5d0e3ef013bb3e5f1f54607d537ff53007bb6bf6295f8b9c3bb563ad1aca578d9f40a74ee43c7d5b48688be79633f9e3160c6c1094321a8a1903ee6ec7855991126c929381ea37314db356048f720504f25c5425d611eafcc0a57eda1932243c1aaec721bc85a9f8ce42ec8516d93ea656b96c6c7e341b323afe74e26d61737a968ec3559dc299cc55c156a20f5d5f070b5a49017ddd30fa1b72986eb712ce76af9bbf42bc7ea023d229a3ed1ee0fa986481a12d02c491435538f90993f0d04b5cc4a995ac6d7d9429a40d17956f734eacd5ea8cb5059cf6a6ac35a261a8f0befa9f54e5c3fd22c2d536911b1ad74243286d622e319ed7d3c2390cc15fd4d2f3c960d4d55d6c9100a5e059fae0245e8485cb3afda47e53578242cf34d455b99aa3c89d1440354abb004f9bbff351dfcfa9a38cac5118e547673d08ba53d1ba3cc8075b63e4dd7a8a7be42aabce8290c23e94083d3eac89989149890ddef14029b25ab3c0a9c3d4205dd43b765d913a4c780c5f3d2673bec03c7be5602f5d934a64d7a98736ddcee76e75c887cb02ad16e2a228d97a8c1d6a0c64e13b40f632019015b3c612e4537eb440568ff5f5b622026575bfad76e7ec83697831ed9244833d45cbe0e25c92ce1d8072e10759120acee765cf50c1eb363e8733db05928661580ac57b8de5e0be8998a214f25a1a1af80748c66aa742f7f7adb03b5671efcb57acb9b8ef761ae7051e19f7e301f64b2953cffd424cd3b5bdcabd7310f9017b1c2e1fc763376b6802c0dd8dc7d1ae8cdf1b628d2028ab492d0bcf81dd71c620abbea25691fede766ceeb2705e0e4e1ade98c1df43f01e3e27c17f72b565f1eed07c851bf87d0ba9ecf1c6dc8cd32247e41e51dd1f35600fd6c0825541b41eda8d205a437aa4cf0628c8627b942841aa57d1e83dba5068e8ea5de48f0c2594bf837535a9c4b1be6a1e636970ae45fb245ee53a8ad7fde11324321b70c11a31d1d0ca873145566eb62e6fee8e0b2c399b3da9b24a15fe8ecccc9262e0427ad3a999913c0391ea8e40f8952a4339659991bba20b4358bde0fc3022065a27c0d0c9b6b74a04440bca15209b9acf1c500a544cf9dabb7d80b96f20ff27ade8b34d530fd3e97b6ac0e1fc59cbe152e28448ae5107bbd5cd002d121437623f35b78fa82b3301268b42ea8180bf26e9591fb5ee8d0decd4f468d1a1af78b012443001187ab26d1f4cd4f1c41f81bb609613ea76ba0b7a299a4bd48eebbc259b32456ec50f8233911369f1605f718076a72084c87d1accac5b60eb37443182b54d4e640ab1b234cd1b34dbe3cd1509b2119de7d2548bb274564d4a4fb3a8704762ee6eae7f11a5e44eac1d3ee85fa97901fc67aadd2f08aea50316aa3114cf1dec9f779d73e631e827e4e5fd42951a2ee2ef91b64bc16bb690ae559ba5d9d16a3a6b672aa76e681e28ac3c943c86b1fc4fdde2d32f2b77f77a2cf74d7e98cd886161d4479918dabd180f4ed7f093e02f06fabe1b3a75a2393d55f71f848da6e7e469e5a0b8178248bbadbeb7aab74c559950d188b073f96bcdcd39e22e31fa7d5b49eb0c9b47c6dc4a0f50d7c0c97093133b7b2b6c4ab0b06b2089ae8edcf4cc59988f07a5dad3dd6105b4d64ec949ed6de0d24de1710f53babfb31e6b2ff35ee86d402f8620705daa3ad65725f6a1e1c49c6942a2739277bd397302a44c87be18028cb84ed9a7abf162f637417a85fd1b843653cdd0eec419aebcf4ff6bb5ea2d20d6f4ca38728252740a3f73948f63462d4acf6e5c24eb3890ccd05b2724265376af142b816a2f684e1873fe0f497faf3590c50fe1f9401b09c060c758f6721780afb39db75dbc4ee9e226bc6d27d8b49afc11f04c62efbba7dc1b6a527323a9daa457ad76793324cc96f0b5aed0df4c7efba142c45adb059ba9eed9b11173156a198740fa783e7697e25a7dc80016cd659d37067603435c047f70d7e7765846608e8bfe55c61a704c1ce37a6f2fd750a147e00e60afa0dd8f18c80eb1087fa4fd89fd81e2979a95a44033dd92194c7e9d5cce3d73f464c57cdb86d0d508e612c6b4e4f51092de4baefe928360ac1ed2027947c4c80241f6c5f0e2f36716b7438a4946d50062012d0a0e1b657fe15d0bb2e8540e97e5cee33eab4e70f549dcb2aa37fc82a2293f20147399e564d936c43b4903a0ddf5c07db29ecc1c6e56ab6e1ee410d7b5c647ec3948a8bf70d1f86f7e2b8de2a66502c06594143a8c8b13782c3870f721348ad4a1a41fb1848156133b90ef18182d09e179673cc986190a4bb3a8a210abe282884130e6758bad6051f83d49b3b7f2f36a6ee560f34a506178a2ad3750e0331b53abdb6f03b7177d53057cc800a08f0470686ca170205614403542fff791a96a4e9c46c2805b06a1cf758539717b4e6568cf876f64d80f749569aaf815044f3f7415549c4f40681b218ef1212ea5c0fefed55d8c6f782c05b6610a1f2197a66447ab9c3fab3c54839715d82ab7e5541cc1e1297a4a59decaca4be16f757ff59008b996d14412d60e781becda6f141ae779931618e56d23f23950f397dc4889e62273e9df47a16b7230a571b1e1c679dff5a82d4814755bff194673f6c65529b777caa407a8caf0d141c2fba6cc1c0c6d1aa072ff46d5abd4cdc24fbc7083479658faed654b1306c840dc79b88409ebfe8c48a2f73f6cfdc4e101acdb00107440dc4d95a2ce1a2305fc74b39d83b2d0efc22fc746c277dbc158f75c293f79d4b3d00758214f4100a3923bd785c4526dae06f88a207391ce1c0be9fdc534eab9c5fd4b29043764eeddda33a1b06e1848ac43f3862b84c599af7cb019f077f4c0314a1bb8d7fb9f4f7ca7fd421880d03883f36073abf0b4bbf8802113590d4f7fe9c10114060c63a65c67271a1fe26ae4bb0ce43f66a64df9e9d42dffe1ea02f3659677269a79928bf6f5b298b760df8980ac1356dc465d58affc7aeb46b243c8a7ea04c493c8f6d266b1029a818dab240cf6221915fcf2a7a27b79be7d49f65b2c818e3a5864200b6f0f16c6ef9a6643c449f6c709d4a2bf74e724ec506d4a50d737d5f1626810656d430d8e8e81651334a57062d02e592e9b3234e4abbeb73ca491664f78ca43cdeefce9e775416d83b62c384422a8694c4c563bdde730a7d5f5f036df00ab21f220154932b07d26de2434e2ac1c4f88c6667f876af191a1349b571f6389e39b43edb4f9781a9006f83199b7bd29f852b390b2e9fd3aaa293b861f3a22f306f7558b6e065a85d45bb5e8b9487078de1cd83cc5121f302331a958d160808ea70f681a77c54f2e86ab00f23af4039513a5974257ffd2b94f0644d12b495201199ae1f0c4d5a5a22b06608988137e0eeca6c09db293710f01823b2cc58cf45e27d30020be67542d9263ddd5c098a620c5871245c003aea337234d663833d60eaa4015ef1958d6cd17e72a4680641d05d7c30f7eb3b60354e4aa1d8afe49780a9b1f2a705e2edbb1c8cb2557450366964e75179ab14ba557f88803dcb01a9e8f35ae318c28cff462f01ba5613d922e1e6ca9e6d421c12433c1f166bb72c9847a37738ec3db3325eea36190f7cb1f652500be5c9ce41122b89464b9c938f2d90d6af9f545cb896ec28c17d7417faa5b9685d41361746bcb8e708e21b233e24da8ddcdf9b27066c38d496cdded4b578c045441bfe5cb90b5c62347dc4b0ef3ccff3562223f409a18528a878a37319ef442b5d5936111d72eb2f2abf0228a9d1a8b72930228c4ccb35479e53d481105f39bab20bcd54dbd493f3085c9734de6331fb2517d08f758bb0f82c1a3f9798e101c6c03ef126a049f8810df8e154a44f7e5fcaa29c1804e38910009b614ad185e75fd42c1a5ea1cab25a723f8a6e57f5bcab65ae527b1773b3fbe3c4d4cd278237232f52219b1142062ac41f3dc372ef4962fd11729e2af50a699d5250b2cd49ab3d3650ec1f8c0dfe4a6e006215d1a982f68cead5885cb866425171ae6027d148176b6454b81a9709e69610cc8775eab07b878f529aba71c49b44eb35595dfff9d31a434793ada57542e7d07350caee06fa0982e74df43aa46cc1c787602cb1cc451e8f3d5283dd4c27bc50eaa725492fa390b6001676c5c030ea794a96bfb15f9a74bd0c73ae3fcd685233d0ea992949aaa143b339a9decd0ea30770467507c46c54a94d507ca110a16c693ce43cc9029b74ef3b3e70fa7cb8e71691728c853e48bbd47db54f15e39133c36"}, 0x1000, "a2768649fe627f0d3e4a3e8885f9b93f8b9f2152c99fa52a5f1a72630ba2857fa987cdb347e53c7188e13749d78773415434cc593e4fcbe0e5043551b6602455a4df35d3fdd66defd372a7afcb374b25c4b1e6a580685ea42b237eed29f3cb00a00c4a2fa8436d1b750b61ba0fc34a5ba67d17b19e4d16ead0dade3b1b0a251f1a5a3710c06810ad5fc8fbb6bf74d35571d4e12dfc34138501fc3fab86e5b168dcd886be472ebf5f97ff60da53068d55cdeb18cf4d6dd56d33facd922f5ac88cb9a3f3c7a1fd402dfe704642631089663596e9dc6afa07c450630f17c67b86f73350b1a9e789d46f1f1c9c92a1fec56d370e46fe4bb0058b15c19a777e93f3b44354c5788de50ca80845d81e51844782933d22a705d3b03d567d7ac352f9469f72ab5172d0d197fde66e9d3406051c148fc6f4d0a2594f411110f217d8ecd1b7393a30768300d0191876043e08ca0e3db419dd7794a3c0899bf91acba8721ccb808f67418aa71ad5df6ae2ba3a76c64324123f3f52c1f4823cd7b8a2adecfa784f3cace9c8c82fc53a7673b3612636fab9cd2d9d1f8160d18c436edbbde1d2eeeda13cafda55badf0c652256c66de72e7c5d4f3d0393af68d03569c1e61b7eec00d4a491c476187c897daf1b4585efa78b56d598fb1a381a85539fc34a991d3846a437810aded94b6f972f2b8f3c7e5114f8a2999cbdb21143e29861a04b701a003248525f4c1771e819d0420b28ffefca3cfb10485520efa5decbfb5c602ed9162ee736e3396e4d292667ab3b5661971cb9709b07a6d9610ff18464c7d548e8a4b97d42c456405ee9dc9f6380ef159a0a1ec5edbe5f55c178528a4074846bb0b43a62dbda14b0fed4d9829fc461b1a86aa1e231e030d279f051ceed5dc0f66fcaf1c686248e327c6374218f29202d4fac1b96eb3993a815ca70c82a13867cdbd9efa12b738c70344333f33a120906979fd447bd1838f9e5038a534b4a916e873ac68df78071ae257431f078853176246a188642dedb60e85767b8ca266ba40902c26795000cc897e3800a5f381def8f0c28d233b61e63da47ae42b61041a45b2a9ab6e9c75b1c4911a4bceb672ea13e05190295bf34ba4b6bb5ab009cd3b4b893be039d0e88831e60eb212f0ce5c66370ff0a5130eafebfb0383e2d27c14e94e7cd635825db16f87dab8325628c4280f6ebb8c9f2c9e2562084541ef774a458eed09653d3ca075d075070dcc5bb07feedd6e268ae8b52067c4e9dd4980b012454bc14b303772eb8e88d86d4f379d48635bec269e074d0448d558bf97cfbd86789dd921aeb09adc18ccfaed0f521c330f5b66635ce33160b2d5dff9bac2fd486270715d264320ed850e5458dc211d5929a7a06dfb874f3ebfd2dd39d647fa9c66117024e0b0da19b5fca1b19f15c655ed72f60861661dd54db525bc7400b0cdd3149d8ac8870fd6f4069050823f86f21b979d7ba7c77c4ec7f7a66a307e61aa212a9aac70bd8b143c91bd1f1858c7b400f6856ffb847a3087200af6cc9291d0d08a781152f09356d56e064ce6aa513628d8a67ff15d7ed5ada160d2371d3a643b23f3d17150a3acb70f0c65f46f6636e95eae1dea8f4baac3cd24ccd3df3951d2cd40cc5a21dd97c2de3fad82bf9a21ddec5581b59dcd93ea96df14da93c62793fb30186bf21d2ba212db90be99195e2854fcb517941cb2513170f225560d1776b5791414a7e32eae5affdc3fd5ed83f280938f60237acfe2a1ed3a34eb881a08461002b6eebf1575f1ebcfdbe92cf56e2f7023ce2b4226b0b27f52e9f6d383e4d785ad31387952088ce8d6ed046a2abb17806f1e5815501fa93b54f9a9280aae84670582c2b9d391d6ff3ebd47e0a85ba98ec88a26cc108ab81e6f75c2a957d0376fd570b80de87887c5fe88ab8b92a36dbdb373393e47d1c9997740f0f013dfd44732f5b3220fefe960175511311ac5cb5d4fd4ccf55a6801cf06333fbaff72d9987f0672c131b985e0258b20357061c36263cb0a1dc8ab56b11219a798e8aeb411e7df770d457ea2d9354daecbc5965f77cf350a277f33e754bb1808eea84b31ba39e1c809ed27684f3d5de5c5fbe4d4dc040cc9d84ae39828495cefe832cfb3dbc3b6d30f0958bb0f2c61d233eb65f47cae19f3f2f7fadea1838f897f958347511ee459076ae3abaf8ea4f639d2df5b4ae28062993c37e876a399da5cdc9b2c74a6b23f45aa5e64021776170251b24ee2629cd1f169a66f10d586b7d446b9cbce7f895430820d2c69bd754c1896dad63fd13b8e8d4b9dae443a0f39695ea730e8863a8310225e621a1bb6d7e30bab6d5fff0a7201e9f79643a095b6cb52456067ce0d5fd131fc1520d76efaf3bbe5f849840370b34851b47cacb82d01160ad9e4c5646e60e326a193a7bc7addc1c1452413455e4caaf6df7500527802f6e98a20f92fd8a6de8e304d592a8e4fd7f6f94fa4c92d62ddaa5c25131c973798b935913635ea519b192335baf8f711c61f153591618476e9a027dfd9c027f9c7d6a60cd8a0271f950ac66f602ca8d7a7ea8ffc68b2f11b689c54adc4e4a21da088587f6f9a6391378737b4b679876e4f6d3ebbd4ca2d0f384c4b9e36f2fe210a97c25199414be7775b923eecbeb3ad427639ef8caacb8af1448c7f43b458c00d7e50736109a4e095d88675214e79642476279ff6ee5fe32fdb99c713c4ded281800272d2b1c44593c0f6d500e8765f16fbd428e1f4d9605bfa0a74a6aa1852d3e345cdba4c01692bd017b2f55843cfa473b88d680e92a632bcc028e498bc8eada6188829c6675e2c8466e6ca218382d8c246d9f5c625330ee04d468088d57db2a18f6846178a5f2c538a71b0435217996c2ba96c3043a30cf1da354f5291efb07a20fd15086ec9e58c796d1d889bfd80275e7541e2c796437c6f8177690b4122d9a4c9ee20ccee32c0eb920bbaaaae0275645c8c3962be84cfbf8111a661ba2df3390272b7d93657f34b68000926e996ff04606b8d3443e2460d25ce762e593089c758d3e5a2267eace41b2449ee3b9f58b94303d392e1287e4f2a1f0b9b560f40fade523623fa4193dda14d2ac72094d062651fa4b32dec02d1cc5bb8cccd18e2ca53b246356b7d8853c7f9e2b2af2daa23170948c94cf6da2441b22eb1a266e55c3ec7eb1ec504a4c6ebdfbc8bb82a1af607829bd85155c2d8077c70fcd5d8392a04d75597672f240124b57b8c9153aaeb137bb6cad2a0e0c03739ed4468127350e10ddaa136d9ae8571f1ba3063a0f5ae3432634509c0b50179bf959b92e70a4857a51a89962483b9b8ac05a8d3481c1949830b939a889ef60eae92f2435738169a92669b0dd7a8056a8a08b827d94338ca63f72ec2d68fc3253837f2fec04d0bed0082acd95ea8a56d42674dc633c076200bd5011ac2d34ab8ffd6678ec3f7d828dd6774da68503305939669dab33e0ccfa88f455c368d3214a44b4bd1c85721fbb65b9c2a898e41ce7b1f660f3342d256fe8dd126a00a07a77c42b2c01d8e2d8420be396f158d4f55902b92e6289e85531d27ce4ea09e6beaa0be9f0d383c9dd8c946d16c124c97d8eff2d013d1ac621bf9b0c5f35139a8a7cecdce6084a978a55f7d1ff6a2c893c58f8dacf8ebdb00b8ffa080d3e399d76a1aae48de09b98dc80aa9c1719e27abcbab332864552dd44e1dda5d987661da3a4181736b84c7846f510d6abffe1310b641f0aa9bbf82d182dad60997ffa1ed44cd1bf868a20a404dd2c2c1145f4fece0add42583161eb24ddfd828f045be2a2cd65db870afe88a6450c8b343ebbe7556739a746a04285454524025f9aa17d144ac055097cdfc307f8771b59d4f81f5422ddb24e2c0dcc78d88faaf7e7096a40034a968a6990a9ba64ca0a44fc394152bf15a7e5228d6c12167c39f51ed64a76e512b819237136cd78941220fd28e3fb90577ef23ddaa91ad8d8c74cd7ef408e391acbff8f69bf014522f1c337ba4f1a29a817cfc0aa7c081ee28ca16c0c71a55f4413013de3819d8940e758588ba75a716966662f90fc10063d2fb2734662f184c9818f0ad8f22bba3b5318ccc87968fb5ce12c7066feaf0162bd01b90ce5a5aa39668cd0f0073ef5d7c1ce3467523ef0efd8f996e404e82a117dc81c950c99c7639670c8d6e766768596e4d740f66d6228f30f08cb9220d6fe4634bd2e1bd13e965edcb922ac2e6baed4dfd91af825b5d543d29daf6b6a476b6449c2d12b72d7a20d9e52fdcc9d80025c3fe271603f677827fac671f3aa78b4dbb77131e5d04f258e94249f0ff9e98dc9e07b2106a4af4caf634d033e30556ce9d688d0492e3f45149b78aff96480919b70e5bb0c283f2f7bbf34bc8f2fe922355cc4d835c7de54d518a7a382be1402787ef94101caa81872758b2539b36f0625d1613f4952665b5939e9f96e89a57454f0d73cc4f0f1b2cbbeaad0f9b2c6c69b892b6752f655d843e97608f053a6d361282d43483d9d8508f44981fc9638fde5ff07d1def3e9d47db9952ec18492c72896aa9652c74df9eadcc3a51bc9441c5f1e4bf5e49b857a5eab5c80118831adaa4516ef397ff1493f1ad5e73adadccc4754daf7ef45f7745ccdf241b44997737ca93ec09f36501afa3f003e22a99a0291609bc5142ea442ff32f84f1738b603e81a7258864c0af76b2fd6a9e4551eecec6382f936506405552c42110a37a871c6becea7246c0bf19341a84428d2f42a89827a4ffc0f73d6b9e450de77f3f9f4673295052af4dd8639f7a614b6993a4ef7975444b7e7dc603295e7c1f3b247812623f9453ad9a9e44d9714931446616dc02ce017cbfd0bbdb15a2869d23fd5b78ad3447b817b9e6ca80393f2100f363275ce349ee8a782b18646d8ca1e85d71f553d8aaf2c505c4f3bad4a923fc7c2c1799bdd0d88d791ce89f4b4b5d1d50598342be6c45edff866a6cf125a2f13eaefaf6451fb94e4b958d5100bdc252fb29d9a7cbb2c35e034d06ef2b2f629df5a143c983f4a5a6699e68bc216e7a4992f30e669a092327756985107fd8a6fee37fc38a6488d2ac5e269d4255183d75004f2cbc57e7a1eeb26a8d7f3dcae7b51a20cba898ff91afc0e198fe53e75e1a8d4506a6bf4da8f64889bd080564388efa8d5acd9637ad57a1a6b1a5d96b60ea026032e73b85be867338cc3809925f2481e3157aff34373791fbd7fc5470df894d7fddea5e8ec400a2d877ce617b798bb620a144eab794260d073844fa716b12411afb06f0f366891c0f526116b117d8e8bfcf1b77cd30192abb68924a6b81be53b17b250d8a2fe79895c8d33c4ae68979ca021609339bab3b83b4f1dd702aed6e74c18dca79a383269c14c1f9107725e2d979ca24d9a201fb5b2890421747bbca683abe72f9112a86084c34e6831b1e8b58e4f325f842db7f1b543ad880f13a19be1424e95820d1c0f2183a90d8c5db31c4c46a5bd6dbf16608276ca3590f713c51eb6f8492f306b1708589023611f7baa66b00631090833a688cdc8cf6d7b3ff391ef1e32eac7e071869bf1067b0b2c8c1267b06ceeac4d6c89b90691a35c9bbae5f0265718af7f6ab3fe280a6fe0ecbf617f58f5e4fcb4e1e76bccc48eab92b0c93ca953d56e1fe6096b2b645dafeb72094605b3c61d45f1f28a0dd35ec4c510b21febfcb6adaa77f94e9db8bbfe7d52fc439268a39f09363bb7b59c97ed3d4f267365db14b5591f603fe310e812e4085d1b4d7b9042bbe3f00725eab08c497e83d5275179ea7c6ef05fd496603b3d7d201f89f4b769a376e978770439"}, 0x2019})
read(r1, &(0x7f0000000040)=""/141, 0x8d)
read$FUSE(0xffffffffffffffff, &(0x7f0000001640)={0x2020, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x2020)
prlimit64(r2, 0xe, &(0x7f0000000000)={0x9, 0x88}, 0x0)
getpid()
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000040)=0x1b3a, 0x4)
syz_clone(0x1000000, 0x0, 0xfffffd11, 0x0, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r5)
pread64(0xffffffffffffffff, &(0x7f0000000140)=""/15, 0xf, 0x4)
sendfile(r1, r1, 0x0, 0x7ffff000)

152.384297ms ago: executing program 1 (id=1569):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x1000)
r0 = userfaultfd(0x80001)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x6000, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
close(r2)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_normal', 0x8801, 0x24)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r4, 0x800448d2, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r5, 0x0, 0xee01)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000000000/0xc00000)=nil, 0xc00000}})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
socket$packet(0x11, 0x3, 0x300)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r6, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x14}}, 0x40000)
r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYRESDEC, @ANYRES8], 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0)
r8 = openat$cgroup_netprio_ifpriomap(r3, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_netprio_ifpriomap(r8, &(0x7f00000001c0)={'pimreg1', 0x32, 0x32}, 0xa)
syz_usb_control_io(r7, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
rt_sigaction(0x17, &(0x7f00000004c0)={0x0, 0x40000007, 0x0, {[0x100000000]}}, 0x0, 0x8, &(0x7f0000000080))

83.773279ms ago: executing program 4 (id=1570):
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000180)=0x1d)
mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x0, &(0x7f0000001e40)={[{@stats}]})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000002500)='./binderfs2/binder0\x00', 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
read$FUSE(r1, &(0x7f0000000640)={0x2020}, 0x2020)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000001c0))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r3, 0x4068aea3, &(0x7f0000000080)={0x74, 0x0, 0x1})
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0x17, &(0x7f0000000080)=0x1, 0x4)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs\x00', 0x1ff)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x2, &(0x7f0000000080)={[{@grpquota_inode_hardlimit={'grpquota_inode_hardlimit', 0x3d, [0x78, 0x2d, 0x6d, 0x67, 0x67]}}, {@usrquota_block_hardlimit={'usrquota_block_hardlimit', 0x3d, [0x39, 0x6b, 0x6d]}}], [{@obj_type}, {@hash}, {@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}]})

0s ago: executing program 0 (id=1571):
r0 = socket$pptp(0x18, 0x1, 0x2)
fchdir(0xffffffffffffffff)
bind$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e)
connect$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2300, 0x0)
ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000040)=0x1)
preadv(r0, &(0x7f0000000240)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000740)=""/172, 0xac}], 0x3, 0x27, 0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESOCT=r5])
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r6 = timerfd_create(0x6, 0x0)
timerfd_gettime(r6, &(0x7f0000000280))
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r9, &(0x7f00000003c0)={&(0x7f0000000040)={0xa, 0x4e20, 0x9, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7f}, 0x1c, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000029000000370000002e0000000000000024000000000000002900000032000000ff020000000000000000000000000001", @ANYRES32=0x0, @ANYBLOB="22b0f0f8c90d4ce25fcd0deb6be6822f045f0d993b411cab989d5d00000000000000006128fce3ff486093076a0ee693053c69e1c037bc3ddbbd9ff68389dd3982f7056be506392b94330b841c181c8dc27bf8e6a605e0cd5c56438637120102651ff33ce0291a02565752388aa815f6be96609a6dd91ee96823bb605c5adce18abbfe506750bff2ba3021"], 0x40}, 0x0)
r10 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r11 = fcntl$dupfd(r7, 0x406, 0xffffffffffffffff)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r11, 0x40045402, &(0x7f0000000040)=0x1)
r12 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r12, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000f0000040e68e3fa84000000000000000"])
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000100)={0xd, 0x0, &(0x7f0000000340)=[@increfs_done={0x40106308, 0x3}, @decrefs, @register_looper, @register_looper], 0x0, 0x0, &(0x7f00000002c0)})

kernel console output (not intermixed with test programs):

3225]  dump_stack+0x19/0x20
[  107.100364][ T3225]  dump_header+0xd7/0x490
[  107.100393][ T3225]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  107.100412][ T3225]  oom_kill_process+0x4c0/0x7e0
[  107.100440][ T3225]  ? sched_clock_cpu+0x75/0x400
[  107.100462][ T3225]  out_of_memory+0x7ee/0xbd0
[  107.100490][ T3225]  ? __cfi_out_of_memory+0x10/0x10
[  107.100517][ T3225]  ? mutex_lock_killable+0x104/0x1c0
[  107.100537][ T3225]  ? __cfi_mutex_lock_killable+0x10/0x10
[  107.100558][ T3225]  mem_cgroup_out_of_memory+0x279/0x350
[  107.100581][ T3225]  ? drain_obj_stock+0xed0/0xed0
[  107.100606][ T3225]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  107.100629][ T3225]  try_charge_memcg+0x8f7/0xde0
[  107.100649][ T3225]  ? gfp_to_alloc_flags_cma+0x90/0x1c0
[  107.100673][ T3225]  ? __cfi_try_charge_memcg+0x10/0x10
[  107.100693][ T3225]  ? __alloc_pages_noprof+0x30d/0x6c0
[  107.100713][ T3225]  __mem_cgroup_charge+0xf6/0x410
[  107.100734][ T3225]  ? filemap_get_entry+0x3fb/0x460
[  107.100751][ T3225]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  107.100775][ T3225]  filemap_add_folio+0x57/0x2d0
[  107.100813][ T3225]  __filemap_get_folio+0x4c2/0x7c0
[  107.100832][ T3225]  filemap_fault+0xb41/0x16b0
[  107.100852][ T3225]  ? __cfi_filemap_fault+0x10/0x10
[  107.100872][ T3225]  ? __cfi_filemap_map_pages+0x10/0x10
[  107.100909][ T3225]  ? __cfi_lru_add+0x10/0x10
[  107.100938][ T3225]  ? _raw_spin_lock+0x8c/0x120
[  107.100964][ T3225]  ? __cfi__raw_spin_lock+0x10/0x10
[  107.100992][ T3225]  do_pte_missing+0x376b/0x3e50
[  107.101025][ T3225]  ? pte_marker_clear+0x1b0/0x1b0
[  107.101054][ T3225]  ? __pte_offset_map+0x1b0/0x230
[  107.101076][ T3225]  ? pte_offset_map_rw_nolock+0xba/0x110
[  107.101098][ T3225]  handle_mm_fault+0x1166/0x1b90
[  107.101124][ T3225]  ? __kasan_check_write+0x18/0x20
[  107.101149][ T3225]  ? __cfi_handle_mm_fault+0x10/0x10
[  107.101177][ T3225]  ? follow_page_pte+0x2bd/0xb90
[  107.101197][ T3225]  ? gup_must_unshare+0x1e0/0x1e0
[  107.101216][ T3225]  ? vma_is_secretmem+0x11/0x50
[  107.101237][ T3225]  __get_user_pages+0x1169/0x22d0
[  107.101267][ T3225]  ? __kasan_check_write+0x18/0x20
[  107.101293][ T3225]  ? populate_vma_page_range+0x230/0x230
[  107.101323][ T3225]  ? __kernel_write_iter+0x65e/0x830
[  107.101349][ T3225]  get_dump_page+0x107/0x220
[  107.101380][ T3225]  ? __cfi_get_dump_page+0x10/0x10
[  107.101411][ T3225]  ? __asan_memset+0x39/0x50
[  107.101435][ T3225]  dump_user_range+0x181/0xdf0
[  107.101460][ T3225]  ? __cfi_dump_emit+0x10/0x10
[  107.101483][ T3225]  ? __cfi_dump_user_range+0x10/0x10
[  107.101506][ T3225]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  107.101532][ T3225]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  107.101559][ T3225]  elf_core_dump+0x2cd9/0x3810
[  107.101591][ T3225]  ? __cfi_elf_core_dump+0x10/0x10
[  107.101626][ T3225]  ? dump_interrupted+0xf0/0xf0
[  107.101649][ T3225]  ? filp_open+0x182/0x1d0
[  107.101668][ T3225]  ? 0xffffffffff600000
[  107.101685][ T3225]  do_coredump+0x1bf7/0x2bd0
[  107.101713][ T3225]  ? __cfi_do_coredump+0x10/0x10
[  107.101735][ T3225]  ? asm_exc_page_fault+0x2b/0x30
[  107.101771][ T3225]  ? __kasan_slab_free+0x6a/0x80
[  107.101805][ T3225]  ? kmem_cache_free+0x1c1/0x4c0
[  107.101831][ T3225]  get_signal+0x11fd/0x14f0
[  107.101854][ T3225]  arch_do_signal_or_restart+0x96/0x720
[  107.101883][ T3225]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  107.101913][ T3225]  irqentry_exit_to_user_mode+0x4e/0xb0
[  107.101936][ T3225]  irqentry_exit+0x16/0x60
[  107.101957][ T3225]  exc_page_fault+0x66/0xc0
[  107.101978][ T3225]  asm_exc_page_fault+0x2b/0x30
[  107.102005][ T3225] RIP: 0033:0x7f7b4df8e931
[  107.102022][ T3225] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  107.102039][ T3225] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  107.102058][ T3225] RAX: 0000000000000000 RBX: 00007f7b4e1b6080 RCX: 00007f7b4df8e929
[  107.102073][ T3225] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  107.102086][ T3225] RBP: 00007f7b4e010b39 R08: 0000000000000000 R09: 0000000000000000
[  107.102099][ T3225] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  107.102111][ T3225] R13: 0000000000000001 R14: 00007f7b4e1b6080 R15: 00007ffc9e087188
[  107.102128][ T3225]  </TASK>
[  107.104392][ T3225] memory: usage 307200kB, limit 307200kB, failcnt 24154
[  107.569812][ T3225] memory+swap: usage 431868kB, limit 9007199254740988kB, failcnt 0
[  107.577907][ T3225] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  107.585694][ T3225] Memory cgroup stats for /syz1:
[  107.586676][ T3225] cache 314417152
[  107.595454][ T3225] rss 45056
[  107.599297][ T3225] rss_huge 0
[  107.603966][ T3225] shmem 314372096
[  107.607990][ T3225] mapped_file 0
[  107.612003][ T3225] dirty 0
[  107.615050][ T3225] writeback 0
[  107.618608][ T3225] workingset_refault_anon 1
[  107.623177][ T3225] workingset_refault_file 8647
[  107.628073][ T3225] swap 127660032
[  107.632845][ T3225] swapcached 110592
[  107.640202][ T3225] pgpgin 271680
[  107.644002][ T3225] pgpgout 194880
[  107.650912][ T3225] pgfault 64241
[  107.656233][ T3225] pgmajfault 245
[  107.659818][ T3225] inactive_anon 296652800
[  107.664393][ T3225] active_anon 17874944
[  107.668866][ T3225] inactive_file 0
[  107.672521][ T3225] active_file 45056
[  107.676616][ T3225] unevictable 0
[  107.680145][ T3225] hierarchical_memory_limit 314572800
[  107.685527][ T3225] hierarchical_memsw_limit 9223372036854771712
[  107.692034][ T3225] total_cache 314417152
[  107.697020][ T3225] total_rss 45056
[  107.701872][ T3225] total_rss_huge 0
[  107.711168][ T3225] total_shmem 314372096
[  107.715509][ T3225] total_mapped_file 0
[  107.720572][ T3225] total_dirty 0
[  107.724076][ T3225] total_writeback 0
[  107.728144][ T3225] total_workingset_refault_anon 1
[  107.733185][ T3225] total_workingset_refault_file 8647
[  107.738528][ T3225] total_swap 127660032
[  107.742603][ T3225] total_swapcached 110592
[  107.746962][ T3225] total_pgpgin 271680
[  107.750960][ T3225] total_pgpgout 194880
[  107.755027][ T3225] total_pgfault 64241
[  107.759029][ T3225] total_pgmajfault 245
[  107.763117][ T3225] total_inactive_anon 296652800
[  107.767981][ T3225] total_active_anon 17874944
[  107.772578][ T3225] total_inactive_file 0
[  107.776760][ T3225] total_active_file 45056
[  107.781097][ T3225] total_unevictable 0
[  107.785069][ T3225] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.972,pid=3193,uid=0
[  107.799829][ T3225] Memory cgroup out of memory: Killed process 3193 (syz.1.972) total-vm:89960kB, anon-rss:944kB, file-rss:22036kB, shmem-rss:0kB, UID:0 pgtables:172kB oom_score_adj:0
[  107.871300][ T3201] syz.1.972 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  107.975670][  T306] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  108.000845][ T3201] CPU: 1 UID: 0 PID: 3201 Comm: syz.1.972 Not tainted 6.12.23-syzkaller-gd9fd901baa98 #0 f1acc3ef52b3e732a05c4f7a2560722db90bb473
[  108.000880][ T3201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  108.000892][ T3201] Call Trace:
[  108.000900][ T3201]  <TASK>
[  108.000908][ T3201]  __dump_stack+0x21/0x30
[  108.000937][ T3201]  dump_stack_lvl+0x10c/0x190
[  108.000960][ T3201]  ? __cfi_dump_stack_lvl+0x10/0x10
[  108.000984][ T3201]  ? ___ratelimit+0x3f7/0x5a0
[  108.001014][ T3201]  dump_stack+0x19/0x20
[  108.001053][ T3201]  dump_header+0xd7/0x490
[  108.001084][ T3201]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  108.001104][ T3201]  oom_kill_process+0x4c0/0x7e0
[  108.001134][ T3201]  ? sched_clock_cpu+0x75/0x400
[  108.001158][ T3201]  out_of_memory+0x7ee/0xbd0
[  108.001188][ T3201]  ? __cfi_out_of_memory+0x10/0x10
[  108.001218][ T3201]  ? mutex_lock_killable+0x92/0x1c0
[  108.001240][ T3201]  ? __cfi_mutex_lock_killable+0x10/0x10
[  108.001262][ T3201]  mem_cgroup_out_of_memory+0x279/0x350
[  108.001289][ T3201]  ? drain_obj_stock+0xed0/0xed0
[  108.001316][ T3201]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  108.001341][ T3201]  try_charge_memcg+0x8f7/0xde0
[  108.001363][ T3201]  ? set_pte_range+0x441/0x660
[  108.001391][ T3201]  ? __cfi_try_charge_memcg+0x10/0x10
[  108.001412][ T3201]  ? __alloc_pages_noprof+0x30d/0x6c0
[  108.001432][ T3201]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  108.001454][ T3201]  __mem_cgroup_charge+0xf6/0x410
[  108.001478][ T3201]  ? __cfi_folio_unlock+0x10/0x10
[  108.001507][ T3201]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  108.001533][ T3201]  shmem_alloc_and_add_folio+0x86d/0x1050
[  108.001567][ T3201]  ? put_swap_device+0x130/0x130
[  108.001598][ T3201]  ? shmem_huge_global_enabled+0x2da/0x360
[  108.001626][ T3201]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  108.001654][ T3201]  ? __kasan_check_write+0x18/0x20
[  108.001677][ T3201]  ? _raw_spin_lock+0x8c/0x120
[  108.001704][ T3201]  shmem_get_folio_gfp+0x5f0/0x1380
[  108.001734][ T3201]  ? shmem_get_folio+0xc0/0xc0
[  108.001760][ T3201]  ? inode_maybe_inc_iversion+0x17d/0x1e0
[  108.001791][ T3201]  ? __cfi_inode_maybe_inc_iversion+0x10/0x10
[  108.001813][ T3201]  ? inode_to_bdi+0x6d/0x100
[  108.001835][ T3201]  shmem_write_begin+0xf4/0x270
[  108.001867][ T3201]  generic_perform_write+0x32d/0x960
[  108.001893][ T3201]  ? __cfi_generic_perform_write+0x10/0x10
[  108.001915][ T3201]  ? down_write+0xe9/0x2a0
[  108.001936][ T3201]  ? mnt_get_write_access_file+0x1af/0x3b0
[  108.001968][ T3201]  ? mnt_put_write_access_file+0xc2/0x100
[  108.001989][ T3201]  ? file_update_time+0x1ef/0x220
[  108.002011][ T3201]  shmem_file_write_iter+0x105/0x130
[  108.002032][ T3201]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  108.002053][ T3201]  __kernel_write_iter+0x392/0x830
[  108.002076][ T3201]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  108.002098][ T3201]  ? __cfi___kernel_write_iter+0x10/0x10
[  108.002122][ T3201]  ? get_dump_page+0x160/0x220
[  108.002166][ T3201]  ? __asan_memset+0x39/0x50
[  108.002187][ T3201]  ? iov_iter_bvec+0xc0/0x180
[  108.002232][ T3201]  dump_user_range+0xb06/0xdf0
[  108.002258][ T3201]  ? __cfi_dump_emit+0x10/0x10
[  108.002282][ T3201]  ? __cfi_dump_user_range+0x10/0x10
[  108.002307][ T3201]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  108.002334][ T3201]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  108.002360][ T3201]  elf_core_dump+0x2cd9/0x3810
[  108.002392][ T3201]  ? __cfi_elf_core_dump+0x10/0x10
[  108.002429][ T3201]  ? dump_interrupted+0xf0/0xf0
[  108.002451][ T3201]  ? filp_open+0x182/0x1d0
[  108.002470][ T3201]  ? 0xffffffffff600000
[  108.002488][ T3201]  do_coredump+0x1bf7/0x2bd0
[  108.002514][ T3201]  ? __cfi_do_coredump+0x10/0x10
[  108.002536][ T3201]  ? asm_exc_page_fault+0x2b/0x30
[  108.002573][ T3201]  ? __kasan_slab_free+0x6a/0x80
[  108.002601][ T3201]  ? kmem_cache_free+0x1c1/0x4c0
[  108.002627][ T3201]  get_signal+0x11fd/0x14f0
[  108.002652][ T3201]  arch_do_signal_or_restart+0x96/0x720
[  108.002679][ T3201]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  108.002710][ T3201]  irqentry_exit_to_user_mode+0x4e/0xb0
[  108.002734][ T3201]  irqentry_exit+0x16/0x60
[  108.002754][ T3201]  exc_page_fault+0x66/0xc0
[  108.002775][ T3201]  asm_exc_page_fault+0x2b/0x30
[  108.002812][ T3201] RIP: 0033:0x7f7b4df8e931
[  108.002829][ T3201] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  108.002847][ T3201] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  108.002866][ T3201] RAX: 0000000000000000 RBX: 00007f7b4e1b6080 RCX: 00007f7b4df8e929
[  108.002881][ T3201] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  108.002895][ T3201] RBP: 00007f7b4e010b39 R08: 0000000000000000 R09: 0000000000000000
[  108.002909][ T3201] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  108.002922][ T3201] R13: 0000000000000001 R14: 00007f7b4e1b6080 R15: 00007ffc9e087188
[  108.002939][ T3201]  </TASK>
[  108.002973][ T3201] memory: usage 307116kB, limit 307200kB, failcnt 27242
[  108.058032][ T3451] overlayfs: failed to clone upperpath
[  108.403017][ T3201] memory+swap: usage 430228kB, limit 9007199254740988kB, failcnt 0
[  108.438311][  T306] usb 5-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  108.537197][  T306] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.545309][  T306] usb 5-1: Product: syz
[  108.549546][  T306] usb 5-1: Manufacturer: syz
[  108.555789][  T306] usb 5-1: SerialNumber: syz
[  108.564801][  T306] usb 5-1: config 0 descriptor??
[  108.754309][ T3201] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  108.845772][ T3201] Memory cgroup stats for /syz1:
[  108.845965][ T3201] cache 314183680
[  108.872375][ T3471] rust_binder: Failed to allocate buffer. len:1152, is_oneway:true
[  108.936234][ T3201] rss 32768
[  108.956627][   T36] audit: type=1400 audit(1750634071.603:467): avc:  denied  { write } for  pid=3474 comm="syz.0.1076" name="usbmon9" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  108.987352][   T36] audit: type=1326 audit(1750634071.623:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3475 comm="syz.2.1077" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbda3b8e929 code=0x0
[  109.061537][   T36] audit: type=1326 audit(1750634071.703:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3474 comm="syz.0.1076" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fec6c98e929 code=0x0
[  109.139203][ T3201] rss_huge 0
[  109.172951][ T3201] shmem 307724288
[  109.180509][ T3448] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.193374][ T3448] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.230173][ T3201] mapped_file 6406144
[  109.270872][ T3201] dirty 0
[  109.303037][ T3201] writeback 8192
[  109.344252][ T3201] workingset_refault_anon 15
[  109.394879][ T3201] workingset_refault_file 12608
[  109.458489][ T3201] swap 127938560
[  109.497878][ T3201] swapcached 57344
[  109.543499][ T3201] pgpgin 280962
[  109.586011][ T3201] pgpgout 204162
[  109.620400][ T3201] pgfault 64842
[  109.642292][ T3201] pgmajfault 277
[  109.662559][ T3201] inactive_anon 47099904
[  109.689824][ T3201] active_anon 259923968
[  109.713030][ T3201] inactive_file 1691648
[  109.736729][ T3201] active_file 2830336
[  109.755218][ T3201] unevictable 0
[  109.770792][ T3201] hierarchical_memory_limit 314572800
[  109.810419][  T306] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  109.822534][  T306] asix 5-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  109.822812][ T3201] hierarchical_memsw_limit 9223372036854771712
[  109.835375][  T306] asix 5-1:0.0: probe with driver asix failed with error -71
[  109.865391][  T306] usb 5-1: USB disconnect, device number 20
[  109.891840][ T3201] total_cache 314183680
[  109.927692][ T3201] total_rss 32768
[  109.931376][ T3201] total_rss_huge 0
[  109.985675][ T3201] total_shmem 307724288
[  110.014981][ T3502] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.017529][ T3201] total_mapped_file 6406144
[  110.032020][ T3500] rust_binder: Write failure EFAULT in pid:704
[  110.032270][ T3500] rust_binder: Write failure EFAULT in pid:704
[  110.125663][ T3201] total_dirty 0
[  110.212144][ T3201] total_writeback 8192
[  110.246099][ T3201] total_workingset_refault_anon 15
[  110.281757][ T3201] total_workingset_refault_file 12608
[  110.325704][ T3201] total_swap 127938560
[  110.348252][ T3201] total_swapcached 57344
[  110.387031][ T3201] total_pgpgin 280962
[  110.405980][ T3201] total_pgpgout 204162
[  110.415513][ T3201] total_pgfault 64842
[  110.424579][ T3201] total_pgmajfault 277
[  110.434116][ T3201] total_inactive_anon 47099904
[  110.444763][ T3201] total_active_anon 259923968
[  110.454865][ T3201] total_inactive_file 1691648
[  110.486849][ T3201] total_active_file 2830336
[  110.512616][ T3201] total_unevictable 0
[  110.534326][ T3201] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.972,pid=3194,uid=0
[  110.623237][ T3201] Memory cgroup out of memory: Killed process 3194 (syz.1.972) total-vm:89960kB, anon-rss:980kB, file-rss:21984kB, shmem-rss:0kB, UID:0 pgtables:172kB oom_score_adj:0
[  110.640146][  T306] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  110.805663][  T306] usb 5-1: Using ep0 maxpacket: 16
[  110.812012][  T306] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.825188][  T306] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.845357][  T306] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  110.872243][  T306] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  110.890779][  T306] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.909399][  T306] usb 5-1: config 0 descriptor??
[  110.954770][ T3215] syz.1.972 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  111.037535][ T3523] binder: Unknown parameter 'def�͏de!�context'
[  111.165659][ T3215] CPU: 1 UID: 0 PID: 3215 Comm: syz.1.972 Not tainted 6.12.23-syzkaller-gd9fd901baa98 #0 f1acc3ef52b3e732a05c4f7a2560722db90bb473
[  111.165696][ T3215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.165716][ T3215] Call Trace:
[  111.165723][ T3215]  <TASK>
[  111.165732][ T3215]  __dump_stack+0x21/0x30
[  111.165759][ T3215]  dump_stack_lvl+0x10c/0x190
[  111.165783][ T3215]  ? __cfi_dump_stack_lvl+0x10/0x10
[  111.165808][ T3215]  ? ___ratelimit+0x3f7/0x5a0
[  111.165838][ T3215]  dump_stack+0x19/0x20
[  111.165861][ T3215]  dump_header+0xd7/0x490
[  111.165891][ T3215]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  111.165913][ T3215]  oom_kill_process+0x4c0/0x7e0
[  111.165942][ T3215]  ? sched_clock_cpu+0x75/0x400
[  111.165966][ T3215]  out_of_memory+0x7ee/0xbd0
[  111.165997][ T3215]  ? __cfi_out_of_memory+0x10/0x10
[  111.166027][ T3215]  ? mutex_lock_killable+0x104/0x1c0
[  111.166048][ T3215]  ? __cfi_mutex_lock_killable+0x10/0x10
[  111.166072][ T3215]  mem_cgroup_out_of_memory+0x279/0x350
[  111.166098][ T3215]  ? drain_obj_stock+0xed0/0xed0
[  111.166125][ T3215]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  111.166150][ T3215]  try_charge_memcg+0x8f7/0xde0
[  111.166173][ T3215]  ? gfp_to_alloc_flags_cma+0x90/0x1c0
[  111.166199][ T3215]  ? __cfi_try_charge_memcg+0x10/0x10
[  111.166221][ T3215]  ? __alloc_pages_noprof+0x30d/0x6c0
[  111.166243][ T3215]  __mem_cgroup_charge+0xf6/0x410
[  111.166266][ T3215]  ? filemap_get_entry+0x3fb/0x460
[  111.166285][ T3215]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  111.166312][ T3215]  filemap_add_folio+0x57/0x2d0
[  111.166342][ T3215]  __filemap_get_folio+0x4c2/0x7c0
[  111.166363][ T3215]  filemap_fault+0xb41/0x16b0
[  111.166385][ T3215]  ? __cfi_filemap_fault+0x10/0x10
[  111.166405][ T3215]  ? __cfi_filemap_map_pages+0x10/0x10
[  111.166425][ T3215]  ? __cfi_lru_add+0x10/0x10
[  111.166456][ T3215]  ? _raw_spin_lock+0x8c/0x120
[  111.166484][ T3215]  ? __cfi__raw_spin_lock+0x10/0x10
[  111.166511][ T3215]  do_pte_missing+0x376b/0x3e50
[  111.166556][ T3215]  ? pte_marker_clear+0x1b0/0x1b0
[  111.166586][ T3215]  ? __pte_offset_map+0x1b0/0x230
[  111.166607][ T3215]  ? pte_offset_map_rw_nolock+0xba/0x110
[  111.166631][ T3215]  handle_mm_fault+0x1166/0x1b90
[  111.166657][ T3215]  ? __kasan_check_write+0x18/0x20
[  111.166682][ T3215]  ? __cfi_handle_mm_fault+0x10/0x10
[  111.166715][ T3215]  ? follow_page_pte+0x2bd/0xb90
[  111.166735][ T3215]  ? gup_must_unshare+0x1e0/0x1e0
[  111.166754][ T3215]  ? vma_is_secretmem+0x11/0x50
[  111.166776][ T3215]  __get_user_pages+0x1169/0x22d0
[  111.166808][ T3215]  ? __kasan_check_write+0x18/0x20
[  111.166833][ T3215]  ? populate_vma_page_range+0x230/0x230
[  111.166863][ T3215]  ? __kernel_write_iter+0x65e/0x830
[  111.166888][ T3215]  get_dump_page+0x107/0x220
[  111.166919][ T3215]  ? __cfi_get_dump_page+0x10/0x10
[  111.166947][ T3215]  ? __asan_memset+0x39/0x50
[  111.166970][ T3215]  dump_user_range+0x181/0xdf0
[  111.166995][ T3215]  ? __cfi_dump_emit+0x10/0x10
[  111.167017][ T3215]  ? __cfi_dump_user_range+0x10/0x10
[  111.167042][ T3215]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  111.167068][ T3215]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  111.167095][ T3215]  elf_core_dump+0x2cd9/0x3810
[  111.167127][ T3215]  ? __cfi_elf_core_dump+0x10/0x10
[  111.167161][ T3215]  ? dump_interrupted+0xf0/0xf0
[  111.167184][ T3215]  ? filp_open+0x182/0x1d0
[  111.167202][ T3215]  ? 0xffffffffff600000
[  111.167219][ T3215]  do_coredump+0x1bf7/0x2bd0
[  111.167245][ T3215]  ? __cfi_do_coredump+0x10/0x10
[  111.167267][ T3215]  ? asm_exc_page_fault+0x2b/0x30
[  111.167302][ T3215]  ? __kasan_slab_free+0x6a/0x80
[  111.167330][ T3215]  ? kmem_cache_free+0x1c1/0x4c0
[  111.167355][ T3215]  get_signal+0x11fd/0x14f0
[  111.167379][ T3215]  arch_do_signal_or_restart+0x96/0x720
[  111.167407][ T3215]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  111.167438][ T3215]  irqentry_exit_to_user_mode+0x4e/0xb0
[  111.167461][ T3215]  irqentry_exit+0x16/0x60
[  111.167481][ T3215]  exc_page_fault+0x66/0xc0
[  111.167501][ T3215]  asm_exc_page_fault+0x2b/0x30
[  111.167526][ T3215] RIP: 0033:0x7f7b4df8e931
[  111.167543][ T3215] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  111.167561][ T3215] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  111.167580][ T3215] RAX: 0000000000000000 RBX: 00007f7b4e1b6080 RCX: 00007f7b4df8e929
[  111.167595][ T3215] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  111.167608][ T3215] RBP: 00007f7b4e010b39 R08: 0000000000000000 R09: 0000000000000000
[  111.167621][ T3215] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  111.167633][ T3215] R13: 0000000000000001 R14: 00007f7b4e1b6080 R15: 00007ffc9e087188
[  111.167650][ T3215]  </TASK>
[  111.167659][ T3215] memory: usage 304744kB, limit 307200kB, failcnt 33810
[  111.326277][  T306] microsoft 0003:045E:07DA.000A: unknown main item tag 0xd
[  111.333098][ T3215] memory+swap: usage 428176kB, limit 9007199254740988kB, failcnt 0
[  111.334755][  T306] microsoft 0003:045E:07DA.000A: report_id 306882782 is invalid
[  111.340947][ T3215] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  111.355243][  T306] microsoft 0003:045E:07DA.000A: item 0 4 1 8 parsing failed
[  111.375696][ T3215] Memory cgroup stats for 
[  111.395886][  T306] microsoft 0003:045E:07DA.000A: parse failed
[  111.705752][  T306] microsoft 0003:045E:07DA.000A: probe with driver microsoft failed with error -22
[  111.717121][  T306] usb 5-1: USB disconnect, device number 21
[  111.724337][ T3215] /syz1:
[  111.724467][ T3215] cache 313999360
[  111.731541][ T3215] rss 94208
[  111.734686][ T3215] rss_huge 0
[  111.737926][ T3215] shmem 305520640
[  111.741573][ T3215] mapped_file 14184448
[  111.745696][ T3215] dirty 0
[  111.748643][ T3215] writeback 114688
[  111.752372][ T3215] workingset_refault_anon 20
[  111.756985][ T3215] workingset_refault_file 19764
[  111.761836][ T3215] swap 127700992
[  111.765389][ T3215] swapcached 290816
[  111.769317][ T3215] pgpgin 294495
[  111.775315][ T3215] pgpgout 217734
[  111.780529][ T3538] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1097'.
[  111.790807][ T3215] pgfault 67272
[  111.801628][ T3215] pgmajfault 489
[  111.805225][ T3215] inactive_anon 54026240
[  111.809589][ T3215] active_anon 250093568
[  111.813767][ T3215] inactive_file 978944
[  111.817883][ T3215] active_file 6225920
[  111.821878][ T3215] unevictable 0
[  111.825349][ T3215] hierarchical_memory_limit 314572800
[  111.832303][ T3215] hierarchical_memsw_limit 9223372036854771712
[  111.838544][ T3215] total_cache 313999360
[  111.842750][ T3215] total_rss 94208
[  111.853093][ T3215] total_rss_huge 0
[  111.869763][ T3215] total_shmem 305520640
[  111.893363][ T3215] total_mapped_file 14184448
[  111.925125][ T3215] total_dirty 0
[  111.956924][ T3215] total_writeback 114688
[  111.994256][ T3215] total_workingset_refault_anon 20
[  112.017456][ T3547] binder: Bad value for 'max'
[  112.065712][ T3215] total_workingset_refault_file 19764
[  112.102260][ T3549] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1101'.
[  112.126929][ T3215] total_swap 127700992
[  112.166940][ T3215] total_swapcached 290816
[  112.227116][ T3215] total_pgpgin 294495
[  112.231144][ T3215] total_pgpgout 217734
[  112.235231][ T3215] total_pgfault 67272
[  112.363467][ T3215] total_pgmajfault 489
[  112.397476][ T3215] total_inactive_anon 54026240
[  112.472888][ T3215] total_active_anon 250093568
[  112.499748][ T3215] total_inactive_file 978944
[  112.533938][ T3215] total_active_file 6225920
[  112.557450][   T36] audit: type=1326 audit(1750634075.203:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3554 comm="syz.4.1104" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffbe9f8e929 code=0x0
[  112.586988][ T3215] total_unevictable 0
[  112.632806][ T3215] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.972,pid=3199,uid=0
[  112.659986][ T3563] netlink: 'syz.0.1106': attribute type 4 has an invalid length.
[  112.761206][   T36] audit: type=1400 audit(1750634075.403:471): avc:  denied  { append } for  pid=3568 comm="syz.0.1109" name="rtc0" dev="devtmpfs" ino=195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  112.775216][ T3215] Memory cgroup out of memory: Killed process 3199 (syz.1.972) total-vm:89960kB, anon-rss:944kB, file-rss:21808kB, shmem-rss:0kB, UID:0 pgtables:180kB oom_score_adj:0
[  113.058419][ T3584] binder: Unknown parameter 'func'
[  113.074055][ T3588] binder: Unknown parameter '��c`��\�obal'
[  113.105910][ T3590] rust_binder: validate_parent_fixup: new_min_offset=9007199254741051, sg_entry.length=4096
[  113.105938][ T3590] rust_binder: Error while translating object.
[  113.125912][ T3592] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1118'.
[  113.126099][ T3590] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  113.159553][ T3590] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:741
[  113.216685][ T3191] syz.1.972 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  113.330708][ T3191] CPU: 0 UID: 0 PID: 3191 Comm: syz.1.972 Not tainted 6.12.23-syzkaller-gd9fd901baa98 #0 f1acc3ef52b3e732a05c4f7a2560722db90bb473
[  113.330746][ T3191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  113.330760][ T3191] Call Trace:
[  113.330766][ T3191]  <TASK>
[  113.330775][ T3191]  __dump_stack+0x21/0x30
[  113.330805][ T3191]  dump_stack_lvl+0x10c/0x190
[  113.330829][ T3191]  ? __cfi_dump_stack_lvl+0x10/0x10
[  113.330853][ T3191]  ? ___ratelimit+0x3f7/0x5a0
[  113.330884][ T3191]  dump_stack+0x19/0x20
[  113.330907][ T3191]  dump_header+0xd7/0x490
[  113.330937][ T3191]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  113.330959][ T3191]  oom_kill_process+0x4c0/0x7e0
[  113.330988][ T3191]  ? sched_clock_cpu+0x75/0x400
[  113.331012][ T3191]  out_of_memory+0x7ee/0xbd0
[  113.331041][ T3191]  ? __cfi_out_of_memory+0x10/0x10
[  113.331070][ T3191]  ? mutex_lock_killable+0x92/0x1c0
[  113.331091][ T3191]  ? __cfi_mutex_lock_killable+0x10/0x10
[  113.331113][ T3191]  mem_cgroup_out_of_memory+0x279/0x350
[  113.331139][ T3191]  ? drain_obj_stock+0xed0/0xed0
[  113.331166][ T3191]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  113.331190][ T3191]  try_charge_memcg+0x8f7/0xde0
[  113.331213][ T3191]  ? __cfi_try_charge_memcg+0x10/0x10
[  113.331234][ T3191]  ? __alloc_pages_noprof+0x30d/0x6c0
[  113.331256][ T3191]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  113.331275][ T3191]  ? __folio_batch_add_and_move+0x2ab/0x370
[  113.331308][ T3191]  __mem_cgroup_charge+0xf6/0x410
[  113.331331][ T3191]  ? __kasan_check_write+0x18/0x20
[  113.331354][ T3191]  ? _raw_spin_lock+0x8c/0x120
[  113.331380][ T3191]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  113.331406][ T3191]  shmem_alloc_and_add_folio+0x86d/0x1050
[  113.331436][ T3191]  ? sysvec_apic_timer_interrupt+0x50/0x90
[  113.331461][ T3191]  ? put_swap_device+0x130/0x130
[  113.331497][ T3191]  ? shmem_huge_global_enabled+0x2da/0x360
[  113.331526][ T3191]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  113.331554][ T3191]  ? __kasan_check_write+0x18/0x20
[  113.331577][ T3191]  ? _raw_spin_lock+0x8c/0x120
[  113.331604][ T3191]  shmem_get_folio_gfp+0x5f0/0x1380
[  113.331634][ T3191]  ? shmem_get_folio+0xc0/0xc0
[  113.331661][ T3191]  ? inode_maybe_inc_iversion+0x17d/0x1e0
[  113.331683][ T3191]  ? __cfi_inode_maybe_inc_iversion+0x10/0x10
[  113.331707][ T3191]  ? inode_to_bdi+0x6d/0x100
[  113.331729][ T3191]  shmem_write_begin+0xf4/0x270
[  113.331766][ T3191]  generic_perform_write+0x32d/0x960
[  113.331793][ T3191]  ? __cfi_generic_perform_write+0x10/0x10
[  113.331816][ T3191]  ? down_write+0xe9/0x2a0
[  113.331837][ T3191]  ? mnt_get_write_access_file+0x1af/0x3b0
[  113.331869][ T3191]  ? mnt_put_write_access_file+0xc2/0x100
[  113.331890][ T3191]  ? file_update_time+0x1ef/0x220
[  113.331911][ T3191]  shmem_file_write_iter+0x105/0x130
[  113.331933][ T3191]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  113.331954][ T3191]  __kernel_write_iter+0x392/0x830
[  113.331978][ T3191]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  113.331999][ T3191]  ? __cfi___kernel_write_iter+0x10/0x10
[  113.332035][ T3191]  ? get_dump_page+0x160/0x220
[  113.332065][ T3191]  ? __asan_memset+0x39/0x50
[  113.332087][ T3191]  ? iov_iter_bvec+0xc0/0x180
[  113.332114][ T3191]  dump_user_range+0xb06/0xdf0
[  113.332138][ T3191]  ? __cfi_dump_emit+0x10/0x10
[  113.332160][ T3191]  ? __cfi_dump_user_range+0x10/0x10
[  113.332189][ T3191]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  113.332214][ T3191]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  113.332259][ T3191]  elf_core_dump+0x2cd9/0x3810
[  113.332293][ T3191]  ? __cfi_elf_core_dump+0x10/0x10
[  113.332330][ T3191]  ? dump_interrupted+0xf0/0xf0
[  113.332352][ T3191]  ? filp_open+0x182/0x1d0
[  113.332371][ T3191]  ? 0xffffffffff600000
[  113.332389][ T3191]  do_coredump+0x1bf7/0x2bd0
[  113.332416][ T3191]  ? __cfi_do_coredump+0x10/0x10
[  113.332438][ T3191]  ? asm_exc_page_fault+0x2b/0x30
[  113.332476][ T3191]  ? __kasan_slab_free+0x6a/0x80
[  113.332510][ T3191]  ? kmem_cache_free+0x1c1/0x4c0
[  113.332536][ T3191]  get_signal+0x11fd/0x14f0
[  113.332560][ T3191]  arch_do_signal_or_restart+0x96/0x720
[  113.332589][ T3191]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  113.332621][ T3191]  irqentry_exit_to_user_mode+0x4e/0xb0
[  113.332644][ T3191]  irqentry_exit+0x16/0x60
[  113.332666][ T3191]  exc_page_fault+0x66/0xc0
[  113.332687][ T3191]  asm_exc_page_fault+0x2b/0x30
[  113.332715][ T3191] RIP: 0033:0x7f7b4df8e931
[  113.332732][ T3191] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  113.332751][ T3191] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  113.332771][ T3191] RAX: 0000000000000000 RBX: 00007f7b4e1b6080 RCX: 00007f7b4df8e929
[  113.332786][ T3191] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  113.332800][ T3191] RBP: 00007f7b4e010b39 R08: 0000000000000000 R09: 0000000000000000
[  113.332813][ T3191] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  113.332826][ T3191] R13: 0000000000000001 R14: 00007f7b4e1b6080 R15: 00007ffc9e087188
[  113.332844][ T3191]  </TASK>
[  113.451532][ T3191] memory: usage 307200kB, limit 307200kB, failcnt 41138
[  113.779641][ T3604] batadv_slave_1: entered promiscuous mode
[  113.786529][ T3191] memory+swap: usage 422848kB, limit 9007199254740988kB, failcnt 0
[  113.842194][ T3191] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  113.849140][ T3191] Memory cgroup stats for /syz1:
[  113.849292][ T3191] cache 308195328
[  113.851854][   T36] audit: type=1326 audit(1750634076.493:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3554 comm="syz.4.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbe9f8e929 code=0x7fc00000
[  113.854244][ T3191] rss 147456
[  113.854253][ T3191] rss_huge 0
[  113.854261][ T3191] shmem 305082368
[  113.854268][ T3191] mapped_file 2658304
[  113.898015][ T3608] binder: Unknown parameter 'secla'
[  113.909554][ T3191] dirty 4096
[  113.912889][ T3191] writeback 81920
[  113.917932][ T3191] workingset_refault_anon 29
[  113.922542][ T3191] workingset_refault_file 27634
[  113.963700][   T36] audit: type=1400 audit(1750634076.603:473): avc:  denied  { create } for  pid=3612 comm="syz.4.1124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  113.965508][ T3605] batadv_slave_1: left promiscuous mode
[  114.050214][ T3191] swap 126111744
[  114.053852][ T3191] swapcached 221184
[  114.095678][ T3191] pgpgin 308184
[  114.125692][ T3191] pgpgout 232834
[  114.135903][ T3191] pgfault 68596
[  114.174510][ T3191] pgmajfault 693
[  114.200058][ T3191] inactive_anon 124977152
[  114.204442][ T3191] active_anon 179916800
[  114.253936][ T3631] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  114.266463][ T3631] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  114.269279][ T3191] inactive_file 0
[  114.305669][ T3633] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  114.325659][ T3191] active_file 3043328
[  114.355171][ T3191] unevictable 0
[  114.385691][ T3191] hierarchical_memory_limit 314572800
[  114.403380][ T3191] hierarchical_memsw_limit 9223372036854771712
[  114.423777][ T3191] total_cache 308195328
[  114.437828][ T3191] total_rss 147456
[  114.449250][ T3191] total_rss_huge 0
[  114.460698][ T3191] total_shmem 305082368
[  114.474764][ T3191] total_mapped_file 2658304
[  114.501450][ T3191] total_dirty 4096
[  114.530772][ T3191] total_writeback 81920
[  114.575428][ T3191] total_workingset_refault_anon 29
[  114.607637][   T36] audit: type=1400 audit(1750634077.253:474): avc:  denied  { read } for  pid=3645 comm="syz.2.1134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  114.637236][ T3191] total_workingset_refault_file 27634
[  114.661812][ T3191] total_swap 126111744
[  114.671080][ T3191] total_swapcached 221184
[  114.693576][ T3191] total_pgpgin 308184
[  114.717161][ T3191] total_pgpgout 232834
[  114.734263][ T3191] total_pgfault 68596
[  114.753454][ T3191] total_pgmajfault 693
[  114.769313][ T3191] total_inactive_anon 124977152
[  114.778059][ T3191] total_active_anon 179916800
[  114.782817][ T3191] total_inactive_file 0
[  114.787278][ T3191] total_active_file 3043328
[  114.791825][ T3191] total_unevictable 0
[  114.795860][ T3191] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.972,pid=3198,uid=0
[  114.810699][ T3191] Memory cgroup out of memory: Killed process 3198 (syz.1.972) total-vm:89960kB, anon-rss:944kB, file-rss:22064kB, shmem-rss:0kB, UID:0 pgtables:168kB oom_score_adj:0
[  114.881734][ T3192] syz.1.972 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  114.929386][ T3651] overlayfs: failed to resolve './file0': -2
[  114.936047][ T3192] CPU: 1 UID: 0 PID: 3192 Comm: syz.1.972 Not tainted 6.12.23-syzkaller-gd9fd901baa98 #0 f1acc3ef52b3e732a05c4f7a2560722db90bb473
[  114.936079][ T3192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  114.936092][ T3192] Call Trace:
[  114.936100][ T3192]  <TASK>
[  114.936108][ T3192]  __dump_stack+0x21/0x30
[  114.936135][ T3192]  dump_stack_lvl+0x10c/0x190
[  114.936158][ T3192]  ? __cfi_dump_stack_lvl+0x10/0x10
[  114.936181][ T3192]  ? ___ratelimit+0x3f7/0x5a0
[  114.936211][ T3192]  dump_stack+0x19/0x20
[  114.936233][ T3192]  dump_header+0xd7/0x490
[  114.936262][ T3192]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  114.936283][ T3192]  oom_kill_process+0x4c0/0x7e0
[  114.936311][ T3192]  ? sched_clock_cpu+0x75/0x400
[  114.936334][ T3192]  out_of_memory+0x7ee/0xbd0
[  114.936370][ T3192]  ? __cfi_out_of_memory+0x10/0x10
[  114.936400][ T3192]  ? mutex_lock_killable+0x92/0x1c0
[  114.936420][ T3192]  ? __cfi_mutex_lock_killable+0x10/0x10
[  114.936442][ T3192]  mem_cgroup_out_of_memory+0x279/0x350
[  114.936468][ T3192]  ? drain_obj_stock+0xed0/0xed0
[  114.936494][ T3192]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  114.936519][ T3192]  try_charge_memcg+0x8f7/0xde0
[  114.936540][ T3192]  ? __cfi_try_charge_memcg+0x10/0x10
[  114.936560][ T3192]  ? __alloc_pages_noprof+0x30d/0x6c0
[  114.936580][ T3192]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  114.936601][ T3192]  __mem_cgroup_charge+0xf6/0x410
[  114.936623][ T3192]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  114.936647][ T3192]  ? __switch_to_asm+0x3d/0x70
[  114.936672][ T3192]  shmem_alloc_and_add_folio+0x86d/0x1050
[  114.936704][ T3192]  ? put_swap_device+0x130/0x130
[  114.936732][ T3192]  ? shmem_huge_global_enabled+0x2da/0x360
[  114.936760][ T3192]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  114.936789][ T3192]  shmem_get_folio_gfp+0x5f0/0x1380
[  114.936815][ T3192]  ? sysvec_apic_timer_interrupt+0x50/0x90
[  114.936838][ T3192]  ? shmem_get_folio+0xc0/0xc0
[  114.936862][ T3192]  ? inode_maybe_inc_iversion+0x17d/0x1e0
[  114.936883][ T3192]  ? __cfi_inode_maybe_inc_iversion+0x10/0x10
[  114.936902][ T3192]  ? inode_to_bdi+0x6d/0x100
[  114.936922][ T3192]  shmem_write_begin+0xf4/0x270
[  114.936952][ T3192]  generic_perform_write+0x32d/0x960
[  114.936977][ T3192]  ? __cfi_generic_perform_write+0x10/0x10
[  114.936999][ T3192]  ? down_write+0xe9/0x2a0
[  114.937020][ T3192]  ? mnt_get_write_access_file+0x1af/0x3b0
[  114.937054][ T3192]  ? mnt_put_write_access_file+0xc2/0x100
[  114.937074][ T3192]  ? file_update_time+0x1ef/0x220
[  114.937094][ T3192]  shmem_file_write_iter+0x105/0x130
[  114.937114][ T3192]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  114.937135][ T3192]  __kernel_write_iter+0x392/0x830
[  114.937158][ T3192]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  114.937179][ T3192]  ? __cfi___kernel_write_iter+0x10/0x10
[  114.937203][ T3192]  ? get_dump_page+0x160/0x220
[  114.937234][ T3192]  ? __asan_memset+0x39/0x50
[  114.937256][ T3192]  ? iov_iter_bvec+0xc0/0x180
[  114.937285][ T3192]  dump_user_range+0xb06/0xdf0
[  114.937309][ T3192]  ? __cfi_dump_emit+0x10/0x10
[  114.937333][ T3192]  ? __cfi_dump_user_range+0x10/0x10
[  114.937363][ T3192]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  114.937390][ T3192]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  114.937416][ T3192]  elf_core_dump+0x2cd9/0x3810
[  114.937446][ T3192]  ? __cfi_elf_core_dump+0x10/0x10
[  114.937482][ T3192]  ? dump_interrupted+0xf0/0xf0
[  114.937504][ T3192]  ? filp_open+0x182/0x1d0
[  114.937522][ T3192]  ? 0xffffffffff600000
[  114.937539][ T3192]  do_coredump+0x1bf7/0x2bd0
[  114.937564][ T3192]  ? __cfi_do_coredump+0x10/0x10
[  114.937585][ T3192]  ? asm_exc_page_fault+0x2b/0x30
[  114.937621][ T3192]  ? __kasan_slab_free+0x6a/0x80
[  114.937647][ T3192]  ? kmem_cache_free+0x1c1/0x4c0
[  114.937672][ T3192]  get_signal+0x11fd/0x14f0
[  114.937696][ T3192]  arch_do_signal_or_restart+0x96/0x720
[  114.937724][ T3192]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  114.937755][ T3192]  irqentry_exit_to_user_mode+0x4e/0xb0
[  114.937779][ T3192]  irqentry_exit+0x16/0x60
[  114.937800][ T3192]  exc_page_fault+0x66/0xc0
[  114.937821][ T3192]  asm_exc_page_fault+0x2b/0x30
[  114.937849][ T3192] RIP: 0033:0x7f7b4df8e931
[  114.937866][ T3192] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  114.937884][ T3192] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  114.937902][ T3192] RAX: 0000000000000000 RBX: 00007f7b4e1b6080 RCX: 00007f7b4df8e929
[  114.937917][ T3192] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  114.937931][ T3192] RBP: 00007f7b4e010b39 R08: 0000000000000000 R09: 0000000000000000
[  114.937944][ T3192] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  114.937957][ T3192] R13: 0000000000000001 R14: 00007f7b4e1b6080 R15: 00007ffc9e087188
[  114.937974][ T3192]  </TASK>
[  114.937982][ T3192] memory: usage 304024kB, limit 307200kB, failcnt 44839
[  114.980667][ T3652] rust_binder: Write failure EFAULT in pid:426
[  115.092813][ T3192] memory+swap: usage 423040kB, limit 9007199254740988kB, failcnt 0
[  115.372357][ T3654] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1138'.
[  115.385668][ T3192] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  115.418305][ T3654] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1138'.
[  115.426847][ T3657] binder: Unknown parameter '
'
[  115.519701][ T3192] Memory cgroup stats for /syz1:
[  115.519846][ T3192] cache 300957696
[  115.630255][ T3192] rss 237568
[  115.656363][ T3676] binder: Bad value for 'max'
[  115.684854][ T3192] rss_huge 0
[  115.726261][   T36] audit: type=1326 audit(1750634078.373:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3679 comm="syz.0.1147" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fec6c98e929 code=0x0
[  115.755866][ T3192] shmem 299147264
[  115.766196][ T3192] mapped_file 1351680
[  115.775832][   T36] audit: type=1400 audit(1750634078.403:476): avc:  denied  { ioctl } for  pid=3681 comm="syz.4.1148" path="socket:[25881]" dev="sockfs" ino=25881 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  115.810658][ T3192] dirty 0
[  115.813731][ T3192] writeback 122880
[  115.858156][   T36] audit: type=1400 audit(1750634078.503:477): avc:  denied  { mounton } for  pid=3666 comm="syz.2.1141" path="/413/file0" dev="tmpfs" ino=2227 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  115.941371][ T3192] workingset_refault_anon 34
[  115.967622][ T3192] workingset_refault_file 33130
[  115.984009][ T3192] swap 127844352
[  115.987851][ T3192] swapcached 151552
[  115.991673][ T3192] pgpgin 322777
[  116.010570][ T3192] pgpgout 249183
[  116.034722][ T3192] pgfault 69694
[  116.074709][ T3192] pgmajfault 779
[  116.105658][ T3192] inactive_anon 297136128
[  116.150090][ T3192] active_anon 2256896
[  116.179734][ T3192] inactive_file 0
[  116.213595][ T3192] active_file 1642496
[  116.236664][ T3192] unevictable 0
[  116.258291][ T3192] hierarchical_memory_limit 314572800
[  116.284711][ T3192] hierarchical_memsw_limit 9223372036854771712
[  116.291094][ T3192] total_cache 300957696
[  116.296816][ T3192] total_rss 237568
[  116.300683][ T3192] total_rss_huge 0
[  116.304475][ T3192] total_shmem 299147264
[  116.308754][ T3192] total_mapped_file 1351680
[  116.313327][ T3192] total_dirty 0
[  116.316913][ T3192] total_writeback 122880
[  116.322701][ T3192] total_workingset_refault_anon 34
[  116.328109][ T3192] total_workingset_refault_file 33130
[  116.333572][ T3192] total_swap 127844352
[  116.337711][ T3192] total_swapcached 151552
[  116.342092][ T3192] total_pgpgin 322777
[  116.346160][ T3192] total_pgpgout 249183
[  116.350258][ T3192] total_pgfault 69694
[  116.354243][ T3192] total_pgmajfault 779
[  116.358387][ T3192] total_inactive_anon 297136128
[  116.363246][ T3192] total_active_anon 2256896
[  116.367776][ T3192] total_inactive_file 0
[  116.372057][ T3192] total_active_file 1642496
[  116.376584][ T3192] total_unevictable 0
[  116.380570][ T3192] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1135,pid=3648,uid=0
[  116.395433][ T3192] Memory cgroup out of memory: Killed process 3648 (syz.1.1135) total-vm:93668kB, anon-rss:936kB, file-rss:22568kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:0
[  116.492086][ T3207] syz.1.972 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  116.551688][ T3207] CPU: 0 UID: 0 PID: 3207 Comm: syz.1.972 Not tainted 6.12.23-syzkaller-gd9fd901baa98 #0 f1acc3ef52b3e732a05c4f7a2560722db90bb473
[  116.551727][ T3207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.551741][ T3207] Call Trace:
[  116.551749][ T3207]  <TASK>
[  116.551757][ T3207]  __dump_stack+0x21/0x30
[  116.551787][ T3207]  dump_stack_lvl+0x10c/0x190
[  116.551810][ T3207]  ? __cfi_dump_stack_lvl+0x10/0x10
[  116.551834][ T3207]  ? ___ratelimit+0x3f7/0x5a0
[  116.551865][ T3207]  dump_stack+0x19/0x20
[  116.551887][ T3207]  dump_header+0xd7/0x490
[  116.551943][ T3207]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  116.551964][ T3207]  oom_kill_process+0x4c0/0x7e0
[  116.551993][ T3207]  ? sched_clock_cpu+0x75/0x400
[  116.552017][ T3207]  out_of_memory+0x7ee/0xbd0
[  116.552046][ T3207]  ? __cfi_out_of_memory+0x10/0x10
[  116.552074][ T3207]  ? mutex_lock_killable+0x92/0x1c0
[  116.552095][ T3207]  ? __cfi_mutex_lock_killable+0x10/0x10
[  116.552117][ T3207]  mem_cgroup_out_of_memory+0x279/0x350
[  116.552145][ T3207]  ? drain_obj_stock+0xed0/0xed0
[  116.552173][ T3207]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  116.552203][ T3207]  try_charge_memcg+0x8f7/0xde0
[  116.552225][ T3207]  ? gfp_to_alloc_flags_cma+0x90/0x1c0
[  116.552249][ T3207]  ? __cfi_try_charge_memcg+0x10/0x10
[  116.552271][ T3207]  ? __alloc_pages_noprof+0x30d/0x6c0
[  116.552292][ T3207]  __mem_cgroup_charge+0xf6/0x410
[  116.552315][ T3207]  ? filemap_get_entry+0x3fb/0x460
[  116.552334][ T3207]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  116.552360][ T3207]  filemap_add_folio+0x57/0x2d0
[  116.552389][ T3207]  __filemap_get_folio+0x4c2/0x7c0
[  116.552410][ T3207]  filemap_fault+0xb41/0x16b0
[  116.552432][ T3207]  ? __cfi_filemap_fault+0x10/0x10
[  116.552453][ T3207]  ? __cfi_filemap_map_pages+0x10/0x10
[  116.552473][ T3207]  ? __cfi_lru_add+0x10/0x10
[  116.552505][ T3207]  ? _raw_spin_lock+0x8c/0x120
[  116.552531][ T3207]  ? __cfi__raw_spin_lock+0x10/0x10
[  116.552558][ T3207]  do_pte_missing+0x376b/0x3e50
[  116.552592][ T3207]  ? pte_marker_clear+0x1b0/0x1b0
[  116.552620][ T3207]  ? __pte_offset_map+0x1b0/0x230
[  116.552642][ T3207]  ? pte_offset_map_rw_nolock+0xba/0x110
[  116.552665][ T3207]  handle_mm_fault+0x1166/0x1b90
[  116.552691][ T3207]  ? __kasan_check_write+0x18/0x20
[  116.552718][ T3207]  ? __cfi_handle_mm_fault+0x10/0x10
[  116.552745][ T3207]  ? follow_page_pte+0x2bd/0xb90
[  116.552766][ T3207]  ? gup_must_unshare+0x1e0/0x1e0
[  116.552785][ T3207]  ? vma_is_secretmem+0x11/0x50
[  116.552807][ T3207]  __get_user_pages+0x1169/0x22d0
[  116.552837][ T3207]  ? __kasan_check_write+0x18/0x20
[  116.552864][ T3207]  ? populate_vma_page_range+0x230/0x230
[  116.552895][ T3207]  ? __kernel_write_iter+0x65e/0x830
[  116.552926][ T3207]  get_dump_page+0x107/0x220
[  116.552956][ T3207]  ? __cfi_get_dump_page+0x10/0x10
[  116.552986][ T3207]  ? __asan_memset+0x39/0x50
[  116.553010][ T3207]  dump_user_range+0x181/0xdf0
[  116.553036][ T3207]  ? __cfi_dump_emit+0x10/0x10
[  116.553060][ T3207]  ? __cfi_dump_user_range+0x10/0x10
[  116.553085][ T3207]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  116.553113][ T3207]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  116.553141][ T3207]  elf_core_dump+0x2cd9/0x3810
[  116.553174][ T3207]  ? __cfi_elf_core_dump+0x10/0x10
[  116.553209][ T3207]  ? dump_interrupted+0xf0/0xf0
[  116.553232][ T3207]  ? filp_open+0x182/0x1d0
[  116.553251][ T3207]  ? 0xffffffffff600000
[  116.553268][ T3207]  do_coredump+0x1bf7/0x2bd0
[  116.553294][ T3207]  ? __cfi_do_coredump+0x10/0x10
[  116.553322][ T3207]  ? asm_exc_page_fault+0x2b/0x30
[  116.553371][ T3207]  ? __kasan_slab_free+0x6a/0x80
[  116.553396][ T3207]  ? kmem_cache_free+0x1c1/0x4c0
[  116.553421][ T3207]  get_signal+0x11fd/0x14f0
[  116.553445][ T3207]  arch_do_signal_or_restart+0x96/0x720
[  116.553472][ T3207]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  116.553502][ T3207]  irqentry_exit_to_user_mode+0x4e/0xb0
[  116.553524][ T3207]  irqentry_exit+0x16/0x60
[  116.553545][ T3207]  exc_page_fault+0x66/0xc0
[  116.553565][ T3207]  asm_exc_page_fault+0x2b/0x30
[  116.553592][ T3207] RIP: 0033:0x7f7b4df8e931
[  116.553608][ T3207] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  116.553625][ T3207] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  116.553643][ T3207] RAX: 0000000000000000 RBX: 00007f7b4e1b6080 RCX: 00007f7b4df8e929
[  116.553658][ T3207] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  116.553670][ T3207] RBP: 00007f7b4e010b39 R08: 0000000000000000 R09: 0000000000000000
[  116.553682][ T3207] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  116.553694][ T3207] R13: 0000000000000001 R14: 00007f7b4e1b6080 R15: 00007ffc9e087188
[  116.553710][ T3207]  </TASK>
[  116.553719][ T3207] memory: usage 307196kB, limit 307200kB, failcnt 47585
[  116.727421][ T3709] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:773
[  116.730187][ T3207] memory+swap: usage 432164kB, limit 9007199254740988kB, failcnt 0
[  117.034535][ T3207] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  117.041445][ T3207] Memory cgroup stats for /syz1:
[  117.041638][ T3207] cache 314466304
[  117.050228][ T3207] rss 106496
[  117.053417][ T3207] rss_huge 0
[  117.056737][ T3207] shmem 314449920
[  117.060375][ T3207] mapped_file 0
[  117.063821][ T3207] dirty 0
[  117.066784][ T3207] writeback 0
[  117.070069][ T3207] workingset_refault_anon 35
[  117.074647][ T3207] workingset_refault_file 36668
[  117.079515][ T3207] swap 127963136
[  117.083062][ T3207] swapcached 28672
[  117.086792][ T3207] pgpgin 330055
[  117.090267][ T3207] pgpgout 253255
[  117.093800][ T3207] pgfault 70027
[  117.097271][ T3207] pgmajfault 869
[  117.100821][ T3207] inactive_anon 214810624
[  117.105137][ T3207] active_anon 99745792
[  117.109234][ T3207] inactive_file 16384
[  117.113216][ T3207] active_file 0
[  117.116687][ T3207] unevictable 0
[  117.120149][ T3207] hierarchical_memory_limit 314572800
[  117.125509][ T3207] hierarchical_memsw_limit 9223372036854771712
[  117.131697][ T3207] total_cache 314466304
[  117.135875][ T3207] total_rss 106496
[  117.139588][ T3207] total_rss_huge 0
[  117.143298][ T3207] total_shmem 314449920
[  117.147469][ T3207] total_mapped_file 0
[  117.151451][ T3207] total_dirty 0
[  117.154906][ T3207] total_writeback 0
[  117.158737][ T3207] total_workingset_refault_anon 35
[  117.163854][ T3207] total_workingset_refault_file 36668
[  117.169254][ T3207] total_swap 127963136
[  117.173329][ T3207] total_swapcached 28672
[  117.177596][ T3207] total_pgpgin 330055
[  117.181581][ T3207] total_pgpgout 253255
[  117.185666][ T3207] total_pgfault 70027
[  117.189650][ T3207] total_pgmajfault 869
[  117.193705][ T3207] total_inactive_anon 214810624
[  117.198593][ T3207] total_active_anon 99745792
[  117.203183][ T3207] total_inactive_file 16384
[  117.207703][ T3207] total_active_file 0
[  117.211686][ T3207] total_unevictable 0
[  117.215679][ T3207] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.972,pid=3214,uid=0
[  117.230500][ T3207] Memory cgroup out of memory: Killed process 3214 (syz.1.972) total-vm:90092kB, anon-rss:944kB, file-rss:22092kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:0
[  117.275092][ T3234] syz.1.972 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  117.325089][ T3234] CPU: 0 UID: 0 PID: 3234 Comm: syz.1.972 Not tainted 6.12.23-syzkaller-gd9fd901baa98 #0 f1acc3ef52b3e732a05c4f7a2560722db90bb473
[  117.325127][ T3234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  117.325140][ T3234] Call Trace:
[  117.325147][ T3234]  <TASK>
[  117.325156][ T3234]  __dump_stack+0x21/0x30
[  117.325184][ T3234]  dump_stack_lvl+0x10c/0x190
[  117.325208][ T3234]  ? __cfi_dump_stack_lvl+0x10/0x10
[  117.325232][ T3234]  ? ___ratelimit+0x3f7/0x5a0
[  117.325262][ T3234]  dump_stack+0x19/0x20
[  117.325284][ T3234]  dump_header+0xd7/0x490
[  117.325314][ T3234]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  117.325335][ T3234]  oom_kill_process+0x4c0/0x7e0
[  117.325383][ T3234]  ? sched_clock_cpu+0x75/0x400
[  117.325408][ T3234]  out_of_memory+0x7ee/0xbd0
[  117.325437][ T3234]  ? __cfi_out_of_memory+0x10/0x10
[  117.325468][ T3234]  ? mutex_lock_killable+0x104/0x1c0
[  117.325490][ T3234]  ? __cfi_mutex_lock_killable+0x10/0x10
[  117.325512][ T3234]  mem_cgroup_out_of_memory+0x279/0x350
[  117.325538][ T3234]  ? drain_obj_stock+0xed0/0xed0
[  117.325566][ T3234]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  117.325591][ T3234]  try_charge_memcg+0x8f7/0xde0
[  117.325612][ T3234]  ? gfp_to_alloc_flags_cma+0x90/0x1c0
[  117.325643][ T3234]  ? __cfi_try_charge_memcg+0x10/0x10
[  117.325664][ T3234]  ? __alloc_pages_noprof+0x30d/0x6c0
[  117.325683][ T3234]  __mem_cgroup_charge+0xf6/0x410
[  117.325707][ T3234]  ? filemap_get_entry+0x3fb/0x460
[  117.325727][ T3234]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  117.325753][ T3234]  filemap_add_folio+0x57/0x2d0
[  117.325784][ T3234]  __filemap_get_folio+0x4c2/0x7c0
[  117.325805][ T3234]  filemap_fault+0xb41/0x16b0
[  117.325827][ T3234]  ? __cfi_filemap_fault+0x10/0x10
[  117.325847][ T3234]  ? __cfi_filemap_map_pages+0x10/0x10
[  117.325868][ T3234]  ? __cfi_lru_add+0x10/0x10
[  117.325905][ T3234]  ? _raw_spin_lock+0x8c/0x120
[  117.325931][ T3234]  ? __cfi__raw_spin_lock+0x10/0x10
[  117.325958][ T3234]  do_pte_missing+0x376b/0x3e50
[  117.325992][ T3234]  ? pte_marker_clear+0x1b0/0x1b0
[  117.326021][ T3234]  ? __pte_offset_map+0x1b0/0x230
[  117.326043][ T3234]  ? pte_offset_map_rw_nolock+0xba/0x110
[  117.326066][ T3234]  handle_mm_fault+0x1166/0x1b90
[  117.326093][ T3234]  ? __kasan_check_write+0x18/0x20
[  117.326119][ T3234]  ? __cfi_handle_mm_fault+0x10/0x10
[  117.326148][ T3234]  ? follow_page_pte+0x2bd/0xb90
[  117.326169][ T3234]  ? gup_must_unshare+0x1e0/0x1e0
[  117.326188][ T3234]  ? vma_is_secretmem+0x11/0x50
[  117.326209][ T3234]  __get_user_pages+0x1169/0x22d0
[  117.326240][ T3234]  ? __kasan_check_write+0x18/0x20
[  117.326266][ T3234]  ? populate_vma_page_range+0x230/0x230
[  117.326297][ T3234]  ? __kernel_write_iter+0x65e/0x830
[  117.326323][ T3234]  get_dump_page+0x107/0x220
[  117.326353][ T3234]  ? __cfi_get_dump_page+0x10/0x10
[  117.326383][ T3234]  ? __asan_memset+0x39/0x50
[  117.326407][ T3234]  dump_user_range+0x181/0xdf0
[  117.326433][ T3234]  ? __cfi_dump_emit+0x10/0x10
[  117.326458][ T3234]  ? __cfi_dump_user_range+0x10/0x10
[  117.326484][ T3234]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  117.326512][ T3234]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  117.326541][ T3234]  elf_core_dump+0x2cd9/0x3810
[  117.326573][ T3234]  ? __cfi_elf_core_dump+0x10/0x10
[  117.326612][ T3234]  ? dump_interrupted+0xf0/0xf0
[  117.326635][ T3234]  ? filp_open+0x182/0x1d0
[  117.326655][ T3234]  ? 0xffffffffff600000
[  117.326673][ T3234]  do_coredump+0x1bf7/0x2bd0
[  117.326700][ T3234]  ? __cfi_do_coredump+0x10/0x10
[  117.326724][ T3234]  ? asm_exc_page_fault+0x2b/0x30
[  117.326763][ T3234]  ? __kasan_slab_free+0x6a/0x80
[  117.326790][ T3234]  ? kmem_cache_free+0x1c1/0x4c0
[  117.326816][ T3234]  get_signal+0x11fd/0x14f0
[  117.326841][ T3234]  arch_do_signal_or_restart+0x96/0x720
[  117.326870][ T3234]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  117.326908][ T3234]  ? fpregs_restore_userregs+0x11d/0x260
[  117.326941][ T3234]  irqentry_exit_to_user_mode+0x4e/0xb0
[  117.326965][ T3234]  irqentry_exit+0x16/0x60
[  117.326987][ T3234]  exc_page_fault+0x66/0xc0
[  117.327009][ T3234]  asm_exc_page_fault+0x2b/0x30
[  117.327038][ T3234] RIP: 0033:0x7f7b4df8e931
[  117.327056][ T3234] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  117.327075][ T3234] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  117.327095][ T3234] RAX: 0000000000000000 RBX: 00007f7b4e1b6080 RCX: 00007f7b4df8e929
[  117.327111][ T3234] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  117.327125][ T3234] RBP: 00007f7b4e010b39 R08: 0000000000000000 R09: 0000000000000000
[  117.327141][ T3234] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  117.327154][ T3234] R13: 0000000000000001 R14: 00007f7b4e1b6080 R15: 00007ffc9e087188
[  117.327171][ T3234]  </TASK>
[  117.788738][ T3234] memory: usage 280572kB, limit 307200kB, failcnt 48092
[  117.795840][ T3234] memory+swap: usage 405440kB, limit 9007199254740988kB, failcnt 0
[  117.803758][ T3234] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  117.810670][ T3234] Memory cgroup stats for /syz1:
[  117.810799][ T3234] cache 287903744
[  117.819405][ T3234] rss 73728
[  117.822527][ T3234] rss_huge 0
[  117.825770][ T3234] shmem 282943488
[  117.829428][ T3234] mapped_file 4308992
[  117.833421][ T3234] dirty 4096
[  117.836683][ T3234] writeback 32768
[  117.840324][ T3234] workingset_refault_anon 35
[  117.844920][ T3234] workingset_refault_file 39386
[  117.849822][ T3234] swap 127946752
[  117.853390][ T3234] swapcached 49152
[  117.857167][ T3234] pgpgin 336029
[  117.860639][ T3234] pgpgout 265714
[  117.864204][ T3234] pgfault 70327
[  117.867701][ T3234] pgmajfault 883
[  117.871252][ T3234] inactive_anon 263110656
[  117.875586][ T3234] active_anon 19124224
[  117.879703][ T3234] inactive_file 0
[  117.883370][ T3234] active_file 4960256
[  117.887400][ T3234] unevictable 0
[  117.890874][ T3234] hierarchical_memory_limit 314572800
[  117.896287][ T3234] hierarchical_memsw_limit 9223372036854771712
[  117.902452][ T3234] total_cache 287903744
[  117.906665][ T3234] total_rss 73728
[  117.910306][ T3234] total_rss_huge 0
[  117.914031][ T3234] total_shmem 282943488
[  117.918242][ T3234] total_mapped_file 4308992
[  117.922754][ T3234] total_dirty 4096
[  117.926526][ T3234] total_writeback 32768
[  117.930690][ T3234] total_workingset_refault_anon 35
[  117.935887][ T3234] total_workingset_refault_file 39386
[  117.941408][ T3234] total_swap 127946752
[  117.945487][ T3234] total_swapcached 49152
[  117.949860][ T3234] total_pgpgin 336029
[  117.953913][ T3234] total_pgpgout 265714
[  117.958030][ T3234] total_pgfault 70327
[  117.962022][ T3234] total_pgmajfault 883
[  117.966127][ T3234] total_inactive_anon 263110656
[  117.970982][ T3234] total_active_anon 19124224
[  117.975582][ T3234] total_inactive_file 0
[  117.979780][ T3234] total_active_file 4960256
[  117.984290][ T3234] total_unevictable 0
[  117.988324][ T3234] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.972,pid=3192,uid=0
[  118.003138][ T3234] Memory cgroup out of memory: Killed process 3192 (syz.1.972) total-vm:89960kB, anon-rss:944kB, file-rss:22036kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:0
[  118.245681][ T3207] syz.1.972 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  118.337590][ T3207] CPU: 1 UID: 0 PID: 3207 Comm: syz.1.972 Not tainted 6.12.23-syzkaller-gd9fd901baa98 #0 f1acc3ef52b3e732a05c4f7a2560722db90bb473
[  118.337628][ T3207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.337642][ T3207] Call Trace:
[  118.337650][ T3207]  <TASK>
[  118.337659][ T3207]  __dump_stack+0x21/0x30
[  118.337690][ T3207]  dump_stack_lvl+0x10c/0x190
[  118.337715][ T3207]  ? __cfi_dump_stack_lvl+0x10/0x10
[  118.337739][ T3207]  ? ___ratelimit+0x3f7/0x5a0
[  118.337772][ T3207]  dump_stack+0x19/0x20
[  118.337794][ T3207]  dump_header+0xd7/0x490
[  118.337845][ T3207]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  118.337866][ T3207]  oom_kill_process+0x4c0/0x7e0
[  118.337897][ T3207]  ? sched_clock_cpu+0x75/0x400
[  118.337921][ T3207]  out_of_memory+0x7ee/0xbd0
[  118.337952][ T3207]  ? __cfi_out_of_memory+0x10/0x10
[  118.337982][ T3207]  ? mutex_lock_killable+0x104/0x1c0
[  118.338010][ T3207]  ? __cfi_mutex_lock_killable+0x10/0x10
[  118.338034][ T3207]  mem_cgroup_out_of_memory+0x279/0x350
[  118.338062][ T3207]  ? drain_obj_stock+0xed0/0xed0
[  118.338089][ T3207]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  118.338115][ T3207]  try_charge_memcg+0x8f7/0xde0
[  118.338138][ T3207]  ? gfp_to_alloc_flags_cma+0x90/0x1c0
[  118.338164][ T3207]  ? __cfi_try_charge_memcg+0x10/0x10
[  118.338187][ T3207]  ? __alloc_pages_noprof+0x30d/0x6c0
[  118.338209][ T3207]  __mem_cgroup_charge+0xf6/0x410
[  118.338233][ T3207]  ? filemap_get_entry+0x3fb/0x460
[  118.338252][ T3207]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  118.338279][ T3207]  filemap_add_folio+0x57/0x2d0
[  118.338310][ T3207]  __filemap_get_folio+0x4c2/0x7c0
[  118.338333][ T3207]  filemap_fault+0xb41/0x16b0
[  118.338355][ T3207]  ? __cfi_filemap_fault+0x10/0x10
[  118.338377][ T3207]  ? __cfi_filemap_map_pages+0x10/0x10
[  118.338398][ T3207]  ? __cfi_lru_add+0x10/0x10
[  118.338429][ T3207]  ? _raw_spin_lock+0x8c/0x120
[  118.338455][ T3207]  ? __cfi__raw_spin_lock+0x10/0x10
[  118.338482][ T3207]  do_pte_missing+0x376b/0x3e50
[  118.338516][ T3207]  ? pte_marker_clear+0x1b0/0x1b0
[  118.338546][ T3207]  ? __pte_offset_map+0x1b0/0x230
[  118.338569][ T3207]  ? pte_offset_map_rw_nolock+0xba/0x110
[  118.338592][ T3207]  handle_mm_fault+0x1166/0x1b90
[  118.338620][ T3207]  ? __kasan_check_write+0x18/0x20
[  118.338647][ T3207]  ? __cfi_handle_mm_fault+0x10/0x10
[  118.338676][ T3207]  ? follow_page_pte+0x2bd/0xb90
[  118.338698][ T3207]  ? gup_must_unshare+0x1e0/0x1e0
[  118.338718][ T3207]  ? vma_is_secretmem+0x11/0x50
[  118.338740][ T3207]  __get_user_pages+0x1169/0x22d0
[  118.338773][ T3207]  ? __kasan_check_write+0x18/0x20
[  118.338801][ T3207]  ? populate_vma_page_range+0x230/0x230
[  118.338832][ T3207]  ? __kernel_write_iter+0x65e/0x830
[  118.338858][ T3207]  get_dump_page+0x107/0x220
[  118.338890][ T3207]  ? __cfi_get_dump_page+0x10/0x10
[  118.338923][ T3207]  ? __asan_memset+0x39/0x50
[  118.338947][ T3207]  dump_user_range+0x181/0xdf0
[  118.338974][ T3207]  ? __cfi_dump_emit+0x10/0x10
[  118.338999][ T3207]  ? __cfi_dump_user_range+0x10/0x10
[  118.339033][ T3207]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  118.339060][ T3207]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  118.339089][ T3207]  elf_core_dump+0x2cd9/0x3810
[  118.339136][ T3207]  ? __cfi_elf_core_dump+0x10/0x10
[  118.339171][ T3207]  ? dump_interrupted+0xf0/0xf0
[  118.339194][ T3207]  ? filp_open+0x182/0x1d0
[  118.339214][ T3207]  ? 0xffffffffff600000
[  118.339230][ T3207]  do_coredump+0x1bf7/0x2bd0
[  118.339257][ T3207]  ? __cfi_do_coredump+0x10/0x10
[  118.339279][ T3207]  ? asm_exc_page_fault+0x2b/0x30
[  118.339317][ T3207]  ? __kasan_slab_free+0x6a/0x80
[  118.339362][ T3207]  ? kmem_cache_free+0x1c1/0x4c0
[  118.339389][ T3207]  get_signal+0x11fd/0x14f0
[  118.339414][ T3207]  arch_do_signal_or_restart+0x96/0x720
[  118.339443][ T3207]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  118.339475][ T3207]  irqentry_exit_to_user_mode+0x4e/0xb0
[  118.339499][ T3207]  irqentry_exit+0x16/0x60
[  118.339522][ T3207]  exc_page_fault+0x66/0xc0
[  118.339545][ T3207]  asm_exc_page_fault+0x2b/0x30
[  118.339574][ T3207] RIP: 0033:0x7f7b4df8e931
[  118.339592][ T3207] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  118.339610][ T3207] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  118.339631][ T3207] RAX: 0000000000000000 RBX: 00007f7b4e1b6080 RCX: 00007f7b4df8e929
[  118.339647][ T3207] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  118.339661][ T3207] RBP: 00007f7b4e010b39 R08: 0000000000000000 R09: 0000000000000000
[  118.339675][ T3207] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  118.339689][ T3207] R13: 0000000000000001 R14: 00007f7b4e1b6080 R15: 00007ffc9e087188
[  118.339707][ T3207]  </TASK>
[  118.339716][ T3207] memory: usage 307108kB, limit 307200kB, failcnt 49048
[  118.804583][ T3207] memory+swap: usage 431996kB, limit 9007199254740988kB, failcnt 0
[  118.813544][ T3207] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  118.820484][ T3207] Memory cgroup stats for /syz1:
[  118.820740][ T3207] cache 314236928
[  118.829348][ T3207] rss 98304
[  118.832471][ T3207] rss_huge 0
[  118.835709][ T3207] shmem 313716736
[  118.839350][ T3207] mapped_file 196608
[  118.843257][ T3207] dirty 0
[  118.846230][ T3207] writeback 176128
[  118.849969][ T3207] workingset_refault_anon 42
[  118.854565][ T3207] workingset_refault_file 43699
[  118.859452][ T3207] swap 127791104
[  118.863007][ T3207] swapcached 204800
[  118.866852][ T3207] pgpgin 356860
[  118.870320][ T3207] pgpgout 280060
[  118.873869][ T3207] pgfault 71188
[  118.877363][ T3207] pgmajfault 915
[  118.880921][ T3207] inactive_anon 128106496
[  118.885260][ T3207] active_anon 185098240
[  118.891720][ T3207] inactive_file 0
[  118.895407][ T3207] active_file 319488
[  118.929151][ T3207] unevictable 0
[  118.932675][ T3207] hierarchical_memory_limit 314572800
[  118.965605][ T3207] hierarchical_memsw_limit 9223372036854771712
[  118.971841][ T3207] total_cache 314236928
[  118.989265][ T3207] total_rss 98304
[  118.993249][ T3207] total_rss_huge 0
[  119.005714][ T3207] total_shmem 313716736
[  119.009906][ T3207] total_mapped_file 196608
[  119.014345][ T3207] total_dirty 0
[  119.035648][ T3207] total_writeback 176128
[  119.039948][ T3207] total_workingset_refault_anon 42
[  119.045060][ T3207] total_workingset_refault_file 43699
[  119.051116][ T3207] total_swap 127791104
[  119.055199][ T3207] total_swapcached 204800
[  119.059695][ T3207] total_pgpgin 356860
[  119.063679][ T3207] total_pgpgout 280060
[  119.067969][ T3207] total_pgfault 71188
[  119.071971][ T3207] total_pgmajfault 915
[  119.076222][ T3207] total_inactive_anon 128106496
[  119.081079][ T3207] total_active_anon 185098240
[  119.085941][ T3207] total_inactive_file 0
[  119.090105][ T3207] total_active_file 319488
[  119.094525][ T3207] total_unevictable 0
[  119.098747][ T3207] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.972,pid=3218,uid=0
[  119.113667][ T3207] Memory cgroup out of memory: Killed process 3218 (syz.1.972) total-vm:90092kB, anon-rss:916kB, file-rss:22012kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:0
[  119.238829][ T3206] syz.1.972 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  119.335687][ T3206] CPU: 0 UID: 0 PID: 3206 Comm: syz.1.972 Not tainted 6.12.23-syzkaller-gd9fd901baa98 #0 f1acc3ef52b3e732a05c4f7a2560722db90bb473
[  119.335723][ T3206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  119.335735][ T3206] Call Trace:
[  119.335743][ T3206]  <TASK>
[  119.335751][ T3206]  __dump_stack+0x21/0x30
[  119.335779][ T3206]  dump_stack_lvl+0x10c/0x190
[  119.335802][ T3206]  ? __cfi_dump_stack_lvl+0x10/0x10
[  119.335824][ T3206]  ? ___ratelimit+0x3f7/0x5a0
[  119.335853][ T3206]  dump_stack+0x19/0x20
[  119.335876][ T3206]  dump_header+0xd7/0x490
[  119.335905][ T3206]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  119.335926][ T3206]  oom_kill_process+0x4c0/0x7e0
[  119.335955][ T3206]  ? sched_clock_cpu+0x75/0x400
[  119.335980][ T3206]  out_of_memory+0x7ee/0xbd0
[  119.336010][ T3206]  ? __cfi_out_of_memory+0x10/0x10
[  119.336039][ T3206]  ? mutex_lock_killable+0x104/0x1c0
[  119.336060][ T3206]  ? __cfi_mutex_lock_killable+0x10/0x10
[  119.336083][ T3206]  mem_cgroup_out_of_memory+0x279/0x350
[  119.336110][ T3206]  ? drain_obj_stock+0xed0/0xed0
[  119.336136][ T3206]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  119.336163][ T3206]  try_charge_memcg+0x8f7/0xde0
[  119.336184][ T3206]  ? gfp_to_alloc_flags_cma+0x90/0x1c0
[  119.336209][ T3206]  ? __cfi_try_charge_memcg+0x10/0x10
[  119.336231][ T3206]  ? __alloc_pages_noprof+0x30d/0x6c0
[  119.336252][ T3206]  __mem_cgroup_charge+0xf6/0x410
[  119.336275][ T3206]  ? filemap_get_entry+0x3fb/0x460
[  119.336295][ T3206]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  119.336339][ T3206]  filemap_add_folio+0x57/0x2d0
[  119.336370][ T3206]  __filemap_get_folio+0x4c2/0x7c0
[  119.336392][ T3206]  filemap_fault+0xb41/0x16b0
[  119.336415][ T3206]  ? __cfi_filemap_fault+0x10/0x10
[  119.336437][ T3206]  ? __cfi_filemap_map_pages+0x10/0x10
[  119.336458][ T3206]  ? __cfi_lru_add+0x10/0x10
[  119.336489][ T3206]  ? _raw_spin_lock+0x8c/0x120
[  119.336516][ T3206]  ? __cfi__raw_spin_lock+0x10/0x10
[  119.336544][ T3206]  do_pte_missing+0x376b/0x3e50
[  119.336578][ T3206]  ? pte_marker_clear+0x1b0/0x1b0
[  119.336608][ T3206]  ? __pte_offset_map+0x1b0/0x230
[  119.336631][ T3206]  ? pte_offset_map_rw_nolock+0xba/0x110
[  119.336654][ T3206]  handle_mm_fault+0x1166/0x1b90
[  119.336688][ T3206]  ? __kasan_check_write+0x18/0x20
[  119.336715][ T3206]  ? __cfi_handle_mm_fault+0x10/0x10
[  119.336745][ T3206]  ? follow_page_pte+0x2bd/0xb90
[  119.336767][ T3206]  ? gup_must_unshare+0x1e0/0x1e0
[  119.336788][ T3206]  ? vma_is_secretmem+0x11/0x50
[  119.336810][ T3206]  __get_user_pages+0x1169/0x22d0
[  119.336842][ T3206]  ? __kasan_check_write+0x18/0x20
[  119.336871][ T3206]  ? populate_vma_page_range+0x230/0x230
[  119.336908][ T3206]  ? __kernel_write_iter+0x65e/0x830
[  119.336935][ T3206]  get_dump_page+0x107/0x220
[  119.336967][ T3206]  ? __cfi_get_dump_page+0x10/0x10
[  119.336997][ T3206]  ? __asan_memset+0x39/0x50
[  119.337022][ T3206]  dump_user_range+0x181/0xdf0
[  119.337048][ T3206]  ? __cfi_dump_emit+0x10/0x10
[  119.337073][ T3206]  ? __cfi_dump_user_range+0x10/0x10
[  119.337100][ T3206]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  119.337127][ T3206]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  119.337155][ T3206]  elf_core_dump+0x2cd9/0x3810
[  119.337190][ T3206]  ? __cfi_elf_core_dump+0x10/0x10
[  119.337227][ T3206]  ? dump_interrupted+0xf0/0xf0
[  119.337251][ T3206]  ? filp_open+0x182/0x1d0
[  119.337271][ T3206]  ? 0xffffffffff600000
[  119.337290][ T3206]  do_coredump+0x1bf7/0x2bd0
[  119.337317][ T3206]  ? __cfi_do_coredump+0x10/0x10
[  119.337339][ T3206]  ? asm_exc_page_fault+0x2b/0x30
[  119.337377][ T3206]  ? __kasan_slab_free+0x6a/0x80
[  119.337406][ T3206]  ? kmem_cache_free+0x1c1/0x4c0
[  119.337433][ T3206]  get_signal+0x11fd/0x14f0
[  119.337458][ T3206]  arch_do_signal_or_restart+0x96/0x720
[  119.337500][ T3206]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  119.337532][ T3206]  irqentry_exit_to_user_mode+0x4e/0xb0
[  119.337555][ T3206]  irqentry_exit+0x16/0x60
[  119.337577][ T3206]  exc_page_fault+0x66/0xc0
[  119.337598][ T3206]  asm_exc_page_fault+0x2b/0x30
[  119.337626][ T3206] RIP: 0033:0x7f7b4df8e931
[  119.337643][ T3206] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  119.337661][ T3206] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  119.337687][ T3206] RAX: 0000000000000000 RBX: 00007f7b4e1b6080 RCX: 00007f7b4df8e929
[  119.337709][ T3206] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  119.337723][ T3206] RBP: 00007f7b4e010b39 R08: 0000000000000000 R09: 0000000000000000
[  119.337737][ T3206] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  119.337750][ T3206] R13: 0000000000000001 R14: 00007f7b4e1b6080 R15: 00007ffc9e087188
[  119.337767][ T3206]  </TASK>
[  119.337776][ T3206] memory: usage 306208kB, limit 307200kB, failcnt 55357
[  119.801039][ T3206] memory+swap: usage 432016kB, limit 9007199254740988kB, failcnt 0
[  119.845655][ T3206] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  119.852569][ T3206] Memory cgroup stats for /syz1:
[  119.852718][ T3206] cache 314146816
[  119.925160][ T3206] rss 81920
[  119.949062][ T3206] rss_huge 0
[  119.952352][ T3206] shmem 313470976
[  120.002322][ T3206] mapped_file 471040
[  120.030813][ T3206] dirty 0
[  120.033811][ T3206] writeback 159744
[  120.067411][ T3206] workingset_refault_anon 47
[  120.072059][ T3206] workingset_refault_file 47879
[  120.132048][ T3206] swap 127815680
[  120.147648][ T3206] swapcached 180224
[  120.151580][ T3206] pgpgin 366942
[  120.155053][ T3206] pgpgout 290158
[  120.188470][ T3206] pgfault 71565
[  120.191977][ T3206] pgmajfault 988
[  120.195534][ T3206] inactive_anon 152248320
[  120.207071][ T3206] active_anon 160411648
[  120.211262][ T3206] inactive_file 262144
[  120.215346][ T3206] active_file 0
[  120.228620][ T3206] unevictable 0
[  120.232108][ T3206] hierarchical_memory_limit 314572800
[  120.237541][ T3206] hierarchical_memsw_limit 9223372036854771712
[  120.243728][ T3206] total_cache 314146816
[  120.247903][ T3206] total_rss 81920
[  120.251534][ T3206] total_rss_huge 0
[  120.255240][ T3206] total_shmem 313470976
[  120.259417][ T3206] total_mapped_file 471040
[  120.263840][ T3206] total_dirty 0
[  120.267313][ T3206] total_writeback 159744
[  120.271554][ T3206] total_workingset_refault_anon 47
[  120.276716][ T3206] total_workingset_refault_file 47879
[  120.282100][ T3206] total_swap 127815680
[  120.286184][ T3206] total_swapcached 180224
[  120.290517][ T3206] total_pgpgin 366942
[  120.294482][ T3206] total_pgpgout 290158
[  120.298564][ T3206] total_pgfault 71565
[  120.302545][ T3206] total_pgmajfault 988
[  120.306654][ T3206] total_inactive_anon 152248320
[  120.311511][ T3206] total_active_anon 160411648
[  120.316220][ T3206] total_inactive_file 262144
[  120.320816][ T3206] total_active_file 0
[  120.324784][ T3206] total_unevictable 0
[  120.328796][ T3206] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.972,pid=3197,uid=0
[  120.343588][ T3206] Memory cgroup out of memory: Killed process 3197 (syz.1.972) total-vm:89960kB, anon-rss:944kB, file-rss:22052kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:0
[  120.464739][ T3239] syz.1.972 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  120.545677][ T3239] CPU: 1 UID: 0 PID: 3239 Comm: syz.1.972 Not tainted 6.12.23-syzkaller-gd9fd901baa98 #0 f1acc3ef52b3e732a05c4f7a2560722db90bb473
[  120.545718][ T3239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.545732][ T3239] Call Trace:
[  120.545739][ T3239]  <TASK>
[  120.545748][ T3239]  __dump_stack+0x21/0x30
[  120.545777][ T3239]  dump_stack_lvl+0x10c/0x190
[  120.545799][ T3239]  ? __cfi_dump_stack_lvl+0x10/0x10
[  120.545823][ T3239]  ? ___ratelimit+0x3f7/0x5a0
[  120.545855][ T3239]  dump_stack+0x19/0x20
[  120.545886][ T3239]  dump_header+0xd7/0x490
[  120.545917][ T3239]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  120.545938][ T3239]  oom_kill_process+0x4c0/0x7e0
[  120.545968][ T3239]  ? sched_clock_cpu+0x75/0x400
[  120.545992][ T3239]  out_of_memory+0x7ee/0xbd0
[  120.546022][ T3239]  ? __cfi_out_of_memory+0x10/0x10
[  120.546052][ T3239]  ? mutex_lock_killable+0x92/0x1c0
[  120.546073][ T3239]  ? __cfi_mutex_lock_killable+0x10/0x10
[  120.546096][ T3239]  mem_cgroup_out_of_memory+0x279/0x350
[  120.546122][ T3239]  ? drain_obj_stock+0xed0/0xed0
[  120.546149][ T3239]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  120.546175][ T3239]  try_charge_memcg+0x8f7/0xde0
[  120.546196][ T3239]  ? set_pte_range+0x441/0x660
[  120.546224][ T3239]  ? __cfi_try_charge_memcg+0x10/0x10
[  120.546246][ T3239]  ? __alloc_pages_noprof+0x30d/0x6c0
[  120.546267][ T3239]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  120.546290][ T3239]  __mem_cgroup_charge+0xf6/0x410
[  120.546314][ T3239]  ? __cfi_folio_unlock+0x10/0x10
[  120.546346][ T3239]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  120.546372][ T3239]  shmem_alloc_and_add_folio+0x86d/0x1050
[  120.546405][ T3239]  ? put_swap_device+0x130/0x130
[  120.546452][ T3239]  ? shmem_huge_global_enabled+0x2da/0x360
[  120.546483][ T3239]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  120.546513][ T3239]  ? __kasan_check_write+0x18/0x20
[  120.546536][ T3239]  ? _raw_spin_lock+0x8c/0x120
[  120.546564][ T3239]  shmem_get_folio_gfp+0x5f0/0x1380
[  120.546594][ T3239]  ? shmem_get_folio+0xc0/0xc0
[  120.546621][ T3239]  ? follow_page_pte+0xa5c/0xb90
[  120.546642][ T3239]  ? inode_to_bdi+0x6d/0x100
[  120.546664][ T3239]  shmem_write_begin+0xf4/0x270
[  120.546695][ T3239]  generic_perform_write+0x32d/0x960
[  120.546722][ T3239]  ? __cfi_generic_perform_write+0x10/0x10
[  120.546747][ T3239]  ? down_write+0xe9/0x2a0
[  120.546771][ T3239]  ? file_update_time+0xa3/0x220
[  120.546793][ T3239]  shmem_file_write_iter+0x105/0x130
[  120.546816][ T3239]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  120.546838][ T3239]  __kernel_write_iter+0x392/0x830
[  120.546869][ T3239]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  120.546892][ T3239]  ? __cfi___kernel_write_iter+0x10/0x10
[  120.546916][ T3239]  ? get_dump_page+0x160/0x220
[  120.546949][ T3239]  ? __asan_memset+0x39/0x50
[  120.546973][ T3239]  ? iov_iter_bvec+0xc0/0x180
[  120.547003][ T3239]  dump_user_range+0xb06/0xdf0
[  120.547030][ T3239]  ? __cfi_dump_emit+0x10/0x10
[  120.547054][ T3239]  ? __cfi_dump_user_range+0x10/0x10
[  120.547080][ T3239]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  120.547108][ T3239]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  120.547138][ T3239]  elf_core_dump+0x2cd9/0x3810
[  120.547172][ T3239]  ? __cfi_elf_core_dump+0x10/0x10
[  120.547211][ T3239]  ? dump_interrupted+0xf0/0xf0
[  120.547236][ T3239]  ? filp_open+0x182/0x1d0
[  120.547256][ T3239]  ? 0xffffffffff600000
[  120.547274][ T3239]  do_coredump+0x1bf7/0x2bd0
[  120.547303][ T3239]  ? __cfi_do_coredump+0x10/0x10
[  120.547326][ T3239]  ? asm_exc_page_fault+0x2b/0x30
[  120.547365][ T3239]  ? __kasan_slab_free+0x6a/0x80
[  120.547394][ T3239]  ? kmem_cache_free+0x1c1/0x4c0
[  120.547421][ T3239]  get_signal+0x11fd/0x14f0
[  120.547447][ T3239]  arch_do_signal_or_restart+0x96/0x720
[  120.547476][ T3239]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  120.547508][ T3239]  irqentry_exit_to_user_mode+0x4e/0xb0
[  120.547531][ T3239]  irqentry_exit+0x16/0x60
[  120.547553][ T3239]  exc_page_fault+0x66/0xc0
[  120.547576][ T3239]  asm_exc_page_fault+0x2b/0x30
[  120.547606][ T3239] RIP: 0033:0x7f7b4df8e931
[  120.547640][ T3239] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  120.547658][ T3239] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  120.547677][ T3239] RAX: 0000000000000000 RBX: 00007f7b4e1b6080 RCX: 00007f7b4df8e929
[  120.547693][ T3239] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  120.547707][ T3239] RBP: 00007f7b4e010b39 R08: 0000000000000000 R09: 0000000000000000
[  120.547720][ T3239] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  120.547733][ T3239] R13: 0000000000000001 R14: 00007f7b4e1b6080 R15: 00007ffc9e087188
[  120.547751][ T3239]  </TASK>
[  120.547759][ T3239] memory: usage 306800kB, limit 307200kB, failcnt 61369
[  121.021447][ T3239] memory+swap: usage 423736kB, limit 9007199254740988kB, failcnt 0
[  121.029403][ T3239] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  121.036282][ T3239] Memory cgroup stats for /syz1:
[  121.036427][ T3239] cache 304156672
[  121.045080][ T3239] rss 57344
[  121.048228][ T3239] rss_huge 0
[  121.051507][ T3239] shmem 301432832
[  121.055150][ T3239] mapped_file 2519040
[  121.059242][ T3239] dirty 0
[  121.062383][ T3239] writeback 389120
[  121.066159][ T3239] workingset_refault_anon 49
[  121.070759][ T3239] workingset_refault_file 54671
[  121.075671][ T3239] swap 127356928
[  121.079231][ T3239] swapcached 638976
[  121.083045][ T3239] pgpgin 382183
[  121.086751][ T3239] pgpgout 307725
[  121.090317][ T3239] pgfault 72170
[  121.093787][ T3239] pgmajfault 1094
[  121.097721][ T3239] inactive_anon 171212800
[  121.102083][ T3239] active_anon 130588672
[  121.128338][ T3239] inactive_file 0
[  121.145539][ T3239] active_file 2076672
[  121.175659][ T3239] unevictable 0
[  121.179162][ T3239] hierarchical_memory_limit 314572800
[  121.184540][ T3239] hierarchical_memsw_limit 9223372036854771712
[  121.245661][ T3239] total_cache 304156672
[  121.249865][ T3239] total_rss 57344
[  121.253590][ T3239] total_rss_huge 0
[  121.305664][ T3239] total_shmem 301432832
[  121.310271][ T3239] total_mapped_file 2519040
[  121.314788][ T3239] total_dirty 0
[  121.333008][ T3239] total_writeback 389120
[  121.345664][ T3239] total_workingset_refault_anon 49
[  121.350863][ T3239] total_workingset_refault_file 54671
[  121.391605][ T3239] total_swap 127356928
[  121.405675][ T3239] total_swapcached 638976
[  121.410048][ T3239] total_pgpgin 382183
[  121.414039][ T3239] total_pgpgout 307725
[  121.460138][ T3239] total_pgfault 72170
[  121.464253][ T3239] total_pgmajfault 1094
[  121.515655][ T3239] total_inactive_anon 171212800
[  121.520557][ T3239] total_active_anon 130588672
[  121.525333][ T3239] total_inactive_file 0
[  121.565656][ T3239] total_active_file 2076672
[  121.570296][ T3239] total_unevictable 0
[  121.574289][ T3239] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.972,pid=3191,uid=0
[  121.615667][ T3239] Memory cgroup out of memory: OOM victim 3191 (syz.1.972) is already exiting. Skip killing the task
[  122.127809][ T3716] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1161'.
[  122.550612][ T3746] syz.1.1167 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  122.599534][ T3746] CPU: 0 UID: 0 PID: 3746 Comm: syz.1.1167 Not tainted 6.12.23-syzkaller-gd9fd901baa98 #0 f1acc3ef52b3e732a05c4f7a2560722db90bb473
[  122.599574][ T3746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.599588][ T3746] Call Trace:
[  122.599596][ T3746]  <TASK>
[  122.599605][ T3746]  __dump_stack+0x21/0x30
[  122.599644][ T3746]  dump_stack_lvl+0x10c/0x190
[  122.599667][ T3746]  ? __cfi_dump_stack_lvl+0x10/0x10
[  122.599692][ T3746]  ? ___ratelimit+0x3f7/0x5a0
[  122.599724][ T3746]  dump_stack+0x19/0x20
[  122.599746][ T3746]  dump_header+0xd7/0x490
[  122.599776][ T3746]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  122.599797][ T3746]  oom_kill_process+0x4c0/0x7e0
[  122.599827][ T3746]  ? sched_clock_cpu+0x75/0x400
[  122.599851][ T3746]  out_of_memory+0x7ee/0xbd0
[  122.599881][ T3746]  ? __cfi_out_of_memory+0x10/0x10
[  122.599911][ T3746]  ? mutex_lock_killable+0x92/0x1c0
[  122.599932][ T3746]  ? __cfi_mutex_lock_killable+0x10/0x10
[  122.599955][ T3746]  mem_cgroup_out_of_memory+0x279/0x350
[  122.599981][ T3746]  ? drain_obj_stock+0xed0/0xed0
[  122.600008][ T3746]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  122.600033][ T3746]  try_charge_memcg+0x8f7/0xde0
[  122.600054][ T3746]  ? __cfi_try_charge_memcg+0x10/0x10
[  122.600074][ T3746]  ? __alloc_pages_noprof+0x30d/0x6c0
[  122.600095][ T3746]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  122.600117][ T3746]  __mem_cgroup_charge+0xf6/0x410
[  122.600140][ T3746]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  122.600166][ T3746]  shmem_alloc_and_add_folio+0x86d/0x1050
[  122.600199][ T3746]  ? put_swap_device+0x130/0x130
[  122.600228][ T3746]  ? shmem_huge_global_enabled+0x2da/0x360
[  122.600255][ T3746]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  122.600285][ T3746]  shmem_get_folio_gfp+0x5f0/0x1380
[  122.600317][ T3746]  ? shmem_get_folio+0xc0/0xc0
[  122.600343][ T3746]  ? inode_maybe_inc_iversion+0x17d/0x1e0
[  122.600366][ T3746]  ? __cfi_inode_maybe_inc_iversion+0x10/0x10
[  122.600389][ T3746]  ? inode_to_bdi+0x6d/0x100
[  122.600412][ T3746]  shmem_write_begin+0xf4/0x270
[  122.600442][ T3746]  generic_perform_write+0x32d/0x960
[  122.600466][ T3746]  ? locked_inode_to_wb_and_lock_list+0x205/0x2e0
[  122.600495][ T3746]  ? __cfi_generic_perform_write+0x10/0x10
[  122.600518][ T3746]  ? down_write+0xe9/0x2a0
[  122.600540][ T3746]  ? mnt_get_write_access_file+0x1af/0x3b0
[  122.600574][ T3746]  ? mnt_put_write_access_file+0xc2/0x100
[  122.600595][ T3746]  ? file_update_time+0x1ef/0x220
[  122.600615][ T3746]  shmem_file_write_iter+0x105/0x130
[  122.600643][ T3746]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  122.600665][ T3746]  __kernel_write_iter+0x392/0x830
[  122.600690][ T3746]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  122.600712][ T3746]  ? __cfi___kernel_write_iter+0x10/0x10
[  122.600736][ T3746]  ? irqentry_exit_to_user_mode+0x4e/0xb0
[  122.600760][ T3746]  ? __asan_memset+0x39/0x50
[  122.600783][ T3746]  ? iov_iter_kvec+0xc0/0x180
[  122.600811][ T3746]  __kernel_write+0xf0/0x150
[  122.600841][ T3746]  ? __cfi___kernel_write+0x10/0x10
[  122.600870][ T3746]  dump_emit+0x8fa/0xae0
[  122.600895][ T3746]  ? __cfi_dump_emit+0x10/0x10
[  122.600919][ T3746]  ? kasan_save_alloc_info+0x40/0x50
[  122.600940][ T3746]  ? __kasan_kmalloc+0x96/0xb0
[  122.600969][ T3746]  elf_core_dump+0x261d/0x3810
[  122.601002][ T3746]  ? __cfi_elf_core_dump+0x10/0x10
[  122.601039][ T3746]  ? dump_interrupted+0xf0/0xf0
[  122.601062][ T3746]  ? filp_open+0x182/0x1d0
[  122.601084][ T3746]  do_coredump+0x1bf7/0x2bd0
[  122.601111][ T3746]  ? __cfi_do_coredump+0x10/0x10
[  122.601135][ T3746]  ? asm_exc_page_fault+0x2b/0x30
[  122.601172][ T3746]  ? __kasan_slab_free+0x6a/0x80
[  122.601200][ T3746]  ? kmem_cache_free+0x1c1/0x4c0
[  122.601226][ T3746]  get_signal+0x11fd/0x14f0
[  122.601250][ T3746]  arch_do_signal_or_restart+0x96/0x720
[  122.601279][ T3746]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  122.601311][ T3746]  irqentry_exit_to_user_mode+0x4e/0xb0
[  122.601334][ T3746]  irqentry_exit+0x16/0x60
[  122.601356][ T3746]  exc_page_fault+0x66/0xc0
[  122.601378][ T3746]  asm_exc_page_fault+0x2b/0x30
[  122.601406][ T3746] RIP: 0033:0x7f7b4de4f837
[  122.601423][ T3746] Code: 88 15 c2 5e e9 00 88 05 bf 5e e9 00 c3 50 48 8d 35 11 13 1c 00 48 8d 3d 17 13 1c 00 31 c0 e8 30 f7 ff ff 53 89 fb 48 83 ec 10 <64> 8b 04 25 94 ff ff ff 85 c0 74 2a 89 fe 31 c0 bf 3c 00 00 00 e8
[  122.601443][ T3746] RSP: 002b:00007f7b4ede3120 EFLAGS: 00010202
[  122.601463][ T3746] RAX: 0000000000000000 RBX: 000000000000000b RCX: 00007f7b4df8e929
[  122.601477][ T3746] RDX: 00007f7b4ede3140 RSI: 00007f7b4ede3270 RDI: 000000000000000b
[  122.601491][ T3746] RBP: 00007f7b4e010b39 R08: 0000000000000000 R09: 0000000000000000
[  122.601505][ T3746] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  122.601519][ T3746] R13: 0000000000000000 R14: 00007f7b4e1b5fa0 R15: 00007ffc9e087188
[  122.601536][ T3746]  </TASK>
[  122.843951][ T3746] memory: usage 307200kB, limit 307200kB, failcnt 67276
[  122.854074][ T3753] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:466
[  122.854599][ T3746] memory+swap: usage 432036kB, limit 9007199254740988kB, failcnt 0
[  122.867525][ T3753] rust_binder: Error while translating object.
[  122.880702][ T3746] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  122.881250][ T3753] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  122.887158][ T3746] Memory cgroup stats for 
[  122.892395][ T3753] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:466
[  122.895117][ T3746] /syz1:
[  123.122211][ T3746] cache 314122240
[  123.130010][ T3746] rss 311296
[  123.133318][ T3746] rss_huge 0
[  123.136754][ T3746] shmem 314105856
[  123.140447][ T3746] mapped_file 0
[  123.143958][ T3746] dirty 0
[  123.146989][ T3746] writeback 0
[  123.150293][ T3746] workingset_refault_anon 103
[  123.155073][ T3746] workingset_refault_file 61979
[  123.162143][ T3746] swap 127832064
[  123.163646][ T3761] overlayfs: failed to clone upperpath
[  123.166044][ T3746] swapcached 163840
[  123.181326][ T3746] pgpgin 423427
[  123.184815][ T3746] pgpgout 346627
[  123.188765][ T3746] pgfault 73331
[  123.194854][ T3746] pgmajfault 1217
[  123.198738][ T3746] inactive_anon 314490880
[  123.203251][ T3746] active_anon 65536
[  123.207273][ T3746] inactive_file 16384
[  123.211263][ T3746] active_file 0
[  123.214727][ T3746] unevictable 0
[  123.218927][ T3746] hierarchical_memory_limit 314572800
[  123.224352][ T3746] hierarchical_memsw_limit 9223372036854771712
[  123.230780][ T3746] total_cache 314122240
[  123.235778][ T3746] total_rss 311296
[  123.239542][ T3746] total_rss_huge 0
[  123.243301][ T3746] total_shmem 314105856
[  123.249492][ T3746] total_mapped_file 0
[  123.253601][ T3746] total_dirty 0
[  123.257176][ T3746] total_writeback 0
[  123.260996][ T3746] total_workingset_refault_anon 103
[  123.266285][ T3746] total_workingset_refault_file 61979
[  123.271717][ T3746] total_swap 127832064
[  123.275819][ T3746] total_swapcached 163840
[  123.280287][ T3746] total_pgpgin 423427
[  123.284299][ T3746] total_pgpgout 346627
[  123.288400][ T3746] total_pgfault 73331
[  123.292446][ T3746] total_pgmajfault 1217
[  123.296685][ T3746] total_inactive_anon 314490880
[  123.301555][ T3746] total_active_anon 65536
[  123.305919][ T3746] total_inactive_file 16384
[  123.310432][ T3746] total_active_file 0
[  123.314430][ T3746] total_unevictable 0
[  123.318539][ T3746] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.972,pid=3215,uid=0
[  123.333339][ T3746] Memory cgroup out of memory: Killed process 3215 (syz.1.972) total-vm:90092kB, anon-rss:944kB, file-rss:22232kB, shmem-rss:0kB, UID:0 pgtables:196kB oom_score_adj:0
[  123.366395][ T3201] syz.1.972 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  123.416063][ T3201] CPU: 1 UID: 0 PID: 3201 Comm: syz.1.972 Not tainted 6.12.23-syzkaller-gd9fd901baa98 #0 f1acc3ef52b3e732a05c4f7a2560722db90bb473
[  123.416102][ T3201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.416116][ T3201] Call Trace:
[  123.416124][ T3201]  <TASK>
[  123.416133][ T3201]  __dump_stack+0x21/0x30
[  123.416162][ T3201]  dump_stack_lvl+0x10c/0x190
[  123.416186][ T3201]  ? __cfi_dump_stack_lvl+0x10/0x10
[  123.416210][ T3201]  ? ___ratelimit+0x3f7/0x5a0
[  123.416246][ T3201]  dump_stack+0x19/0x20
[  123.416269][ T3201]  dump_header+0xd7/0x490
[  123.416300][ T3201]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[  123.416320][ T3201]  oom_kill_process+0x4c0/0x7e0
[  123.416350][ T3201]  ? sched_clock_cpu+0x75/0x400
[  123.416374][ T3201]  out_of_memory+0x7ee/0xbd0
[  123.416404][ T3201]  ? __cfi_out_of_memory+0x10/0x10
[  123.416433][ T3201]  ? mutex_lock_killable+0x104/0x1c0
[  123.416455][ T3201]  ? __cfi_mutex_lock_killable+0x10/0x10
[  123.416478][ T3201]  mem_cgroup_out_of_memory+0x279/0x350
[  123.416504][ T3201]  ? drain_obj_stock+0xed0/0xed0
[  123.416538][ T3201]  ? memcg1_oom_prepare+0x2c6/0x3a0
[  123.416564][ T3201]  try_charge_memcg+0x8f7/0xde0
[  123.416586][ T3201]  ? __cfi_try_charge_memcg+0x10/0x10
[  123.416607][ T3201]  ? __alloc_pages_noprof+0x30d/0x6c0
[  123.416628][ T3201]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  123.416649][ T3201]  ? __folio_batch_add_and_move+0x2ab/0x370
[  123.416682][ T3201]  __mem_cgroup_charge+0xf6/0x410
[  123.416705][ T3201]  ? __kasan_check_write+0x18/0x20
[  123.416729][ T3201]  ? _raw_spin_lock+0x8c/0x120
[  123.416756][ T3201]  ? __cfi___mem_cgroup_charge+0x10/0x10
[  123.416781][ T3201]  shmem_alloc_and_add_folio+0x86d/0x1050
[  123.416812][ T3201]  ? dequeue_pushable_task+0x1b9/0x2e0
[  123.416836][ T3201]  ? put_swap_device+0x130/0x130
[  123.416864][ T3201]  ? shmem_huge_global_enabled+0x2da/0x360
[  123.416893][ T3201]  ? shmem_allowable_huge_orders+0x1f7/0x430
[  123.416922][ T3201]  ? __kasan_check_write+0x18/0x20
[  123.416945][ T3201]  ? _raw_spin_lock+0x8c/0x120
[  123.416972][ T3201]  shmem_get_folio_gfp+0x5f0/0x1380
[  123.417002][ T3201]  ? shmem_get_folio+0xc0/0xc0
[  123.417027][ T3201]  ? inode_maybe_inc_iversion+0x17d/0x1e0
[  123.417049][ T3201]  ? __cfi_inode_maybe_inc_iversion+0x10/0x10
[  123.417072][ T3201]  ? inode_to_bdi+0x6d/0x100
[  123.417093][ T3201]  shmem_write_begin+0xf4/0x270
[  123.417122][ T3201]  generic_perform_write+0x32d/0x960
[  123.417148][ T3201]  ? __cfi_generic_perform_write+0x10/0x10
[  123.417171][ T3201]  ? down_write+0xe9/0x2a0
[  123.417192][ T3201]  ? mnt_get_write_access_file+0x1af/0x3b0
[  123.417225][ T3201]  ? mnt_put_write_access_file+0xc2/0x100
[  123.417247][ T3201]  ? file_update_time+0x1ef/0x220
[  123.417267][ T3201]  shmem_file_write_iter+0x105/0x130
[  123.417289][ T3201]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  123.417309][ T3201]  __kernel_write_iter+0x392/0x830
[  123.417335][ T3201]  ? __cfi_shmem_file_write_iter+0x10/0x10
[  123.417356][ T3201]  ? __cfi___kernel_write_iter+0x10/0x10
[  123.417380][ T3201]  ? get_dump_page+0x160/0x220
[  123.417411][ T3201]  ? __asan_memset+0x39/0x50
[  123.417435][ T3201]  ? iov_iter_bvec+0xc0/0x180
[  123.417464][ T3201]  dump_user_range+0xb06/0xdf0
[  123.417508][ T3201]  ? __cfi_dump_emit+0x10/0x10
[  123.417542][ T3201]  ? __cfi_dump_user_range+0x10/0x10
[  123.417568][ T3201]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[  123.417607][ T3201]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[  123.417634][ T3201]  elf_core_dump+0x2cd9/0x3810
[  123.417666][ T3201]  ? __cfi_elf_core_dump+0x10/0x10
[  123.417702][ T3201]  ? dump_interrupted+0xf0/0xf0
[  123.417725][ T3201]  ? filp_open+0x182/0x1d0
[  123.417762][ T3201]  ? 0xffffffffff600000
[  123.417780][ T3201]  do_coredump+0x1bf7/0x2bd0
[  123.417807][ T3201]  ? __cfi_do_coredump+0x10/0x10
[  123.417830][ T3201]  ? asm_exc_page_fault+0x2b/0x30
[  123.417869][ T3201]  ? __kasan_slab_free+0x6a/0x80
[  123.417896][ T3201]  ? kmem_cache_free+0x1c1/0x4c0
[  123.417923][ T3201]  get_signal+0x11fd/0x14f0
[  123.417949][ T3201]  arch_do_signal_or_restart+0x96/0x720
[  123.417980][ T3201]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  123.418012][ T3201]  irqentry_exit_to_user_mode+0x4e/0xb0
[  123.418036][ T3201]  irqentry_exit+0x16/0x60
[  123.418057][ T3201]  exc_page_fault+0x66/0xc0
[  123.418078][ T3201]  asm_exc_page_fault+0x2b/0x30
[  123.418107][ T3201] RIP: 0033:0x7f7b4df8e931
[  123.418125][ T3201] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  123.418145][ T3201] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  123.418165][ T3201] RAX: 0000000000000000 RBX: 00007f7b4e1b6080 RCX: 00007f7b4df8e929
[  123.418182][ T3201] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  123.418196][ T3201] RBP: 00007f7b4e010b39 R08: 0000000000000000 R09: 0000000000000000
[  123.418211][ T3201] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  123.418224][ T3201] R13: 0000000000000001 R14: 00007f7b4e1b6080 R15: 00007ffc9e087188
[  123.418241][ T3201]  </TASK>
[  123.425151][ T3201] memory: usage 298356kB, limit 307200kB, failcnt 67397
[  123.833300][ T3784] rust_binder: Error while translating object.
[  123.834944][ T3201] memory+swap: usage 395624kB, limit 9007199254740988kB, failcnt 0
[  123.848293][ T3784] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  123.865699][ T3201] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  123.889128][ T3784] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:476
[  123.991687][ T3201] Memory cgroup stats for /syz1:
[  124.046201][ T3201] cache 276291584
[  124.085382][ T3201] rss 561152
[  124.099567][ T3201] rss_huge 0
[  124.110458][ T3201] shmem 268316672
[  124.121729][ T3201] mapped_file 7299072
[  124.135651][ T3201] dirty 4096
[  124.155242][ T3201] writeback 28672
[  124.170232][ T3201] workingset_refault_anon 103
[  124.174957][ T3201] workingset_refault_file 63939
[  124.179876][   T53] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  124.249186][ T3201] swap 127905792
[  124.289290][ T3201] swapcached 90112
[  124.311675][ T3201] pgpgin 428182
[  124.335232][ T3201] pgpgout 360573
[  124.361276][ T3201] pgfault 73675
[  124.379400][ T3201] pgmajfault 1223
[  124.397526][ T3201] inactive_anon 229965824
[  124.422734][ T3201] active_anon 38694912
[  124.442423][ T3201] inactive_file 0
[  124.459139][ T3201] active_file 7974912
[  124.476273][ T3201] unevictable 0
[  124.496403][ T3201] hierarchical_memory_limit 314572800
[  124.516048][   T36] audit: type=1326 audit(1750634087.163:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3821 comm="syz.1.1193" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7b4df8e929 code=0x0
[  124.523112][ T3201] hierarchical_memsw_limit 9223372036854771712
[  124.595541][ T3201] total_cache 276291584
[  124.615740][ T3201] total_rss 561152
[  124.630450][ T3201] total_rss_huge 0
[  124.644386][ T3201] total_shmem 268316672
[  124.661740][ T3201] total_mapped_file 7299072
[  124.690967][ T3201] total_dirty 4096
[  124.706624][ T3201] total_writeback 28672
[  124.723913][ T3201] total_workingset_refault_anon 103
[  124.747971][ T3201] total_workingset_refault_file 63939
[  124.772277][ T3201] total_swap 127905792
[  124.787535][ T3201] total_swapcached 90112
[  124.801760][ T3201] total_pgpgin 428182
[  124.816638][ T3201] total_pgpgout 360573
[  124.831662][ T3201] total_pgfault 73675
[  124.848783][ T3201] total_pgmajfault 1223
[  124.867202][ T3201] total_inactive_anon 229965824
[  124.889570][ T3201] total_active_anon 38694912
[  124.907635][ T3201] total_inactive_file 0
[  124.923829][ T3201] total_active_file 7974912
[  124.932962][ T3201] total_unevictable 0
[  124.941513][ T3201] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.972,pid=3243,uid=0
[  124.976637][ T3201] Memory cgroup out of memory: Killed process 3243 (syz.1.972) total-vm:90092kB, anon-rss:944kB, file-rss:22196kB, shmem-rss:0kB, UID:0 pgtables:196kB oom_score_adj:0
[  125.144786][ T3832] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:784
[  125.145365][ T3834] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  125.188532][ T3837] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  125.205673][ T3837] rust_binder: Error while translating object.
[  125.217909][ T3837] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  125.224133][ T3837] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:789
[  125.297785][   T36] audit: type=1400 audit(1750634087.943:479): avc:  denied  { listen } for  pid=3843 comm="syz.0.1200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  125.399422][   T36] audit: type=1400 audit(1750634088.043:480): avc:  denied  { write } for  pid=3845 comm="syz.2.1201" path="socket:[26730]" dev="sockfs" ino=26730 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  125.600202][ T3866] binder: Unknown parameter 'sta'
[  125.689749][ T3876] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=55466 sclass=netlink_xfrm_socket pid=3876 comm=syz.1.1210
[  125.730957][ T3879] overlayfs: overlapping lowerdir path
[  125.802964][ T3893] rust_binder: Write failure EFAULT in pid:814
[  125.852247][   T36] audit: type=1326 audit(1750634088.493:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3894 comm="syz.1.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4df8e929 code=0x7ffc0000
[  125.904447][   T36] audit: type=1326 audit(1750634088.493:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3894 comm="syz.1.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4df8e929 code=0x7ffc0000
[  125.943482][   T36] audit: type=1326 audit(1750634088.493:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3894 comm="syz.1.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7b4df8e929 code=0x7ffc0000
[  125.981285][   T36] audit: type=1326 audit(1750634088.493:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3894 comm="syz.1.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4df8e929 code=0x7ffc0000
[  126.028385][ T3914] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.037724][   T36] audit: type=1326 audit(1750634088.493:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3894 comm="syz.1.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4df8e929 code=0x7ffc0000
[  126.045796][ T3914] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  126.068814][   T36] audit: type=1326 audit(1750634088.493:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3894 comm="syz.1.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f7b4df8e929 code=0x7ffc0000
[  126.095655][   T36] audit: type=1326 audit(1750634088.493:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3894 comm="syz.1.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4df8e929 code=0x7ffc0000
[  126.483578][ T3928] can: request_module (can-proto-5) failed.
[  126.575994][ T3930] overlayfs: failed to clone upperpath
[  126.653103][ T3934] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  126.653139][ T3934] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:827
[  126.895414][ T3942] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  126.948909][ T3956] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  126.959964][ T3942] rust_binder: Error while translating object.
[  126.966885][ T3942] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  126.973089][ T3942] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:480
[  127.061482][ T3971] rust_binder: Failed copying remainder into alloc: EFAULT
[  127.077517][ T3971] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[  127.085954][ T3971] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  127.104911][ T3971] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:835
[  127.402296][ T3985] batadv_slave_1: entered promiscuous mode
[  127.459307][ T3986] batadv_slave_1: left promiscuous mode
[  127.494394][ T3990] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  127.775664][  T702] usb 5-1: new low-speed USB device number 22 using dummy_hcd
[  127.905678][  T702] usb 5-1: device descriptor read/64, error -71
[  128.079899][ T4011] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  128.096255][ T4011] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  128.155668][  T702] usb 5-1: device descriptor read/64, error -71
[  128.276102][ T4011] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:842
[  128.294259][ T4025] netlink: 'syz.1.1257': attribute type 1 has an invalid length.
[  128.326477][ T4027] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1258'.
[  128.405848][  T702] usb 5-1: new low-speed USB device number 23 using dummy_hcd
[  128.545707][  T702] usb 5-1: device descriptor read/64, error -71
[  128.602696][ T4046] fuse: Unknown parameter 'gr���%��JԆi�h00000000000000000000'
[  128.632324][ T4050] netlink: 'syz.2.1268': attribute type 4 has an invalid length.
[  128.723700][ T4071] overlayfs: failed to clone upperpath
[  128.723700][ T4072] overlayfs: failed to clone upperpath
[  128.791173][ T4078] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  128.795705][  T702] usb 5-1: device descriptor read/64, error -71
[  128.799728][ T4078] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  128.866267][ T4080] rust_binder: Write failure EINVAL in pid:847
[  128.915741][  T702] usb usb5-port1: attempt power cycle
[  128.917252][ T4087] netlink: 'syz.2.1278': attribute type 12 has an invalid length.
[  129.255697][  T702] usb 5-1: new low-speed USB device number 24 using dummy_hcd
[  129.276671][  T702] usb 5-1: device descriptor read/8, error -71
[  129.406753][  T702] usb 5-1: device descriptor read/8, error -71
[  129.645695][  T702] usb 5-1: new low-speed USB device number 25 using dummy_hcd
[  129.666657][  T702] usb 5-1: device descriptor read/8, error -71
[  129.796674][  T702] usb 5-1: device descriptor read/8, error -71
[  129.905754][  T702] usb usb5-port1: unable to enumerate USB device
[  130.150130][ T4116] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1295'.
[  130.160582][   T36] kauditd_printk_skb: 29 callbacks suppressed
[  130.160600][   T36] audit: type=1326 audit(1750634092.803:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4115 comm="syz.1.1295" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7b4df8e929 code=0x0
[  130.945705][ T1924] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  131.095725][ T1924] usb 5-1: Using ep0 maxpacket: 16
[  131.101304][ T1924] usb 5-1: too many configurations: 86, using maximum allowed: 8
[  131.109814][ T1924] usb 5-1: config 4 has an invalid interface number: 15 but max is 0
[  131.117985][ T1924] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  131.128115][ T1924] usb 5-1: config 4 has no interface number 0
[  131.134214][ T1924] usb 5-1: config 4 interface 15 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  131.147199][ T1924] usb 5-1: config 4 interface 15 has no altsetting 0
[  131.154586][ T1924] usb 5-1: config 4 has an invalid interface number: 15 but max is 0
[  131.162763][ T1924] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  131.172891][ T1924] usb 5-1: config 4 has no interface number 0
[  131.179014][ T1924] usb 5-1: config 4 interface 15 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  131.192017][ T1924] usb 5-1: config 4 interface 15 has no altsetting 0
[  131.199405][ T1924] usb 5-1: config 4 has an invalid interface number: 15 but max is 0
[  131.207536][ T1924] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  131.217667][ T1924] usb 5-1: config 4 has no interface number 0
[  131.223758][ T1924] usb 5-1: config 4 interface 15 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  131.236721][ T1924] usb 5-1: config 4 interface 15 has no altsetting 0
[  131.244102][ T1924] usb 5-1: config 4 has an invalid interface number: 15 but max is 0
[  131.252247][ T1924] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  131.262360][ T1924] usb 5-1: config 4 has no interface number 0
[  131.268474][ T1924] usb 5-1: config 4 interface 15 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  131.281451][ T1924] usb 5-1: config 4 interface 15 has no altsetting 0
[  131.288826][ T1924] usb 5-1: config 4 has an invalid interface number: 15 but max is 0
[  131.296972][ T1924] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  131.307084][ T1924] usb 5-1: config 4 has no interface number 0
[  131.313189][ T1924] usb 5-1: config 4 interface 15 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  131.326172][ T1924] usb 5-1: config 4 interface 15 has no altsetting 0
[  131.333594][ T1924] usb 5-1: config 4 has an invalid interface number: 15 but max is 0
[  131.341732][ T1924] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  131.351922][ T1924] usb 5-1: config 4 has no interface number 0
[  131.358044][ T1924] usb 5-1: config 4 interface 15 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  131.371016][ T1924] usb 5-1: config 4 interface 15 has no altsetting 0
[  131.378494][ T1924] usb 5-1: config 4 has an invalid interface number: 15 but max is 0
[  131.386647][ T1924] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  131.396760][ T1924] usb 5-1: config 4 has no interface number 0
[  131.402851][ T1924] usb 5-1: config 4 interface 15 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  131.415828][ T1924] usb 5-1: config 4 interface 15 has no altsetting 0
[  131.423219][ T1924] usb 5-1: config 4 has an invalid interface number: 15 but max is 0
[  131.431385][ T1924] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  131.441493][ T1924] usb 5-1: config 4 has no interface number 0
[  131.447626][ T1924] usb 5-1: config 4 interface 15 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  131.460693][ T1924] usb 5-1: config 4 interface 15 has no altsetting 0
[  131.469719][ T1924] usb 5-1: New USB device found, idVendor=0930, idProduct=06b1, bcdDevice=9c.6a
[  131.478814][ T1924] usb 5-1: New USB device strings: Mfr=119, Product=183, SerialNumber=33
[  131.487272][ T1924] usb 5-1: Product: syz
[  131.491434][ T1924] usb 5-1: Manufacturer: syz
[  131.496059][ T1924] usb 5-1: SerialNumber: syz
[  131.705894][ T1924] usb 5-1: USB disconnect, device number 26
[  131.830001][ T4136] can: request_module (can-proto-0) failed.
[  131.837565][ T4137] can: request_module (can-proto-0) failed.
[  131.849167][ T4140] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  131.858648][ T4140] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  131.861241][ T4142] 9pnet: p9_errstr2errno: server reported unknown error ��p��A���
��;
KZ�44�/@�q��k�p
[  131.861241][ T4142] �C<
[  131.911456][ T4148] 9pnet_fd: Insufficient options for proto=fd
[  132.282431][ T4200] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:507
[  132.303590][ T4204] rust_binder: Write failure EINVAL in pid:511
[  132.323546][ T4206] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  132.329807][ T4206] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:513
[  132.471164][ T4233] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:859
[  132.496239][ T4236] binder: Unknown parameter 'mix'
[  132.526631][   T36] audit: type=1400 audit(1750634095.173:518): avc:  denied  { append } for  pid=4237 comm="syz.4.1336" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  132.554008][   T36] audit: type=1400 audit(1750634095.203:519): avc:  denied  { read write } for  pid=1655 comm="syz-executor" name="loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  132.578298][   T36] audit: type=1400 audit(1750634095.203:520): avc:  denied  { open } for  pid=1655 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  132.578456][ T4240] rust_binder: Write failure EFAULT in pid:541
[  132.603498][   T36] audit: type=1400 audit(1750634095.203:521): avc:  denied  { ioctl } for  pid=1655 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  132.635169][   T36] audit: type=1400 audit(1750634095.203:522): avc:  denied  { read } for  pid=4239 comm="syz.4.1337" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  132.658083][   T36] audit: type=1400 audit(1750634095.203:523): avc:  denied  { open } for  pid=4239 comm="syz.4.1337" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  132.681331][   T36] audit: type=1400 audit(1750634095.203:524): avc:  denied  { ioctl } for  pid=4239 comm="syz.4.1337" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  132.705871][   T36] audit: type=1400 audit(1750634095.213:525): avc:  denied  { read } for  pid=4239 comm="syz.4.1337" dev="nsfs" ino=4026532833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  132.727052][   T36] audit: type=1400 audit(1750634095.213:526): avc:  denied  { open } for  pid=4239 comm="syz.4.1337" path="net:[4026532833]" dev="nsfs" ino=4026532833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  132.949058][ T4264] overlayfs: failed to resolve './file0': -2
[  133.411545][ T4284] rust_binder: Failed copying remainder into alloc: EFAULT
[  133.411571][ T4284] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[  133.427903][ T4284] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  133.452653][ T4284] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:865
[  133.618656][ T4308] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  133.636515][ T4308] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.657571][ T4310] 9pnet_fd: Insufficient options for proto=fd
[  133.692696][ T4308] kvm: user requested TSC rate below hardware speed
[  133.751205][ T4316] binder: Bad value for 'stats'
[  134.160977][ T4335] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  134.168181][ T4335] rust_binder: Write failure EINVAL in pid:573
[  134.974858][ T4398] SELinux:  Context system_u:object_r:udev_helper_exec_t:s0 is not valid (left unmapped).
[  135.152371][ T4422] rust_binder: Write failure EINVAL in pid:898
[  135.331173][   T36] kauditd_printk_skb: 112 callbacks suppressed
[  135.331193][   T36] audit: type=1400 audit(1750634097.973:639): avc:  denied  { execute_no_trans } for  pid=4432 comm="syz.0.1405" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1120 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  135.395378][   T36] audit: type=1400 audit(1750634098.023:640): avc:  denied  { read append } for  pid=4432 comm="syz.0.1405" name="rtc0" dev="devtmpfs" ino=195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  135.419266][   T36] audit: type=1400 audit(1750634098.023:641): avc:  denied  { open } for  pid=4432 comm="syz.0.1405" path="/dev/rtc0" dev="devtmpfs" ino=195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  135.442975][   T36] audit: type=1400 audit(1750634098.023:642): avc:  denied  { ioctl } for  pid=4432 comm="syz.0.1405" path="/dev/rtc0" dev="devtmpfs" ino=195 ioctlcmd=0x7004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  135.526535][ T4437] rust_binder: Error while translating object.
[  135.526578][ T4437] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  135.530915][ T4441] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  135.532844][   T36] audit: type=1400 audit(1750634098.173:643): avc:  denied  { transfer } for  pid=4436 comm="syz.0.1407" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  135.542717][ T4441] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:583
[  135.550755][ T4437] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:911
[  135.613100][   T36] audit: type=1400 audit(1750634098.253:644): avc:  denied  { write } for  pid=4445 comm="syz.4.1411" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  135.642952][   T36] audit: type=1400 audit(1750634098.273:645): avc:  denied  { mounton } for  pid=4449 comm="syz.2.1413" path="/file0" dev="rootfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  135.699615][   T36] audit: type=1400 audit(1750634098.343:646): avc:  denied  { write } for  pid=4468 comm="syz.4.1418" name="/" dev="incremental-fs" ino=1155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  135.723364][ T4471] rust_binder: Error while translating object.
[  135.723395][ T4471] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  135.729841][ T4471] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:916
[  135.739733][   T36] audit: type=1400 audit(1750634098.343:647): avc:  denied  { add_name } for  pid=4468 comm="syz.4.1418" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  135.758193][ T4477] netlink: 'syz.2.1421': attribute type 27 has an invalid length.
[  135.770458][   T36] audit: type=1400 audit(1750634098.343:648): avc:  denied  { create } for  pid=4468 comm="syz.4.1418" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  135.799790][ T4477] 0��{X��: left allmulticast mode
[  135.810795][ T4477] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.817977][ T4477] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.847678][ T4478] netlink: 'syz.2.1421': attribute type 27 has an invalid length.
[  135.900179][ T4483] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1423'.
[  136.613478][ T4500] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  136.613512][ T4500] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:919
[  136.675696][ T1924] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  136.728408][ T4511] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  136.728437][ T4511] rust_binder: Read failure Err(EFAULT) in pid:923
[  136.835678][ T1924] usb 5-1: Using ep0 maxpacket: 16
[  136.849195][ T1924] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  136.860243][ T1924] usb 5-1: New USB device found, idVendor=056a, idProduct=037a, bcdDevice= 0.00
[  136.869379][ T1924] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.877980][ T1924] usb 5-1: config 0 descriptor??
[  136.938067][ T4513] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  136.997520][ T4518] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.006158][ T4518] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.086932][ T4524] futex_wake_op: syz.1.1439 tries to shift op by -1; fix this program
[  137.287221][ T1924] wacom 0003:056A:037A.000B: Unknown device_type for 'HID 056a:037a'. Assuming pen.
[  137.301333][ T1924] wacom 0003:056A:037A.000B: hidraw0: USB HID v0.05 Device [HID 056a:037a] on usb-dummy_hcd.4-1/input0
[  137.318570][ T1924] input: Wacom One by Wacom S Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:037A.000B/input/input15
[  137.490398][ T1924] usb 5-1: USB disconnect, device number 27
[  137.570612][ T4533] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.580823][ T4533] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.965783][ T4539] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1444'.
[  138.142697][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[  138.243173][ T4557] netlink: 'syz.1.1449': attribute type 11 has an invalid length.
[  138.253131][ T4557] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1449'.
[  138.528789][ T4613] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.528888][ T4613] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  138.545729][ T4615] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:631
[  138.781095][ T4627] hub 6-0:1.0: USB hub found
[  138.784043][ T4629] overlayfs: failed to clone upperpath
[  138.790659][ T4627] hub 6-0:1.0: 1 port detected
[  138.873051][ T4631] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.878545][ T4631] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:644
[  138.885800][ T4632] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  139.255725][  T307] usb 5-1: new full-speed USB device number 28 using dummy_hcd
[  139.418680][  T307] usb 5-1: config 5 has an invalid interface number: 170 but max is 0
[  139.426988][  T307] usb 5-1: config 5 contains an unexpected descriptor of type 0x1, skipping
[  139.435767][  T307] usb 5-1: config 5 has an invalid descriptor of length 248, skipping remainder of the config
[  139.446069][  T307] usb 5-1: config 5 has no interface number 0
[  139.452165][  T307] usb 5-1: config 5 interface 170 altsetting 3 endpoint 0x5 has invalid maxpacket 2380, setting to 64
[  139.463177][  T307] usb 5-1: config 5 interface 170 altsetting 3 endpoint 0x8D has invalid maxpacket 18547, setting to 64
[  139.474392][  T307] usb 5-1: config 5 interface 170 altsetting 3 has 2 endpoint descriptors, different from the interface descriptor's value: 14
[  139.487588][  T307] usb 5-1: config 5 interface 170 has no altsetting 0
[  139.495817][  T307] usb 5-1: New USB device found, idVendor=07c9, idProduct=0012, bcdDevice=48.2e
[  139.504858][  T307] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.512921][  T307] usb 5-1: Product: syz
[  139.517126][  T307] usb 5-1: Manufacturer: 깻拽᫚橵溿ዔ䎂䤴
[  139.523830][  T307] usb 5-1: SerialNumber: syz
[  139.529852][ T4640] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  139.537327][ T4640] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  139.750302][  T307] usb 5-1: USB disconnect, device number 28
[  140.175693][  T464] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  140.175733][   T53] Bluetooth: hci0: command 0x1003 tx timeout
[  140.202143][ T4686] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  140.210885][ T4686] rust_binder: Write failure EINVAL in pid:944
[  140.273880][ T4691] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  140.286911][ T4695] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  140.301359][ T4691] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  140.310744][ T4695] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  140.576414][ T4750] tipc: Invalid UDP bearer configuration
[  140.584384][ T4750] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  140.599980][ T4754] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[  140.600008][ T4754] rust_binder: Error while translating object.
[  140.610881][ T4754] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  140.613758][   T36] kauditd_printk_skb: 33 callbacks suppressed
[  140.613781][   T36] audit: type=1400 audit(1750634103.253:682): avc:  denied  { ioctl } for  pid=4755 comm="syz.2.1523" path="socket:[30875]" dev="sockfs" ino=30875 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  140.617398][ T4754] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:959
[  140.627839][   T36] audit: type=1400 audit(1750634103.273:683): avc:  denied  { setopt } for  pid=4755 comm="syz.2.1523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  140.696949][ T4761] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:964
[  140.731918][   T36] audit: type=1400 audit(1750634103.373:684): avc:  denied  { write } for  pid=4769 comm="syz.2.1528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  140.760611][  T307] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  140.925667][  T307] usb 5-1: Using ep0 maxpacket: 16
[  140.931966][  T307] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.942928][  T307] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  140.952011][  T307] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.960655][  T307] usb 5-1: config 0 descriptor??
[  141.069302][   T36] audit: type=1400 audit(1750634103.713:685): avc:  denied  { ioctl } for  pid=4779 comm="syz.1.1531" path="socket:[31862]" dev="sockfs" ino=31862 ioctlcmd=0xae60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  141.113261][   T36] audit: type=1400 audit(1750634103.753:686): avc:  denied  { watch_reads } for  pid=4783 comm="syz.1.1533" path="/363/file0" dev="tmpfs" ino=2004 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  141.217302][ T4793] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1537'.
[  141.265744][    T9] syz_tun: tun_net_xmit 122
[  141.284771][   T36] audit: type=1400 audit(1750634103.923:687): avc:  denied  { getopt } for  pid=4801 comm="syz.1.1541" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  141.313009][ T4804] overlayfs: failed to clone upperpath
[  141.319776][ T4804] overlayfs: failed to clone upperpath
[  141.369073][  T307] appleir 0003:05AC:8241.000C: unknown main item tag 0x0
[  141.376325][  T307] appleir 0003:05AC:8241.000C: unknown main item tag 0x0
[  141.383403][  T307] appleir 0003:05AC:8241.000C: unknown main item tag 0x0
[  141.390710][  T307] appleir 0003:05AC:8241.000C: unknown main item tag 0x0
[  141.397815][  T307] appleir 0003:05AC:8241.000C: unknown main item tag 0x0
[  141.405078][  T307] appleir 0003:05AC:8241.000C: No inputs registered, leaving
[  141.413740][  T307] appleir 0003:05AC:8241.000C: hiddev96,hidraw0: USB HID v0.05 Device [HID 05ac:8241] on usb-dummy_hcd.4-1/input0
[  141.435730][    T9] syz_tun: tun_net_xmit 122
[  141.594255][ T4826] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  141.619950][ T4826] syzkaller0: entered promiscuous mode
[  141.626096][ T4826] syzkaller0: entered allmulticast mode
[  141.635893][ T4825] tipc: Resetting bearer <eth:syzkaller0>
[  141.648826][ T4825] tipc: Disabling bearer <eth:syzkaller0>
[  141.658001][ T4836] netlink: 'syz.2.1553': attribute type 4 has an invalid length.
[  141.665831][ T4836] netlink: 'syz.2.1553': attribute type 5 has an invalid length.
[  141.673566][ T4836] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.1553'.
[  141.706955][ T4839] netlink: 'syz.2.1554': attribute type 12 has an invalid length.
[  141.822378][   T36] audit: type=1400 audit(1750634104.463:688): avc:  denied  { create } for  pid=4845 comm="syz.2.1556" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  142.108359][ T1924] usb 5-1: USB disconnect, device number 29
[  142.139833][   T36] audit: type=1400 audit(1750634104.783:689): avc:  denied  { setopt } for  pid=4855 comm="syz.0.1560" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  142.197487][ T4864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  142.206100][ T4864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  142.214452][   T36] audit: type=1400 audit(1750634104.853:690): avc:  denied  { listen } for  pid=4863 comm="syz.0.1562" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  142.233984][   T36] audit: type=1400 audit(1750634104.853:691): avc:  denied  { connect } for  pid=4863 comm="syz.0.1562" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  142.732061][  T306] ==================================================================
[  142.740268][  T306] BUG: KASAN: null-ptr-deref in down_write+0x83/0x2a0
[  142.747064][  T306] Write of size 8 at addr 0000000000000098 by task kworker/0:2/306
[  142.754976][  T306] 
[  142.757320][  T306] CPU: 0 UID: 0 PID: 306 Comm: kworker/0:2 Not tainted 6.12.23-syzkaller-gd9fd901baa98 #0 f1acc3ef52b3e732a05c4f7a2560722db90bb473
[  142.757352][  T306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  142.757368][  T306] Workqueue: events _RNvXs6_NtCs43vyB533jt3_6kernel9workqueueINtNtNtB7_4sync3arc3ArcNtNtCshgDM7dBCdno_11rust_binder7process7ProcessEINtB5_15WorkItemPointerKy0_E3runB13_
[  142.757424][  T306] Call Trace:
[  142.757432][  T306]  <TASK>
[  142.757441][  T306]  __dump_stack+0x21/0x30
[  142.757469][  T306]  dump_stack_lvl+0x10c/0x190
[  142.757493][  T306]  ? __cfi_dump_stack_lvl+0x10/0x10
[  142.757519][  T306]  print_report+0x3d/0x70
[  142.757538][  T306]  kasan_report+0x163/0x1a0
[  142.757577][  T306]  ? down_write+0x83/0x2a0
[  142.757601][  T306]  ? __cfi_update_group_capacity+0x10/0x10
[  142.757627][  T306]  ? down_write+0x83/0x2a0
[  142.757649][  T306]  kasan_check_range+0x299/0x2a0
[  142.757681][  T306]  __kasan_check_write+0x18/0x20
[  142.757704][  T306]  down_write+0x83/0x2a0
[  142.757726][  T306]  ? __cfi_down_write+0x10/0x10
[  142.757747][  T306]  ? _raw_spin_lock+0x8c/0x120
[  142.757775][  T306]  ? __cfi__raw_spin_lock+0x10/0x10
[  142.757800][  T306]  ? mutex_unlock+0x8b/0x240
[  142.757820][  T306]  ? __cfi_mutex_unlock+0x10/0x10
[  142.757841][  T306]  rust_binderfs_remove_file+0x6c/0x110
[  142.757862][  T306]  _RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x9d4/0x2860
[  142.757898][  T306]  ? update_curr_dl_se+0x10c/0xb20
[  142.757925][  T306]  ? __cfi___update_load_avg_cfs_rq+0x10/0x10
[  142.757948][  T306]  ? update_curr+0x60d/0xc60
[  142.757975][  T306]  ? __cfi__RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x10/0x10
[  142.758010][  T306]  ? update_load_avg+0x506/0x19a0
[  142.758031][  T306]  ? detach_entity_load_avg+0x7b0/0x7b0
[  142.758060][  T306]  ? dequeue_entity+0xa9c/0x1750
[  142.758084][  T306]  ? tg_unthrottle_up+0x980/0x980
[  142.758104][  T306]  ? stack_trace_save+0x9d/0xe0
[  142.758129][  T306]  ? kvm_sched_clock_read+0x15/0x30
[  142.758151][  T306]  ? kvm_sched_clock_read+0x15/0x30
[  142.758174][  T306]  ? sched_clock_noinstr+0xd/0x30
[  142.758193][  T306]  ? sched_clock+0x44/0x60
[  142.758214][  T306]  ? sched_clock_cpu+0x75/0x400
[  142.758237][  T306]  ? __cfi___update_load_avg_cfs_rq+0x10/0x10
[  142.758261][  T306]  ? __cfi_min_vruntime_cb_rotate+0x10/0x10
[  142.758289][  T306]  ? xfd_validate_state+0x68/0x150
[  142.758313][  T306]  ? save_fpregs_to_fpstate+0x196/0x230
[  142.758343][  T306]  ? __kasan_check_write+0x18/0x20
[  142.758366][  T306]  ? __switch_to+0xc7b/0x1310
[  142.758390][  T306]  ? psi_group_change+0xb44/0x1130
[  142.758413][  T306]  ? __cfi___switch_to+0x10/0x10
[  142.758439][  T306]  ? _raw_spin_unlock+0x45/0x60
[  142.758466][  T306]  ? __switch_to_asm+0x3d/0x70
[  142.758493][  T306]  ? __schedule+0x1463/0x1f10
[  142.758524][  T306]  ? kick_pool+0xb9/0x550
[  142.758555][  T306]  process_scheduled_works+0x7d2/0x1020
[  142.758594][  T306]  worker_thread+0xc58/0x1250
[  142.758623][  T306]  ? try_to_wake_up+0xdd2/0x1aa0
[  142.758656][  T306]  kthread+0x2c7/0x370
[  142.758685][  T306]  ? __cfi_worker_thread+0x10/0x10
[  142.758712][  T306]  ? __cfi_kthread+0x10/0x10
[  142.758741][  T306]  ret_from_fork+0x64/0xa0
[  142.758765][  T306]  ? __cfi_kthread+0x10/0x10
[  142.758795][  T306]  ret_from_fork_asm+0x1a/0x30
[  142.758824][  T306]  </TASK>
[  142.758833][  T306] ==================================================================
[  143.093668][  T306] Disabling lock debugging due to kernel taint
[  143.100158][  T306] BUG: kernel NULL pointer dereference, address: 0000000000000098
[  143.108008][  T306] #PF: supervisor write access in kernel mode
[  143.114078][  T306] #PF: error_code(0x0002) - not-present page
[  143.120057][  T306] PGD 0 P4D 0 
[  143.123460][  T306] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI
[  143.129539][  T306] CPU: 0 UID: 0 PID: 306 Comm: kworker/0:2 Tainted: G    B              6.12.23-syzkaller-gd9fd901baa98 #0 f1acc3ef52b3e732a05c4f7a2560722db90bb473
[  143.144472][  T306] Tainted: [B]=BAD_PAGE
[  143.148620][  T306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  143.158696][  T306] Workqueue: events _RNvXs6_NtCs43vyB533jt3_6kernel9workqueueINtNtNtB7_4sync3arc3ArcNtNtCshgDM7dBCdno_11rust_binder7process7ProcessEINtB5_15WorkItemPointerKy0_E3runB13_
[  143.175664][  T306] RIP: 0010:down_write+0x9a/0x2a0
[  143.180707][  T306] Code: 48 c7 44 24 20 00 00 00 00 be 08 00 00 00 e8 2d 34 55 fc 4c 89 f7 be 08 00 00 00 e8 20 34 55 fc 48 8b 44 24 20 b9 01 00 00 00 <f0> 48 0f b1 0b 0f 85 a0 00 00 00 48 c7 c0 c0 b9 20 87 48 c1 e8 03
[  143.200318][  T306] RSP: 0018:ffffc9000b77f500 EFLAGS: 00010256
[  143.206389][  T306] RAX: 0000000000000000 RBX: 0000000000000098 RCX: 0000000000000001
[  143.214364][  T306] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc9000b77f520
[  143.222372][  T306] RBP: ffffc9000b77f598 R08: ffffc9000b77f527 R09: 1ffff920016efea4
[  143.230351][  T306] R10: dffffc0000000000 R11: fffff520016efea5 R12: dffffc0000000000
[  143.238332][  T306] R13: 1ffff920016efea0 R14: ffffc9000b77f520 R15: 0000000000000000
[  143.246319][  T306] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  143.255250][  T306] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  143.261834][  T306] CR2: 0000000000000098 CR3: 0000000120916000 CR4: 00000000003526b0
[  143.269823][  T306] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  143.277826][  T306] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  143.285818][  T306] Call Trace:
[  143.289111][  T306]  <TASK>
[  143.292054][  T306]  ? __cfi_down_write+0x10/0x10
[  143.296919][  T306]  ? _raw_spin_lock+0x8c/0x120
[  143.301697][  T306]  ? __cfi__raw_spin_lock+0x10/0x10
[  143.306904][  T306]  ? mutex_unlock+0x8b/0x240
[  143.311495][  T306]  ? __cfi_mutex_unlock+0x10/0x10
[  143.316558][  T306]  rust_binderfs_remove_file+0x6c/0x110
[  143.322111][  T306]  _RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x9d4/0x2860
[  143.334876][  T306]  ? update_curr_dl_se+0x10c/0xb20
[  143.340006][  T306]  ? __cfi___update_load_avg_cfs_rq+0x10/0x10
[  143.346083][  T306]  ? update_curr+0x60d/0xc60
[  143.350686][  T306]  ? __cfi__RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x10/0x10
[  143.363896][  T306]  ? update_load_avg+0x506/0x19a0
[  143.368946][  T306]  ? detach_entity_load_avg+0x7b0/0x7b0
[  143.374514][  T306]  ? dequeue_entity+0xa9c/0x1750
[  143.379465][  T306]  ? tg_unthrottle_up+0x980/0x980
[  143.384501][  T306]  ? stack_trace_save+0x9d/0xe0
[  143.389359][  T306]  ? kvm_sched_clock_read+0x15/0x30
[  143.394564][  T306]  ? kvm_sched_clock_read+0x15/0x30
[  143.399767][  T306]  ? sched_clock_noinstr+0xd/0x30
[  143.404887][  T306]  ? sched_clock+0x44/0x60
[  143.409307][  T306]  ? sched_clock_cpu+0x75/0x400
[  143.414162][  T306]  ? __cfi___update_load_avg_cfs_rq+0x10/0x10
[  143.420233][  T306]  ? __cfi_min_vruntime_cb_rotate+0x10/0x10
[  143.426132][  T306]  ? xfd_validate_state+0x68/0x150
[  143.431263][  T306]  ? save_fpregs_to_fpstate+0x196/0x230
[  143.436824][  T306]  ? __kasan_check_write+0x18/0x20
[  143.441938][  T306]  ? __switch_to+0xc7b/0x1310
[  143.446619][  T306]  ? psi_group_change+0xb44/0x1130
[  143.451739][  T306]  ? __cfi___switch_to+0x10/0x10
[  143.456686][  T306]  ? _raw_spin_unlock+0x45/0x60
[  143.461550][  T306]  ? __switch_to_asm+0x3d/0x70
[  143.466323][  T306]  ? __schedule+0x1463/0x1f10
[  143.471023][  T306]  ? kick_pool+0xb9/0x550
[  143.475381][  T306]  process_scheduled_works+0x7d2/0x1020
[  143.480946][  T306]  worker_thread+0xc58/0x1250
[  143.485642][  T306]  ? try_to_wake_up+0xdd2/0x1aa0
[  143.490616][  T306]  kthread+0x2c7/0x370
[  143.494704][  T306]  ? __cfi_worker_thread+0x10/0x10
[  143.499831][  T306]  ? __cfi_kthread+0x10/0x10
[  143.504431][  T306]  ret_from_fork+0x64/0xa0
[  143.508854][  T306]  ? __cfi_kthread+0x10/0x10
[  143.513478][  T306]  ret_from_fork_asm+0x1a/0x30
[  143.518252][  T306]  </TASK>
[  143.521271][  T306] Modules linked in:
[  143.525179][  T306] CR2: 0000000000000098
[  143.529337][  T306] ---[ end trace 0000000000000000 ]---
[  143.534789][  T306] RIP: 0010:down_write+0x9a/0x2a0
[  143.539836][  T306] Code: 48 c7 44 24 20 00 00 00 00 be 08 00 00 00 e8 2d 34 55 fc 4c 89 f7 be 08 00 00 00 e8 20 34 55 fc 48 8b 44 24 20 b9 01 00 00 00 <f0> 48 0f b1 0b 0f 85 a0 00 00 00 48 c7 c0 c0 b9 20 87 48 c1 e8 03
[  143.559445][  T306] RSP: 0018:ffffc9000b77f500 EFLAGS: 00010256
[  143.565523][  T306] RAX: 0000000000000000 RBX: 0000000000000098 RCX: 0000000000000001
[  143.573518][  T306] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc9000b77f520
[  143.581490][  T306] RBP: ffffc9000b77f598 R08: ffffc9000b77f527 R09: 1ffff920016efea4
[  143.589468][  T306] R10: dffffc0000000000 R11: fffff520016efea5 R12: dffffc0000000000
[  143.597443][  T306] R13: 1ffff920016efea0 R14: ffffc9000b77f520 R15: 0000000000000000
[  143.605427][  T306] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  143.614380][  T306] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  143.620965][  T306] CR2: 0000000000000098 CR3: 0000000120916000 CR4: 00000000003526b0
[  143.628941][  T306] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  143.636930][  T306] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  143.644906][  T306] Kernel panic - not syncing: Fatal exception
[  143.651292][  T306] Kernel Offset: disabled
[  143.655633][  T306] Rebooting in 86400 seconds..