83c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = request_key(&(0x7f0000000100)='id_resolver\x00', &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)='.*}/,\x00', 0xfffffffffffffffc)
keyctl$setperm(0x5, r0, 0x2000120)
r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
ioctl$SIOCX25GDTEFACILITIES(r1, 0x89ea, &(0x7f00000000c0))
ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000080)={'eql\x00', {0x2, 0x4e22, @loopback}})
ioctl$VHOST_SET_VRING_NUM(r1, 0x4008af10, &(0x7f0000000040)={0x2, 0x5})
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='/selinux/avc/hash_stats\x00')

10:22:57 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x8, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:22:57 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xd, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:22:57 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x4000, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r0, 0x0, 0xb4, 0xb, &(0x7f0000000240)="56349bbfe0018a70093db80a505fe99fb59b4e09e3284e49af1ab3a4b4cedabeee99125284e3a18c7f5b6722c795ed6a7d1d86e022d059f3a06ff2a6e4dc7473d249f4ec6cc7c3c15eb4c13f403e663c2e35edef5ea8b260ae4ef45b72f18ed786441167fd43394e12c28d79bc03767e1c7b748ddca4a4cc0525a96c640d3a9ea4aa6ae91d89a00c9a47cc158a2ef36f19df5e083a4004b0cd0fddff14dbaf08999af89ee891ca06bb6e73ce3f2eeeb082b167f8", &(0x7f00000001c0)=""/11}, 0x28)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008a8000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/152)

10:22:57 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xd, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1328.717120][ T3629] binder_alloc: 3616: binder_alloc_buf, no vma
[ 1328.724590][ T3623] Dev loop5: unable to read RDB block 1
[ 1328.731536][ T3627] binder: BINDER_SET_CONTEXT_MGR already set
[ 1328.737724][ T3627] binder: 3620:3627 ioctl 40046207 0 returned -16
[ 1328.746028][ T3623]  loop5: unable to read partition table
[ 1328.760179][ T3629] binder_transaction: 37 callbacks suppressed
[ 1328.760197][ T3629] binder: 3616:3629 transaction failed 29189/-3, size 64-8 line 3148
[ 1328.776794][ T3623] loop5: partition table beyond EOD, truncated
[ 1328.784101][ T3634] binder_alloc: 3616: binder_alloc_buf, no vma
[ 1328.793811][ T3623] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1328.802021][ T3634] binder: 3620:3634 transaction failed 29189/-3, size 64-13 line 3148
[ 1328.813730][ T1829] binder_release_work: 37 callbacks suppressed
[ 1328.813736][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1328.831258][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1328.838365][ T3627] binder: BINDER_SET_CONTEXT_MGR already set
[ 1328.846488][ T3634] binder: 3620:3634 transaction failed 29189/-22, size 64-13 line 2995
[ 1328.855800][ T3627] binder: 3620:3627 ioctl 40046207 0 returned -16
10:22:57 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x9, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1328.862872][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:22:57 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xe, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1328.936430][ T3623] Dev loop5: unable to read RDB block 1
[ 1328.952227][ T3623]  loop5: unable to read partition table
[ 1328.958176][ T3623] loop5: partition table beyond EOD, truncated
[ 1328.991012][ T3623] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1329.002301][ T3644] binder_transaction: 5 callbacks suppressed
[ 1329.002312][ T3644] binder: 3643:3644 got transaction with invalid offsets size, 14
[ 1329.012930][ T3647] binder: BINDER_SET_CONTEXT_MGR already set
[ 1329.032359][ T3644] binder: 3643:3644 transaction failed 29201/-22, size 64-14 line 3202
[ 1329.050976][ T3647] binder: 3646:3647 ioctl 40046207 0 returned -16
[ 1329.059424][ T3647] binder: 3646:3647 got transaction with invalid offsets size, 9
[ 1329.064157][ T8297] binder: undelivered TRANSACTION_ERROR: 29201
[ 1329.073401][ T3647] binder: 3646:3647 transaction failed 29201/-22, size 64-9 line 3202
[ 1329.091729][ T3644] binder: BINDER_SET_CONTEXT_MGR already set
10:22:57 executing program 5:
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x0, 0x0)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000040))
accept4$alg(r0, 0x0, 0x0, 0x800)

[ 1329.100514][ T3644] binder: 3643:3644 ioctl 40046207 0 returned -16
[ 1329.102153][ T8297] binder: undelivered TRANSACTION_ERROR: 29201
[ 1329.117792][ T3650] binder: BINDER_SET_CONTEXT_MGR already set
[ 1329.130937][ T3650] binder: 3646:3650 ioctl 40046207 0 returned -16
[ 1329.140747][ T3649] binder_alloc: 3643: binder_alloc_buf, no vma
10:22:57 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xa, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1329.150948][ T3647] binder: 3646:3647 transaction failed 29189/-22, size 64-9 line 2995
[ 1329.159562][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1329.171024][ T3649] binder: 3643:3649 transaction failed 29189/-3, size 64-14 line 3148
[ 1329.179535][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:22:57 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x11, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:22:57 executing program 5:
r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x1, 0x400400)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000240)={<r1=>0xffffffffffffffff}, 0x13f, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f00000002c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000040), r1, 0x2}}, 0x18)

[ 1329.302561][ T3658] binder_alloc: 3657: binder_alloc_buf, no vma
[ 1329.352271][ T3662] binder: BINDER_SET_CONTEXT_MGR already set
[ 1329.354821][ T3658] binder: 3657:3658 transaction failed 29189/-3, size 64-10 line 3148
[ 1329.358467][ T3662] binder: 3660:3662 ioctl 40046207 0 returned -16
[ 1329.376872][ T3662] binder_alloc: 3657: binder_alloc_buf, no vma
[ 1329.403652][ T3662] binder: 3660:3662 transaction failed 29189/-3, size 64-17 line 3148
[ 1329.434889][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1329.448336][ T3666] binder_alloc: 3657: binder_alloc_buf, no vma
[ 1329.462654][ T3662] binder: BINDER_SET_CONTEXT_MGR already set
[ 1329.471818][ T3666] binder: 3660:3666 transaction failed 29189/-3, size 64-17 line 3148
[ 1329.478658][ T3662] binder: 3660:3662 ioctl 40046207 0 returned -16
[ 1329.480123][ T8297] binder: undelivered TRANSACTION_ERROR: 29189
[ 1329.525345][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:22:58 executing program 5:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x40, 0x0)
r1 = accept(0xffffffffffffffff, &(0x7f0000000080)=@ethernet={0x0, @dev}, &(0x7f0000000100)=0x80)
r2 = dup3(r1, r0, 0x80000)
ioctl$sock_inet_udp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000000))

10:22:58 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xe, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:22:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xb, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:22:58 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x12, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:22:58 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
r0 = memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f00000000c0)=""/152)
fsetxattr$security_selinux(r0, &(0x7f0000000040)='security.selinux\x00', &(0x7f0000000080)='system_u:object_r:xen_device_t:s0\x00', 0x22, 0x2)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x40, 0x0)

10:22:58 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='\t'], 0x1)

[ 1329.904283][ T3689] binder_alloc: 3677: binder_alloc_buf, no vma
[ 1329.912136][ T3688] binder: BINDER_SET_CONTEXT_MGR already set
[ 1329.934199][ T3688] binder: 3681:3688 ioctl 40046207 0 returned -16
10:22:58 executing program 5:
prctl$PR_SET_KEEPCAPS(0x8, 0x1)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

10:22:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xc, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1329.967691][ T3697] binder: 3681:3697 got transaction with invalid offsets size, 18
10:22:58 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x2f, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1330.068506][ T3702] Dev loop5: unable to read RDB block 1
[ 1330.078820][ T3702]  loop5: unable to read partition table
[ 1330.096069][ T3702] loop5: partition table beyond EOD, truncated
[ 1330.107448][ T3707] binder_alloc: 3705: binder_alloc_buf, no vma
[ 1330.135530][ T3702] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1330.162968][ T3710] binder: 3708:3710 got transaction with invalid offsets size, 47
10:22:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xd, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1330.190410][ T3711] binder: 3708:3711 got transaction with invalid offsets size, 47
10:22:58 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x50, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1330.259248][ T3712] Dev loop5: unable to read RDB block 1
[ 1330.283788][ T3712]  loop5: unable to read partition table
[ 1330.313593][ T3717] binder_alloc: 3716: binder_alloc_buf, no vma
[ 1330.316483][ T3712] loop5: partition table beyond EOD, truncated
[ 1330.369778][ T3712] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1330.373784][ T3720] binder: 3719:3720 got transaction with invalid parent offset or type
10:22:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xe, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:22:58 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
syz_read_part_table(0x2, 0x3, &(0x7f0000000140)=[{&(0x7f0000000000)="2657f05f6a564c88ee5ef923b72147e56a40ab8bfffce91921b77327eb66f8d9c6770fbbaec21b077685451078d4f49c65486566b65f761066019c7e8c18d92b7341291a1945147e549a64bf95c6f3696358ae430f923c774152457fbfe855e0dc495dc62dcc3b38638e034939784f2a3a1ab44cdb5dd526348567bbba29dd", 0x7f, 0x1}, {&(0x7f0000000080)="f7626ef11326f07e6270", 0xa, 0xe3}, {&(0x7f00000000c0)="abdab675148b999c9907c6e86bf415b7154ce332c1d2084f475e561be3ca490a91d4c634da92937980cf1b6383edb4a95630df9c27abde50093f3318f6450f5d70745b29f9b62a", 0x47, 0x2b}])

[ 1330.472705][ T3725] binder: 3719:3725 got transaction with invalid parent offset or type
[ 1330.577995][ T3730] binder_alloc: 3726: binder_alloc_buf, no vma
[ 1330.634004][ T3731] Dev loop5: unable to read RDB block 1
[ 1330.645190][ T3731]  loop5: unable to read partition table
[ 1330.656575][ T3731] loop5: partition table beyond EOD, truncated
[ 1330.671186][ T3731] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1330.791768][ T3731] Dev loop5: unable to read RDB block 1
[ 1330.797373][ T3731]  loop5: unable to read partition table
[ 1330.815603][ T3731] loop5: partition table beyond EOD, truncated
10:22:59 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x10, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:22:59 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5e, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:22:59 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x11, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:22:59 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x100000000, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0x30, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0x2c63a016202cc1a6)
write$binfmt_misc(r0, &(0x7f0000000100)=ANY=[@ANYPTR64=&(0x7f00000011c0)=ANY=[@ANYRES16=r0, @ANYPTR64=&(0x7f00000000c0)=ANY=[@ANYPTR64], @ANYRESDEC=r0, @ANYBLOB="07f24476b6a1e4600a99565264e19f5e2bcab76eaf5d05e086a7e946aad027cfea1462c3161367d8173a77427eb5d98d01541ca0d757afefc9d6231da16ecf324d25c09a75463db83a868a4511aeb2bf66ba420b3407fd032cebb78149ade0580a842a46e25f11d98031962ec299b70095fffadddc50cdeb47ed962e0b01be05cdffb909fb8fc7838b2c6373b15145b24dc9235f22587198319e78d8df868ad33e0ba7259cf2ee4bf226cc84c0d5145a88df2c90c59c735f6eb789fe35ffe890cf92299f7c38f42365e7ce87457c57fd04f996677a70b527f76140512ce719cd17d62b6a1d94777b32cd", @ANYRES64, @ANYRESHEX, @ANYPTR64=&(0x7f0000000180)=ANY=[@ANYRESOCT=r0, @ANYBLOB="d0275295c7959f86b17b3d5c67f5dfc7718d7c76ccac1e9417acbcc5c1324ee5ab9b19db5e56ce1945dbf1235284c5ed99ded2c0db3dd1dbf6f7a6717589efa0e1c43da7ce344a26184a6f8c23c136b4bbed9244f8ef61ecd74ab9b43985170c5c8ee8910eb7ad1cc0fe10ac142a2a1ccd93290392c0dbce9054ceba31b7a5b629bc6fe98df5b21bfecf0e5a2942b5295afe966bcc4d4c7784633a39df7779cf45a37b99630a3fc5819eca0a70c984bd633b0dda24c594d30528c3534c45677b01f4892ef13b31bcac95cae98e8862d50fde4b57dc22af2eed813f9c54a26ec2f2e658842952966a52bea9ba24a9941597495b0dcb78e93cd8fc0608c835d2e085911997eaea174aa5c19db16627109f0bd559b25f3e844d9f435ad5c7730b458f7d809fa50c48c3bf83d12281fdb2554e66f785cb08cf835e063b777eef6a9808f8f544f34b56d2935ec7e223b91781a074570dac31e10a6fb2e304abecadc30a3d667d4bea34d8a2782e19bfd3dc6a703e2d46bdd96e1ccc1d03f032bb1370c79ebaf8eea6229fe5a4bba7d26b2ee834de96fcebe21152f3567ffe23ff65d2cac8cec8b9f20ee7edcaa0f2736502bee0f3553a001d4c4bfa899bcd365b800606111c65e5a9efdab564399cd37edc963d9aac89c4f0350e98fc63b6317b1f90e0109c5024dcdcb82a7c49c3278106e174442b0ad2f376f68dab2f41ebc3226cf51ed32e4bd6200ed8caea51faef0256a05aa6731fca17a70f4235fd201db10ed40abee982f26824c9d7387e3baf42928b0cd57da49fa2b03d3038f819e33e03813680c49da23339a0f27db7aa4b99eba3440d8d1279254bfa4fec43224209e8a9f30a1ea24cb79285ac0f4afa8bb41f5086b4322a697e4c845f3df04c0db887058a198c9d8bf2b4f7be415674f8a8ac4e9a5f9535c08219968b153130c20b10ac718564303508299d63e3a2bf59b421bf5d0cc6b81adee531a67fd9788b715e4cc88564f1ae3a0d490a35aff860784e993015ae25c0787f2e841f6a5479340552ac843a7e770c34dea6578cf8e6a57a8f777b689e7154601c64b6283aa1504c85efde8f1512b9f79458b5a00a708086a802f8f8f3dfa926379c1d3696626b034b298998af5086c33dda2bc38683f3c1ec20619a0c322155a508748d20a9723478e391ffcf3a0af56fe7ea5da2aef9d54ddc434b3d87df0c35a7fa46ec7d2b1e7dbcdbf87729c4ca0d9701536b32e114be02a66a5d279956d6e082d6be05d0439cd1255a3f722d3ecf5581bfeefe6207eefd0fe5946c0f50bb3336c045df90b1a544df52e08b9215775e6e39ea4844ac85037f3296123f77db80678e8f6d1cbe5f25da57b1edf2805d60c03eac55f5e29c7a0f423d60ca062b4cfa686b0bd13fed53280355475f5d23ea2bf2d6836168e4e9a9701c8fcaff8b5da57a8c5eb96f425d40345aac59412bbc57298e3d5f3040db2adfac625db3803026ebfb8b768797c467dea1e3ba5f8a7139f1b573f8a89ef7b34e88e45f1fc0a1915c3fa514d4d189718677e8eb4bd2eecc9c0e278be679a4ee63f2453098a19f28d620c41beef3200b8e215e96b7d61ff8f536efd3cc792330fbc28fd1d30c439522711c41b51f7ceb295cc54b632e0f5ebe8600985c4f724fcaf9e2236b6e084e9ba22c02e43d6ec2ad87c8a5b04239eae10cdfca33f6b3d1f1cc05d78c6564a1907bf431eda09021217e4da5c524eacb611a438c6d45135804c1303977e09b510c4c65dcfa6cb606acce3015c2c56da36f6114b820d94de95ec3d861f6e9391b5cb4e2930eda694edaa525b967636eff64d4417f79cc4f24f94f38918ae7aa95d0b4009bacf9c53f1c8de76fa7bdb6df1e4c73da10b7ac738d9e1a63e8e3aadc8d6ae9794b55233232c595193dc6172e8a43e41fa34b4df10ff8cb4907b08817063d5e7310d657330376ac3dc4f0563f3346a14bc3f1ec19ff6ecb84cd54f4568f57a1f31ff603bbdf4b48520fae37071ba564de2dd58017f85b7d1af16ca29c7f68f835113fe0721f0404d792525865f04a9b014fc080ba003566d4db573d80d75e38fe47f0d2ab481b90d0e52467b70cc25c08efef46fa7f4818a47ca5a7c18a67eb86293f6b6d9777ee6e09cc615a3f0baf6ccbf87c9b9b19dd81d1f6fb2de84ef2c55e64b89fcaea55eed855577205a4f98e1811599be4ece49d95e8cafd8ed2f100de9fa6a7d5e641b9efeba8e94225a9e2382608087d7d58ee9af4b81e4b291db3c863e0afc8d5fe7787d20e9cb210cc525d34fe934fc28f95a49a6b92bae8fc5462008c814cbc510c74c308b1a5439c8fb3ec0136df65d35fbdf416423abfbd29e28859cabae2282a0f3e8de60b03504a9217aa5144c4ab6813b03f9447c1b939afb647078ee146c8ecdf383eaaa6f3dfaeb52d446565349c78317a2e85b5658af570cc0edc5ecb1eabfa4f32b6c73204776b20cd6ed8ed64dc29b98928290412286cdb6f5644947bd28b0365478aff47d69c8f3567799a59dc111afdfc6b0d93a939ba2a2364bf8dc30ae0dc3ac71925bb1235aa6ccfc2e2533df6e7eef9d6e62ea8337b1a3291a9c280b42c17d15e5e45f2f7ab680520b8998a3cb436a802a44fee2db4d6ad921ab3079727805fe23d8d154d3f73a136f561c0ed6a5195a4da2cc683d939757cf7f81299d066fc687520b12485d0854edbf41f59d866a5df4888792b1dc4c6d57b1d73d4348eae99cde18efbe669d445100db91a1a50f47c9c9fb649dc17dadde82e2adec9d72be15c84fca856ff5a2a4e7975f63f7b091a04b606e831ba11a2f98ccf71ae752700287be189cb7da7e29873a050df8a58ba52fb7a26ff18b72bfc131431d52e8c0732e8a984d3cbd45e85e8742882cd40c01086b70fae396b512cac35760b47986d5d542af4ba5f8a389ae5018bb83b72c561158dbd7ec5fda0a807baf403aa4b02c5d675a3b2c432d60e4f69413e930258889eb05f8f2257732985fbe47bbfe515cd9ccb8ac9ceb42e6411ae358076722441a145b51729c98f0f4ab833f30f4a23bdec866268c51d1211dfc30f27a257fc4715c758fa6b123e3dc79c089cfd1088176f9081a99a1cb46f6fd5921f5eab616131c13ec4bb684ccce31c56cd2b1c47d9d19e49989ea76f82839abd99b2d47f435d117ef41350679f1181279c831798cef0b73cc8968e7160eea311ab6d3350e2b1d5ac44aea5d1f2d700865be2daa24c69a5cc6bc3c41f3eac53a87896e7c5b7e82fb013b4129d4b6520b2d329c1206fc6b4fc74136e07ca5e2664fcc0ad2262cd2038d0182aa9e4953433417f6d773dcc365b2c56b2627cd1c1431c2dae5d2a32b1e5f9f758aea99952cf89c993492e242de5c609bcb1503aa0f9e1e7cd78bf0657f6ad2d8d42f26ff28b6f478f98e053d6ef21e7ebace24c41a021ede53152661f017d9a57c7d59194ef27f901b641390c73c1ff8ccbd8c803513e44ffb4d7069d4558562d37687706fd127f41e8ee777e01b265f25dad8dd186a762d0f773a05478830d1b9e68951d6a23951a4aa0f582964f7a612c5bbe6b598d41626020471cd4008f6b098ed3c3d79f5a06013171acbb1618f3b6dfabf21bd7505e764203b381e345a1ac4e698b1d80a477444ab49186b06ddf6016c15c5f2edc43c5d675aee5b686b6679499cfd5da23c1d59e4456ecb577fbc31c85e514bd9a3abf72b8f33574e381ae7591039672a934e045d4b685b0ce55de961dc2d59dca89a4d0e633db1f325ae95d85b1ac417a542acde9fa115537662827f3faaac6e20df1ae6e1155b51f8794b39d40454b6cf0ab07c809d2c6af7166163fd3d28329518954f1999c951972b551d4ad7e11245acd51a39066130c85924817ad867384a4828a342c952a7bf401a866c0c495f1868de3fa02bc3ea0202c7e2ca5440c7b91625f684e7c0262b99ff3f8c707579eca7ad0b0c9c56f1c44db786465e3364bbc6832f3b070777e65c099fb01c047f4973747e14d4c208ab52430e82624d05424bba25c33869901d47e7297e8f8e2467412b68db1767c45f7165638ab7b420d73a48773f19a9a5b49ed9b1c0b41f6983d872918845ef93803bf5bc9397b2d5a6fecc97584c939c36ba143b7d095fe5eeaf96a84e2a8ef8d3a254784e9ad6dee9db7f7ed22cb2a80e04abd5c273c2a34594bbde4c93dab6781046575e15d72f9ca1addb8ad03c91e5e1a00690e5c9b177380ae82d75fa552cbc3f0f1cd8e65de9d19d4a89a3d94a14e78013aa21dce031c84d561244e7c1628d74dea06e2b27a23d9f303fc7f569668f6be121ccc3e0e31d39b6bdb107c8e2e9167f649064c5753a1806df6211c9d54ac537f6278627733aadfb1f462d66adc134d6b81a82217eb0bd79c59d05a3b291eb94d5249b9ea9ec4b024f28300fb2d303dddf1753a45a79559d262b206e84f86ea19104ad5490fa515332f07b38d1128998d37e392550f808adc9968a49be55128e6e6ba1fa49ebaa05bfb353619238262a017ff724223c06e196a992fa6f5cfbe1659c4d12ec43bfb4edad8422644fccfa370e4d664f3cc03b1193d212d16f695680c5306a7da10ef933d5ed11ffdf538c23fab2625bc4366e25df791003b2848a29e0e09ba096a02cfbaef75fac9756cfbe569ffdcf4caf2e6b6d96d04aadc748e30514ea2262aa1fcd5c22fc8fc7f3591e4a0f68f9786c534087129ef447f6614755a2ba624a44511d4092ea12f9cc30005d6fc06f9bedf0c471fdeca6b84790d2f179aa9a4cf06da5898707b68a74a5e925ec54b4dfd2dffa1f4e5b99b212805e4481404bf77462298d1cf4ac4c8eb4ffc469591b14298c6a4a785184dab239a4d7fd82a8d5762d729baf35abf15394f0ab60e44604116d4e195360b98961a4b98f945e754da4e2090e6df27bc4b0769919bd244d24bafece874338b13df19dbe5677c14eb1ce48810137524ec72c0cee439ad7693a485735c77213dc141ac09583d0a101e26c8498b4d84cc2583ad324f0bfda6710158249ae470554586d193370f9d5927b2aebc246141ee08105155eba24b19bd03e34fff9fe18ee2fce944ed80b7691046089c94aec3f4b2357133a3db38c8bff84ddf4f68ab7c1a30d7651ed4da188acf1f045ac43506a2b96f7fefe292be8397d2025aaf2ed97126b9672bd06df71ee869090f1d83134b0218710c30a067a640e53c44b46f23f617474dc85ebdc93c91f38d287a11612c9b16a5437096c43565f3bba783f61c7879628b99c4a1ad0911650857e291643bd5730bc1d23fec7caeadb0d396ce2eada76517b467e5e1eae87edff39b0245b3ad6d51bf77bc8b9475f97ef0b4ae5a751558a68904de4c30340081a8939044bf24e1c308ca802ed18d4032e3baf37a9be49907f62139c1e26d4f32fddc0ab552152942770e7491252b63c8f9458e58e59d795da8f24a2629ac9620add0bfde831abe28ef14a673ad7729669326aeff1dfbd70f42ad964233c2c708cfc46374f2862cbccf1db0cfe37db6d5ddc8c8e0e216479fd03e84b8e82593a8c58a772a58a6b89e07215f057ee31d717a380cc793b1178ecb37d6c40beb52b94672569ec0b9184d24c465b7871b9d3bac07457de6a5a846bdde1a3a933c3f4c5318ff5fc3c3d7f4ea5e10eeab361007fd3d9b2c8563db5854d5d7ff64c2d04582a2e093f799f7615d4af9972383ae228679b450f0d748bbd097a14ae2f64d2239e30f6e70ae65635d98483e8d4608e117df9f28dad96f79bd4eb2d4081fadd118c2e1b0c6a24e2ba3c8660c0c915938"]]], 0xfffffce7)

[ 1330.836472][ T3731] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1330.866456][ T3747] binder: 3744:3747 got transaction with invalid offsets size, 94
[ 1330.888264][ T3749] binder: BINDER_SET_CONTEXT_MGR already set
[ 1330.910907][ T3749] binder: 3745:3749 ioctl 40046207 0 returned -16
[ 1330.926557][ T3749] binder: 3745:3749 got transaction with invalid offsets size, 17
[ 1330.937582][ T3755] binder: 3744:3755 got transaction with invalid offsets size, 94
[ 1330.967635][ T3756] binder: BINDER_SET_CONTEXT_MGR already set
[ 1331.017231][ T3756] binder: 3745:3756 ioctl 40046207 0 returned -16
10:22:59 executing program 5:
syz_read_part_table(0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff)
r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x9, 0xa00)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000080)={0x9, {{0xa, 0x4e21, 0x1f, @mcast2, 0x6}}, {{0xa, 0x4e23, 0x4, @dev={0xfe, 0x80, [], 0xf}, 0x8b77}}}, 0x108)

10:22:59 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x800000000001, 0x4000)
fchmod(r0, 0x28)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0x30, 0x12, 0x100000000004000, {0x8, 0x0, 0x80000000, 0x0, 0x803e0000}}, 0xfffffffffffffdb6)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:22:59 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x63, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:22:59 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/policy\x00', 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x7c, r1, 0x20, 0x70bd2c, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_DEST={0x60, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x9}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x7}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x2}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x7}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e20}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@remote}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x4008080)
mincore(&(0x7f00004bc000/0x5000)=nil, 0x5000, &(0x7f0000000400)=""/152)

10:22:59 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x12, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:22:59 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xfffffffffffffffd, 0x40003)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000080)={0x30, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0x30)
write$binfmt_misc(r0, &(0x7f00000000c0)=ANY=[@ANYRES32=r0], 0x4)
r1 = getpid()
truncate(&(0x7f0000000180)='./file0\x00', 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={<r2=>0xffffffffffffffff, r0, 0x0, 0x1, &(0x7f0000000000)='\x00', 0xffffffffffffffff}, 0x30)
sched_getscheduler(r2)
kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r0, &(0x7f0000000140)={r0, r0, 0x6})

[ 1331.274018][ T3772] binder: 3766:3772 got transaction with invalid offsets size, 99
[ 1331.286980][ T3773] binder: BINDER_SET_CONTEXT_MGR already set
[ 1331.298339][ T3773] binder: 3769:3773 ioctl 40046207 0 returned -16
[ 1331.298343][ T3772] binder: BINDER_SET_CONTEXT_MGR already set
[ 1331.298370][ T3772] binder: 3766:3772 ioctl 40046207 0 returned -16
10:22:59 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x223, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:22:59 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x2f, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1331.499690][ T3789] binder: 3787:3789 got transaction with invalid offsets size, 547
[ 1331.538070][ T3794] binder: BINDER_SET_CONTEXT_MGR already set
[ 1331.545643][ T3794] binder: 3793:3794 ioctl 40046207 0 returned -16
[ 1331.555622][ T3796] binder: BINDER_SET_CONTEXT_MGR already set
[ 1331.570499][ T3796] binder: 3793:3796 ioctl 40046207 0 returned -16
10:23:00 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x11, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:00 executing program 4:
syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x9, 0x0)
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x4, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[], 0x0)

10:23:00 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5f5e0ff, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:00 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x50, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:00 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x800, 0x0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00')
r2 = syz_open_dev$sndpcmp(&(0x7f0000000400)='/dev/snd/pcmC#D#p\x00', 0x3f, 0x206000)
r3 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_ADD(r2, 0x4c80, r3)
sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40002000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r1, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x168}]}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x1)
r4 = syz_open_dev$vcsn(&(0x7f0000000200)='/dev/vcs#\x00', 0x1, 0x100)
sendmsg$IPVS_CMD_FLUSH(r4, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0x392, &(0x7f0000000380)={&(0x7f0000000280)={0xe8, r1, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0x34, 0x2, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x6}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x8000}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x3}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x2}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x2}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x4c4}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x1000}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xffffffffffffffff}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x40}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_SERVICE={0x48, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x32}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x4}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0xcaf8cc5893ad54a3}, 0x20000080)
r5 = dup3(r4, r0, 0x20080004)
write$P9_RMKDIR(r5, &(0x7f0000000000)={0x14, 0x49, 0x2, {0x0, 0x1}}, 0x14)

[ 1331.797423][ T3803] binder_alloc: 3802: binder_alloc_buf size 100000064 failed, no address space
[ 1331.808955][ T3806] binder: BINDER_SET_CONTEXT_MGR already set
[ 1331.840905][ T3803] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 12288 (num: 1 largest: 12288)
[ 1331.851698][ T3806] binder: 3804:3806 ioctl 40046207 0 returned -16
[ 1331.864029][ T3818] binder: 3804:3818 got transaction with invalid parent offset or type
[ 1331.884478][ T3807] Dev loop5: unable to read RDB block 1
10:23:00 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x200005d0, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1331.896625][ T3818] binder: transaction release 6372 bad handle 1, ret = -22
[ 1331.908017][ T3807]  loop5: unable to read partition table
[ 1331.920199][ T3807] loop5: partition table beyond EOD, truncated
10:23:00 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5e, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1331.958307][ T3807] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1332.007903][ T3824] binder_alloc: 3823: binder_alloc_buf size 536872464 failed, no address space
[ 1332.025137][ T3824] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 12288 (num: 1 largest: 12288)
[ 1332.055341][ T3825] binder_alloc: 3823: binder_alloc_buf size 536872464 failed, no address space
[ 1332.075020][ T3825] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 12288 (num: 1 largest: 12288)
[ 1332.101469][ T3807] Dev loop5: unable to read RDB block 1
[ 1332.107684][ T3829] binder: BINDER_SET_CONTEXT_MGR already set
[ 1332.115672][ T3807]  loop5: unable to read partition table
[ 1332.135625][ T3829] binder: 3827:3829 ioctl 40046207 0 returned -16
[ 1332.152361][ T3807] loop5: partition table beyond EOD, truncated
[ 1332.177296][ T3807] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:01 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x203, 0x0)
syz_open_dev$sndseq(&(0x7f0000000400)='/dev/snd/seq\x00', 0x0, 0x2180)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f0000000140)={0x9, 0x40, 0xfffffffffffffe00, 'queue1\x00', 0xe1a3})
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
r1 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x100, 0x840)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x0, 0x82, 0xdc, &(0x7f0000000200)="d6ccdab4778aaf986781a51dec49b600abd36fa0541582951997f1399a23431bcba8975fb01481a616d3f03565207b7e040487664cf2bd441325f87b7dbc7ac1aefcf7d0ed4c88ffeb8f3d50b1863329af32899b85a714c0184d94c39d23e566a3efb6c0dc7687ea246c13c07c4b7c467feb6d25041380c322ccce464666e609d38a", &(0x7f00000002c0)=""/220, 0x765}, 0x28)
ioctl$SG_SCSI_RESET(r1, 0x2284, 0x0)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
remap_file_pages(&(0x7f0000bff000/0x3000)=nil, 0x3000, 0x2, 0x3, 0x1000)

10:23:01 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x66642a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:01 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x63, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:01 executing program 5:
syz_read_part_table(0xfffffffffffffffd, 0x1, &(0x7f0000000000))

[ 1332.650237][ T3846] binder: BINDER_SET_CONTEXT_MGR already set
[ 1332.658758][ T3844] binder: 3843:3844 got transaction with fd, 0, but target does not allow fds
[ 1332.689781][ T3846] binder: 3842:3846 ioctl 40046207 0 returned -16
10:23:01 executing program 4:
r0 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0xffffffffffffff81, 0x400000)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00')
sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80002000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x238, r1, 0x100, 0x70bd2d, 0x3ff, {}, [@TIPC_NLA_MEDIA={0x18, 0x5, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}]}, @TIPC_NLA_BEARER={0x100, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'ifb0\x00'}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x1, @loopback, 0x4806}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x2, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xfffffffffffffff7}}}}, @TIPC_NLA_BEARER_NAME={0xc, 0x1, @l2={'eth', 0x3a, 'lo\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x401, @local}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x3, @loopback, 0x401}}}}]}, @TIPC_NLA_SOCK={0x34, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffffffffffffe}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfb1}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}]}, @TIPC_NLA_BEARER={0x48, 0x1, [@TIPC_NLA_BEARER_PROP={0x34, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_BEARER={0x58, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @local}}, {0x14, 0x2, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x19}}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xffffffffffffffe0}]}, @TIPC_NLA_MEDIA={0x38, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xaaa}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x200}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}]}]}, 0x238}, 0x1, 0x0, 0x0, 0x40040}, 0x4000004)
r2 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$RTC_PLL_SET(r2, 0x40207012, &(0x7f00000001c0)={0x7f, 0x5, 0x40, 0x85, 0x8001, 0xffffffffffffff3d, 0x4})
syz_init_net_socket$rose(0xb, 0x5, 0x0)
write$binfmt_misc(r2, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1332.705497][ T3855] binder: BINDER_SET_CONTEXT_MGR already set
[ 1332.723519][ T3855] binder: 3843:3855 ioctl 40046207 0 returned -16
[ 1332.730087][ T3854] binder: BINDER_SET_CONTEXT_MGR already set
10:23:01 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x32, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1332.792799][ T3854] binder: 3842:3854 ioctl 40046207 0 returned -16
[ 1332.799571][ T3856] binder: 3843:3856 got transaction with fd, 0, but target does not allow fds
10:23:01 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x223, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:01 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x800)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0x100, 0x0, 0xffffffffffffff81, 0x7}, 0x8)

10:23:01 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x66646185}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1332.961910][ T3870] binder: BINDER_SET_CONTEXT_MGR already set
[ 1332.985971][ T3870] binder: 3869:3870 ioctl 40046207 0 returned -16
[ 1333.073331][ T3875] binder: 3873:3875 got transaction with invalid parent offset or type
[ 1333.097887][ T3881] binder: 3873:3881 got transaction with invalid parent offset or type
[ 1333.107733][ T3877] Dev loop5: unable to read RDB block 1
10:23:01 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x70742a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:01 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5f5e0ff, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1333.140366][ T3877]  loop5: unable to read partition table
[ 1333.161670][ T3857] QAT: Invalid ioctl
[ 1333.189640][ T3877] loop5: partition table beyond EOD, truncated
[ 1333.227737][ T3877] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1333.251100][ T3887] binder_transaction: 1 callbacks suppressed
[ 1333.251115][ T3887] binder: 3886:3887 got transaction with invalid offset (24, min 40 max 64) or object.
[ 1333.297463][ T3890] binder: BINDER_SET_CONTEXT_MGR already set
[ 1333.317266][ T3890] binder: 3889:3890 ioctl 40046207 0 returned -16
[ 1333.328740][ T3890] binder_alloc: 3886: binder_alloc_buf size 100000064 failed, no address space
[ 1333.340015][ T3890] binder_alloc: allocated: 80 (num: 1 largest: 80), free: 12208 (num: 1 largest: 12208)
[ 1333.357359][ T3877] Dev loop5: unable to read RDB block 1
[ 1333.364030][ T3877]  loop5: unable to read partition table
[ 1333.369964][ T3877] loop5: partition table beyond EOD, truncated
[ 1333.391745][ T3893] binder: 3886:3893 got transaction with invalid offset (24, min 40 max 64) or object.
[ 1333.402881][ T3894] binder_alloc: 3886: binder_alloc_buf size 100000064 failed, no address space
[ 1333.403411][ T3877] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1333.438078][ T3894] binder_alloc: allocated: 80 (num: 1 largest: 80), free: 12208 (num: 1 largest: 12208)
10:23:01 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x73622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1333.579825][ T3896] QAT: Invalid ioctl
[ 1333.610008][ T3901] binder: 3900:3901 got transaction with invalid parent offset or type
10:23:02 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x2, 0x0)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000040)={0x6, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})

10:23:02 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x200005d0, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:02 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x3e, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:02 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x73682a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:02 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="42a03be9ef68f443e91f2527100e4d3360c147e4e37b4b8fa16ae46c71a0e9f3a4006039601771f387c0df0dc8f5b0a8d3fb02232f7c70efec01503d8b45c6adb5c23de5e68014a757e0b085ea09"], 0x1)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)=0x4)

10:23:02 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x80, 0x0)
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000100)={0x2, 0x800, 0xffffffff, 0x7, 0x11, 0xfffffffffffeffff, 0x6, 0x7b, 0x401, 0x200, 0x4, 0x64fb})

[ 1333.965139][ T3920] binder: 3914:3920 got transaction with invalid handle, 0
[ 1333.976963][ T3918] binder: BINDER_SET_CONTEXT_MGR already set
[ 1333.982945][ T3920] binder_transaction: 39 callbacks suppressed
[ 1333.982964][ T3920] binder: 3914:3920 transaction failed 29201/-22, size 64-16 line 3274
[ 1334.017497][ T3912] Dev loop5: unable to read RDB block 1
[ 1334.024761][ T3912]  loop5: unable to read partition table
[ 1334.040860][ T3912] loop5: partition table beyond EOD, truncated
[ 1334.050222][ T3912] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1334.068759][ T3918] binder: 3913:3918 ioctl 40046207 0 returned -16
[ 1334.068795][T26377] binder_release_work: 39 callbacks suppressed
[ 1334.068801][T26377] binder: undelivered TRANSACTION_ERROR: 29201
[ 1334.075524][ T3929] binder_alloc_new_buf_locked: 4 callbacks suppressed
[ 1334.075532][ T3929] binder_alloc: 3914: binder_alloc_buf, no vma
[ 1334.081640][ T3920] binder: BINDER_SET_CONTEXT_MGR already set
[ 1334.093888][ T3929] binder: 3913:3929 transaction failed 29189/-3, size 64-536872400 line 3148
10:23:02 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77682a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1334.110525][ T3922] binder_alloc: 3914: binder_alloc_buf, no vma
[ 1334.122745][ T3920] binder: 3914:3920 ioctl 40046207 0 returned -16
[ 1334.129643][ T3922] binder: 3914:3922 transaction failed 29189/-3, size 64-16 line 3148
[ 1334.140213][T26377] binder: undelivered TRANSACTION_ERROR: 29189
[ 1334.214430][ T3912] Dev loop5: unable to read RDB block 1
[ 1334.220404][T26377] binder: undelivered TRANSACTION_ERROR: 29189
[ 1334.229759][ T3918] binder: 3913:3918 transaction failed 29189/-22, size 64-536872400 line 2995
[ 1334.255874][ T3912]  loop5: unable to read partition table
[ 1334.271965][T26377] binder: undelivered TRANSACTION_ERROR: 29189
[ 1334.290855][ T3936] binder: 3935:3936 got transaction with invalid handle, 0
[ 1334.296805][ T3912] loop5: partition table beyond EOD, truncated
10:23:02 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x66642a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1334.327718][ T3936] binder: 3935:3936 transaction failed 29201/-22, size 64-16 line 3274
[ 1334.331198][ T3912] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1334.361593][ T8297] binder: undelivered TRANSACTION_ERROR: 29201
[ 1334.369129][ T3936] binder: BINDER_SET_CONTEXT_MGR already set
[ 1334.400905][ T3939] binder: 3935:3939 transaction failed 29189/-22, size 64-16 line 2995
[ 1334.415268][ T3941] binder_alloc: 3940: binder_alloc_buf, no vma
[ 1334.426047][ T3941] binder: 3940:3941 transaction failed 29189/-3, size 64-16 line 3148
[ 1334.431281][ T8297] binder: undelivered TRANSACTION_ERROR: 29189
[ 1334.442272][ T3936] binder: 3935:3936 ioctl 40046207 0 returned -16
10:23:02 executing program 5:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000740)={r0, 0x9, 0xc}, &(0x7f00000003c0)={'enc=', 'oaep', ' hash=', {'sha384-avx\x00'}}, &(0x7f0000000780)="426029a63743197a6d98f614b78f45e8281b5d56c3d4566758d0e90efbea9208291f5415a12d5094c5910cf48ccff66a42820ff39fd31e6b575f5caa59c6226e0b8b0e38c2ff5ec13460b46bfda3f42e44440f158860a2ed476a0f93cd27fb9964367aeceace3a0048811b607131b9208aed758dc0550d3c46b13217caecf1d3157e216b8f2c984150563d841a191bb9f65b2261e1ac5a3fc2d5811e0650aa976bbde21f643de7", &(0x7f0000000640)="083064139b1dbb962ddb830d3de013f417223f605a699f8415bb713ae5daf79885011bbd9bd6dc2ae54fbb4fd6e7c2768a5cc1f30dac2c014e6ee2c6b6a3c609d0941053ca3910e1cd9c6577bfc738d03b96dee5e4da4332fc1fca617d69bc33bc3dd888f12da1489e27666afc523943e2b5d812653644e8c4afc7c5dc164cec3d7421d2a70a08cde937ea66ce1acda9e4c622fed89a2f425b0d15f78a71a79785af43676f9ce67a7ff811a24ece406a26af6a140b64234429931e32116d451c54b3bc915a1325ad8a8cb857274c46ab022b197f29c2a86c9b93f66ef85f1e837193e9dba2d00cf2b56dbe91c0f8ee269fd1b797")
clock_gettime(0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0)
stat(0x0, &(0x7f00000007c0))
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00'}, 0x58)
r2 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, 0x0)
ioctl$DRM_IOCTL_AGP_UNBIND(r2, 0x40106437, &(0x7f0000000b00)={0x0, 0x1f})
ioctl$VIDIOC_G_FREQUENCY(r2, 0xc02c5638, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, 0x0)
recvfrom$inet(0xffffffffffffffff, &(0x7f0000002340)=""/4096, 0x1000, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000021c0)=[{{&(0x7f0000000180)=@pppoe={0x18, 0x0, {0x0, @remote}}, 0x80, &(0x7f0000000600)=[{0x0}, {0x0}, {&(0x7f0000000440)=""/45, 0x2d}], 0x3, &(0x7f0000000680)=""/76, 0x4c}}, {{&(0x7f0000000700)=@pptp={0x18, 0x2, {0x0, @remote}}, 0x80, &(0x7f0000000dc0)=[{&(0x7f0000000480)=""/21, 0x15}, {&(0x7f0000000780)=""/8, 0x8}, {&(0x7f0000000bc0)=""/252, 0xfc}, {&(0x7f0000000d40)=""/74, 0x4a}, {&(0x7f0000000b40)=""/46, 0x2e}, {0x0}], 0x6, &(0x7f0000000f40)=""/88, 0x58}, 0xffff}, {{&(0x7f00000012c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f0000001a40)=[{&(0x7f00000014c0)=""/177, 0xb1}, {&(0x7f0000001580)=""/162, 0xa2}, {&(0x7f0000001640)=""/72, 0x48}, {&(0x7f0000001340)=""/59, 0x3b}, {&(0x7f00000016c0)=""/82, 0x52}, {&(0x7f0000001740)=""/203, 0xcb}, {&(0x7f0000001900)=""/176, 0xb0}, {&(0x7f00000019c0)=""/113, 0x71}], 0x8}, 0x6}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001d00)=""/229, 0xe5}, 0xe21c}, {{&(0x7f0000001e00)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f00000020c0)=[{&(0x7f0000001e80)=""/222, 0xde}, {0x0}, {0x0}], 0x3}, 0x4}], 0x5, 0x40000000, 0x0)
r3 = accept$alg(r1, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x167, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x3ed, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400})
setxattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)=@known='trusted.overlay.impure\x00', &(0x7f0000000380)=' hash=', 0x6, 0x1)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

10:23:02 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x2}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1334.456762][T26377] binder: undelivered TRANSACTION_ERROR: 29189
10:23:03 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x66646185}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1334.629692][ T3951] binder: 3949:3951 got transaction with invalid parent offset or type
[ 1334.658586][ T3951] binder: 3949:3951 transaction failed 29201/-22, size 64-16 line 3389
[ 1334.683904][ T3954] binder: BINDER_SET_CONTEXT_MGR already set
[ 1334.695900][ T3954] binder: 3952:3954 ioctl 40046207 0 returned -16
[ 1334.696362][ T8297] binder: undelivered TRANSACTION_ERROR: 29201
[ 1334.709300][ T3951] binder: BINDER_SET_CONTEXT_MGR already set
[ 1334.719031][ T3951] binder: 3949:3951 ioctl 40046207 0 returned -16
[ 1334.727552][ T3954] binder: 3952:3954 transaction failed 29189/-22, size 64-16 line 2995
[ 1334.752944][ T3955] binder: 3949:3955 transaction failed 29189/-22, size 64-16 line 2995
[ 1334.774903][T26377] binder: undelivered TRANSACTION_ERROR: 29189
10:23:03 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x60, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1334.791425][T26377] binder: undelivered TRANSACTION_ERROR: 29189
[ 1334.827512][ T3953] Dev loop5: unable to read RDB block 1
[ 1334.873600][ T3953]  loop5: unable to read partition table
[ 1334.916645][ T3953] loop5: partition table beyond EOD, truncated
[ 1334.944346][ T3953] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1335.302418][ T3972] Dev loop5: unable to read RDB block 1
[ 1335.308241][ T3972]  loop5: unable to read partition table
[ 1335.319847][ T3972] loop5: partition table beyond EOD, truncated
[ 1335.328643][ T3972] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:03 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x70742a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:03 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:03 executing program 4:
r0 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x0, 0x2)
ioctl$ASHMEM_GET_SIZE(r0, 0x7704, 0x0)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000240)={<r1=>0x0, 0x3, 0x9, 0x1}, &(0x7f0000000280)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f00000002c0)={r1, 0x6}, 0x8)
r2 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000003c0)={{{@in=@dev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@loopback}, 0x0, @in=@multicast2}}, &(0x7f00000004c0)=0xe8)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000500)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2, @loopback, 0xa0, 0x0, 0x0, 0x0, 0x80000001, 0x80000000, r3})
r4 = request_key(&(0x7f0000000080)='id_resolver\x00', &(0x7f00000000c0)={'syz', 0x3}, &(0x7f0000000100)='/dev/dsp#\x00', 0xfffffffffffffff9)
r5 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
ioctl$UI_DEV_DESTROY(r2, 0x5502)
keyctl$reject(0x13, r4, 0x9, 0x5, r5)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="98059b84a880f400f3e64121704074702deddc5414b1eaa2188762255bf9f2e477b74be9e438cb5d5ac69bbc5d296501040e628de27dc4bcd957e1e7dfec653260dfec5ec24bcee3d6a6dcb6c5b17e8cef962248ead24718f7e492152c0d269f77128ee351aa18d7ffffc9bb93f91a2a26742ab0748df6b11502337d45b1321159deded0b7"], 0x1)

10:23:03 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x1010, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f000000c000/0xe000)=nil, 0xe000, 0x1, 0x0, 0x800000008, 0x5)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:03 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockname$unix(r0, &(0x7f0000000080), &(0x7f0000000100)=0x6e)
lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getresuid(&(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_mount_image$msdos(&(0x7f0000000140)='msdos\x00', &(0x7f0000000180)='./file0\x00', 0xcec, 0x0, &(0x7f00000001c0), 0x10, &(0x7f0000000380)={[{@nodots='nodots'}], [{@fsmagic={'fsmagic', 0x3d, 0x4}}, {@euid_gt={'euid>', r1}}, {@uid_eq={'uid', 0x3d, r4}}, {@dont_appraise='dont_appraise'}, {@dont_hash='dont_hash'}, {@audit='audit'}, {@pcr={'pcr', 0x3d, 0x15}}]})
r5 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x0, 0x101000)
syz_mount_image$hfs(&(0x7f00000006c0)='hfs\x00', &(0x7f0000000700)='./file0\x00', 0x800, 0x1, &(0x7f0000000740)=[{&(0x7f00000012c0)="53f558a3919d75abc6b252928e038421e5252c0f9f8ae45b71ff8fb4b087b58568a5e102a1058c4d6a2227c0929dba0ad61809c3324374e4788b2a588510caa06df5c9223e138450822c55a66820b7763000af3a574d7b0b135a1263557dbe118005c131cb3dbb8d759b9428efddb6d23ac9fd18406267c8fe0e756924045f8f532a753c690dc9550b302a1984e7c046c0a2127e16bd2a886d6342f13589bc850857bf6f7d7e3aa3c38e35f9083a924593611842c04606391674b383de04e9d6f533d3275b3d5117dbaffa9b388721387d560048ec57f0a4e6411c443062b2448ce6577ba34b224559a2521cb2ad918723b996c219c28dd4aa19afa1c57533f18682e6452a7232c8a83129db133d19bbeb945f7f52fcb18110e9f67c25ad36968f2a4281c25c1c3f6e97ad194168dfddd1af50e32ebb84b610138ec353880bb26af59c7a561c1f17b4847edfc543a28b985c1b68f3f5abf25e04a6d0cae7179538300c6cf8b72516644d1eb049a0e61b726746558d608753c7bfa0718ded77882acbe476a03207dd753529f5072c30040139e46ea69fd6ff4f90376824a0d8fe1f7adb59a9773919deed995b725f7e535232f297176fd519a0bea28fa29d94484e947f3c492fdb752a6add47a7887e1cb3ab9bc5331572a5160fe4250ca76001d47011fc7f681927e68907c33affc743f92acfc4627cd5a098850e27373879bad029e4fee26efebe5531d8e9291e02aa90f1a04b0e5021407aa5424a915067377851cadf5d91acaeb5906a916a8c22d000cd5a6cd160abb6c4a0117145fa71cbcaae02f07229cb6e2356cbeefeba9ee5022970ca45b0286ac6109fa9573260f580f1ffad0569a171a4b19634d44e09fdbb643fabf7dd139616f302cf38fe254ec15369e85a1aaef175ee7f320e48f74ea0348f17ba15177f699f8dae05d2cc9ef9ca5b22822bef582ca4369f89db1608fecfb433a624834c74f151efd93171fe581464bed4d3fc4ab535e6926d586fcf124cacbf9fb0f8da849fd3014b0617d24728e705d2fc6a7ed54128680dcded21a4e7ee28b9aaf1868a287a3c4cf684cf9ab89a4d429c1f982ecd7f1761c97d0d1be96ca544e8a8143308b4b7ee13f4f7dd6419fb886068fdf074417ad2b388e58d7899b7364e3692efd1d49af31cd1afb75749fdb8f4a5055816bcc41ed782948561701cb2fffd7587d2f8916331ab2567e86f9a3d7879d19cefebb3e671ee4b89e07151a9b7eab15b9b2ebce10ae49828fde50208141d822dc30d443817dbf6fd123798a3ded1be0504b2d3bb1afa61433cafe634d92ccb03e87f53f2a75e65fa15334f172d1d4e5dd2750186a0704f380b3cadebcb3be89a93a29a90bf4ce3669f69f11f5c26c30a55a6747fe4e09a9bf7c34cf2a68e6d0fad95db2d7c0b180b2b978ea4a8fcb90e0daa4c08e5cb0d9b7f4097a0f3c3cf742484ed9bcb49d7028d50b1bc18b6c056d15d22b4f611cca19a26b5d4205ed27f10505c3f6d30a8a379294d10fb057f0cd49a4d2232b55d569f75191f50761c1bf6950e9aba60cbd9861cac7a8d943e8b663ef4fc989152be6a5f528bb0be52a75fbc22af65db3c1708347eeb5eb9f477de397d034ea8669d54bfcfe356659f42c62c984904dae5668269b762b3cae2233f34523ea9e3a6a50002a9c26e4df415d0f2b08d5900fc8bb307f5975c44f2dba392d785539dde56fac239b9b99fc200f407494f8f9e2bb377b7338bfe6251dc9d62da99b60e0e37cf87c40ccd4e9cb28987b5bc773281cf2a0e7d610926f80d9d5b9baefa1b04e2674e19b99401295e45ac33271feecadd50b3e7bc233f37c1c5145e1f0dcaa2eb664c2584b9626bf63d64ca7a24c624184d5ac566ccfae27153129b63563f77d18a7ffb4a7a79dbc0343da81b1053594444c72fc311d601459632e1051f8afb8373d45e489a26c30c0b7e9fbd79a6ad3c2a0fa43b33c5f15b5c16ab35a45db9a03103bddf535ba969b8590b308c3436df360cf61d19e8547117601fb51ab3923db08021ab08b923f9e0035329c13d6807151db5a9bfe4d4c70e6156e2397e68e5fb4e446d112ee0e1c7577948739e27bfc74c6cf0a36bfb5d2eb0e9543428c6289979bf47a9819015e9e19af275ad0c206e682aa3dd8c53a0645c42cfb7d876be7e1043578ed42ae08df04e430c5f161a16b66647d7e35efcd34633d4986e27d519fd9eb3f80cdaca6360a51e6cf0304155586b81aa7c6dc09cb2e3ae5bbf611bdc9a4d6cf53a0a8f062f40186e6f4aa3681923a3473488e86a80468ee71eeed884dc672287e14b26c984ceac4ef68d88d4259076ff5b7d95692d3296cf45474862e0e4c59a054502abb85619664c0033c97e14b8e4d3677e04067b3ee5e98ad554502c469335044a0626fbda15e58d18595cfaaf4047448937d400ecbb14fcd26768a96667128b34843011bbbe759570197939a32605a5be1b445bc7f0da3c7c7f972fc25643aec189c6faed2e1a8f499250dc72118ba4d04a3c2043d51b520d23172a99f0d2a1249315ea9bd0b46429c573a79f9b80b0cd736475a1e0ebb610dc4f701fe699e352041d96c372c3229f8c4c899d154ae8782d3ef95b2c7a27ffc8196438cf472ff648526e5ae1dd8e8b2a5afb5692ee47a7eba1dd3a337352b2f282d3b8a47092cd959da8657cb1fc3e8c6c998b62bfa2113a28a3db76f1e2f3d4f9a94ad96b51baf933a8575cf35e95a22747b0bf7c779814471cad58dd1e8bb2c5c88e32c0939cbcad218c923e2dcf9c83143d1d957a9b7de82c1b65106901edb8a594d503534f07d7917a92685027e20ca4dc2c596ee74b3066b5197716c673d6588dfed06f5e172775e7fc27b9728876b449aaaab4c522a97b14a0c0573fc9b4fbe52c348484d49e65e1813e23682ad9c1ea7dc599af85e9f7231a3899607809e0b8ce7c627725ecace94008ab7e5c4840138be1f61103ed71caeb39ecbb184c94321fa65fd159c7316f08399a9667f3bc41c423e893538a212633579b0d9c6db2892bbccfd4973ae4ea9a498d686958c9aa9c036d6614c87140d4a487153c2b1f91973c8a0671e0460fcca632374b407b54c7472ced6ddde20416bd0e3b2fef943ceaca0c7ec855608b1ca38186a4d66910c2baa9fe1d023b09ab8117b2ac04a69b1e69bb441f4b947a12f2993e267d2fa5f05299bd7d3a6d60bfdab0b207c6d13ee2715b1aa0a249cc021aabe045878f3d60664e746493665ad186fc0ec3b4bd487faff5baec1d8391fa2ed9b19bc3633b2c70bebc59d48b21f57e118ad0d33f29fc09fa1ee096a5b599b0a8b3dab1ad07be733a7ebc80b49dc37c842a158c0a965639a380d7fddaa0e47a827f0cf5bfa6bec376aa0e7a0b068b5b46bdad918cac1366477ba83d26f2da98816080430d4e0adc8a42380ddbc5d5505a6ab8d978b0447f567183aa8be403f7431462c6c935db7fb5b7456b3b7389f4a6fb51b0784a9bf63d7440dc38c4e1a54838952b46272a3271f820a58f93ff6f557408778f0e8155883e9cc568b8bba7c0a41e458f085bc17af66cc3270b6cf4e56e37cfc70910410d92f12591c9531e6f53da4f7791bb5a0a7062bd4fa1aa20a55da50e16c2fef4030b218620f899ff559992d7f2dbdefa4a73a21838e8a1642fc6694158393f80c0c693ea4e1d8945a5f39675b06c826bf1454e464cbe2db0771c8a323facd72ed152a53168b0c47def0ca1cad5b5410bfec52953127b613cba4b3307daebdb43484b49735b8d45aec370976f7b0a72ad16cd64a061402a74f8f96a61fcdbca6d53af2ee5f61ccd80ceb7b3f8ec03923a91595ef574771df0b25b60f6f9e8db3b510e7f76db44ac248a0eef0df23d6e848a91fe61026b1c7db2e4a647b571e4f9060932048f2add8dd8beccd2222b11eebb9c070e053c5c42bcfccf3ed72745e5c7ecd6b3d2f3b29e2c31aeb2238f503c2f7a6fd42aa88662599f426e8b625bc8d8d3c5c2496c442ca74a340e1ed97ca8f3200d5d8fcb79b1b2019e38731044993e6abe37934ada3ba2554499e6488cd83e3d01004b0ef83af8adba67b493dede8692e797124ed8d890bca41970a01226a236e60c8b3936c18cb3c15e13546537c6ebe3ade40da93bed550e9743075b9affa11fd495510b57389444d69878136ccbf6640955fbf1d328d2ab1768bb4e04eb1030e283ba9852abe343bd8e433d35bb6857399659f19f6fbf51209db7ab52e65f888b7d66a0f2e238a07cba05a3b6ff32ce2554dc049edd3328b395c04d6e3c3f160eca657a38f79097458266aa67603f4692f209349f571fc39873b3a6fa9d0d5811275ce7599a7de126fdbf858eb16f56a7990b4dcf9beecb8995b694ccc0f878555648db9aa0b0c1c31c9f2e05e68fe575164a723955d1472d41cfd1bf8fab2de643ff3fc0a9d9240ca2f78a996a2f6393c99e2d688dd2fc31f870ede84fe94f3739bd6f7e3635cabbdb6f951631c4bc060425388c5a1e8ab339f14eb0aa69031b968671d802579767d182881c61928b6df21f97b14acf09f4431be405b11a3cb0c883ab68f0b205ebc33fea2057914198934737885f4cae1873d04e3cfae5bc6ab4f896aceaa3c62c0b78faf49d2fd3e419c214636379a71c862cb3b98363d330657e51fd974894258f5f2da11e6a250c2a98e548efaa88834914a03cc1bf34bb0a10fae7fbb816bc814eeff8091c833356d38171688a8bd3646b430f1fb0d15913b588ffb4413681fa7ab09ad5f2fd087f33d6b4586c82e3ee2d8eeaa1ee9eebb2728d2f36250f1f5487b499ac655e00d9f69e6cf2578c489bf333b914da048d3b50008607d04088935438c5bb15ab98a37ee916c86a44e994581788363e224cd27dd7eb8ef857fec47e8a8d1a69a0966671c1142d47f07db05d5bc65a6293d67cea598f5e0537be8821f96b9799b24fffa05c3c2494cc768bd6668d563d9dcdd1c909c43b21aac16dd9071427dd92a0775e338402f93b0a346712fa95bc04693624194df8a8503f959a987fb0e76d282c565279d04360fce0de6418b14e4da8c6c3ea902c326817c786495ca419f8cb15fbaf6aa64dd8b3732da1d55892a70199f6c663aa080645d907214242eed5253518536632dcf5cb4148e8ecdaec00c86efa6bcd44efb204499995ee29e88191f5e612e54ef9be82d2fb8251a70477865dc14f39e9d47e89082181e5286b829d99881f9b75d359d63e2720f8be346b01e17f1889c78a2d6088c35efe181cb4389744b72dbcd52698ce963e1938474fe495a6316aed525393743af7c6f6bdf55d75a952e7615b36302e750a4954e7d1eb0c6f1f9272ef4fa8e520ed97511344a1f20a5663e2c6d5e4b2bb89b17d2af92926e93736db99610c8dbc83738d212af688cdd6641c019d935a799f4a99ec9835acd7bf422bd62e243ccafebcaaf3e7e0f0fe4b4addda4bdce715c244416183adc3aba89a0d6d79e42c6e213e052b76c0c3ae5a2adc51258c728dc1a5a6151e3ba48715ebafc702842b6eea0757fff82a6053435b78cc73fb19ead557ad5ea48ba1efcd0e9d64b53fd1c1f48b6e2a37cd59de33b7c375a8e2f54b30a095fac496532288d3ddac545450efc2f6eabb3dea35b73371f6496e1c8e16ad00ecb60866ab2474ed52cbf57b208230ea7e974829da341224c27a9bef87a8f40ba0fa4b30ad76305ab8a2e3ca84663ac65eff80756af586e7fdb6d8e401fda924d6745f161fcaf5e45c3ac599633c48a31a1ec0609ae7fd657dcc161169e882ded620f8a7e1e25d356a", 0x1000, 0x80000001}], 0x0, &(0x7f0000000780)={[{@file_umask={'file_umask', 0x3d, 0xe9ed}}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@session={'session', 0x3d, 0x6}}, {@part={'part', 0x3d, 0x2e3}}], [{@euid_lt={'euid<', r3}}, {@euid_lt={'euid<', r2}}, {@euid_eq={'euid', 0x3d, r2}}, {@fsname={'fsname', 0x3d, 'dont_hash'}}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@uid_lt={'uid<', r3}}, {@measure='measure'}, {@dont_hash='dont_hash'}]})
fcntl$getownex(r5, 0x10, &(0x7f0000000640)={0x0, <r6=>0x0})
ptrace$setregs(0xf, r6, 0x81, &(0x7f0000000680)="eceddd539f8ffb10")
pread64(r5, &(0x7f0000000880)=""/228, 0xe4, 0x0)
uname(&(0x7f0000000000)=""/41)

[ 1335.470174][ T3981] binder_alloc: 3977: binder_alloc_buf, no vma
10:23:03 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xffffffffffffffff, 0x8000000000204080)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="73974681e10d5e347a5c425cbc5c4c2c5b00855e2c3eff106b6706348e5fe46326f388604085cc873e46f8f1799ba62e38131407e867d97bef232d988d8260616904505bcb4ae13d4b0817c71d53ec13f38d8ae43ea3f9d57c8d7c47681a0e6035b7296448b67592bd8392ed5d289834174de328a459b08fe6697a96b4c0c09ee232cf53613418f5976cf551317287e83a11ef6688f3c38e40e75bfb767430b177573ebc10a2ea2e903fe7b1117dfa8cb13740c32b70500d107c66a2967bae556997eb6ee133929e74d4ca9f59af77171c9590b208987a05c387ac6c8cf45181d75b2105e9ef230ab834b9b4550b05e2ee701b382c1332c6a4c2cb0cd69dbb80c19f29b3dcaab02bed76b901b6c34853d4ffffffffffffffff9001fd33e3fe140bf800f44ba0a023c1bc863baa50cca0bbde4bbd880d246d5bebec2a4713428acb1459ccb88f62dbf511b208cda2da1894b12ad8e91a"], 0xfffffe15)
ioctl$VIDIOC_G_PRIORITY(r0, 0x80045643, 0x2)

10:23:03 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x73622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:04 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x5)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
clock_gettime(0x0, &(0x7f00000000c0)={<r0=>0x0, <r1=>0x0})
nanosleep(&(0x7f0000000100)={r0, r1+30000000}, &(0x7f0000000140))
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

[ 1335.521023][ T3986] binder: 3978:3986 got transaction with invalid parent offset or type
[ 1335.560963][ T3992] binder: 3978:3992 got transaction with invalid parent offset or type
[ 1335.569966][ T3988] Dev loop5: unable to read RDB block 1
[ 1335.609181][ T3988]  loop5: unable to read partition table
[ 1335.645690][ T3988] loop5: partition table beyond EOD, truncated
10:23:04 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000040)=0x4, 0x8)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB=' '], 0x1)

10:23:04 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1335.654993][ T4002] binder: BINDER_SET_CONTEXT_MGR already set
[ 1335.663832][ T3988] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1335.694481][ T4002] binder: 3998:4002 ioctl 40046207 0 returned -16
10:23:04 executing program 5:
r0 = shmget$private(0x0, 0x3000, 0x78000080, &(0x7f0000ffb000/0x3000)=nil)
r1 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x3, 0x400)
getsockname$tipc(r1, &(0x7f0000000080)=@id, &(0x7f0000000100)=0x10)
shmctl$IPC_RMID(r0, 0x0)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x800, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r2, 0x40086408, &(0x7f00000000c0)={0x7, 0xb})

10:23:04 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xa0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:04 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x73682a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1335.813130][ T4012] binder: 4010:4012 got transaction with invalid parent offset or type
[ 1335.892790][ T4019] binder_alloc: 4017: binder_alloc_buf, no vma
[ 1335.896027][ T4012] binder: BINDER_SET_CONTEXT_MGR already set
[ 1335.951614][ T4021] Dev loop5: unable to read RDB block 1
[ 1335.960914][ T4021]  loop5: unable to read partition table
[ 1335.968412][ T4012] binder: 4010:4012 ioctl 40046207 0 returned -16
[ 1335.968499][ T4020] binder_alloc: 4017: binder_alloc_buf, no vma
[ 1335.986623][ T4021] loop5: partition table beyond EOD, truncated
10:23:04 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77682a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1336.006772][ T4021] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:04 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x2}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1336.076614][ T4034] binder_alloc: 4030: binder_alloc_buf, no vma
[ 1336.126942][ T4032] Dev loop5: unable to read RDB block 1
[ 1336.139887][ T4032]  loop5: unable to read partition table
10:23:04 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x5}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1336.168538][ T4032] loop5: partition table beyond EOD, truncated
[ 1336.187536][ T4039] binder_alloc: 4038: binder_alloc_buf, no vma
10:23:04 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1336.217185][ T4032] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:04 executing program 5:
syz_read_part_table(0x6, 0xaaaaaaaaaaaab3a, &(0x7f00000003c0)=[{&(0x7f0000000640)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a2307f59a86d227a0322b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b410500e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586406d4e743f9fa7141cfd28e4432d0b43f555046acfb2f6d826ff1d7abc4218546fc0ec34c556a55e2549ea2251392cbc5e3401ad614c328f3d8597bd3995c24ad9becb4f45a788dbf453ed652feb67e1d55a44988db19c7894d7ef7f1f4a1e2ee5552d0eabbd3588ada6c381c4923883b256a3048741329cdb16e4ff28fcfe44d4a468a38b7bb2368df9e9ec1bcca7279c501f896b2d430226c477831ee13071a023f9ee41a923173cba", 0x1dd, 0x9}])
r0 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x2f, 0x20800)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000000c0)={<r1=>0x0, @loopback, @empty}, &(0x7f0000000100)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x14009864}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=@gettfilter={0x4c, 0x2e, 0x104, 0x70bd28, 0x25dfdbff, {0x0, r1, {0xc, 0x7}, {0x7, 0xa}, {0x0, 0x6}}, [{0x8, 0xb, 0xfffffffffffffffd}, {0x8, 0xb, 0xfffffffffffffff9}, {0x8, 0xb, 0x1000}, {0x8, 0xb, 0x60000}, {0x8, 0xb, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x4010)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000040)=0x100000)

[ 1336.286306][ T4044] binder: 4043:4044 got transaction with invalid parent offset or type
[ 1336.349391][ T4047] binder: BINDER_SET_CONTEXT_MGR already set
[ 1336.371832][ T4048] binder: 4043:4048 got transaction with invalid parent offset or type
[ 1336.380219][ T4047] binder: 4046:4047 ioctl 40046207 0 returned -16
[ 1336.391274][ T4047] binder: 4046:4047 got transaction with invalid parent offset or type
[ 1336.410466][ T4049] binder: BINDER_SET_CONTEXT_MGR already set
[ 1336.429402][ T4049] binder: 4046:4049 ioctl 40046207 0 returned -16
10:23:04 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1336.563908][ T4057] binder: 4055:4057 got transaction with invalid parent offset or type
[ 1336.607031][ T4059] binder: 4055:4059 got transaction with invalid parent offset or type
10:23:05 executing program 1:
syslog(0xf, &(0x7f0000000000)=""/64, 0xfffffffffffffd91)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)

10:23:05 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:05 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:05 executing program 5:

[ 1336.742560][ T4068] binder_alloc: 4065: binder_alloc_buf, no vma
[ 1336.752351][ T4066] binder: BINDER_SET_CONTEXT_MGR already set
[ 1336.775281][   T26] audit: type=1400 audit(1555064585.203:998): avc:  denied  { syslog } for  pid=4070 comm="syz-executor.1" capability=34  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1
[ 1336.789097][ T4066] binder: 4063:4066 ioctl 40046207 0 returned -16
10:23:05 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xc0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:05 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$SIOCAX25DELFWD(r0, 0x89eb, &(0x7f00000000c0)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}})
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)
ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f0000000040)=""/38)

10:23:05 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000000)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x209, 0x23}])
syz_genetlink_get_family_id$nbd(&(0x7f0000000280)='nbd\x00')

10:23:05 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x5}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:05 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x10}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1336.960030][ T4082] binder_alloc: 4081: binder_alloc_buf, no vma
[ 1337.007728][ T4083] Dev loop5: unable to read RDB block 1
[ 1337.026800][ T4083]  loop5: unable to read partition table
10:23:05 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1337.062850][ T4094] binder: 4092:4094 got transaction with invalid parent offset or type
[ 1337.077380][ T4083] loop5: partition table beyond EOD, truncated
[ 1337.115662][ T4083] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1337.128293][ T4094] binder: BINDER_SET_CONTEXT_MGR already set
[ 1337.149866][ T4094] binder: 4092:4094 ioctl 40046207 0 returned -16
10:23:05 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x28}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1337.212088][ T4083] Dev loop5: unable to read RDB block 1
[ 1337.222479][ T4083]  loop5: unable to read partition table
[ 1337.245908][ T4083] loop5: partition table beyond EOD, truncated
10:23:05 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1337.287610][ T4083] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1337.361820][ T4109] binder: 4107:4109 got transaction with invalid parent offset or type
[ 1337.392281][ T4108] binder: BINDER_SET_CONTEXT_MGR already set
[ 1337.410849][ T4108] binder: 4106:4108 ioctl 40046207 0 returned -16
[ 1337.435520][ T4111] binder: BINDER_SET_CONTEXT_MGR already set
[ 1337.446886][ T4111] binder: 4106:4111 ioctl 40046207 0 returned -16
10:23:06 executing program 1:
r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/policy\x00', 0x0, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f00000001c0)={0x9, 0x35317553, 0x80000000, 0x963, 0x1, @discrete={0x84b8, 0x3fb}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x200, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000100)=0xa199, 0x4)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
r2 = getpgrp(0x0)
sched_getparam(r2, &(0x7f0000000140))

10:23:06 executing program 5:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, [0x8, 0x24000000, 0x4, 0x6]})
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000140)={[{0x1, 0x3, 0x5, 0x0, 0x10000, 0xfffffffffffffffc, 0x6, 0x0, 0x7, 0xcec7, 0xfde, 0x3, 0x7}, {0x7f0a, 0xfffffffffffffff9, 0x2, 0x6, 0x1, 0x10001, 0x9, 0x8, 0x6000000, 0x0, 0xffffffffffff2269, 0xffffffffffffffd5, 0x2}, {0xfffffffffffffff8, 0x7fffffff, 0x4d1ff155, 0x0, 0x6, 0x3, 0x5, 0x8000, 0x0, 0x9, 0x5, 0x38a, 0x7}], 0x8000})

10:23:06 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x38}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:06 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x10}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1337.661834][ T4123] binder: BINDER_SET_CONTEXT_MGR already set
[ 1337.686602][ T4125] binder: BINDER_SET_CONTEXT_MGR already set
[ 1337.686630][ T4123] binder: 4118:4123 ioctl 40046207 0 returned -16
[ 1337.695787][ T4125] binder: 4116:4125 ioctl 40046207 0 returned -16
[ 1337.711699][ T4119] Dev loop5: unable to read RDB block 1
[ 1337.717289][ T4119]  loop5: unable to read partition table
10:23:06 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x300, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1337.772179][ T4119] loop5: partition table beyond EOD, truncated
[ 1337.811906][ T4119] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:06 executing program 4:
socket$inet6_dccp(0xa, 0x6, 0x0)
r0 = openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
fcntl$getownex(r0, 0x10, 0x0)
ioctl$EVIOCSABS3F(0xffffffffffffffff, 0x401845ff, &(0x7f0000000040)={0x6, 0x0, 0x7, 0x5, 0x0, 0x401})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/snapshot\x00', 0x80001, 0x0)
r1 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r1, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)
write$apparmor_exec(r1, &(0x7f0000000040)={'stack ', '\x00'}, 0x7)

10:23:06 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x28}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:06 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x48}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1337.907818][ T4142] binder: BINDER_SET_CONTEXT_MGR already set
[ 1337.927537][ T4142] binder: 4139:4142 ioctl 40046207 0 returned -16
[ 1337.934453][ T4128] Dev loop5: unable to read RDB block 1
[ 1337.952531][ T4128]  loop5: unable to read partition table
[ 1337.959725][ T4145] binder: BINDER_SET_CONTEXT_MGR already set
[ 1337.976257][ T4145] binder: 4140:4145 ioctl 40046207 0 returned -16
[ 1337.987803][ T4128] loop5: partition table beyond EOD, truncated
10:23:06 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4c}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1338.008848][ T4128] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:06 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x38}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:06 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
acct(0x0)

10:23:06 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x50}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1338.292516][ T4163] Dev loop5: unable to read RDB block 1
[ 1338.314448][ T4163]  loop5: unable to read partition table
[ 1338.342477][ T4163] loop5: partition table beyond EOD, truncated
[ 1338.401240][ T4163] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1338.514606][ T4163] Dev loop5: unable to read RDB block 1
[ 1338.532849][ T4163]  loop5: unable to read partition table
[ 1338.557307][ T4163] loop5: partition table beyond EOD, truncated
[ 1338.585127][ T4163] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:07 executing program 1:
r0 = accept$ax25(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002042, 0x81010, r0, 0x1000000000000)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:07 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x48}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:07 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x60}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:07 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x0)

10:23:07 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x500, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:07 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$ASHMEM_SET_NAME(r0, 0x41007701, &(0x7f0000000040)='\x00')
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1339.156783][ T4191] binder_transaction: 35 callbacks suppressed
[ 1339.156798][ T4191] binder: 4185:4191 transaction failed 29201/-22, size 64-16 line 3389
[ 1339.164447][ T4196] binder: BINDER_SET_CONTEXT_MGR already set
[ 1339.193113][ T4196] binder: 4186:4196 ioctl 40046207 0 returned -16
[ 1339.199668][T26377] binder_release_work: 35 callbacks suppressed
[ 1339.199675][T26377] binder: undelivered TRANSACTION_ERROR: 29201
[ 1339.211433][ T4201] binder_alloc_new_buf_locked: 3 callbacks suppressed
[ 1339.211441][ T4201] binder_alloc: 4185: binder_alloc_buf, no vma
[ 1339.213594][ T4191] binder: BINDER_SET_CONTEXT_MGR already set
[ 1339.227486][ T4201] binder: 4186:4201 transaction failed 29189/-3, size 64-16 line 3148
[ 1339.240030][ T4194] Dev loop5: unable to read RDB block 1
[ 1339.247090][ T4194]  loop5: unable to read partition table
[ 1339.253353][ T4194] loop5: partition table beyond EOD, truncated
[ 1339.260350][ T4198] binder_alloc: 4185: binder_alloc_buf, no vma
[ 1339.266853][ T4191] binder: 4185:4191 ioctl 40046207 0 returned -16
[ 1339.268494][ T8297] binder: undelivered TRANSACTION_ERROR: 29189
[ 1339.288394][ T4194] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1339.296669][ T4198] binder: 4185:4198 transaction failed 29189/-3, size 64-16 line 3148
10:23:07 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000100)={0xa3, 0x3})
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:07 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4c}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:07 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x68}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1339.310598][T26377] binder: undelivered TRANSACTION_ERROR: 29189
[ 1339.420390][ T4194] Dev loop5: unable to read RDB block 1
[ 1339.430980][ T4194]  loop5: unable to read partition table
[ 1339.432862][ T4213] binder_alloc: 4211: binder_alloc_buf, no vma
[ 1339.452868][ T4216] binder: BINDER_SET_CONTEXT_MGR already set
[ 1339.461323][ T4194] loop5: partition table beyond EOD, truncated
[ 1339.474818][ T4213] binder: 4211:4213 transaction failed 29189/-3, size 64-16 line 3148
[ 1339.477135][ T4216] binder: 4214:4216 ioctl 40046207 0 returned -16
[ 1339.495974][ T4194] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1339.499747][ T4217] binder_alloc: 4211: binder_alloc_buf, no vma
[ 1339.530251][ T4217] binder: 4214:4217 transaction failed 29189/-3, size 64-16 line 3148
[ 1339.545894][T26377] binder: undelivered TRANSACTION_ERROR: 29189
10:23:08 executing program 5:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000480)='./bus\x00', 0x1fe, 0x0)
write$binfmt_aout(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="a4200000009e7e428e21db00536dcb219f56c8033ac0e7de1177c68e7898906ececb4577d0bf961e69a66344ce70c523f03be9d3fc"], 0x35)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
creat(&(0x7f0000000100)='./file1\x00', 0x0)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

10:23:08 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x50}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1339.597930][T26377] binder: undelivered TRANSACTION_ERROR: 29189
[ 1339.606076][ T4220] binder_alloc: 4214: binder_alloc_buf, no vma
[ 1339.638430][ T4220] binder: 4214:4220 transaction failed 29189/-3, size 64-16 line 3148
[ 1339.716600][T26377] binder: undelivered TRANSACTION_ERROR: 29189
[ 1339.737021][ T4227] binder_alloc: 4226: binder_alloc_buf, no vma
10:23:08 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6c}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1339.759873][ T4227] binder: 4226:4227 transaction failed 29189/-3, size 64-16 line 3148
[ 1339.859947][T26377] binder: undelivered TRANSACTION_ERROR: 29189
10:23:08 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x600, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:08 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x60}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1339.919014][ T4233] binder: 4232:4233 transaction failed 29201/-22, size 64-16 line 3389
[ 1340.025127][T26377] binder: undelivered TRANSACTION_ERROR: 29201
[ 1340.033110][ T4244] binder: 4232:4244 transaction failed 29201/-22, size 64-16 line 3389
10:23:08 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)
syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x5, 0x200001)

[ 1340.067491][ T4245] binder: BINDER_SET_CONTEXT_MGR already set
[ 1340.099696][T26377] binder: undelivered TRANSACTION_ERROR: 29201
[ 1340.107276][ T4245] binder: 4241:4245 ioctl 40046207 0 returned -16
10:23:08 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x74}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1340.136699][ T4245] binder: 4241:4245 transaction failed 29201/-22, size 64-16 line 3389
[ 1340.189665][T26377] binder: undelivered TRANSACTION_ERROR: 29201
10:23:08 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x68}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:08 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7a}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1340.389767][ T4258] binder_alloc: 4257: binder_alloc_buf, no vma
10:23:09 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:09 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6c}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:09 executing program 5:
syz_read_part_table(0xffffffffffffffff, 0xaaaab3a, &(0x7f0000000200)=[{&(0x7f0000000000)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80ea4516440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000700), 0x4)
open_by_handle_at(r0, &(0x7f0000000740)={0x21, 0x2, "6ff2d174738be03bca690781e0a2b982b1db09b39fd56c9371"}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='cpuacct.usage_percpu\x00', 0x0, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612)
syz_mount_image$nfs4(&(0x7f0000002440)='nfs4\x00', &(0x7f0000000280)='./file0\x00', 0x9, 0x3e, &(0x7f0000001380), 0x2200049, &(0x7f0000001400)='\x00')
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_GET(r1, &(0x7f0000000600)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000005c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="40d20727", @ANYRES16=r2, @ANYBLOB="00012abd7000fddbdf250400000020000200080001004500000004000400080002000300000008000200000100005800070008000200ff0000000800010001000080080002000200000008000200ff0000000c00030081000000000000000c000300010100000000000008000100040000000c0003000001000000000000080001000200000034000600080001000700000004000200040002000400020008000100010000000400020008000100aa86000008000100040000002400090008000100010000000800010008a00000080001000900000008000100000000001c000900080002000000000008000100030000000800020008000000"], 0x100}, 0x1, 0x0, 0x0, 0x50}, 0x20004000)
arch_prctl$ARCH_GET_CPUID(0x1011)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000240)='/dev/audio\x00', 0x200000, 0x0)
getsockopt$inet6_dccp_int(r3, 0x21, 0x10, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
close(r3)
ioctl$CAPI_REGISTER(r3, 0x400c4301, &(0x7f00000006c0)={0xffffffffffffffff, 0x4, 0x428})
accept$netrom(r3, &(0x7f0000000340)={{0x3, @default}, [@netrom, @rose, @remote, @bcast, @rose, @null, @default, @netrom]}, &(0x7f00000003c0)=0x48)
getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000640), &(0x7f0000000680)=0x8)
fchdir(r3)

10:23:09 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x300}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:09 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x700, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1341.032769][ T4276] binder: BINDER_SET_CONTEXT_MGR already set
[ 1341.045787][ T4275] binder_alloc: 4269: binder_alloc_buf, no vma
[ 1341.052374][ T4276] binder: 4273:4276 ioctl 40046207 0 returned -16
[ 1341.064135][ T4282] binder_fixup_parent: 19 callbacks suppressed
[ 1341.064143][ T4282] binder: 4273:4282 got transaction with invalid parent offset or type
[ 1341.079216][ T4281] binder: 4269:4281 got transaction with invalid parent offset or type
10:23:09 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x74}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:09 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x500}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:09 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="73cceddc62257f9aaf02bf746e2d428a2387c3de983945d2b13b445020858c8b157f1c6a4f4c5e935b9df4c23f06942cba535f1e0d450db779b2ca5e507baff9d301420995ea1717d8d4c39e96bdfc3adc23408968272a605dac898f38c8878e4025b2ef6211a97993d83e7aa9ebdbcd43ea126cd06796f23d643e04c004180745f146e61ccc219ac664b180b016c275f5d84199ee15a753bb29982a499842fb7e2a3ecd00bece0768ae6235bd275aba7fc5a46dadcef6f9a76edb3c3c484c2e179b47ef9d029efa4ed4090885d3220e0d6baa93410152c94719c1377cda20e49487f48056f614461a31b656906cf4d98a48cfe581ab3b7364a44c0aeadea990d7f2bf51969ad3dc16f13b12ef0e96f9247e5f1a63958c4f38f740c035515315a2ac21fc9475df4af54e10df168e8948635ca86795f4b68aa634387b10e6000000000000"], 0x1)

[ 1341.235228][ T4295] binder: 4294:4295 got transaction with invalid parent offset or type
[ 1341.251074][ T4298] binder: BINDER_SET_CONTEXT_MGR already set
[ 1341.259359][ T4298] binder: 4293:4298 ioctl 40046207 0 returned -16
[ 1341.277921][ T4300] binder: 4294:4300 got transaction with invalid parent offset or type
[ 1341.288133][ T4298] binder: 4293:4298 got transaction with invalid parent offset or type
10:23:09 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x600}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1341.330049][ T4302] binder: BINDER_SET_CONTEXT_MGR already set
[ 1341.360722][ T4302] binder: 4293:4302 ioctl 40046207 0 returned -16
[ 1341.398372][ T4298] binder_alloc: 4294: binder_alloc_buf, no vma
10:23:09 executing program 5:
fstat(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file0\x00', 0x100000000, 0x6, &(0x7f00000006c0)=[{&(0x7f0000000080)="3b4da339c32736150d3b717fcbe737630fd8ea0addfe926380ed69fe31c29b829e15b7a843e8bc4719ecb5b95739be547a6ba6fa9f6f98f8aabec135e0d0cd3ab264df109e20ba377e3c50533dba35d73501a082492dc6d1a7ad6a3c0461b9b87fdb0890d9b1fbd5f74fc67fe317efc28f566a3ac2777bf3f70d0755b26f02f129b932690f12305b077d2922045daeee6abc93ff9f4a1f54a4dfa3dcd1ebce9624d8d3f484afa2ea0128cebc3399a0540fbd70097d739811f4ff148a9f9e0911e50e7dad629499168038bc032c1e6e713cdfb5442388ad6e0364775b5291aa349c7c3832f8bf60d3ca", 0xe9, 0x5}, {&(0x7f0000000180)="661987d332f420045e6f3f027598c5dcb123687aebc75424da9dbcbadd1fb8727bb7cdece57445717ed7a4e06b546e04f2b00d82fcda8096aa0a01a4400de88a6e0563a2924a472d15a7cc941895833f7339c31a9d11a132480641c82cc614242b5be64d571367536c4bc0846c4561228d1ae0103ded92b9d2141d2d024d3fc6a5ef10eaae46f237ff096324d2d9ae2271b845f65b079e2d540b2408f8c84d7bd41aadb1199e724f273652bc7b52eed84200c7be7b96dabba591de011107eda232e860ebc7c128091b1e24f2536934e1e5ea1b04295f1fc92716a0c8ea44", 0xde, 0x800}, {&(0x7f0000000280)="83a0974737a9d639de7f41000850197e31dd0f2f736f4a1e192fecfd4d27b32099bfe561f2867de79832dbd78d94a79971f77011a2218640f38bfb4dfcad9d226493a862b258a5e80fa3fa5f84f3a5c428c66bf113d33dc8e28fd3ecd8eb045c6038638cb38049c0885fda98d48b233a6b56beaa655a0ea2afb1c0fcf7fe9c25dc437e1b460f2faf5072ce95a9758d29758fddca8c6ca3a870fb7825bd0ed05012a73c124ef09ed0dedc5c9753d36b8e0b24b4c2ba5d902e298d17b3e566f3ff48", 0xc1}, {&(0x7f00000012c0)="ffe0b42a4bd1d3d6f08c77899076b12a24d9e28211ec4167826910cde363cbbf6c7e3a78399cc2961f59e29d0709432bc4385025de7ba55316d62e6c5338ed35cf472861a707a049c801c9b94b9458c4a39a13409f526f6d231181eb015f3de143f103e182fdc99d21c18ea1948c26d1f756a2e555012db98e700cfbb0402b97260209a8af9046b4a39d4fac8fd1c61624ee583e830da113c88c3dc743a57d71655fc705e4974cd7264d40821e77f12827a1e7aecbc9ab2798db95c020fd1fea54d21a3ae8bf53c000790038f866c8a22a0740ba7a1ebbfea74d34be36e0dba79b2109fa21988f66fb1ca8e0535cd9283ee43fff2a9e1a98a3b2f148da50e1cfa163513250f60825474f2ede6dcbeeea2d5bc601825f3927423c4dfcf6d5d7d3b83eb9f2c0fe7efb3a96863dcf31a292645b8e25277f8ff99529bc066fe0b7659d7c7d4680e51ad3a721fb37641c85690ae9f4d97a4679f071fe5386359e823006a362d2bb352d2a13b5ef82fd084ce0132b51eea84325d3b940e580f5fec008b7e171a60fb521f6e0a411d5e6f5e5b88c1e9afe199d51c9543ae48655650aa49666ef618e9c8cd3f1d8bcb1378ec496a1515c152c97b8e5970caf33089b5e8a5b0379754273621c1f09ed37e2a73e12764f1f16e785e1b753a8dcb3909d4ed8452567c5ae20e3e3c5133e479173a9bd366e0ee2e626f4ef9f5fa95c609d1c6187197d148a4dd886ef615d56a3e9f39081615f4930ec1ce469c66a74ed9c7a3e5dfcf070770f88afb72007d968997e48cf31637701904f90a276a8d52e6d02816ec1f3e2f8920d9b1e4aeb7764000ee0f3b53062ac74e562bfbd6300102a1e8549be1440ab4e1c6a7ce888e3fde6c9a609e92673befd9daf942382d3e5c8c8b95e4ea48a8b6bd9452c9bddec893929844007064f22b50837cd0f10650ed32ab4ffb57f4206b9e71aca1ef4301aad2aad3eaaa68eb3fe09b0e472c4be1075700887a433df12f635daa726ae43bf2f6d55e0fde9cf776f2cf08d2b059e780d3e64157ff8cfa72e398555a2546b8456b473c79d63ead25034ab7003db82ed0ee40e1cfe73f27a32fe1b3ce0e1c7d352c544036fc748dd3574716284227e53c2d347639c9c470884ac1c5d6afe62dbb63ea5469db76a8f330e30fcebde3dba4341196ad92c850f90f74bad4b57fc3107964165aec01e81132bb14e0f93c6c845d0b04345e78059b49a2cb1ee9bd0ccfe154be010c0969fe4755fa6c9e57eb9d5ba81e5c2dbe7723df9d7451a615204875a2c15ed73cb0a1a656f6ee9a24dcd419ec701be4d87343d88b059c8467581933c359ef48efa887faa58181ea429ce9ddd3151a17d62c4e0291d65d4f5c1c65d558434d992dc2238c9ee1a8ca6a4418037243751a4f88498660c959f01eb935ec6cb83af7e116df8f88ec03929aad18efb4bd9b6fff1865f2325842db41211b1a485607814a08a32189528ec13ea6231dc20477de409bb4052947b4fbc052592d54a9783b384cdea3bffc5391d8e002a8e84caae62658b7216d3443b336fb16400788778bc12ac047f96aa56a7b8994d681d5ae2c24a6b59991a13ab6636afbbd65212a38e186d759803f31c63896c473d7348d08137a628942d7faea34e18371d8ab24939dd77c1cd9c4eeeef8fc00709c9ed08d06c5e18b583ba5a61064ddc22927c3220fafb199f486dbcc957a09f1986f3b3343a48a5ea2641a102a2109744e71a78143b606190bd40e8a7da8a8e16b3d2d8641e47fc7ef68af77930dd6b05782b3ea1c7ad8cd0331ca5040fbfbe13c68002f184cb5412c3acb4694357fc3c3af68045b2f09010089848ebc58781ba2c2a93572796c00dbfbcd72fd319cf87bc1e314c5b79e830dfc080ed351263f7eaca90525ab2076f91a21aa5a1e5b59e55222e9835b6bf1e87d61fbd207d95731d77fb6b3645aa1fbc768c1d7a0a5f926c8c212ba080e0cbfc9f3529b9f9830339efaeeb969c1a92f66ef17e3e40abec8310ff3b106ab45890185deb5e915a508863dfcf496e6e0c7be8a5ea209656486e77ae26517f8ac903924d21294c1e8c66d763b27aae95465136098d9555b6ebf997b34ad41ebe0491f02720bb77ca192aa9f65f86795a39d5d7a13aac62e5bb2ba146a46e38ac6cecdf2c4547717c32073679c5d604363d2afb621b85a3fcf3b1bb0ffc7a0475ad2be251de38e1352d8edb73e3099319ae75dc8d09b222dd05ee05bc6f7a5f60af274c637b715351f4bf0ec329d0f4dff4c57ec16c8193d92f7a9a48a1c053ab952fcacbc47730e101780b21201f95d9e5a2b48b32ced2221bd4958b9bf5695e4048a88a7680ace77fdae9712be7e0d274474b5c3a4e4ccece9abda233b881d81a58308b7f7e69ce2fb7317365c78381879dcb4bcc9cc392d3d8001ff17b4dee04b7d1905e836efe74a2513af992ab19a5ddaff883d1e422719e09657c20ef47993a6d9993f9dc922934ca18ebf0fcb3eb833f947539f39554cc73e3d4d64846f687c3c730fbb36baea93471b20287ee2f264740339323940eae395774c1f0a47faae7c5b9bb25bc82e665ef49441fee9cefcde4f4eed0261c4706f0af436b23d7ee5e846794413891d8c669dbb776de56391fc69359dc58ca20fdb08ad75dc413106b83d02c40a69fb07d8bcd6c14656e42e4340f1c736d1bf7f951d310b0a5e27deaa050ba508c4e4567edb331b6761dfc1fd85d905034a49e0b35cda5cf10b135c839914db243b8982b0ffde6bff169bc72d62d6534082452e5caa91b86a2085ebc896c4a3236af4ad36b5637266dab7b43ef0a69e3006b01c37cda797276154513d9b27d54e75c604df4fc183a813d072becd8d3a5c9163a33062956a4554303e12af20793431db8ab432d424555c2de2daee8c751fcd926575ac2318d51f2c274686a80b1affae512ebd1225637f5b5b4745a0f7111b6199aafc4680223808c16eda06bb8e950c63e6576289da5f9af909831c979fc64321e6bd81463e3ca3566640d05d60e5f019ac3868f0e9aee0e738609742833585abf7905d1e2c2915094c26cf152a1fbf76bdc5a672a5e1bbe0af4527297567a5402d7671291659e6a5f9b49b0e244f4b2613406c185c4d630f634bb2427e2bd53e1cccf509155213488374d5e463580307305ea3ef56b44bde9ef583e6d4e0a45d66e61c09567b65405ba6fb75063da5472ef64ba4be7be61a14e28ff4b2282190280ad7ef154d96e93ab6b42a2d58148ad99cdadd72cf20f4faec7b59a661c1dd79dbf7b314a0c936e8b3256c6c59e2b6050ed6d4b322ea2bbf8394ea3224e044b8e0cc16aef71634f486e37a29b458132859fc11beea7bf218c2693000db5c3aa123cbf6f942cbd76c194e53528a698a3d16d60039309127699f73199e5bd98580e8477338d45d5d42d422e30aa1abd4a09be25c07eb25e3588b13c176fe901e71a20c68b014c7943728993ab282e41bedd8edef0e79ebd30f3f52609ac65f162ec0c638598d542b3c761fbcbc6923adeae39e4b6ff9705689854c1cb622c7a8147169ae3d7e82f5d3aaaa8cabc94723389a01736b264d52d634ac0ecf401e68a3f9433cbfd1c869b339bdb4204bbad2900666c6f5a114c44c0109f4ac627661356b5534fe08baf99bbf8faec4ab1ef892ed4e5e9dcc54f8279f4155731c662a73aca5fe46077417c6e758e36ff839bf948a74642a8f79c50271b1301b8d579875cdb44175ff189ea1493b9d71dc56107d855811431735a6b5e88e5e10f4efef36602fbb1f5557d7be119a9e094cacf842a31dbae2942f9492f3cb440e7c4b56c0f72c149400bc94cd6f36926673627675e43be6b84b0dd12743c0290105b4dac97f2f2c1bb1d05213ef8cb3568adffb5e97c1afe74a748c8bd3b892f232152b4e4801ca748502cc8d489a762c7599756dcae40f8fe96f324b0ad42ff4510974a9b9c327dd51dc37176132c04e0a7631a900119f8a12e13bb5658c2bd00579c7af950f7c1908e9984911f57d5cbf69a6cfd95aabf949d749ff1fa6548f690875debee694c9f31cb0af2314578328539520cf41547a2c2198fa46dc0b1b919851ba6c6989b1c168a48bc6abde9820183125509b3710a6f4137b2ca2e20f33b9dfec65386cb20c5e2e69db54eaa803aaf4fe0d34d2de0981175b42fbccc2e98165e90eb9bca1f8d9141b766de4f8668f73a0cd08daff1002d557269f476db2be13aa31db2529842269ea65a712b36a8fe1e1af7f585cbce949f196f92b0f201060d3960b0a7434a7b750bec6c344ae06c5b730a419a59a686b47911a0164cc840b277a23a414578d966ad44596a2e87cf75d87a8d1a1c924db7669d1dd969d2095027f487b2cde3e2db1c5223894f3b364bb4dd06f75996f631d853ebb9014577e283977982a8c3fbaf499ac522dd68c310fe03251cb0755e2e54b21e397a181078e63fc01364295d4d2b7fb0c46c674285811335f3ac695a4b585bb48311e815dac7a85893fcba08fd2facb678d1e3c5cbd2ab3c639170485bdab30c7f71e2e2e91940b8aea5211480ea4366bc4fca915e06d72e43c2bcdeb95dcb67972400ef531551e7eda17aea41e92c41113c3d32b98f2432e4c6f2ad85268b3b817a359b642115a8eadb494975b9c250267bc286303e140ed9ea3d94aab1bf2c53f8ff4d7bcd345381a622f25ca8e337074d742f9ff5350ebff2228a4ea2b0d569c67b336667cb3c493821b48cb031d285866887f3cc41f3fb5916ac9f17a58246aba1ef1bccd0854e48855ecbba80b6b212999c5391c39077189ce8ac5c8b990a3274b25eac3080fa3974e6d54281b7ffe0dd33a17a0038624178e4b4a5ee3cb01c09e23cd679d5c68146edec6ab030807aab55126f7268ec317159faf795f4ad085840b0ba3bf8db945d7a3a8d202b3f05aa34eede2e875b71bfb1b9edabf41fd5d5e537259e724b5a4d049a231bb4e999a713445cc9c2f25ce2b19c0b174c354dd93bf80c15f052a9a8d84b3b7536bcbb29847c386f438883ecbffea5768e7fbf9221171cdadf2e677c7f4c11900fb3bcf0395a4c5be34481d37865c69c5a12322eaed2bda888a60119c030a814db0c12c49a4e5e5c500717ccc0cdfb42e2c4878d76c1537de83646d48bb88b83dacc2717fc62250d6bdef5ce3ad8dc5b96027b534b13f6cb05d5eff20295f0b5f6c79102e98bd9394a9c8d872c4c725f5a21d1ea2e5a9501b2054523530107c9788ceb5255961add702e5c7878c63f556932c5f18ed8aae8f410b02d20a395bcb8d216cc693fb4df58a950f38bcfedab59a55715231b2e9f42ec84ce0cdd389d706187185a664b5a911fb4b4985df6d89fc5d2ae81dbedb45cbfac65e0e148c1901e1812a40da4487981c3f104b3fe47f4a79e9e139dbcf11ee8aa986daa410c32de4950f027ee4b1da2eb4535dd17792733b3ab434fab334885be6c15619107ae965065e73df7ef8c4e98ae9ee7bbe4955541ae29bc6307472c51614279904c695d870dbeb4d56256d374db7f3d78b8d7d2cc7493ca97788e1201e82ae3bb1362e376abf34148048af7f77a41a446c51fbc43c5695056158282be4113dc7e44e5e08a59defb9b88fd0b1bf2c36aa6890f242ddb6d21679f2cb8b4ba433346f5087ccc61451f9c3a600dac98d97c2e2ec7ea46c92b156f35da911d37c8ce50a5aa3a838ab69d1c660183646883b2cc754e8c6b695431df20201365a1a0030d2758197128c0f14d56a18e300560d7773d6f997659c35f499c240ddf3e2c91d32a86fa52d38d", 0x1000, 0x9}, {&(0x7f0000000380)="515a55362c08b32e8816c5619677efefdf59f8cc63c0dbc6f09f186e25a56870082079de3cfc6f8b5df352e74136f771fad95cf2a0517fc52a622ca690ca19105fe8ef1ecb28f0a824da8fb591be4ff42790cd876b93c206cfdf257b", 0x5c, 0x9}, {&(0x7f0000000640)="15269512247db0e9d1aa8c10b8aaeab921d13181de13c7ada71c9a4f7f0e0f1f60096c6d001a327884bf43e0a7ab4eee8056373c2a3e932ed27d2187ef92208eddf883d017743beaa10f5000ae2ec93225f659ed3054044fbad267194a833b2daac67c24b2e44c9fcf6c47a7b86a8a7b45013adfc0ff6e0e504f7c8bdd68df", 0x7f, 0x7}], 0x2060, &(0x7f0000000800)={[{@dots='dots'}], [{@obj_type={'obj_type'}}, {@fowner_lt={'fowner<', r0}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@subj_user={'subj_user', 0x3d, '^'}}]})
syz_read_part_table(0x0, 0xaaaaaaaaaaaab8d, &(0x7f0000001280)=[{&(0x7f0000000a80)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0xfffffd7d, 0x23}])

10:23:09 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7a}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1341.471322][ T4309] binder: 4307:4309 got transaction with invalid parent offset or type
[ 1341.532238][ T4313] binder: 4307:4313 got transaction with invalid parent offset or type
10:23:10 executing program 5:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x7, 0x1, &(0x7f0000000140)=[{&(0x7f0000000080)="52635a87d393ac74438ee901aabf742b0c9660826318311d2e53366d8c0fb73d4563897ff951f035250594e0bb2fe5b911916bc2a55a55e011398b5c90f3caef9f8ccde5c43df58a093fb48a50c2195efffc1bb40786a39545c27f804cae3005660985648c064d13b3da8fda3a4ea36ce24b018132c41ce44dc5420ef5c455ace5d256a9bb04609a29329b47bfae8060b4f89fd70853464ab284e5d5dab3516ec926f4", 0xa3, 0xfffffffffffff800}], 0x3120000, &(0x7f0000000180)={[{@uqnoenforce='uqnoenforce'}, {@rtdev={'rtdev', 0x3d, './file0'}}, {@swalloc='swalloc'}, {@noquota='noquota'}], [{@subj_role={'subj_role', 0x3d, '.lo'}}]})
syz_read_part_table(0xfff, 0x3f, &(0x7f0000001280))

[ 1341.601231][ T4316] binder: BINDER_SET_CONTEXT_MGR already set
[ 1341.625206][ T4316] binder: 4315:4316 ioctl 40046207 0 returned -16
[ 1341.782442][ T4322] Dev loop5: unable to read RDB block 7
[ 1341.814631][ T4322]  loop5: unable to read partition table
[ 1341.827213][ T4322] loop5: partition table beyond EOD, truncated
[ 1341.850838][ T4322] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:10 executing program 1:
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/status\x00', 0x0, 0x0)
ioctl$UI_SET_PROPBIT(r0, 0x4004556e, 0xb)
memfd_create(&(0x7f00000000c0)='md5sumppp1procbdev\x00', 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
prctl$PR_GET_NO_NEW_PRIVS(0x27)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:10 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x700}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:10 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x300}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:10 executing program 5:
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000400)=0x4)
syz_read_part_table(0x0, 0xa1f386c68fe8a82c, &(0x7f0000000740)=[{&(0x7f0000000080)="8a3aef6012ad9921723afc6e0aba3b2a9008b22cf1fda3902bf985faa86591991c7ff6c28952444bc5d3379b8010d082cdf52113b9af2d3d595edafa5b0d73620db3a8ec2227a4681e085699ce211afa2507e1c9f55dc8ff1b1408c0d8e58d6e754f2becce1e0a6642c61823904d3c138897b2ca7fd8bc5591168dee51de55d35e074faf18ff0f2979d432857995d63a", 0x0, 0x1}, {&(0x7f0000000140)="14a571b4816db5319880a683f287ce4645c5d5048247c6", 0x0, 0x1000000000000}, {&(0x7f0000000180)="7b58841012f62599494ef7ccb84982a4ecaf2eb18d48ef21770d5baacff0aa1a53d83c202a73f0c2fd4dc8f955dcf41e5a15b59c11a30254437742f1e875e389d1066750022d390ca47efa895a0f2a289ed352", 0x0, 0xfffffffffffffffb}, {&(0x7f0000000200)="ffede530d5534ad38e356a7e2b879d27e9164410730ac291685f", 0x0, 0x40}, {&(0x7f0000000240)="30d1e128f4d1ab2cd3dbbaaa7ef466c6e272e35a336afc044b6b1a7bc64ae11323c398f014c07fd053992c4b87f08204f0450bc7b33332fcb6e9246b7cb49de903bee5187c7d1721cfbffcda41b381837bcabd23244fd3416d057c35a2e5858b1fe0b61a950ff98e282bc4d9d37d2f7047f95e8346ec2f5b8bed61b7bd7ee45e3910b574904f2c8bba1f952d3df4eed2714bb27b549fc51a7cc82f8e11764c04f8b2aa53b8b416194e3d342ae8ea840a3e4d8735243da25d370d", 0x0, 0x100000001}, {&(0x7f0000000300)="3fe80b46cca762ef6da9dd39a72363e986fe06270a8080565703e05f35c37b9768f946dbf142c54627a6757026d202122d22436282285600ef891df06712ca2c1c23300c84f1ffd7bed2f807bb6c6da8df87ae5ce45c6e37e32b45db3ad8bca18ea6251a8c8e855b7a8d74e402865ebf06fbcefba9605c4c593d84941330e9cb067019c4cb1935e0e7f4cef9e8aed6f581998c4e9aeec5e10f93f0e1bedddaa5b77e31c2354f21ad6858c98aeea927374fe8b729f3b42f0c8ece30452f8c5b021f5b2c7a9dd0db184d86", 0x0, 0x101}, {&(0x7f0000000640)="8b401451d260ad16b0436488d9a0cc33f498788418dea71086767dcce42fcc4d8a51a8010b1c799d0199afb00209a2d96f3bdddd919ad2e1524d11764d4c86af8871d7cb602ed02c8c6bfb9fbc6e9611fc4ca4c9ce4e23bb2ae1daaf2bc51a868fca12b9d3a1d176651a4126da4f4d4cb7524425a3c9e8dff9e4856ce0e1b935d40ed9357619afba6eea453d740f2f89db95f001ed326d85540562768ff4e33d05dd9a9eef757a7b5915d7d9a8939531397ad5e7f9734253c8a4873bac5d6ecf163c94dc23c1e2918929b990ffea5344b82175a86f6004fab7c331c034d8", 0x0, 0x5}, {&(0x7f00000012c0)="74b339ddaeb142184b1068877d8ce17a937e513536749823b5528d283187f546950123c48c098618a4561cff5b00102b14132e992c0d21abfdf0a074629df4babac42d9ba55734e7793ec5dcb27c6ddbdf99a90e48920e3348f5d234fa283e954e19b6408c5dc6ebdd9cb33b42906df99e23bffffeb6ad1a100d5b2b7915d358e0c470c022938403e47930a0dd0847e3bb8c5680a468c95bff8df0a9ee60ec70b6d5f02a9a2d50acc9ed00017c71c8a220f7e861914e2fc3731657945b154758f112ccbb1781fadf883bbe2e48a2e0c595eaeba12c17ea06cbd7f7b362d0d5d7829032bbdb6fb457d08e7a53073b6c9af6bae94df69762708699af291490ad8b9aa5e0348f7fd34fdafe3c07c594fce52ae8973b630c7149141a0c11e8d9d93ab81812646520409e93cf1759416668dc3b64fb0b7363ff07b130a4b6ee20e120bf05f4ed7606b2d92a2fb2d5c4844b5c12844f1b45cd8e84d03168b991e189fba910dfd89aa4952d8f75707005d6418c1b2aa201e18c869ef0bc27f34f9363cda6b4d30263868f4ee64402f4a4fd2db1fff04be63def78b4d031048249df13635d598def2f556ad2fed9fc2c87ccf1864297273e3b117b9d33787571d947d2f7734d83535c310a9d5a8413a33825e4957bac3cae95c7acbff90fca8841017682970c5005e352f23954178e4af888739fbf618a1740475095100562892d3db28649b028d493330b72a00f75451a157ddff820f9e597060fc732170319a16383715fa642ac133db505de455486e6d0d34c7c0be0b7eca0cc9d0d63e553ee1e8a2abecdee24c50362ea5af6e8c62c968f4125b9bcb81e373a8bfaa565c1772e21bf104b61fecd87e5d99438b8e646725c1d7afa45154d32c74b801d9da1f8fa1dd78e3eef2e0b68a42af40cbb82f360bf77e1d44eff1085328d3e86b8659298b7e8762c8cf03d72d6f2f3950eb6ffb6baf2fd0767d6823e88b3c8d10ef754c661409ff9d8b39c01fc5939e6b3b7024640701a324c820a0a4b1babb6b08cb80c7dc45aeb6c5f421aca90382aafa79188e5320eed8cf46dacaef1c645c17dabe4f92974b08c244590f419831107defbf6e0d27d3112b922c2f77e88f7a4d15a616d6ef1c5dc116691e59802f0464cbc8229185b4b486ec3fd4481dcd6f9b756bca755ddafc6bc27a0f89d2b87b7ed8e5ab880e4a81ae4bb2773e9840a20fd56d9222ae605ee4b38f186158937ac2b5573134ca7a787c50a3ed0f9f3a04aa1c01fac14358c5faa358dd15b1a9776df0760d6583b894962920b6f565b99c3aaa3d5807f7dd6c1c406c35e5cbcf15c7de9ddf5ca6cc548d1bdccf6a7235c4e9f9888b16402dce0027b176b1828384113cd96527c6a42fbba3f22a0ec1560da034b6514e725ee35b0099a59325fadab548ae6be7db5a5d1aa4ebacf9ac23cacf886a4ec438b9cddbc49d87fadcac37148499c6b3cc19beec835c02d2792f882e026cded532001856feb2d5f52039b9adcf63ff7e91b2e7372d81350dfa8cd79884d3205c124ab502bc1b63799986b21f140c95c67b767c60704773609a28e11e42b40e002310c7dae17c69913f8f94f3a13d4b81b4be0eb855247b9b92d8d504e8fd8e573f2ea549a02c043af3f48263172936b282016444c4b022adebe00eb65fd928a952529ad0e66f4f6ca4c445fef413316a538398ee0fb414f590122b2d4ab0a9d0515cec31559a3a68ae0dc429512f5a62b5f48f22d354363ec36c6d9390dea6de0ba59700722e34c95f8d1e3cd630adcf5bb73ee46353b2798b918123dec42ce34aa41950f1d25adc230d0f3acaf4197e94af3735ffad28c477ed8bac60fabdc0a359a4e8aca3219670e46b08427673e08856c838f7a36480a08b32853e9740451d4888db58da3a3890a57750a10336513afb1a0bed86fa7fdde59e8ccd539f3d017438c0c97f890b91aa96d0cda0b135e3443c69f700f45220b9dcaaa9c8143aae128f1511638e0bca974d90cd1b8f041be3a5917984741208538ff7cee19e849d8e6d26bec439f566675ee7ac0b6136f3e400e6836dadd7ad56c41b6c8645efdab2785c6d18256d890ae4d0747bf5645ad9c93ce54299c9a2a2b7d02b4be0adcb8bef328bb069e7d84aca6e19ae443a96904bc03129139a82fbc7b87a2e3895acc7d38f4099497e38a1695fc1be20c3bf9f21253dc13ccd01e7f708c3460a59ac62bf6ee7766ebb47fc0ec875d6128474c31548dac6a1e2fc8e849fbe93c4e64f7ba1d8c2ad369a7b8b307b23aa7f1b9f7a633db705c3e66c6b650fbaffd76f0b08c6dea96571d72c050a232694075b56c060bc2cdc52022b29c8a93dac85e345fb9b3b1ccd06148bea579c0ea936a5ed8549aca656717888923fc273fd67915ec0e661acecfe0da8ba7293f464a819fb09fedd7e2224c42e4775a19bba0b9447bbbef262fd0eed67324a7558a817faade96acd70e8a3b8466e1fcdcdf2d32492f0137968f98d8dce2515cef9520e72af3fd0a3e2ae6e55d7e6f12a373247969d3171322f7095c86ec8fabbcbab989c2935a5d343559ed99053dea4106b8e82109bd076bf6829eadad60148282db8c04e2b8582b31da53217b59f9fa72ca42e3a0bd387671f9001700acb6ac06c6320ad8e50052c8516c22bfcbf1f4f408db9bfb8db550011d1e6f36b962ff3d46e6c1e423ec68bd229f9b4b7a16b1de454bab50ba90d5f4e62d2e696220b2fb19d0e4a0e3492de814db6afbe6f96235eee53fe7660a276e08f121e0fe2d0d5aa5e928c68dcd3f8a76ccbe347473ff783a1a98e33cab85cf73dc66ec51843424cefeed88425b5f3574f2f9733dcf43d7ce2b61d2cfe8c30fee47e5f840eece94d06ef1848819cfddd0b85e14e1cd4a097e69bf11c668f782ca3c4cd36ce9d25a8694b7a9e1804afdd58331f22e45742118b735e919212fb68c327e47534432005dfe95be9d8b5b95931cc8d82b63c9418cb744c3d6e01432d058d7ce213a93deb574abe75cc04b08aba12fd37c3358908f20fe8710da0ae76035f63855c70cd60143d58e0ee09163cdee3cefa7469760e2e1acecda1164cfa8d71f5c37027313068d98dca4483d401216f516b25e0aee4a7dc89fbe70730051bc941d0399340a26a8dde51a427b83ac6eb7d831fadc0ad1969ab534776397a7e88d0fd7a7dc40eef0869eeefe784bef968e0277e55ffc83035ea63bf3273097bdb19fedfeb9d7412c04b66c9a4d2b2777d008f4672da40ee55b00eaa3e79ebeab44053d2014958a1e195fff9d4b1ace0d21c42d85a47313cb0f739807af1aebabf7569983d0f5a1c295cb95f02fbaf210985f442f245f33a72d96f5341af36e6ffe19341bf8e929b7aa41ce140bfa182dd646e0c5aeb8581e48c3fb7fb85464318ebe7f39ed121a52b458e5450f63d4fa3b332296cdc5be224d939579d713027b9b9d032ac873ece6c4654506433f22c952785531743e55e92d56151bba37402a16a1cc5f64d0205456ad9f1038c56c737c5f0ef78e3ce6c2a36a9b6a4399a21ca5713b303723f1937abda19d358636433408268985228c9940412fc4f25f781dfff12329e078cd67a341f068db3c0c01b898995033a8bd81146ac19408561c4857cf3502c2d38e37ace8cd2a2d5d6b7ddfb9793d994eb02301560a856cbff635f9724861aa7372005352cef83d240ce51f3425dd5a9e21029565b359001e01d708d84d12c4f5cd242bb6afc411ebaccc83e0e77f247752e8c970aac596d63764004230b21f354c10c82943457d8dd89624bc04f35a06c94f3bcd7a15fc9c9553428e7854972bc354e0ea1ef10f6a30ca53c601cd6b552a31a99a465a391397fa9774b3e9102ab301d18a17602365d970fd92d425eff4f11edc6688aaf899fa63abd1261bce8f80bc50b14b2cce1187df0b4db7d29119059d8055cf066cdd5d569f6b0a9a9c8baf2476e58a6d0505756e34b24f2d182af6950661b164682df9a01fbb31cd5a5a509a662ead3c18b5c5d42188c9120c946928ece16030c1d546f88cb760557d873e37c2f05582d15b5585387158a85e2d76d0a78e45f529d4e1be840c33deb49ccb25b802ff01842796d2dffd407bb7d2da282416599662cf97f0d1c101fb15af956c48c80df5df65e359282dc8d52633005c836131f25f6939cfecbe40d4e9fbc95f1bd1beaacfeeac2eb286bd9cb3cad2f0ead51e39e57dda2ee487e1f9b6940cd57277ae515552416e41783961a16849fbc4cc0ad0b58897672e7ccbc2370a46a577c2ac980ecd933696ce68f3e08db2cd4fe62b2240d08c227c0f7880457d00c903c55c13458fa7b0cef59d7fd9f274dd7b8b0045a4452f8b0f0011b4fe387f4c43a672ea29d5a075ff2eb3c00a401df4040199f0d5bad26b455cb90136fd28e4e58e7e95b6f7187a01b240e57809217f79f2b448e24a7955765c9a38202b941a1298f7213235d69a561e5d6687711ddf9079960857a170eda115ff034e45098710f14087f4cd4c76a94aff9a4ac5d396c3524d7ab5d69bddcb718f7248983354af515a6e176c4e5804119b9a730afd5ec4cf2bbec9d1c6b507ff99819180eefda7999a302491495e0fcc070671097dd5451d3d45278cb741b1712b5897ee7811250711875d8d1ebb24337025c9015a8272f2d7a834a420d5c40f23ff1fa3e193b86dd83a8d709bdfe97edce4d570aea96349209626dc893f2482deaeaa8cf3456892ec24aa7db52d1ee42601a9ef575bb3cb516b8324394c47254981508afc6da64f2e68025c99ddb8fd2f4b1b3b9ba839b594eb72144eb8e60c4ddc70282e9764035fb94d57b8ad07c689b26317c19b7cc3fc604e2cd5f55687ebb7c1d80b840d3db6aebe1d7591766b280c97b76df6687122015c3ac6d92e0aa07c2289fc958618d51fd60b5bd34e2419eda0bf69dbe3f4478343f92ad36537f050373e30b660c4d0afe65fa4a5b2477a50546ca812130030fc00bc821b2010c71cb50676c59e53121cab0be5df6f7946518b984bfb7356fa71f0975d0b7a6408592192607554309ca797e1d3d25c82abd6c9f193cb69d6a7bdb8679f8067ca779379e1452121129b75e8674bcab75de48016f388b8127262a1ac42e5e4a9e9a75e0bef95cf1d5f645f38165bcf1bb019290e02584c54d2716f388e7f16ec307d75c81b049e6e96c8d97b1ac41cad848b26cfe506a923654803ff7de3c8ae197a88ebe3640442efae2635efa1d4240948f5f8decc1086a72e8b699088baee306c5e09bf9b5384e706d9f975b4c78c6eef1986440875873b61b7694f60d12fe95d3a1934d97b73da1679b8199380f1c29e77c2551ec030f7cd2850564d45bbb24bc9955ef4b904538724ca4d322c661fab11e1889c3918eccdc8f346e8b151feec8feabfecfa4ccdc512dd3fef611d16fe7b631ff125447fef65795d96dad1f6043d57b8ef3b650307cc4f02c6ae4c6ed1e89cf7b78b3e5e57c202a0a9fc3ce3b67b6f8f05aec023fac02fcbfe0918190f705f667208c1f507980458eb1fdf3eb038ccf09510b92c0dffdfd46e6894c91552e577c567e88e2defb60459e89e8c3236b3c32a6e3c0f89f381b5aa01acd41a2378423f17d0935a314a6f3ce9fa6d8a9880f54c7360b40f30e8026e41b71d7b8799a568d50918d379ed472d9bd3d94b5f42b4db6d79e6f5ae0f21fd6898b99bc051dad0563f6f3a65a58e0fe908dd7a5f4fced92cfee6a68b45c6e8c4b0e3bee28103545d2a2755e45e90266036069ccd9ade1e2352ee0ba4d34e1a37d56bec8c4e539acfef", 0x0, 0x8}])

10:23:10 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x900, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:10 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1342.275832][ T4341] binder: 4338:4341 got transaction with invalid parent offset or type
[ 1342.292696][ T4347] binder: BINDER_SET_CONTEXT_MGR already set
[ 1342.318703][ T4347] binder: 4346:4347 ioctl 40046207 0 returned -16
[ 1342.328289][ T4352] binder: 4338:4352 got transaction with invalid parent offset or type
[ 1342.345858][ T4354] binder: 4346:4354 got transaction with invalid parent offset or type
10:23:10 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x2000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1342.369833][ T4354] binder: BINDER_SET_CONTEXT_MGR already set
[ 1342.390520][ T4354] binder: 4346:4354 ioctl 40046207 0 returned -16
10:23:10 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x500}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:10 executing program 5:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x5, 0x400)
setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000040)=0x200, 0x2)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00', 0x2, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r1, 0x111, 0x3, 0x1, 0x4)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

[ 1342.515746][ T4362] binder: BINDER_SET_CONTEXT_MGR already set
[ 1342.568456][ T4362] binder: 4360:4362 ioctl 40046207 0 returned -16
[ 1342.599288][ T4367] binder: BINDER_SET_CONTEXT_MGR already set
10:23:11 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x2800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1342.631568][ T4367] binder: 4366:4367 ioctl 40046207 0 returned -16
[ 1342.655754][ T4369] Dev loop5: unable to read RDB block 1
[ 1342.669480][ T4369]  loop5: unable to read partition table
[ 1342.689432][ T4369] loop5: partition table beyond EOD, truncated
[ 1342.700954][ T4369] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:11 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x600}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:11 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1342.831424][ T4379] Dev loop5: unable to read RDB block 1
[ 1342.841423][ T4379]  loop5: unable to read partition table
[ 1342.856746][ T4379] loop5: partition table beyond EOD, truncated
[ 1342.863915][ T4384] binder_alloc: 4383: binder_alloc_buf, no vma
[ 1342.883592][ T4388] binder: BINDER_SET_CONTEXT_MGR already set
[ 1342.897415][ T4379] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1342.926075][ T4390] binder: BINDER_SET_CONTEXT_MGR already set
[ 1342.931322][ T4388] binder: 4387:4388 ioctl 40046207 0 returned -16
[ 1342.952708][ T4390] binder: 4383:4390 ioctl 40046207 0 returned -16
10:23:11 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = open(&(0x7f0000000000)='./file0\x00', 0x101000, 0x4)
setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x1, 0x100000, 0xfffffffffffff2b4, 0x7f, 0x4454, 0x0, 0x20, 0xff, 0x7, 0x3}, 0xb)

10:23:11 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3f00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:11 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x700}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:11 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xa00, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:11 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
fadvise64(r0, 0x0, 0x8, 0x3)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:11 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f000078d000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x5)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x162)
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000100)={0xdd0, 0xeb9, 0xab96, 0x20, 0x2e1, 0x400})
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
linkat(r0, &(0x7f0000000140)='./file0\x00', r0, &(0x7f0000000180)='./file0\x00', 0x1400)

10:23:11 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1343.337054][ T4410] binder: BINDER_SET_CONTEXT_MGR already set
[ 1343.355536][ T4410] binder: 4402:4410 ioctl 40046207 0 returned -16
[ 1343.364413][ T4407] Dev loop5: unable to read RDB block 1
[ 1343.376404][ T4407]  loop5: unable to read partition table
[ 1343.404083][ T4407] loop5: partition table beyond EOD, truncated
[ 1343.439304][ T4407] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:11 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:11 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x2000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1343.568199][ T4430] binder: BINDER_SET_CONTEXT_MGR already set
[ 1343.581348][ T4407] Dev loop5: unable to read RDB block 1
[ 1343.594652][ T4407]  loop5: unable to read partition table
10:23:12 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x2800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1343.614035][ T4407] loop5: partition table beyond EOD, truncated
[ 1343.615188][ T4430] binder: 4424:4430 ioctl 40046207 0 returned -16
[ 1343.620481][ T4432] binder: BINDER_SET_CONTEXT_MGR already set
[ 1343.647756][ T4407] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1343.660174][ T4432] binder: 4429:4432 ioctl 40046207 0 returned -16
10:23:12 executing program 5:
r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x1, 0x0)
ioctl$sock_bt_cmtp_CMTPCONNDEL(r0, 0x400443c9, &(0x7f0000000040)={{0x8, 0x9, 0x6, 0x6d, 0x7, 0x100000000}, 0x1ff})
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

10:23:12 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4c00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1343.742162][ T4438] binder: BINDER_SET_CONTEXT_MGR already set
[ 1343.759395][ T4438] binder: 4437:4438 ioctl 40046207 0 returned -16
10:23:12 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:12 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x5000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1343.908075][ T4444] Dev loop5: unable to read RDB block 1
[ 1343.952254][ T4444]  loop5: unable to read partition table
[ 1343.986380][ T4454] binder: BINDER_SET_CONTEXT_MGR already set
[ 1343.994592][ T4444] loop5: partition table beyond EOD, truncated
10:23:12 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3f00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1344.002604][ T4454] binder: 4452:4454 ioctl 40046207 0 returned -16
[ 1344.007959][ T4444] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:12 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xb00, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1344.096471][ T4463] binder: BINDER_SET_CONTEXT_MGR already set
[ 1344.113363][ T4463] binder: 4460:4463 ioctl 40046207 0 returned -16
[ 1344.127435][ T4459] Dev loop5: unable to read RDB block 1
[ 1344.141490][ T4459]  loop5: unable to read partition table
[ 1344.161592][ T4468] binder: BINDER_SET_CONTEXT_MGR already set
10:23:12 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0x7fffffff, 0x8900)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)
ioctl$KVM_GET_PIT2(r0, 0x8070ae9f, &(0x7f0000000040))

[ 1344.190015][ T4459] loop5: partition table beyond EOD, truncated
[ 1344.191836][ T4468] binder: 4460:4468 ioctl 40046207 0 returned -16
[ 1344.223779][ T4459] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:12 executing program 1:
prctl$PR_GET_CHILD_SUBREAPER(0x25)
mlock2(&(0x7f0000bca000/0x3000)=nil, 0x3000, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:12 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:12 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:12 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$FUSE_POLL(r0, &(0x7f0000000080)={0x18, 0x0, 0x7, {0x6}}, 0x18)
write$FUSE_INTERRUPT(r0, &(0x7f0000000040)={0x10, 0x0, 0x2}, 0x10)
openat(r0, &(0x7f0000000100)='./file0\x00', 0x418800, 0x80)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x1000, @local, 0xfffffffffffffffd}], 0x1c)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:12 executing program 5:

[ 1344.513136][ T4488] binder_transaction: 43 callbacks suppressed
[ 1344.513152][ T4488] binder: 4484:4488 transaction failed 29201/-22, size 64-16 line 3389
[ 1344.534038][ T4489] binder: BINDER_SET_CONTEXT_MGR already set
[ 1344.548424][ T4489] binder: 4485:4489 ioctl 40046207 0 returned -16
10:23:13 executing program 5:
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x200, 0x4000)
ioctl$UI_GET_SYSNAME(r0, 0x8040552c, &(0x7f0000000040))
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
ioctl(r0, 0x4, &(0x7f0000000080)="6d15dcb69ebacf57c3baca55bbfe83066a256c108b4dd541ad196f4ab799d11762121e0200b5d747cacd722a47eef48e6c9bd64ff4e6204528c316fc10b2fc3ea6c86c321a9b2202ee2d39c72d2ea04405f5f985ecb7d845d14606b600fd0cf3fcfe7bd82fea3c60dc5fe0023370b26efac4928c8515d3527eccf7eb34c51e95494c638a30e8fbcd53d1031c2dd0ad24878878bc68062c6499c1a853ec9a03685295b3dd70b89a0e5cb56caad7f496809b37bac9e3cdaea5a01fe1df90315da07de953688a903e14e25c59118a0e38f370a4db6d0af25ff118abed9687ae2b8c1a8563d6ed10cd8d5462b596f19cb804bbf3f7df917e0d7ee46bb3")
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00')
sendmsg$TIPC_NL_NODE_GET(r0, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200100}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0xf4, r1, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x5c, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x66}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8eaa}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xffffffffffffff81}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xede}]}, @TIPC_NLA_NET={0x24, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3ff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3f}]}, @TIPC_NLA_MON={0x2c, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x81}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6e5}]}, @TIPC_NLA_MON={0x34, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x401}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x100000000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xa36}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4f1}]}]}, 0xf4}, 0x1, 0x0, 0x0, 0x2000c080}, 0x4000080)

[ 1344.557490][ T4489] binder: 4485:4489 transaction failed 29201/-22, size 64-16 line 3389
[ 1344.567237][T26377] binder_release_work: 43 callbacks suppressed
[ 1344.567243][T26377] binder: undelivered TRANSACTION_ERROR: 29201
[ 1344.582031][T26377] binder: undelivered TRANSACTION_ERROR: 29201
[ 1344.590314][ T4492] binder: BINDER_SET_CONTEXT_MGR already set
[ 1344.602561][ T4488] binder: BINDER_SET_CONTEXT_MGR already set
10:23:13 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1344.608867][ T4492] binder: 4485:4492 ioctl 40046207 0 returned -16
[ 1344.617016][ T4493] binder_alloc_new_buf_locked: 3 callbacks suppressed
[ 1344.617024][ T4493] binder_alloc: 4484: binder_alloc_buf, no vma
[ 1344.638240][ T4488] binder: 4484:4488 ioctl 40046207 0 returned -16
[ 1344.654484][ T4493] binder: 4484:4493 transaction failed 29189/-3, size 64-16 line 3148
[ 1344.687136][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1344.701409][ T4497] Dev loop5: unable to read RDB block 1
[ 1344.707167][ T4497]  loop5: unable to read partition table
[ 1344.724221][ T4497] loop5: partition table beyond EOD, truncated
10:23:13 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1344.744719][ T4503] binder_alloc: 4502: binder_alloc_buf, no vma
[ 1344.755453][ T4497] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1344.768250][ T4503] binder: 4502:4503 transaction failed 29189/-3, size 64-16 line 3148
[ 1344.794730][T26377] binder: undelivered TRANSACTION_ERROR: 29189
[ 1344.804851][ T4505] binder: 4502:4505 transaction failed 29189/-22, size 64-16 line 2995
[ 1344.842805][ T4509] binder: 4508:4509 transaction failed 29201/-22, size 64-16 line 3389
[ 1344.846810][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1344.873951][ T4501] Dev loop5: unable to read RDB block 1
[ 1344.879737][ T4501]  loop5: unable to read partition table
10:23:13 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4c00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1344.894887][ T4501] loop5: partition table beyond EOD, truncated
[ 1344.897274][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1344.909609][ T4511] binder: 4508:4511 transaction failed 29201/-22, size 64-16 line 3389
[ 1344.912025][ T4501] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1344.951430][T26377] binder: undelivered TRANSACTION_ERROR: 29201
10:23:13 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xc00, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:13 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6c00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1345.032595][ T4516] binder: BINDER_SET_CONTEXT_MGR already set
[ 1345.106203][ T4516] binder: 4514:4516 ioctl 40046207 0 returned -16
[ 1345.133653][ T4520] binder: 4519:4520 transaction failed 29201/-22, size 64-16 line 3389
10:23:13 executing program 5:
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000)='TIPCv2\x00')
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

[ 1345.149916][ T4523] binder: 4514:4523 transaction failed 29201/-22, size 64-16 line 3389
[ 1345.162333][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1345.170266][ T4527] binder: 4519:4527 transaction failed 29201/-22, size 64-16 line 3389
[ 1345.188302][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1345.195623][ T4523] binder: BINDER_SET_CONTEXT_MGR already set
[ 1345.219986][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1345.221036][ T4523] binder: 4514:4523 ioctl 40046207 0 returned -16
[ 1345.261754][ T4530] Dev loop5: unable to read RDB block 1
[ 1345.271279][ T4530]  loop5: unable to read partition table
[ 1345.287498][ T4530] loop5: partition table beyond EOD, truncated
[ 1345.304312][ T4530] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:14 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
arch_prctl$ARCH_GET_FS(0x1003, &(0x7f00000000c0))
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000000)=<r0=>0x0)
sched_setscheduler(r0, 0x6, &(0x7f0000000040)=0x1e9)

10:23:14 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000040)=ANY=[@ANYPTR64=&(0x7f0000000180)=ANY=[@ANYBLOB="4ab24694f9ffd7d04018dc4df702aab910b5f7bb571f0d7b5cabb0641f1eae2493d2f604f23fbec40feeac73035d18f86c4e8496408321938ac3658e669113e45e6e4f2b45f49e942dba74907e83fdd6bbbaac462b50fda76ed774d1530013d4a8b1c90cb668adbb11a9a83259bf255d", @ANYBLOB="7df8cb5e7dac44b7e5fc4f74143d573df152219e543e27199b09f347e8b5366c9eca066fa0a00b6b9331838d6433aa9fdd5b9335037d81bd9b2d480d804f727fe36ff67783b6dcd2ae7d46c4aa0f8ef64f70ed4c2d1564572c1a4dddf6f1358fe69304f583ca5fc72ce0167f7cb577adc0f9e36a765113ef2b34331b2b61a5cceae786c37d741911c8b2dee73c5b3caec9655703ddd8cfcedd1803d53c1ada8939534a9672a31c2ece8909f2b9500ada761a7182a207", @ANYRES64=r0, @ANYRES64=r0, @ANYRES16=r0, @ANYPTR=&(0x7f0000000080)=ANY=[@ANYRES64=r0, @ANYPTR64, @ANYPTR64, @ANYRESHEX=r0, @ANYRESOCT=r0, @ANYRES64=r0], @ANYRESHEX=r0, @ANYRES16=0x0, @ANYRESHEX=r0, @ANYBLOB="49f7ad702c0b98b806e8cf391911bd24d3e826360666de7ccf85a8c66123338c81bfc616f484e2ef9caac9171b4e25f1f598c3a09d56b1237fc588fddd18d4d19b57d619"]], 0x8)
r1 = getegid()
r2 = getegid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, <r3=>0x0}, &(0x7f0000000340)=0xc)
r4 = getegid()
fstat(r0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getgroups(0x6, &(0x7f00000004c0)=[r1, r2, r3, r4, r5, r6])

10:23:14 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x5000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:14 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = geteuid()
r1 = geteuid()
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0xac, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="34ece38f77498fa8809d1ecb464398adbea4c3fb1454c0fbfc657be3b404d5f1d5c5d87f5dfe5e4fc6eccb30e482f3b336e44116f7fb012cb22feb5babc44a639ed40e5369c14521deaf0ea2e109b08840ab7aab79a3f4770441b4bf871f2e2fc02a8e8672f42b9b96be55425e62b51227cd759b72cc4b7009681b58da3c9c705a17834444301fcb870731d6a1474013ec3aefb9c468f1fe5cce3b4a6eb87abb39889176f40519578112ba0d", 0xac, 0x7ff}, {&(0x7f0000000140)="f1e066b1114809ae7a9aa95c2f9452f56e661aa72ff1dc85f073eeda950d75989f961f44f79adaae454ed0ddae93c3af901e9b4c3c7d15be9aa1b514a5f929e23b464992d80a08f6ff72af80dd46f9f38cba2b39fdcb202040133b64cffa4045e4f4669d161dba03010d7b7b6d4a641af533512c5a06f9cc076d608214dabadcb710e95effe03cd5bfef", 0x8a, 0x6}, {&(0x7f0000000200)="9188dbddbc06e10e9b37746c6163b61e5737bd96b3c996d9e942064e295e162d3c26ff962245575c16943313167ec9f53a4172aa600f93f542c00e0cc422438c27c78c3ef3bd909a87ca1ffadacf9631ee84b9f74335c501b9dde391a6878b9de32e9be4d031edc4239f0009be05757d3819b0565a3f0ce584f3af362034b43ffbc57b9fc518959387dceaf3595627095c9c341abe1a1b9727d696c98c033d4f0c70cb22ca7b057598b61c2cdf82e0f6603417b4e528d8355de8e5e302b1421abeb74c97918b1db3a3c8fe008cafa80c36de2919833fbbdf306ce8fe08b9d430b739937d01", 0xe5, 0x6}], 0x819823, &(0x7f0000000640)=ANY=[@ANYBLOB='data=writeback,fowner>', @ANYRESDEC=r0, @ANYBLOB="2c6f30faa119cfd70699b9a1c1f7acc025d1626a5f747970653d2870707031042b2c7365636c6162654e2c6f626a5f740070653dd86e6f666576212776626f786e6574312927402c6f626a5f747970653d76626f786e646f6e745f6d6561737572652c6f626a5f747970653d6367726f75705e5c7b757365118683516b2e4e683f066c38722c666f776e65723c", @ANYRESDEC=r1, @ANYBLOB=',\x00'])

10:23:14 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7400}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1345.735364][ T4550] binder: BINDER_SET_CONTEXT_MGR already set
[ 1345.742607][ T4543] Dev loop5: unable to read RDB block 1
[ 1345.763942][ T4543]  loop5: unable to read partition table
[ 1345.768186][ T4550] binder: 4546:4550 ioctl 40046207 0 returned -16
10:23:14 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7a00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1345.799696][ T4543] loop5: partition table beyond EOD, truncated
[ 1345.832208][ T4543] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:14 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:14 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xd00, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:14 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x1000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1345.953955][ T4543] Dev loop5: unable to read RDB block 1
[ 1345.974345][ T4543]  loop5: unable to read partition table
[ 1345.988202][ T4569] binder: BINDER_SET_CONTEXT_MGR already set
[ 1345.995722][ T4543] loop5: partition table beyond EOD, truncated
[ 1346.007880][ T4569] binder: 4568:4569 ioctl 40046207 0 returned -16
[ 1346.020991][ T4543] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:14 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:14 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x2000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:14 executing program 5:
syz_read_part_table(0x5, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="ce0b01f674a0586b50fc302d58af15ca1ea7974e820074b61dc98eb60c89d8b30647bd8581074e2b410b12d9e76466", 0x2f, 0x100000000005}])
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x100, 0x0)
ioctl$PPPOEIOCDFWD(r0, 0xb101, 0x0)

[ 1346.106627][ T4577] binder_fixup_parent: 24 callbacks suppressed
[ 1346.106637][ T4577] binder: 4575:4577 got transaction with invalid parent offset or type
[ 1346.126076][ T4578] binder: 4575:4578 got transaction with invalid parent offset or type
[ 1346.229397][ T4583] binder_alloc: 4582: binder_alloc_buf, no vma
[ 1346.247992][ T4586] binder: BINDER_SET_CONTEXT_MGR already set
[ 1346.268120][ T4586] binder: 4584:4586 ioctl 40046207 0 returned -16
[ 1346.301217][ T4593] binder_alloc: 4584: binder_alloc_buf, no vma
10:23:14 executing program 1:
mmap(&(0x7f000063b000/0x2000)=nil, 0x2000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
acct(&(0x7f00000000c0)='./file0\x00')
r0 = memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000380)=""/152)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
r2 = getuid()
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@empty, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{}, 0x0, @in=@remote}}, &(0x7f00000002c0)=0xe8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300)={0x0, <r4=>0x0}, &(0x7f0000000340)=0xc)
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x4000, &(0x7f0000000580)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d142485b365bbe00aa51adf0b0ff23f6a27eccc87177f60fb466e8c7b875fb7d5c2e08fc35864df4a0e2479205382eed8481d5b9bc00ecbe5ca666d81f21aa0c7fee4a4d6c7abaa453fc764da237126008f48739deb0040baba3bdec888f5e2c9fcbf7dcb126defe09c49aa748ef1eb1d8a214147273ac412f44a25f6dfa778788730cf2a79b4e58baab350556d19a4a7a9253e7d15f8e8dd92d39459b683b0067791bc98806c19985fd2ebda33703acc6b3f0c6bf8a60541c70253a4e9a9de67e4462fb117884ac773f6b54746d2955648b124abc2c345a223f58c589e46684b96ecc473b5dcf00d74bf0fe4ea4ef2192c", @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',access=', @ANYRESDEC=r2, @ANYBLOB=',dfltuid=', @ANYRESHEX=r3, @ANYBLOB=',version=9p2000,nodevmap,nodevmap,access=any,fowner>', @ANYRESDEC=r4, @ANYBLOB=',smackfsfloor=\'lo,dont_measure,mask=^MAY_APPEND,\x00'])

10:23:18 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x5, 0xb)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="f03593bbb2e5082e68c4766e8d960fde7ec6a9dcb565269f91d576fbeafbf43cc8329c5a59a5592a9e9070cd4b1a1fdf47f5211437db9b7b10ad4ea72b3b556c525449d7cb024b24647044568082e262842452ecab85aafe295c4bc7cb8d543b4ba16781e202531026f64a95c4c22243f1974acad85de36e0e446dd650d0a68fdfd7bf824309782f1fcc5da1deb4b35886aca8ff0ca6dd6874631d2b988d65501e55add5d2292ab639d57b4c608c09d5487a516ac9ccecb9c4ae437dc0cd54f41634f8a61242d1d1"], 0x1)

10:23:18 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6c00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:18 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:18 executing program 5:
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/checkreqprot\x00', 0x301200, 0x0)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000000)=ANY=[@ANYRES32=<r1=>0x0, @ANYBLOB="05ec002263e8138063fbb52781d50c05b88451ea7a8b7aab5af8cb3511a0570664d48ef9b1f0657d5955d80df78568bbdc1b1efaa96d7276da40e2f0c25e0517092ccb25"], &(0x7f0000000080)=0xd)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f00000000c0)={r1, 0x6}, 0x8)
ioctl$KVM_GET_NESTED_STATE(r0, 0xc080aebe, &(0x7f00000012c0)={0x0, 0x0, 0x2080})
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

10:23:18 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x200000, 0x0)
setsockopt$inet_int(r0, 0x0, 0x12, &(0x7f0000000100)=0x8, 0x4)

10:23:18 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xe00, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1350.396696][ T4607] binder: 4605:4607 got transaction with invalid parent offset or type
[ 1350.418536][ T4610] binder: BINDER_SET_CONTEXT_MGR already set
10:23:18 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x22000)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000040)={0x9, 0x0, 0x4, 'queue1\x00', 0x9})

[ 1350.441410][ T4610] binder: 4603:4610 ioctl 40046207 0 returned -16
[ 1350.448084][ T4607] binder_transaction: 11 callbacks suppressed
[ 1350.448103][ T4607] binder: 4605:4607 transaction failed 29201/-22, size 64-16 line 3389
[ 1350.465581][ T4617] binder: 4603:4617 got transaction with invalid parent offset or type
10:23:18 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
getsockopt$inet6_dccp_buf(r0, 0x21, 0xcc, &(0x7f0000000040)=""/77, &(0x7f00000000c0)=0xfffffffffffffe5b)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000001c0)={0x6, 0x0, 0x6, 0x100, 0x5, 0x6})
openat$vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vsock\x00', 0x1, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="731379cbb17c684e1c264e60fa665a606dc735befe48c0ceefe3f95bde453d5ab88bbd786e81a8995242a86ac7234597c2734d00095de277122f34cb2a71537e4137f6eab7d738e2a7b7484e793a28a6e61512cf62e4fa17ce31dcd75dfe8f82b86d8b301285728460f2fb7f80b848459b71628b1067b04c4e13ba2c287c8802de7c9b557d3eca070c4c5526238fa32f0ec57ed12b2d7d68e29e08658b827f09b5c6e859b42519dd22a828cce9458450229874a6520f5cb48c6d721b0529e4de1e01b8e4aa8ff30bf133d71c4931b1ed5be33987242137fa3df14611a31de95bb90726e5d6c7eed6396cb2c3ebd60b62ae6c3acaa27f858b48367153f54e9d91f8282f706d1236f55fd43cdef6438b1ca83376f3d7dbb3352ddec10f3615d2edd550d3bebbb9ead8362410e198"], 0x1)
ioctl$VIDIOC_G_AUDIO(r0, 0x80345621, &(0x7f0000000280))
openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x109100, 0x0)
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000240)={0x86})

[ 1350.513806][ T4617] binder: 4603:4617 transaction failed 29201/-22, size 64-16 line 3389
[ 1350.523005][T26377] binder_release_work: 11 callbacks suppressed
[ 1350.523012][T26377] binder: undelivered TRANSACTION_ERROR: 29201
[ 1350.540152][T26377] binder: undelivered TRANSACTION_ERROR: 29201
[ 1350.547173][ T4623] binder: 4605:4623 got transaction with invalid parent offset or type
10:23:19 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7400}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1350.562882][ T4623] binder: 4605:4623 transaction failed 29201/-22, size 64-16 line 3389
[ 1350.575376][T26377] binder: undelivered TRANSACTION_ERROR: 29201
[ 1350.601187][ T4621] Dev loop5: unable to read RDB block 1
[ 1350.615301][ T4628] binder: BINDER_SET_CONTEXT_MGR already set
[ 1350.623873][ T4621]  loop5: unable to read partition table
10:23:19 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1350.657145][ T4628] binder: 4627:4628 ioctl 40046207 0 returned -16
[ 1350.668629][ T4621] loop5: partition table beyond EOD, truncated
[ 1350.701010][ T4634] binder: 4627:4634 transaction failed 29189/-22, size 64-16 line 2995
[ 1350.706293][ T4621] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1350.738565][ T4637] binder: 4636:4637 got transaction with invalid parent offset or type
[ 1350.748247][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1350.764528][ T4637] binder: 4636:4637 transaction failed 29201/-22, size 64-16 line 3389
[ 1350.783497][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
10:23:19 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7a00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1350.793976][ T4638] binder: 4636:4638 got transaction with invalid parent offset or type
[ 1350.817715][ T4638] binder: 4636:4638 transaction failed 29201/-22, size 64-16 line 3389
[ 1350.840506][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
10:23:19 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x5000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1350.868254][ T4621] Dev loop5: unable to read RDB block 1
[ 1350.889939][ T4621]  loop5: unable to read partition table
[ 1350.911733][ T4644] binder_alloc: 4643: binder_alloc_buf, no vma
[ 1350.944593][ T4621] loop5: partition table beyond EOD, truncated
[ 1350.952472][ T4644] binder: 4643:4644 transaction failed 29189/-3, size 64-16 line 3148
[ 1350.956359][ T4647] binder: BINDER_SET_CONTEXT_MGR already set
[ 1350.970907][ T4621] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1350.998333][ T4647] binder: 4646:4647 ioctl 40046207 0 returned -16
[ 1350.998359][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1351.011453][ T4648] binder: BINDER_SET_CONTEXT_MGR already set
[ 1351.021186][ T4648] binder: 4643:4648 ioctl 40046207 0 returned -16
[ 1351.024897][ T4650] binder_alloc: 4643: binder_alloc_buf, no vma
10:23:19 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x1000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:19 executing program 5:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x400, 0x0)
write$FUSE_NOTIFY_INVAL_INODE(r0, &(0x7f0000000040)={0x28, 0x2, 0x0, {0x1, 0x2, 0x401}}, 0x28)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280))

[ 1351.064799][ T4650] binder: 4646:4650 transaction failed 29189/-3, size 64-16 line 3148
[ 1351.108325][T26377] binder: undelivered TRANSACTION_ERROR: 29189
[ 1351.119390][ T4647] binder: 4646:4647 got transaction with invalid parent offset or type
[ 1351.140580][ T4647] binder: 4646:4647 transaction failed 29201/-22, size 64-16 line 3389
[ 1351.169909][T26377] binder: undelivered TRANSACTION_ERROR: 29201
[ 1351.185492][ T4655] binder: BINDER_SET_CONTEXT_MGR already set
10:23:19 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:19 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x1100, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1351.210930][ T4655] binder: 4654:4655 ioctl 40046207 0 returned -16
[ 1351.247494][ T4660] binder: 4654:4660 transaction failed 29189/-22, size 64-16 line 2995
[ 1351.272220][T26377] binder: undelivered TRANSACTION_ERROR: 29189
[ 1351.282404][ T4655] binder_alloc: 4654: binder_alloc_buf, no vma
[ 1351.405424][ T4671] binder: 4667:4671 got transaction with invalid parent offset or type
10:23:20 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
pread64(r0, &(0x7f00000000c0)=""/85, 0x55, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:20 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x2000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:20 executing program 5:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x101002, 0x0)
ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f0000000040)={0x6, 0x0, [{0x8000000e, 0x6, 0x4, 0x2, 0x756c00000000000}, {0x0, 0x0, 0x9, 0x4, 0x8}, {0x40000007, 0x7, 0x81, 0x80, 0x7}, {0x0, 0x2, 0x7, 0xffffffffffffff7f, 0x3}, {0x40000000, 0x9, 0x8, 0x5}, {0x6, 0x26, 0x6, 0x5, 0x80f}]})
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100), 0x4)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

10:23:20 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:20 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
prctl$PR_SET_FP_MODE(0x2d, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x4)
write$binfmt_misc(r0, &(0x7f0000000040)=ANY=[], 0x0)
openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/validatetrans\x00', 0x1, 0x0)

[ 1351.878401][ T4689] binder: 4688:4689 got transaction with invalid parent offset or type
[ 1351.903283][ T4695] binder: BINDER_SET_CONTEXT_MGR already set
[ 1351.909322][ T4695] binder: 4692:4695 ioctl 40046207 0 returned -16
[ 1351.929161][ T4698] binder: 4688:4698 got transaction with invalid parent offset or type
[ 1351.950652][ T4687] Dev loop5: unable to read RDB block 1
[ 1351.959986][ T4687]  loop5: unable to read partition table
[ 1351.970385][ T4695] binder: 4692:4695 got transaction with invalid parent offset or type
10:23:20 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x10000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1351.975362][ T4687] loop5: partition table beyond EOD, truncated
[ 1352.005009][ T4687] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1352.006130][ T4695] binder: transaction release 6791 bad handle 1, ret = -22
10:23:20 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:20 executing program 5:
r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000000080)='/dev/radio#\x00', 0x2, 0x2)
renameat(r0, &(0x7f0000000040)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00')
syz_read_part_table(0x0, 0xaaaaaaaaaaaac6c, &(0x7f0000000200))

[ 1352.150957][ T4704] binder: 4700:4704 got transaction with invalid parent offset or type
10:23:20 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x1f40, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1352.210357][ T4709] binder: BINDER_SET_CONTEXT_MGR already set
[ 1352.243178][ T4709] binder: 4707:4709 ioctl 40046207 0 returned -16
[ 1352.256192][ T4712] binder_alloc: 4700: binder_alloc_buf, no vma
10:23:20 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x20000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1352.286146][ T4713] binder: BINDER_SET_CONTEXT_MGR already set
[ 1352.319212][ T4713] binder: 4707:4713 ioctl 40046207 0 returned -16
10:23:20 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1352.425633][ T4721] binder: 4720:4721 got transaction with invalid parent offset or type
[ 1352.484908][ T4725] binder: 4720:4725 got transaction with invalid parent offset or type
[ 1352.513234][ T4729] binder: BINDER_SET_CONTEXT_MGR already set
[ 1352.525028][ T4729] binder: 4726:4729 ioctl 40046207 0 returned -16
10:23:20 executing program 5:
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x4001, 0x0)
ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000080))
ioctl$RTC_VL_READ(r0, 0x80047013, &(0x7f0000000040))

[ 1352.547535][ T4729] binder: 4726:4729 got transaction with invalid parent offset or type
10:23:21 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x5000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:21 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x28000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:21 executing program 5:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x404000, 0x0)
ioctl$SG_EMULATED_HOST(r0, 0x2203, &(0x7f0000000040))
syz_read_part_table(0x0, 0xaaaaaaaaaaaab79, &(0x7f0000000200)=[{&(0x7f00000012c0)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17667bb6f960518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0c407372b11256cc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d9e78f43480980a52f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c46eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc10b5151e7be67943622fab91613a7c8ae100609631ccf72324273773fc476b3f36fa9a91c7c0dd2b72efb786d836cb6e72455d9524cb2e91451b584f9f68d5e6f02dbf611007330287fa396a73e0f17bd535be68f6eb1697232abf11248cbf7976f47bb9e70dacc50c9276221e9e90c62d68cc3285e586b3354a31b66af674e779e2fa8e1796214cd722d5a4d3cadef26e37027d1d32ee7a56b34f7b4d1813aa3b4188c3d30e701b38162bf3666ad7480027e8287139b50011e1826d2b1488bb432642123a1d56809e665dbe9f0f7dcfba4805af8db60a280fd5a00692777a360d8964bfcf978d87c6b9ee402675b470cfb6c", 0x1dd, 0x23}])

10:23:21 executing program 4:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
fallocate(r0, 0x4, 0x3, 0x2)
r1 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$ASHMEM_PURGE_ALL_CACHES(r1, 0x770a, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[@ANYBLOB='s'], 0x1)

10:23:21 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x5)
openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x10002, 0x0)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

[ 1353.026178][ T4746] binder_alloc: 4743: binder_alloc_buf, no vma
[ 1353.048022][ T4748] binder: BINDER_SET_CONTEXT_MGR already set
[ 1353.068454][ T4748] binder: 4742:4748 ioctl 40046207 0 returned -16
10:23:21 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1353.123676][ T4755] binder: 4742:4755 got transaction with invalid parent offset or type
10:23:21 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x2000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1353.175845][ T4759] binder: BINDER_SET_CONTEXT_MGR already set
[ 1353.227302][ T4759] binder: 4758:4759 ioctl 40046207 0 returned -16
10:23:21 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x38000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1353.276828][ T4766] binder: BINDER_SET_CONTEXT_MGR already set
[ 1353.399047][ T4766] binder: 4758:4766 ioctl 40046207 0 returned -16
10:23:21 executing program 5:
r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x8, 0x10000)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f0000000040)=0x1)
munlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000100)=0x5)
r1 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0x7, 0x204882)
ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000080)=<r2=>0x0)
sched_rr_get_interval(r2, &(0x7f00000000c0))
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

10:23:21 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:21 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3f000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1353.644274][ T4783] binder: BINDER_SET_CONTEXT_MGR already set
10:23:22 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000000000))
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0xb0b00, 0x0)
ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f0000000080))

10:23:22 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x40000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1353.689478][ T4783] binder: 4777:4783 ioctl 40046207 0 returned -16
[ 1353.811553][ T4789] Dev loop5: unable to read RDB block 1
10:23:22 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x10000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1353.859269][ T4789]  loop5: unable to read partition table
10:23:22 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x48000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1353.905284][ T4789] loop5: partition table beyond EOD, truncated
[ 1353.963581][ T4800] binder_alloc: 4798: binder_alloc_buf, no vma
[ 1353.970895][ T4789] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1354.016855][ T4800] binder_alloc: 4798: binder_alloc_buf, no vma
10:23:22 executing program 4:
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video36\x00', 0x2, 0x0)
write$binfmt_misc(r0, &(0x7f0000000180)=ANY=[@ANYPTR64=&(0x7f0000000100)=ANY=[@ANYRES16, @ANYRES16, @ANYRESDEC, @ANYRESOCT=0x0, @ANYRES16, @ANYRESHEX, @ANYPTR=&(0x7f0000000080)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRES32, @ANYRESOCT, @ANYPTR64, @ANYRES64, @ANYPTR64], @ANYPTR64=&(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES64, @ANYRES16, @ANYPTR64, @ANYBLOB="a82604bcb4e4629d330ee4fafa9bd8e4015f95e3cd59a8c7691c8140ebc096c5e86880a9c07760583a7eaa485a1ea779d72cff166b12ac896cc0336abbc238f42105b4581fb2b69b14dec615d36492cbe5e26d4be0528cec580e613ec30e3397b77738b5b18a93112efefadd872abf59b98d1ea5dcb8645d605a1e9b21332f1dffa1224a5dbbf3ea982109bca61636108d2de2919504814e806abae66270b809362aa0aea442f799bc9fe43c4205e37c7d406a2ea19240b890766ea8e9dbbc45608bf2af991215aeeaa3317ff7ace36c72571fd45f2bc462cfcae74a1a4b324bb1e0e754c7b3f3f3", @ANYPTR64, @ANYRESDEC, @ANYRESDEC]]], 0xffffffffffffff9d)
shmget(0x3, 0x1000, 0x1, &(0x7f0000ffe000/0x1000)=nil)

[ 1354.141012][ T4789] Dev loop5: unable to read RDB block 1
[ 1354.146664][ T4789]  loop5: unable to read partition table
[ 1354.227290][ T4789] loop5: partition table beyond EOD, truncated
[ 1354.248741][ T4789] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:22 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x20000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:22 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x3200, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:22 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4c000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:22 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000480)={0x4, &(0x7f0000000040)=""/195, &(0x7f0000000400)=[{0x100, 0x70, 0x6, &(0x7f00000004c0)=""/112}, {0x80000000, 0xffffffa5, 0x4, &(0x7f0000000240)=""/172}, {0x101, 0xa4, 0x7, &(0x7f0000000300)=""/164}, {0xbede, 0x14, 0x6, &(0x7f00000003c0)=""/20}]})
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000640)={0x800, 0x0, 0x1f, 0xfff, 0x9}, 0x14)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000600)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000005c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="642efb60ff722a0000", @ANYRES16=r1, @ANYBLOB="000327bd7000fedbdf25030000002c00020004000400040004000800010000000000080002000100000008000100000000000800010000040000240009000800020001000000080002000100000008000100020000000800010009000000"], 0x64}, 0x1, 0x0, 0x0, 0x800}, 0x40001)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='q'], 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000180), 0x4)

10:23:22 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x1f, 0x2)
ioctl$sock_netrom_SIOCDELRT(r0, 0x890c, &(0x7f0000000040)={0x1, @bcast, @bpq0='bpq0\x00', 0x200, 'syz0\x00', @default, 0xffffffff, 0x5, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})

10:23:22 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x200, 0x0)
sendmmsg$alg(r0, &(0x7f0000006b80)=[{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000100)="102c66b5e800189a0eecfa21287c50e66f28ee5ceb1fb12233bbca20b92c6ee6b7c3468434458354de76c39bb6b67d14881f1db9002f9ce22641bc6d424bb0bf210a911bc5b2fbc6ec305c19ef67dd4f843a5b485e1c9b383fe5847fc0edd8d45edff6d5b585117b72407ea0b083d5bd5803c63e63d76a0d013a32857433bf8c503601be399658681c18", 0x8a}, {&(0x7f00000001c0)="f264314036ac791be23c3539aaeb32e2d1daa0823c364d429df1a2887861d9c270f56d2253ea8a550fd903850247ebb8eb8aa6a84108472940f5cab1c6650ca793c4e55e6e010d262e39739ed4dc9289e78ebbb57f7d6cc19ea00bf68d58c8f76aff018cf3a6d238e1226f495079d5c797e42365850751c2826f794f51fe7be0ea6c7252750689270e00a8e3828ae62169360b214ef17652cee9aee1b187dc8da80c0a306138d4751f630d7520beebd57bc8725fad15fd6179a82313f66c362228d65b72725fff35695aa4eb2aae7112d844", 0xd2}, {&(0x7f00000002c0)="9311cb0f2313c9fc7d04ecd98538a649b92a46ef517dbb7e", 0x18}, {&(0x7f0000000300)="b5c59dc0aca7afe7423e4f5331ec490ebffb3383057e4890cfeca01a41c499fe66a52877e359a2067380839e8541d8f65587b69190b1f65d26f74c05122d0782ec0be0bb156c17", 0x47}, {&(0x7f0000000380)="c335babba683cf4a61b84d3660e31e697ef9060e1ef830630967c82ba75d21a337723cb603dbffc4", 0x28}, {&(0x7f00000003c0)="9f55019336dad7d1e34698b7ac33c8275cd512a65f19e18fba2336591ba07847f268983c8b2a2bb19ff935202efb6850a9f55873bf08fc5e8c117997af290e07b0d8409be4e7445143139280108690af182b1e9c4c58eb8ad989eb2e79e0f8be55f7a4dce3554bc82aab5d55b3e787d92847ff4e046890e64bd7ed62beb39811747e307d3156cf941c37305ac03dfbedcdee70c94330f47f1a622cc4ca4dbcdd66a8df83256590109e2e94bf7e1d3d152144fa8b95d9d0765ab401dbb52962d32bb8bea2abbf69220401c5cf2ae5968866667b6ea2698d83b3dd8b58aa64e38153d0ee832f29fe673f30da425c9b98b90b70f73b868697d07de1105d62a440144146899a56dde25e6e99d4b6a047902982e1f2f236be5339aaa6b68d24cf87b3b1b1e4ecaae51c297b730ec0ffc3e1818f1ca98e063cf190be468cf9058d696a5dd02391e65dddd9f116f8075264a88c747277e0a7da759d1a3b7d92829d7a3781510c410c95a9655fa121d051df6500101779135533a64a430b96cac8065c8d625056fff6e8ea1acc6d40246de0018a87c74d192c13085671a9df3d65f09f34c2430ed3d7b950b26aefddf53629fbd2dbc72287a7395bfc47c0576b1af1909d1456ad553081037fe86d8c454cd941f5e4f7c7e1b575bce727f1db4b07d12e50b2ad56cdec5ee838fafa9350f66a118b313a132dd2835aeab14df0d675dfa116019b3fe4dba0c75c6a7b47b686da8799b648ba0a1ef462233665ef5c6d31d8411fdf08e93f3bd180402d92c26de0e4f4cbcad40cafdf9fd8d0fe425922b71118e2723a130cff4300afb777ef026d559511baf1c7c8599a94dccd15bd5b449948e17505adbb7fac58e3b3f22ac64bc4d60c94f76b5bee25638996fa3c70ca275868a853053e81e44643792bc4c531560682bbc31608f347772b4604f04d7ce7b263c863310170644b6a032aefc4f69fb75fe1e05a2bc3432a3c551e57d52fe850c980a306dcf20186a8a5160b53a1cab8e514a4b2bec0674f56d6cf4af9e4eab6741575f9388409d81e574b9b8803bffc3f22779afde0de029b27bf5e9eb248773311be38926294f919460c6ef3b3f5c25afc27d4bdac1722106b57fddfe8adb25275ea66ca87176725fc351a4104ba3fa89b4eab53ccbf845ecb863c26516238c5ba4d0436ad47de08aa419ef4ba711c89d9aec199a4d0c0e1c015d993438297dc9b5548a4abb7082eb084b605eb6e1c2ad3673b6b0eb857fe994017fa4efe7688f180a1517717a1d79856f900524bb67411365a423012a28ccf7230512f9bb3d6a64ca974e6cc388e244d5655f6085b24daa90a0c770d7f86e796ac8d3e2d21086b22edf0d428a3cb5d256f373b2ff8684394f939833c45913f70de12b02f2d093b139b9ba9db34bd97fb3d2afb6f727dc22fa10c40db7a82fd95b18b283881404df64e534e9249f2791cf6889984243f56986571ee5fdcba71b2266083500a1908525756c12b008f9db1a3d621de92aa1a579fdb866e3e5800483deb70556cecfe683b0a3c05b97ff21c7ca737dc9473d8e720889198f92cf880b77e95d073b8c8bd896160003a3c29769bb41bdc38df96a5733c06cfee6e1d0df1e7dd2c8dfb32bda7773c8ff884915baef7df42ca415dfe3081f04fe8a019f179b1116b2d29af24435a8530c15a03bf759ea7c4ad6ec86d15030e7aa805a4e2a99bef3fe9d12988648ab8cff13279125cf751153ab500d77edb1638b239c59a963a5e9398a1bb48d37a1dc980bebc04351068b6b2e8cc511c8ee220077ac28749b912add23ae1f33012718c457daced59a72bdf976221a822119678cf9e10d1f22670ea4da4e25c755773740881d17c06c82b3c351ebebb1018bd1082d65ee7ab88c1d753a71f138f24e45e8c96a39bd141aa6d948f6398661be83ea1e03f50ba2ef0af10a531117a821c8bb13f3867746a74582b70e09d7b35798311a69426558461ce2faec9fc6ffa546df4eaa3384ef6a11cd5294ade107336c1edc40ace82005a1707848f6135ddc8cf5892e1b8e633232ef407d770bee82a4611826fdd53b8203ea048c31011c0ba16a8598a5ae794090b69bc3965f473420fce8b73900caaf6c89e2b35a128f6f3b80f4a90bf9ae8851508aad8168a038dc0564f30ed5665ab1c8d583576c5025a1baf2cc719dc40c16ed1ade3eb00a720f0132d14597b98d44ce802850e98f73a39442cc480082e5669529038dc95f994b80647f1b08eb6f7584571325956b9f4f1ce19d29c12a6f8335515d7c01fd0005ee08a2c5427f9792caee186b1ecb4ae32311afd35d854b314ee663e968368e2f94622f25fc7f7ba7e7133c237f33c617912ae5838fd7662f378490569d7f56992c5f432e024bf4b0e09d39185e84c78f041dfe18676badcee8be06bafe9c776c1fb511398367c0497e7bdc561d11fe865833af80a926e95591d37ee374d1890a885c6667b42c5c197079c7ae0dc31023b9460e72287ecedc009fb2966221846db58293c0971ac54b33eb7cf1c7010334e1b5a0ea68cfd29588a56c64a79d47d0221540e70b4cc7faa3ffb354875b97711238c407050ccae0f01e8d904eaaf30ec7309c65aba67c1ee0a0dd90b57b3c21477c34b27c0f76da94112c34fe739dafb6b90a01b552454ca6d360907d2915c45dc8d7885fc52d8108fcf89a8c3822c7ed142ecf05b493e00b8d1c2b3eef6ddea7a179ff827f234f09d2fefd24fb14de350719603c1be4eb59b975c958ebb54f52969900321cf2ddf9e6c6cf7a1d18b19d180309bb5666aec93bcf1e6310652270134b88702abd42f07c75a40974ba2fa0c17614e8ef43cc407e7335e31a185849329ffb472e4e296c0517a8a5313f2f0009f2e6922e204f545995c5f44ebe79e6e39e1223c95da48ba16278d049b5745d08a38615eac3ccaa14d66d80b34ea265babaef605bed7e967786129bbb8c9469c961c4c1b47954c3a378a01fadd673f3703c96143407cca99e324640fe4741964a8b1a18c6c13fb02768889514254892833a97d5b17932678512209aff3817073f0e6f31ed19fc11215de22a0febc70aa95c3f51eb2b29091f1ad58ad83afe4326bc72eaf1f4b7961d088458c44a21bfd220ea8a9b9f1a4cb72587c658e1a348055beb8fc9bfbdbc1251e58ac5003bd34cfb609f0687a5852d152744e14ff984af493807fbd2a4563c9fe4e7df8c5b5a864505ec5f1e8b50e0c510b539a344b79c5092374bdf2eb6a52d663d7cb0434d0e125a424fed08fd5b0484626baade3f082d2189e412cc1058077f9aded01da80c995cacff4055a019084b4f09bdc70edc227f1bcc656de85e1583e5abef45da684b9a43909089f47649ead1a41b9bf69730c3b0d97f4bb8268ff957442338f73724e3d9fb6c59d51c9c0025dcf4476de37a45e49dac1d222ad9998c22704a5fcb36137c0cce0a1a9ec19c8d1d0eb2f7a71f07e5cdfa0bd9e6bfc040b709826a77e9388261dc98c8c241f707f66400eac9e3e63cdfe845fdbd47a2b0dc2d4f6c1f8dbba0ad5ab8aab4acde2dbd9ced4ff21bf12522e69322a1585416b2cff79b0eaedbb73b3adc774529c4effcbdc16273e67111d13a7834d6aa1e0c7a7905eb409c92bf2a19d9158d64a773463e5d6b5007dda0a8eeb644bc7977a4c78e2ae17a909d5c37370338860c00f454fe70ef2e21724be0cb80c4135eeb656751f7099ec7799d59e5d172f006cab524daef4fcd5eddb863dfe4d38a4c3e29801e027f94a9649d0e8e0aed2aaf60430cc88041aabd4ace9db8166ebb8a1cc3648f6a0218c2eaa1c21c4294a83d655518c6ea13b19007c7e55181ad934ee13a63810223344d334bed9aa3aa0c2cf0ce88089fcce59201ff43918cb0215ae71b2d3f06842551b997b6024fcb1fedd2a1e8f3248e7a8ebf98baa96be9f896c6de0984a796ac216ddc404bffa23d86d33c41a1131e578199cdabf2d0f98fd982892a2e7d93835e711ca0eb872f6a5e7076ee1dc10b372c1c6c7ed7d5eb6762ff6c7382019a56b0a6d4385e63e369e3be68e4c112ca2ab2a8993edb8d4fc87ae3e070a0590724240dc15a6c1c619934141518ac09936a310eb57c88ac7690663437756817ed5227a11da56ccd4fe80eae99c45e4d0a9cb63348afca9e52f4aa3a4f232a709cdaf75a4a1ee3583f6706c916713b8e363487eea7072ff490ba3c1311345e91525f4bd398586f5607f77e108545ff879953f7fe1ccb2942ca3a058444f1c0ffd6f1c96bfd6b9d76a95c3170b41f749cea0e6b365743c3346a94b96a05223342efb48dfabc66c4b40aab8523e3ecbc8c5ea5b4173bd65c25e6520dc78a35c40b8af79003fb9a34cba34b76d178ed3b193777798b50f4e6e934671d1f5c943d89e098e2dcc9c727828a984590acf960d1f3a647e5c9cacb71153bbdfa7128dc6c2178f669e3d40b52d2799d6ad09e4202ccfda545df0bd2a0e31bb7308e9e2e875a3ffcf028df45ae29db37d98a75c2c367f52fd859fc5bb179b95fb37627ef4fc79b3a126a7fb2f3245f059e9f3da409aebe4d334b059fb77b8e527c207878451d0dae25389cd892f49774e137ec139e6eb13d0447684d42d05425979093586f2c42c894fc9ac6167d79aa48810d7202aa843c9809b5720c32336904e5337986b5bce90d08638667dc980a0e82cc0c47048fcc55e01df86247499ccf9774eeefb09be8fff4c679f6221352dc5f82d590f11cf99f579d26f4fcfe2291feb7f3bf3e893111315344b2091249bf085fb8bbf46f488b976333118b215f239a3190f77e2514143615ba7dbe9c0efa3c123bfab3a302c415d6b504d2ac0c16950f0bd5961b7ec1e6ca82f20b419c2e2eac6f39ce865c696f00a531059ccaa45d0c776d2a289c0400a8603f1b6d77b898374ab97a8a43d341360d02cbaf32e60f3f96ab2dd2cc1e9da7220140afa27794dc820baf5e0c5391b1394f335adbbc66a00400f096525ab9b4359d2aef02cf5bfee0530bd2760144c739290b17b3e96bab8e1edd91ee86a6fd0da17338fc7f7620b1afbb3d9b80143868271218bb1b42d16d6ea6505354be5f63f069b56a121586fc7843b899f5cb2e194430379797ce1082ac82ca88f6fae503d0412e6ee6a16354ddbda9cf98550487af46b28c5ee13b92a870726a04e25c273dcd1055330056bdef9d324c4fea824b90dfcc639920002dc6f243b70e6e5a925850598d8503c018435d0fa6cfb6ddb3c7691860e8b25c264fc2b153162096832fc95b2d779dbdee7b03620e65cecc29857ad957e8e174936c3270e427a75c98ef7c590a1384514253a8d318ab1a6058152cf7e02105b363dc3b9c4e2522e76f632a7b24562229636bf6206ebc570565bf467a9278f74b3eb7fe45f4e080f7ba5d7800a643270fb52cdd2ad5399c46a4893fc5b52cf7fe65dead5962d41cfcdb5cce96f9f307666fdc1fd3649accfb9244549f4cfaa56df618cb0c4d9680814486bdda70189530232d20cf5282ac7cf13603ba33541a1aea0a9aa6b6c80beb7c644750c10f1aed82a7283cd84a12dace6e8759efecb7ff367e8b8632310664886da42298b32bf5911ee3fbd30e9b954f9f4682eb8c3cf78f56dc9e10e8230b8fbce9a2d779387b081abf1b3cfa8953a81e51288ec7b93ea56ca02776348b7949e81179c3940b2d7f570f35350a0e6c516b9b887faf229036d86f1794ff75ad525366b9260edd64ed225287f5bd35d828750ff51f8162a9868d9482247f54c744711cce333aa041f4a932321936269e0a760cb", 0x1000}, {&(0x7f00000013c0)="2bdbae2ff993962e0be57f538e23d4a097a0a052ca9ad0495564c0ea79a5360930b676062723e1e4f0298cd23576ea8e995c101fb311d825db9aa5f9e61b3ebc4135ef0cf1f46097fba2e747f0039a984dbbaa5482636d", 0x57}, {&(0x7f0000001440)="29e7d026c13d0885c39078b9186a986db3823e16bf563a4777a27157bfd6f2fa8b8953bba56d3ae9223d97ce2ddf39f6590cdb5698cff91d54cf09c2675fcaaaad", 0x41}, {&(0x7f00000014c0)="1b8a4db23789d29102f56b091652ea66b9f1e772e429eec6760c6c70a19b47502e3a428e461aac643a35490b4b1b5190d736f4ad383e815e75bdd2964bb7bd7a1e85af3b4bfd3b5ae2643c907e1c03d7cbd4f411499ff92e7e34b8e4cbf4a7", 0x5f}, {&(0x7f0000001540)="f43ae271a2659b092bf7d76df16de7b06c50163b6084453c338d374fd1903430d6d4645a17adedfebf4c97679dbe0758a06675d80c12e8523b4b1df47c5c055e4185dbf47e0219e8a08172", 0x4b}], 0xa, 0x0, 0x0, 0x800}, {0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000001680)="b9448e25024335e3a342d21a7eaba67febb0a53c7cbc0d12576f5637a40546c1c6c266e823bcb2fc760ec116369cd327674ac0c8ea3a6669315545f96f6dbc2e33c0f9f4ae4d5694af11973a7d9ac6fe3b7642261691ef22740751ca637825bb5657332fa251f28bf0e83138e54e5b9c8c12d7dc55f24be3c5d382ee94537d85d8dc4df38a4300b3490954a6aee91a02208fe0a575ce65e6e4340ea53631e73cb10b03779ebd7590a5f0525fbe4bdb4c175d7635c85765e390e18b2322eaabd6c5f2", 0xc2}, {&(0x7f0000001780)="41b08ff4eb6010b3d9d708b4b07b9f1258c4a3e1327d0b7ea9fa8dda72804a81469c96b896d532f10940befa540834c6825dead7b0070a7e8c18ff15126483c848e23ed56fa2798b66c3fc555072990a8296c30777e369ba1ffe7119bbf9faa13da686b78d7887ee1b0c6de4a7a75611b08fe872619d5b7346bb8738406f9c6390334c847012862f5f7aae239458f4969594469749a9e5f627ef4961a82649684079bf4935455a4f27089d746fc1cc9d55d331a2b03f6b805cf1cdf44ce8c9d7e17c9e9f6b40bdd8b691145305bb87", 0xcf}], 0x2, 0x0, 0x0, 0x80}, {0x0, 0x0, &(0x7f0000001f40)=[{&(0x7f00000018c0)="02b923c588efab4f23365c4600bf5b586ebab9ceb3006e81b50f5ff75ee13ad1a374ca128d6ae3a669f2ad34bf1bceb26804573aff284f8d1a5d0220cb2154bdec185966296d4e365e10811d00b82d47caa635e7bcd7bddbff63a06d836aca433ba83aed7888c0189276053649fbfc4460fdba64b01b8f7aa0b6d3acbd200ec9a1a123809b8ca62741d168543ba7ba3e1e79151f07bab84738a44445bfe618ed64f3197fccfae2a22fa40c4578bfdfe04e3a3a895228101ed5b63797d220ca1a312133", 0xc3}, {&(0x7f00000019c0)="5a38cc7938896a6327909ca7daf906e5a3057552d02ea06dea5f95e8ce5fda58e58850514a3f63c7750853845917b514d3033d4aaef4e464b02b95e4c5d54dfa6ad43f78feeda11c56e88901f49a08af053c3f46aa6398ca22d37d29111002e2a2c07341ff482897c7892d4001dcea6abfd5f24db780b7adaf2130eedc3488f2b2928dcda60b7472d03dd8ef38e846cfe31d9b44f5b52ba5ee5e2e075741eb34757a50900890c0e229151f87bf9764ae50187e7606e6c16d1e", 0xb9}, {&(0x7f0000001a80)="c3ad6a32ead12a30aabe0cced3e8a1aa56d3fc3a9efeebe4b39ad247266338ab5488a0523bfee4ce5ddb1af1d8212e23ed6d8701c16400", 0x37}, {&(0x7f0000001ac0)="4c823d6bf84d4f4dedd5f15900148ba73a4bac30de2e7784664bc4dccf9080af6cd31e478e0ec195f20186e0acfb0a5ea7275b056b03cc76073169951838c4abdcbe3abbc3dbbd9987517763378acf1f066b940fa54308592d429100698510489686127ed7d3639cc0511745b5fe8fe0a9f21949db1a9e80d1ce7ff894a4e3af879417247afa354dc4b342a15291ec23c1748566b34542e2ef0fdc96e269d789e4c136d3f7fcb4c0d7f21e0653f78bf57487fe5d18e7d50a415ab52b", 0xbc}, {&(0x7f0000001b80)="6772fab4cc89e99a4d024755ba0a2baac5028f1f86ea4872c2d6babf042e2d5076df608cc000fb1080414b71fd0f6c02b352ff8ef10a6e93105f5d2d3b61843ce145e53513ca681066f5481a53db0550c4b849c79e69b3b200687d4f910fd4c049c749154ed201af12100c7205ae38e5bc5726113cc1a42dc84faa49bf85f041ca44bf15c0f884", 0x87}, {&(0x7f0000001c40)="e9d49939247d3c6bbb9f89f6fe640fc298704d196f22a13fd086c630d937b913877b5d79a10f7aabbe17af25b1cc6a8264568c98862d304d9352af32aa7a79d8b657d04adfe44776fd9c6ba8d412ea6198b780eb0085d087719f1a4a781a8fdd59e31c0fe05678a53ba9c0d4eb96bc6f", 0x70}, {&(0x7f0000001cc0)="4cfe5b23bf965a7b872af7d7ede41b296c89f9afff3983e10d8bc584b8c21d4707c2ab6173b2b15075c77cfab5894d4dd2d538c4e9b09e64b039e3574f24680c4104212d59415ebcf862af7f45d5d77ecb6a15fdc36efa549b89ff741546", 0x5e}, {&(0x7f0000001d40)="e1eb1232d62fb7d52c611d32534e7ac2b992cc179b31b7f828d5ab4caf0b5eea61d3b7037e8a4ae7152ccd1b8ba92d8de2cb5cbc1ce143e3e6f20b9a314ed4b3b5e1cabfa82797d7454b52e5b3f17061a5175cecec0064f4a75d9d05d7644aeefa517b4eca05a5bde646bf6b08440288a3e4d457a999beb3fe2181aa424c70080e8bc106b1b95f46666e9a3bd8fbef0bba208b3c1c80455e53d247d16e5a4da21f28edffb8ba81933788570d8723e45ddcde0416d9e0369625aac9a66dddb0ce50398144165efedc42d8", 0xca}, {&(0x7f0000001e40)="636fd9f4e56dd6f9186595b7aa6b09921f2fb7a95e1d861f83956064fabb496e2bbc03cdf995b4579f76a3cd6df1d9fb00612f53d187f7783b843d35d702bb6b006bc474a7eea1525d1a0047ef38d7f2587da71230722da35c32b209a917f7beac1acbed1526b7916f94b87b258b2a48c60bb1cac31141f130ababf34de753b48529d9037a9a138646904b8946b4cf3545004421eedea6023ad366a3b96eaa78dd1383d3b7a9a26006c649ebaf966ab5c8caf3c96d29946d6992433698916b7edc8595854bf67da53aaf5eaa753032ab25155f2d5b5f5cc2e2b11e950ce6cf4cccd3eeb19ad4ac1667e0325fa10abb6413bc6a8a0c2c98698912e1", 0xfb}], 0x9, &(0x7f0000002000)=[@iv={0x58, 0x117, 0x2, 0x3d, "278fb297b07ee08206d2ee2c3922ef7b4e705ec56dde761462deb04687c5edae2e0f0e22045930df5781f6216a9978cc78bb5ff1b92c0fd326a09ba55a"}, @op={0x18}, @assoc={0x18, 0x117, 0x4, 0x1000}, @iv={0xa8, 0x117, 0x2, 0x90, "c4d9b3082e70d61ba053a2d2e17c42a5c125402b53e0d61922cb070c6b9660f93b5fcaee1eec1a6e67154e68f668fa6b6002c79175c7c787803b45cb35ab68622db44d4f0bc515ac70423e1cbdada778071eb007bad7ee0579d8b932fc3b4f061db5d6c874568bba272daaeedb75b8ca2213e256acbf25294675b04d79354133c3ba528f3a76500a9ea43d11f5a9fd5b"}, @assoc={0x18, 0x117, 0x4, 0x1}], 0x148, 0x1}, {0x0, 0x0, &(0x7f00000034c0)=[{&(0x7f0000002180)="7b3211bd3397bace3f2de89eb1bc25c6791e0d1300669c5f4f5f64d531273d11029248c6cc6d46351a749e613740c86d418868121edf860990ea018a5fbb72b6b1f718f51f3a504e37fb21bc13b1728f0a4e2ef1bd5c295599", 0x59}, {&(0x7f0000002200)="0d46694b4b654cc8b3a5f2be23a947e71f79368ae78df28b27488cfc14ddac14b8b938898be84c37e054f7d4b1fe5d39a56167706652aa67671ccebb1882cfc6068cf236635ad4666163f6e5474fbf00bbbf83010dad24cd2e2011c4b3b3b7fece5c3e64ace57f6b609c581aeb4a1ba8d60a6b3ba55246c4cad0a1b58a7c424c97c163690101e313e81f942070d0661b7620", 0x92}, {&(0x7f00000022c0)="1d95e848e32c93b5106391e535889b3b5dcd902a2461a8a954304a86308c7913e9dc899b471b8e85e8cf48a4780510760f89c2dbca5a65cd78f4d13ec46b73aa93fec7a25202cc8110f1439be69e73e371bb1438333eb464f047c36c11d908c397c765c2f32802e80ca73724f3e3d231140993047ac7b461c6fb711c202779e9cfe54905db34a555d4272769264c25b721b0e20776b9ebc182bb22291b97e8d013ae39e60f6405f6b6578d18fde35e91d0eb2234e0d82dadd1afdf992d2d8edbbe31c98ace4d", 0xc6}, {&(0x7f00000023c0)="103a5a04cf86bc9d72fd81364f819ace540ba0a03ebba6", 0x17}, {&(0x7f0000002400)="ab8bef39f0056ce7b0e276019c9e8ea68fb9ee8ed0f9e4589affb8cc636d62e6da7a945be7f751a261425608a9294a4a3598eff1a96181a6d002f23642b465ec4031df3896aece0803b82cc8c91a07926063bc71193f10fcf393547bc940329ca53177198bf7be69828b3da1b5dd57b81a328d791c8baf9680addb47713e56df31bfeeb43ead3ca4e9426a553bd555fbfd7cc1682fd0aa59f449ba5cf13f2809f9a0d916", 0xa4}, {&(0x7f00000024c0)="2d995932290c3295b2b74c104f19f3355f6732938dad1f34cec28d7f4ad6c20c1bdd9bd148e0e808ce73365e9c0018736b3f8b8dedacc0c1a97e5e357290b564bc25027878f32786e46e7d8c71c82fff30b4908fb714af2999460d32645e47e30cc4d92acaa3f28987f9a260a1374e3e12491852dc534605f6c25e7507119fbfebe48d351c2637d3c349d05fdbaaa7f70d62e44463b5cdf7786b475ca2a5615f4f020f679f1cc11fc588984bca82b257a4136ff4d11b0fdfd262021846ee5c8ca8be57fc567dac531abb3952e7eaf212358adecc04be4ac59f9b46c5428a7f1d95cc094817a53ece8003926897096ff7c3d576bc7d3f175ef042180b4651fe194fd2f959306c7a0204d35406a78f0897daf204cddcbd0af93804ba18915f0b37d14505a677ff68346d020041e33b1d86782cb6a494dfa74dcac19c3846a8a850975e225dbe02b653c623451297388c2681dd4c7c6248d9718cc0a322e245ef56685700b547d9c592300ffff8f4e61a690d285bc1fadd522c6f975da857578fdc56102c76e4ad3f683ad79a8b22d8c07f5918111b11da57015e9297ef47f3bbe15211316b000027ca78afbbc9f771fa6c00f041cb0ef1c265cb5177d13ccfef9907878a709070aab56e8b5190e83fd2b427a8772360c3df922e9450953adf3b947377e0e6752e0995fb388a386fa30b25ee97bf3f8acb0b2a0fb2e2cbfe46d878fb7b013f859746aabf53fe8a248662fb0de2277522719e17a7364b6e929f4d72196630a582b914c2136a9233341d0fa2b77e214d17b55547652cf0b5809178c270bb960cdf6935a24a4783056717530244e1187f4ffd2abf4d67fd5c275dd3babfda0f768994de8b29d8d0f23cd67b4ebd9beb8e63670d9354bd8e49ceb7f33547a9f9a4a2e2e6209fa6f5f9a86fcafa1be19d1923a56ee8e6980d0d1cd73d7da55c908a0e39613c70db1f09b776f2ec95e3a1e880af29c11085e21f283e540631d91b0b6e007b4a5e6eb119098b0d02e21fda67c4d676a177cc0158a288ffbe99b4de934a9897a3dcfef42c3fe1d749f758bb439c4325820143952dded0035b28fdfe5e5b4cebd0b3a8fead4eb09d7d8c6b70d35a9576190dc16c447881130aba64df7df3cfc5b9d3e188325884b182fcf8323463cd7fb45e5a30d4beb43ba46ec0c739f35584d64bf79488bff0893b97e678144bf7c825e46253ca576631a3d53e3a49eccaff2f93a16ea5eb2ff5adadc4a7eb33938e1790e3f06252480e4c94c341628dcc9b7a9655ff7285ec3d6c61fe4d8e844a30b0e13cdf3ba251bf62593e3f5b1bd9f8350c2caba445a9febe5af1d9f3d3e8abeefc13fe024ea6cc5b439699e8c2454159d1107ed60642a8622e8c9b15e9c12deae1bc160870996764120e96be14043eb07812582331620759d6abcfef6ea299f53673ed3b1ffbc2295a28c4bb44c40d9e31bc0c8c9ed83c034c6ac80c501eb2b6212b7a3b7c3e4aa50416dc0043044ae5a55e5254844b353ab231883f41d262f34e2376c312941925fadddea8626c637bece9939f77c9d9293c2d005204fe8093882ec393ce986884b69925feab92a18879e3ec7850b9623e86fcb35dba8be1a766de0f004438a20e14dd692aa54756a2812217258061eac5cbb6115817e31400a7860a8003fdaeae28f80a2cf8b9ed7af865414753f554044372bd8f594698469c0988d2021864bd986a686287b173d4c6cd063bd9caf58af62e24fc4fcfd995175f5a4d8efa78f00b28313df8cfe1cd91d6b5bf773b948246b028b96383ed2548851f75fb6ee0acb56736de29d0df09d0567ca5b212e7580dfc11446b6e851e2413dc34cbf3df6ddc6776370dcb681124d24483c68a402dc4de7ea0d7baa6c2b2a6b7f4dc8309cfef90c5d3d7d8763ef24250b6a4e9dd107db5217beb88ee64be8116716f7a2502273b8c5c9eefcf333c87db11446b16f4ef276c809322abae49e52765f964c31ca36579a62d8045b488ee116884f5bb9e074611cdf824fcb5fcb2f7d5d9bc06598693ef04ae9cb95ff83c0eca708c384694a00c5523c0dfd2dd4b2f99ae849829427ebbaa5959762ce80aae7302f8c6118140559bf515c804b8b7305883e7178a4e3891b2c9eb4a6fea17d2df39cc66d9ee58b7b5882880c30970125710379eedc0860c44935cb8f952f42a651ef92c3b9e8e5a09c6d4bedb1ccf58cb4b7f6e2aeea6e5d38aadc8562ea2eae37774550efa787c5ff83bb64acd3adbb51c2eef533b5b9d93a4166a1ed50bcae857e4dce07abf80337671cdacb2e07e70b1671338394271663ff9262020ca0eb549ac7e716cf048dc7b51a6f15eb6c2584f8e101a0bcb27b085de08510d9c39abb02f9f764d2ca5bb798f7393d8ffb124fc9e1bb57ce5ef743a5b9fe89e8f526e9fb3e6428687e5f4032e30428ebbcfdc62d811efdfba9fb8e7c44858b5cac3805210c31e25f6dc76363a01dc0bf70af3aca406daeeeb6bfae34cb84a27cfdcb1b96eade3415f90a995ddebf2f6f597d5dce87a8ed2f984af6e75a278284bb7654d653be1607e15658a2ca25503dac72d7d82b7c5a507f0e2bb3aa984a9220a32964109645912a235a36342dfb688f078ddef6460372bb6742eda08472083f952f0b0b0350364140116923bb3a3f580c65737919247b09da903557a9e022f85318299bf20344b86dcd4c5174a33fdffd9a829195bd8e22756a7e362cbc4a33989e390bbd5f98a6cff6b2ba0bbf8c490162fbafe8e0712007d93f0ce66d628b5560edaaf996b9e61dbfc29bf5e6ab501c1e9c4b50d7e12e384e4d2626cc969cd144878cd01164c3a32db9373923edc2fbde4162d67849f9d09f67bef89cb1c608fe868430d2100b8631fdf01b5fd1ea4b56dbfc7337631643f454e3de42e04c00762152e0f2fde4ea7704e4780c457e465eae58e7e601b296ebf01588a60b24ec92544943906fba2e6f8843f613cd97b8e19adcc579deac46b20eed22df789672a4444c952b8eee13e9dae9d12b733db0a8a8f9e71bb0fa8a75dcf8b8da8ce5a9ec083733020a2ba647ec231976d5bfbd1b0f0c4adc61a1f10899c1c45ed1de0764dfd3714d3544220915d2d2f059f5856b7d2e3f730971d1115d54975c6c2ade7fb0c9a794d874676ee619c8146559867bd2112e9dbdc04a0d42249e029786a4b6e673522fdc7ee5ed58ac4c0228bc21da35893d9cd3efcbf10e3e4802e7888e0ec838c7a93295a17996a0fc7897d415d2e041ec0f31174f3bebfc8a0444f8d446853024eba5b25676d7590cba0fee122e074040ec9ce96366cb8a6fc4a88d73776ad04b4753c925fa9c0dd63826ba5fb6e2c1f832571f58632b0ce6630188b34fdc7900db72e935a490ce0c8238e5e4412bfd39b4b3d9d50b34027c65e6f98286fc671fef0d07533d3ff258f686ffbd821784919371085759e2847daba788d9112b9551dc0694fc274cc7cd3cedd96be65b15e6e4089c970fb9aa44eb3fff249076807e75b459834a35089ed6a4688041f8c9ee22aeb314acb68009fb0cc861b017d42473462b9d866ec6d7ddd2852127488c20d05251d9642375688635c15a5ad5e2e8d633a3d67eab19edc44bf8eb89aea11938d93a7ee0768d1e5f03fd34f37de9d8a5e54ec711c7d1d3255461176081e6081619ee00a3ad0e25a356d122a9bae751a5a040171c9e04be5d97945bb4da3148853124589db984aa880e2fb8e64b2394083ded415663465cc85d5cef8f4c5fa073e1b6dd9a986f00fcde396c15941ce027a9ae50d9efbc0ec1d43d5830dfe44d11a193f35342c8a8541b739201cb6b14f14daf77df9dd8983b43506a73fdf11f30885d56fb146fa735c3607db022f04165c21c8671f98ac5c818e0a7cd8a5d9c3f704edf5042fde31bcc5e5488892bdbe84e450b00cfc006dfaac9d360cc52b09615473437582325a9bbe9ea010ab9c95624746aff370675b28bcb2cc7791565e24814b523d3426659ff1a78ac434645f1bd4099550a3e9173b89a6917149c7796662f5c194665e46abc0917fde3e415e4850fdb594ff9104e5f78ab5832f88425856c31255ae607a5d6259323fda1ea8b2ae29dff4ea60d325c240299282722d52f8d192d42ed4aa1b121a374bf713b5626483db4f3a51900daf0677355e4f97d110d052c645f70a74f57a4b3112b2b90ead79e8f511900cf0e6b2a74d3c39d7c00a61292dc844ba9c3f6a036ecfecc9219ce01f7b910f1e02bb7a1a9ad5ca5054fa717ca7465f0acc1ab67a4249a4c9946d37c1f529be47a1b79d06c0d1abf4cf0959eed854d7bae5883db0f062e3ec73b017e710f1560037317c04526e1adc1f2cb8414998be1a5b1a05ba347f78b2a3bcb5efa2c72291ab28f5c61763168e4b4c1fd5fe50439ae4c1a4a80eb391fcdb203b5cad01e33b6efdd20507a04c468465e63fedeb87f561fb9d3814b1bceb7c96beaec3f38ba439ec1af31c516eab3c599c3147c5cf5012f9117707300cd1823f6aee10f1612af02d882255ac797553436ebeab319486fe1fd9a125aa78a99bd2829a32122ad183bab1c8ee469a06cc5436548140ba11efec75165a867dbdb5951fc75d9394c9906a385fc869d62ae48e7689a56ba1dc01997cd45b68d844ea39080f7767327c4da19ec478861bbee3d3a26bed7faf00fedad8babd7221c0cfc68753cc61d78cefec307d8f0155ec72491fc82e0b65b2363f0c7f33568577fee893d7daf5f540a96596dd5f0e4270b690b2ba1f81f8de5690717e59d4229b729bfc2cd2febe3e4681f8b16d3abdf2504e64b0dee05b7ef90d9de3b1a436ae8eca15daaf5546b0b113c714c96b10e16dc8e8fce3ea582b96e176df2881b0898046eeedd530dd0ad9b98a82c1cfa973337800fe546e380cea82ac6660960bc1c550f803bd3c367a7e89d55cd0aeedd1005fe5d749928c8733ddecf0a20cee4cb4f6332b3ee114e0d32f150799cdb4cfb68728f3f6323db0dbaaa18457dc1f398e686ac5c3f7fcae8c0810b232ab00aa55bb8bce546f71a772c8eccfd62b40296c5cbc987d7d8ba0e6b18125f6f649e1ca30f0b41c111c73cc5aef9f4c7ccb768852689a5a3d29686db159a754fea7d9716f643b1e3900c15b5fe0d82704d7d6dded51a7e4ddc89995f397324f05c8f2a5cc8ad580a9b9a4c68432e813502631a3683574a135e093b07612f051cc8156db460b5e736e70a2cab6cefb93421db39e23b88bc3057b04538ca78d433e0ffcd59f1bed3d18cbc1cc7e62993652cc84946fd4ae0037aaa70abc88b407acdd8f27ac90e6ee453197751bc1e90e8d9a6a67bf0ea8cbd537c6734ed1094110b82ba551277af10e3127dae4a71d37a69e370e207538e5575c2edd64ccf731d051727cfc2716f7577dface65aa365dab549c7cd755bde17f40f5612490db1571310d7da3b13dd8388f7b8c5cc8dcac73b4ff76eaf74e47b0daacde04b9b80823a6af05fedb0d06fb1a2b01ea86b50f2d4391137a7fdca250b64e62f923585f42c3bba97f593f2693ddc6746eae54a570c698b92c1f56375736a990f701c2ea683d987ac230648007e717d3bcf54647d7437f3e6f1ee65469af190861942d09d5b3d44450ddd70cbce3d295c40a016165da8197d2cbedecfc561243c430cfd4f3451dd2f81fb38e5cb6a4b4a8a039593e5b6b593c87403b35f5e2ab3c308b541e6f073250bbf1922400cda7e92ef98af2993971943efdabce190be1646668ede019d2af0e1fc9a71e6446b08acb2d8e3c9116c375ffe4522dd2fc84a4c27ae44a7d55", 0x1000}], 0x6, &(0x7f0000003540)=[@op={0x18}, @op={0x18}, @op={0x18}, @assoc={0x18, 0x117, 0x4, 0x1}, @op={0x18}], 0x78, 0x4008000}, {0x0, 0x0, &(0x7f0000004780)=[{&(0x7f00000035c0)="818561b65680881094275d35186fc49f0403aaa633119cb86010d7994c9e48d44b13f728164fc8fa84a06b2f186618d6bdb234c477f694a44bef5290c8aae13b6853cb020380964e3eb5dfc5ebe35d8aa1a96f54c92d634a44eeb0b5efa3aa3c1f552a0a78e83abb32e1ac90c196f8c1b5d55679c62cf65a072a587f4d22a84b97a5a11d9775ad4320fa25e885086dc1e86fef661ac698f106da9437b2659bfaafabd7c0997938c3ce72d10d2aebdb7ef70e28535a4f76713799ef6fd88d827c157690e68a43fe9dbbb965ae4184bd1f0152c56f03383fd3da6ccbb9c3545bee2a84c44717458ed0087eb4e414", 0xed}, {&(0x7f00000036c0)="74873479c2a3575643a02f63372b2bbffe5114f24651bf9b074898518afbd7c345ddb33e1b2377bae0e69ada323f86bbf782fe790cdd48f963b5ac5470a25c2a538c09594ca62add6bb6ade9d2c9a4f00f4c2ec02040d24018ffeec97abff829ec42ffa906bc389e72e565e5c4c6f06486bcd5703f4fe27377887fc42f6e7f4d8cd5a38d039c419afdf59d56101bd51f55929bcae874819bcbcdc211ac6d79dfa3cd4e3114983798ac5d939fabb56cedc8cf87c323100cdfc84a5ad2a7d04bef635ec4e0212da742998146165e07c2e83bdbe0bd186551d8d7111b8742a47b6e796c89d3abba12d39100d637a661374c7bb7f67a17a372981136d825f54a9496231f67708448d1e3ee7786e735cffc9d9e7455dc63f19de249dcd9a1f87528d68d185cf557adbaad7c211b4860a9c57fe2a92463c8e65106f672fd5e4f3224d8e8c97f821dce582c43e00aa8b61f42ac985901dba761d912e2289cb199a0b9c3de28aed96384a17ca25b69756858ad79ae4df956298fcdcdc6d01a7e558866f56830620982db0743834f21cc637842cb6084febadccb96c63a6924b5bc28f292d1895713c07c19cd8a1e5e8bbb8da9e1326ecf52b2aae7764d8c237e8209400e97372450f0865a51ce79ff4976510d6a458e683dc85be9d924461208ac56c977bd9154a6ea0fbf5903309168a9eaef13141a89204958fe33ceb6e95c40142220bc6b1d1140b0957873a56e8a8b91454342fae000e9bc0c9f55c084b0d3104ef4abc7c8af2bda63d47b394cb22e7af23d4d1efee738564b7566e1cf5ccc1dc8c6d1a718289c08ba2c73c22bc0b2ab204f5dad1197c7ab9e61abf8c51fb3c199b634ccd3c47fffb81cb3118cd3dcc560b814f21af52b2220a9c43aacf470401cf257618c147aa149aeb361aa4dbedb445d7866aa6ee7cad46bf92fa4926fbfa2955869de4a6007a9017ce853f77e601901dfff49785393bd31cc79e7d94bb4b696233218d60feb49595bb371e745736dc6ca6da8639fd2fad2da4d3d2fb7f59e9940e81b6bd90af5e7cfc19c232382751e0a595c3d1a6cab8b26c5413dd622c993e0624c9eb881f0aa9161559511ad02eaef432e40224d905ec2cd78155bd681a8a207da012e90ffa5219cd6e3b895f889cf8c85e0157db33be696c08e56aae86baad6f2a9a14b29dc763d1976bd036a447dc82130cc0ea0cb634be7210a4742436fc41d95df998e8cd931e0fbeeb05f382b89a837b51ce102f98cb38449049beed071e872a3e5d09ccadf830c9e35bffe9c7cc555fbcba84021b0bffa80e2b32d27f8e8c73c40f7184c03d85ab2b16c3aef594586ac3a1a8b2a1899ed973824f7298ed8acfdf50f5f8c36ee5031f82e65e31d894266dcb9102a7531c670ac69d5f72c762a3fa7167d21fb1aa0a7fac1ff1e3ea2f8366fd03050f376584b151546a7626d1db9343936a98550fdcb8003fc02b0b5fe48a0f73e36b4e0d89e52bb9a2214941ec77c9f5ed8c217ee676841c6360a44a35d176a23ec34a58339810db61b24336fefd4d6b66b78ff6a7846bdfc8533f73b029f7ff89260995a8be02326af9bda62e162871470d1d673b34f8b843e4fc50752eb39e44c5ee2b30b3da40bfff339d41118f15d3b453ee2fe3b42e90ccf5820c9ee5b367e9a3c4f2a67fc91a6b5a5615db5f81b024d7172a6a13211da388fb073dba1a21112238b1c4c68a107c31dc5856456cd9db6eb75b2f8f038ea448303cf1d9ed49a392b5f904eeb86c6703103e4b08a6c71d4c3efa1b509e23ca19b5ef513130fadc68e89604a901969fd890300e0714c18a4ebf5b96517f446f1dbc1b0766506af915e9bb18116272e1a87c4ea92fa52f2a79c264b0b188507cb7834f1c14f79ac15f1cfe4050282ae52751ead53fe39e58857c805aea0180f78614ddc9a60fd7bacb5d68c41d99e5fd1d2b0bdf24a1059e8f5ab078dca136adddcfcb072c04ae1e9e6314934f82d8c1951f39751915a8023419a4904c7739784d44e51c453d8f3fbd3958ce7a6edc0fe78f96cf3cbd2749711fa5395ab7a59c7e67170fe805b67ea6e7bbae8e4a1d5f8cd6f4901677ad4f20d113b7b84932aaffad2e266664f5a503b347a4de6c1a9d2b727e99fba69b41d46ca95504d88028cc52dcf8df0ab1d31cf43d255e231da2469d89eec2c60138621403bcd847f73af83353d1a6b9b64b191822ddd5c40821f9ed8b6c0d6f23d9ee29094e0e7fa44b85deda0a3a224c8236e0dd2b5e110b27ef5b7dc073f7175c7b699c9a60521c0514bac8e7e834f2d5be0a3de1bf5477a7c961a8216d00a82cca98056903ddb4e15d01a50b53181c43ac093fec328ed28fefca4794fd0980cf9d74e9a8bfa2f38d1bcae0b02757d8f25a67a1c56bbe397caf4c323287abe50f3664bdb4ae42c20b73a7a99ebeb5d320ef19dda77bb5b16342ac7d4f712f12d3d5d22cb466d23f09bff205a82e6b4d9b6a6194fe086838764840bebd3c3a29499333970bd37f29002f3801644d63804f06d713191e1f33da8ee22e2c7a8f3f88ea475e40566bd696ad5dcb3408e3e7336113d8da46e8b429074089a93e809525027437b1e16478406236ef65594712c69fd73de8066ae6a76bb419e2b1014f98c130fc2dc971db14edceacbef16ec37045016e35abf6f1e4a544b8cffca9bf318519a08f60f3c39553d4691e71d809ce1685b026cb86cf6d5d9bbad4a08232961600c9f16492fb8a132ed66c8c97daefec8bc549c0da881adef6a010a3b5a05e6eeac28bc6fca5bf818d05e8325f66b06c9f38db4e844fef267f76de4fb454527baf92ba58b2638f331da399441f4da146ea756c474f93c418e9771ecdd66d71a50ef1e16531e085bb2d6d03facb79e672ec02117aaf7f008fb5f74e1164bcf16ebc006dd0c3bbb23195e20632310dd670a5e5ec9a63cb637d91fde1bbb623080474db91138983b3d63566f01e3435a8d85a29161dfbf193b2e0d0eb0bf488f723392c32b08693a2fa38bce8ed72e45c8d0e664a50d72421b267ad7f850297258458ce368d9321ea1809166f89b2f4d849b7e776536925cd72ef40768da5a1e7e71fd3be966fd2453c3795e506fd047976e33c28027fbaeae590ef5a5393e446497926259becef9cc597ee9845a68b6e689cdc71e03e947f1139ae72e8ea7c315872083cb8f3659cf0db7ac9f65c07f06bbb8bc5393b4243497aa2a0a2d4eedb262093250f3accaf9ef9a99e7696c8c7e946d46d9f9ebe8fc1fd6fe4bfefcab04b3090a0643cbae2b83954a603e4959c1b3c638c138226fe5ebed563355504d3b89d6a5cbec96d7b55734a2c4cf9419d69a962e3f95bffdc0484f2a33a477dc8dc7f560c85370c10cbc4452e4e8c339fce36424a41f4511285286527782d0bde93eb4ebca6377dc17f7d9bb6536c35f8495d23051f41cc392aa1a254f01ed7f75c8169d8dacbb997f4524499bd906c31bf1507da198d173e09561a56f64685d5ba6310f5a9ed9498a9925fe0b927042957b7aec22c8dc184e18e67db4204d81078092c3d65a3c3f8538a48204ae2a882b718a8c3c37850c328abb02b4c28f21e0125acf05824c555722fe73f388dc4cb66fb6a540f97559ba64f1a4d5426f537b2abd29b5a455e301cd7d5a2342690274f741bef24a42be1622f17946a5847113bade6cc3e87015a0bf258298272f64bce2e09a19c529d8664dc920802aa7ae6ac6b9ad815d9d1baf96198ed6eb42df0a4de80c0bc04479bd6b31256930b8d925bde94230e0da692a8772e976875f37c8489c7e910619afb637d5f476c86744a7d24ee368ea305926e91a1c08925b7a051759777d4dc5f6c78d53d408e46879f6aeb47c850ad200176b63f07c9daa312d410bd71dcce0f47005701d4f3505c987215fe3c655e77e98e07ede19e36ed21c86f8f7fa69b6146d79400c5d5ecca9fa28ac74f3395cd9d0ace80b71850a269014d5dbf60130fbaf6617a4ad31cc41e448d110630ef341b3384d76fe3ef956dc48f1db2d9feb47f79bb4ace8cb057f89947b0c4d29a411cccdcf90df06258a2dcc7631ff770ca5ad4be92fb0e614e2c7c515308ec59022c700e7b18aecb72543d70c92a66d469a3a8695658cd39646931457ee50d66e6ffc53b69164b289798debf6ab7a524fbf5418dda53fc7d59bc19eed686b28ddcf07ead999c40ae23dde3e008e7928e7f0a275144ec0806ee841fa7821cbed0fd2b30cdf38bdcc1e655d5bd2599bca1bfb529ebedb734c5a9370e12dd53a95a9f8eb49c0d65412958a5f5a52b0d7e3187a29b305cddf0763e39a332486a3b502365a92c3dbe66422e89a4aa64e0cc4ad3c6e32525770dae265cdc2232f79cf4bbb94d46523361e7461bc5f35f4d94027415a99b601974cbf01d66e0cc83669de70809b1eb85a135431f01321b744d336d79b87d084526e28069d879b7cb44ccd64c8abbfdcb78d33ca527d6b5529031f4b86b9a5bcf3f93f324f0000c236fc504767b8e0b8a7f6d50a3ed4d24a3992958492edcdfd37e9249d346b58ba93eb68f07f799b75cd6f2b917da139062e9400431cd10a59c46bb94c0397eb82ec17439787bc04ea39036079362a0783e10f66cd3ee432486975a64323479d023975344682c5883463d38422dc0c60bfdc53445f2fc13e379fbb563d5dae3eba9b073d3f6344d00e5f3a8168fbf4aaa1d469accac3ae66cbc04fdd19964fc62b59dec5c5a8d223cef51a0b0fa6d89941fb5ac4bbc005f2b4583ce7fc831b42fb49c0bfc021d978d0e4051fdc87cf660631ed7e4ceac0a87b1727bc4e5a9c8715f1a0ad06848493410a5c95b91a7263917de5477ccadf4f6c0e84ce1713238ecf641c45d283d32fa4faec4f1c7a41dc2d61224347e31c64c883ad765f9fb9e02074dea46152627ead035c735169ab9c5732a091153c69a94c5ce151f35792d2c7ccbeb7c844038294467b91fc23102a92ef32b17e1d1c2191becf49f48e8e195759507f6321f47696faf2ef332f19f217558934885f606bc7fb386e46c1c975cbe8ba234c4a085b024281f9357b5e3cb7e382f8dfb47892908fce23c3637315768fe43b5fd6a3e72498deb53b7468a962f675d9176366ad961b4fae7bf1d4add4d6a552af0481dc46c6eec74657d6cc19df613ae87427a657d748e9ba0fac5609bc3424d8dead9c8fdf3a0f569900eb93da9fdd1b39d6dc031cedc2627b3ea2dd61c8a0dc502f03868a83e68b764818670f8c5d9f6c3ad5c6f1baee268b870913973f93c3e301d5bfdbd8de6673c17124f4aab53fe922e7d11b2c6211d8052751a4ff0459c0fb4661d990aca371c2e8fccaeb093e81e9c0768e86aee0fd23d2618e407a1936fdd5c98794da88c860d853eaefd51251eef1ad7f1e90239e87d38603bd7ab402fbd6383627caebe8fad0a360e8fe3f1d5462206dfbcdfccd67e128ce261a7f9cb963cb93f04859ee6af7f786f6b1794408eb50993e22d982126be2d72abc5cddeb9b1169a0728a8851948a271b05817142b97b021d2b25f4959167211ca09e2c4436069259b0e4aeba4e2a7368ffe88645795cdfbd53a5a6602b44729f6585ed5ca5d11d28fd693a157f9e37258361e243e35bc3728069a7b8446127cf4c7f78e40ab9cc109675f6f18d3a00158c7d838c7dece698273903fbd663c5a1b13ac37d64f22eb1e67d843c97a436eb7ccf39106854e5a8a7c0c7ff914d180fbd8d12b18eba63dea22922d9513383d2885d359bc65976fdf37a41a9814d318e502874cf9bf509f36fface3bdf052794d2", 0x1000}, {&(0x7f00000046c0)="48331a881b217ebac29c6218b142439fe9a89cfef8f00df7fad15b80a5379cbe4a219bdde4d6e707c251480559d36eba9fe643897151f27529c16c0cb31bbd48b2974ad7e63354fd1d7c454a674f8acc44fbfdfc52a783314c74ea1afc5516bed5c6d5b61d1358c430dd0eaec8d58b6d69113b94f8c70e4fc222b94cb6c8ec9bf2c020cba4ee3de8e9564389d588e3be8aaa4a8ab8d74073d223c362b7c0a71f3ce102b5cba6224cfb496f24", 0xac}], 0x3, &(0x7f00000047c0)=[@iv={0x78, 0x117, 0x2, 0x5d, "26f5eec03aee8fb002a2bdea109f8080dff01361bb2619f86dd7c8ccfe3c96f2d8cc341e09e066a1d976af2ac7e7787f7451042eb02bece87316966c5f0a5aa2315564673bb3ce75f7e7ce3a4a5ca1b7226c0548fff68d83052bed93b3"}, @iv={0x1018, 0x117, 0x2, 0x1000, "c3c72c8ce466b68c876b56332c0315772e4adff514df588811d599dc357187d2b57565ad37c05bac401d18abc160681f05d3ac10d9c6fb2c7ee7c0b6179380e8bf15c2cf2e25a17e65438a85a4ececb2f7cbf91f0e65591b9b0499980e798a69b61d100b7e50bbb7d3c0280cde76bd03505e6d7ada7a319a4c75a894b488ad5b6193562c40d1721172490b46ca9c3a8cc775b0ad6cd1dbf4406301e405dd25cf3ab29a796170776eb26e0c74b0a47cfb1b7a9b9420663201506728ab47b5719ea9dc594d773bc5511ef039aa10e29759645936dbd74d418e7026f6270fd2a144900bc7fb203e66edfeff941af9ddf7403a588f676212169317a92292b7af4ecf6908ea8a85969bc36f81fa26a31bb8f4ca6a87f38b76b3cf9c45f968e4bbbe7955d17301cf6513dc5b9a32cf77fbcafed0a8efa756b80d8d3b91458d7b5d56721275cd7b4cb8cc23c0519ede625fc69b71da36418af0c103961686ce248e9488b1efbb06160936b59b403c3656599b25479bf3f81340a104bc2d9397c77e5c008cc1b060f0033b9ea6ff9166dc661ff83347c6ab2a5e4eb85cda9896130f973789191d33deb945c60e3cb917a3daa3fb8557c6f33d924e861d7a4497e21ab5b88f1442aae3e388ec4e073015463976916a4dcb9736619208dbf3791c699a8de2e41d30764faa7104f028e79d464bb3a3fa5bb1e9471b88d512ec6abf3a153a1e362918c955f1c31936d594323238302ebf7c6aa5b19e8f089b374ef9623a0e90c0ff8990d3f1178d464b6fc1505d3a33ca5aff232dbc4e86f3f10692dad29efc5434102a5a242e05750acb90e91c1578df18bdcd71d93cd24faee45141708289629d661ba7417d496fec49b3d23a05c3d291e5d0e56f91488a351d71a8de2b509bac482ab86eede122d4d855f82f9d61d439d28927eb30b98567b5a9f95d4fdf0df617f5d0ccdcb3fbe75f3d82ffc28f0282392c9938d4e0cba8d5c8912e43591896634543f94921464687220ea01e0517fd8f1c24157dd462f79be49ef495d725c0790c69a9730451e63a43b9a327545894ca9d472b9eb268f10dec7a6c1bee5694d51259bf8a3a431f611a63b7105698d2be393088f313815f80dbe8a3d6d90a19cae2e176efadf9d4e25edcfa9473eaf6da60de157f88b33c737f93f1a2ca3e91561f6293aa4c85870bff6fd113d854e39b723d71b746af979d834037eb7e81c9a243630d9dab5349d4886df9654df4ea90f1915b101a8f68552e6e90b45b944693b536f84bede2bd04956d72ddfbf98a549ee3c6fc2872686153b34ea1b0d6a2b51e42f40ff10b24451809c0f8c0b94437a1e691cf72c981b684cb1788747fbe884f35cfed702107de2c212d538af40c8e7685e4fd054fdadd4ea16aa1abc7c75d7f205fb424d3f45d774bbeecc91fec6ba46ab761d0dfea7c4d5350dbb06e75c8a8568df1acee2209b0c71d67a0461d8812a4a745a7b587b74335196fa06ada7da11db875411ab174c7155f354026d6b00043737ecaa172f14bf969dc79901a6c290a501a70b19bd9b9ca47949c26f07b9d3bea68bc38f0474515aaf049026dadf164008aee1b43cacfbb7066abfbeb6f53e1f21538e3a24337c37b8a254c7d7a64e3a9e95666ff2aa68ca8c47eb6946ac072847f3edee94fde670b6e312f09b5aec211cc71333ef84b70c9c780c8946f26f87fc65ea0f07686888b4a5b5d205fdfe264db3e5f133488bfd1da5b05658f6ebfc71777a53f79860b4c7dee373d3647e572c61fda2830d57e3ecc75e49a51856b50193a8b899d56d59b9dfabf36e13b70476a5cb83f28ff4d16e0dd32a7a161e02b6ebd55c4ea9bde0a778037a962cb0cedc98bee3caac5e4531f869df9f6a1b79a8cd738b59612bbab365a01a0e319aab778d0b1dbb6aaee20bd340e5bb8b454a8028362be875426e536eb31fb02d55dc525acdb990baafc2500881cc0a7dd7a57130c4d9b1fb273914a70c5c5cd50cad19f0f0dc500203257ef741b26de597a63329d93d97ebe972e7302100cb3cc541dd005c6eae9bfb07ae4c315cb7cf2207a587b08d0c239835c47484a6ad7d333952a19a87578e380edd83f45ee12f03bf27e6aa7b542a319732d6ea1981ac5660ab4fa35aad4e7f9e84877798cdb1a0de29b39873c7ce42420eea31899b993797a42245ed0a1a617ce5c573ef6d7c7cd3fba34de6ec3f416d68a5f9cbaf7d631ce9b8fc534f00cc832956c8cc520e7b00af31966cb8b4b3085fee74efb7816016bbf60cb952de2d0a87456466c444dd00b8758bb2e290afbcad12ca9d6040e414655f1a56c6f4e728e867d08b90ea77da26dda3492dd40c46cc56a639961c495f0982ebdc2633511a8d2704775c611c4499c4181fe11fa890ed1808f8850e8a994d3e3386c9348062cca99f28baaeeb7bdd909f50d2ffe69a1c4e630c2bde0f3aa6873bfd29f7ea9e9074233b9beb9c549cd0ebbebac3b5f0a1324bdc053f59a2449e469d25bce4bddf2e3020b598d49e64993e385893cf3681977802e3a9e2cda53ce788088ecadeba0b63787c0b1133fd8e214d4572a326129ba779ed6ba2ca97e1a4813f783c5f1318fc42b28b69d484640cf3ebbfb584620cda9c30c0659772ace4197a1098afcfbe3819f80e3671ba54aea69ec027d6ea2348c28a8b5953b683f97e32d7720dba803d34b38e539af03aab590074d59ea0ebd276a851b95462e5b16df58c194e3f363635a3b195f22c7d1e454d51ee04803d3112a8f70c83d1a4e1d38a8001a4743dfdb473ca591ac1835a2bfc1b92e3c17fb95f56007b4dc69b5a300b82c24692ae1a6d7a0373707b6b60fdf85130ff35acc08000a898b6558dbd4bc0bde934e7f2f4b9b19ce58ccc1dcbee790f3fcbfe002efb6d8adaa1aeb107dcc4439b7d82b2f43fd215a1984565c9e3ab90b48f433eb210f5af4463d5980578db8d7180aa06fa8898e11acaa1326cf8ab610f7f360d328dff18fc151437beaa326b4e3a0bd9a5985dd1ae8f5b1b20bbd7bc529789f137d3a33fa5daa40041b8b1003d1d9c5e12a64f076f54f7047ae5bd8444dab3a44beca216ab3d53fc9dea69cd07fef569a8348513525885f9427a12a884793cb415fdb713d851e8393671136a6c7559e49405578607c5095d57c4643a4caec73edb6df567eebe69dbda2110e3347b5ba1fb4a39cdda921b79e4881417c99ead38d7a089c3627d0357478721497bbe264a142ce12cfd228a7dad9e5b695ed64ce0eb79b83c3632bb0f94951309720c758d38d9aa58f6a8423e01dadcbaddb7cbf5cf200dd150582f8152e3eb863f4503766a4e0c8203e134c156c04c917e22b2f5d2ffc7e2935f68f7df92b5802eee9d663de826c3a760be4260173e0191dfd183ec9942309f43cc3293293a929b0ca2ed79b3eeb4639358c55d972b54264fb933d7f011e1c1f7369b85aa5de9d357f3bff70e781beb3f9150e0899a1f517a0bd005d8f4eabad4f57a02cc8abb58542774de1e0bed8582b686dfd5314b4146a892b72e80b0d9be4902cb9aabe647f72f04738eec4902def91524daa5f671d5573e18a39be3124d77cce7da042d6608c4d36e7b622fb59efa219c94d91f4dfbfb575ccd13eda0cec76c41382e6d1dc3143aa56f440156f7b6152b90a0b5fd437c2eec8eda1596bd439c7e1d6d9ef17055d65349238151cbc3807f5b451c8574e1c3f67af69548697ef20d178e35d66625a7af849cbd7f5f6d34d65891f55c1cfebc619b6301755611b61f345ad97f2492c5c3beaef3d8e4a986264ec9ef11de4b550e6f633318492b6e4e2914ace4c056a3cc60e12cbc7339a394211b5d690955263de61774310f67500b22e4e8596d53b16853ba937a05e01625ea88ed42d2456f48715da1c82982f84f90d56e58dda4bb48f625f005d0c2b3e8891ef0b0fbab7ae12595878656db870f9ea7adf5774f0f629dc6fe4ba836ca370a8288a692ccead1259f3a71adc83092bfff4584a7e09f5cb4432ba2aa2c1f30a5626b0bd501efa89ac732cfb0d390364c73e53158e57779165cb4b7a22728148235372d9ea92d86ed0c960e65131b179094b0daabcf05f0e797e3c7c2d72c806880dd0c2357012167c0d2e03a5f01c9f95203f1c1aa27960bf469b9b7942390fbff38813b1a61f5c18fff5bf8660c7a01d509342554b5a30af177145d1a722e9aca92cf97c639a39453747c156b193659b13a4bf67f831e64b9ced4ef41c767492486c83af1304aba9449e74648734f507d13f9f5cfcf132735c13510fee09f6af4fbbe12117cab5ae7e7f74c6c486e3672f248b4aba279693180c717b7bc00a9adf928014744d8678881d331124986c1b5dadcce079af8dd1314bd3824a805c40b308c3d3aa7bded651ce9fbbcf7b9ec8baa622ad9757e84e3ca01c8d6087adc42f5ba9886fe2b05097ef22f7f1f0218bf9b4ff27217a8e91cb2250886bfaff0bfe2bcc6031bc314d548b28f2f1854bec59ea0206dfc70757917da964f8a927abf5f577df086b670218b16fd5402310e8ae0a8d7116dab1952e1cb1f88d557bf2e5a7e15e95b20a9a039d0834f2799acc0a108f54f75be3041d2c3e95a4161d84f1d473ab2d12e81663f24f6a5610bb222a3ab5b00b4fee9ae6d2e90cc6ec2193f9ef2354ace2e766a5e0a607f4d19a407d9cc14b5dded9c77945b20e000697993dbfbaddad99890ed62802e77c2def59207567bb2bfa8830af297b35738240faf08ad223d500c567edb4e40306438db32641e20e873add3dd6aedacaf9570c8dd4c961da5ca9b141c7a20dd5fe597128a386cf997f98be203451728f9b61984a1562e0cdd433d38139e6ffd49197faf36448aad655fc0063087f2deae6fcdc719d173a200069737a848d8ae2685c7065fe0a83cf5699d1324d93d4e2578847635b88f5204985aa7af6146de2a9075fc6009063d2bea32c89d67fcb7afdf801a79dcc45ff660ed8f13220d22eb244ac3ec40dee16258ed12eb1ff6b91a465cfafab3deb5bcf6868ee90a55949d3670971263b446eafdd91ffd7ebb14e2add7d446d761824e59723100e3b9c63a265a2aa3efd27b30f94e525fc251d1f5df0c037c5a3247bbfd6a3cdce238d036a698a11398fe7ce140874217b3fc4d20cfdf3dd6f0762fad93ce85cbc4a759e50ddbf3bb260141b01f33dc94d391d899609f450bb239a44e70511463d68639728077cf5f8e243597d610505cc0c684954eed7aefc271c545134d35231a73afd6584c59718c0c5d278e8b8b01ba11bea6a16209fc1a892f2b207ea6821708bc5d2791340175ab0169ad717769d469dd9dda8125df2ccf1958feff08014ff72bc0048e55b919fd224c76e65696edc84cad7d9efa1333cecf6818c90eae021d4abb5b44e7eba39af023680fd960a419de69f4f59ef19089ad921b978959cdf20a4c7c4aa8754fccb107fc99b403d4cd04079c0ea937eb1a955c5f7aa48174b8f742f1913ea717b5330caae718aa0b73054ef8bfc84005ce493b0fc6e19022147b9a3a73e70793052c0d8b20462a16f5975a4e876fcfb6d3dc2b58a0114f2502099b6856214c622dec53f7035c16fb99ed71a69016c80ca05185a42c8f2bab10f6f8de2a2fdefde35a38e2f71aa010b72335472129a617a9a217b292a7f5228761944db3fc4269142118b70271fba94ff26266ac329a2f728844a6e58505c9c1a2f70d79c77a69ca346929052f80042e958b9dcba8273ccc0d28e3be8eaf7f8bfed27483feeacb60c429052bede7eb4042b34fc17a907af59f888e0"}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18, 0x117, 0x3, 0x482af6162b13b868}], 0x10c0, 0x44080}, {0x0, 0x0, &(0x7f0000006a00)=[{&(0x7f0000005880)="9cc96c485499fc321e58bacd61107a838526feaea16dc8cee397265c4883dd33daffc8be285dd72398329c0130f90104bbf8fd23c045cb937142fb4505b46f719721ebace692543857fbc3139e3ed3fcda4792b4fa23204d569ab0fd390f6f7d8a76bd28b8eb9e9d9ce33d03e5fdbc0840a57a3bfb67981a20ce6444327f841c6d80bf110452d80ee0778b2ef477a9c31013aec4fa75969b15b9f378b870b20d23382cfae7c1d629179db765871d2b272da360bb0be651a5e64f74255cc5e66f1d4785989ec2f0f47a65e284a03a3f4fdc7e73d342389e38bb46eb038b12e3290448e801963fa9be4a7bbbdf4e097ad6a4483d2f04b7c6f4d09f57983a485202f0015d082671126a486ece574e86245a668225fee726bec4a084c229aae5da525d74c732eb8d644a5a7481067d1c2e93e7287e82f7d75f0da396c9a743cee0a15315e7172c5a1fec4dead798252558373641a93fa8b1a2d402f33c005f6f7e4dbcc5da1166a378e64400e3c849c9849f969d602fa40c1b684c0d6ddebb1551ab943d297b97e0fb49178ee86665793828c3abf139415713b0c1e4d92c9e4eec4eab8710aa3138374b2616cde5c8d80a6993854df31dc68615994c5e271e25f546902e0fe08611feace8af422ed76c357452c0457577d4667e23ec0fe48f126e94c2ee18d44ddd5a1a62e6c53e2c022c2804430d0e93d851352e719a75734d2fa1416871df262c3c106228efb3355577c2d98c7803a4c9b7a5fa9b66ce9937dfdd36200599caa8f84cff886eb92269d3029a9c6274e9f7d0f49c1852ffbb81486390ffd2853251cfe7ee9f8a74206815cea0696f679408b39c3a8f39ec007f43f501a289fdd9a5e3c02cbcc09d10daf20473bb747b7e2e715b7d6a5d2b4b27fc5e9f5e5c898c7b2fb39be80f9dd7bc190da49161e9c163736d8c13d4ed1ad5ebd049ae57d7cb968f6aac84f7776a714ac7963d3c0acd52858de6d71407f5375594df50ae06debb6423f8d74f4324da2d35eb0b690b471e2b1f7a4df374ae5b88a2f512d149c750e247f6ae1b045b39d57ea870b31249e3796fd3555e7daede0f4f61313ef4cf690268d2e6d721939f755c44a1237cc678d22360d74e4c791bc5950a5f2516c695be320bdd1f0608d987bb5baaf448d269e1b492ea8bfacc0592d74b829ef9b393b51a6f58f8a0083558ecabcd2ed73df8459f874538c5bd726a05cffd7296d8a772fc0b08e6877224d9a97727a0712498698444eee66b83eb2c4f783bed5f09e278cbcfff71da487abae4871de15460ec88d3496590526bb75e6d238ba88d44e04fc05763acf912720d2111f3ee00896d6a915de98457e7e9be078c704fa3ae4538c98ec9a05ed079d7ec3240805212f924b03065b50b587686c273158701eb426843ae63b359eee7834c4ee64b13a0da01a32ccfdbb95348888106b91ae54a812fa086a13b2756b947a2d5ae245bbb567f9bb4310df54788e5068b5482aa8ec424bbd2a30625b9af9018554fd49cea2c14e11f1ac1af19766e49aa747f41252d83439a5829b8fcf82e971b589031d104c9e48c0acd6bee38d699541cad55047909a8c876f96d1a3435449247011660904c6d9771d780be510110ca7cc16b1a1ce5680cb3a808d457eec7ecdbafd757dad715e421fe2c5c90dd4ae359a313a530d47673d4dab0bb8186fed692f33d95f87d8a50904fac7955670fc39bf1c7a66d2d974e1e879532d9ed31c200eccdd21fa0b534ebf5ec85cdd8764a8ec90cce42adbf993f038dc772842a53d4ff48655fb0f4578251cd2ed9b7cdfaa6be16a93045ad282447462a9d101ebf43c4e737cf0f15779ba8315fab4d27f384b402171f797773047432d075bed111f55fcac8b9e49f08c617b4814151852a27999ceccd730a903a1f1de9eef517ba5e86c8259e9d5799f8d6d8960c488fc8594d609bd36c9ccb632c610a63951b3b789973cdd69d697f17c37289e0c940a3b75ec8ab1ec3584ab778e05a460d5dbbbec493d4fbd0785398ad740d662f39498ad4626a0df4476edcc20761b47c88181230e00cead05bbcab999723258755fc4828cce508f488923617c2d053ffdf36640d15600ff1728634890b815f29666db060f5b04beb70b5a5c63d6640b15f932ce22af95616f72429926f4426dfa7b6fc624329b5200758037c63403bfbc9c0e8a7488414c2a397ac7b2e30e9a59c8f0ee6722c6f999ddf18f978ab36987f6873d6c7fc3bd0aadd280fcca9563731e799f74b0c31fd9202bc1f069b048da06c763a3a77ed71a0d96bf47266726ffcd0d443d14a543e23f9d51f2c91deaf1e3decb508b71a6f20cdd95973eaf06a216fbd222737f1926f0d853d7c211af81e90785349f5c000e3730c679157c88fb8d13a00eac0583e6ad07d50a96d3cfd4a92dabca56733f281513b47b040384ed1a5c567345a159399d2b519b4cb596a199dfe5f895d32758cfa6ab7d614d264c95bf7cf27324578fe252e3c5e626f2615411c87b7cf8761cf92b3d122cd448b95b83740885acdcd89ccffda4df0ca25b63aaa3af83ca73f7097a8aff6b9a74bbe65b2b04db5b2ab10c11f42ae081e1b679d7bdbb991cd25ce89d5047e4583ace30e3280a40aaafa69eae1b5d73f2d808b06e6e15daabd25541553894ee053d188472a8ce46abc9b99c421b21f1076912f3f94bc7ba15969b6bea1067ed8df05a2a2f2efcc283191e225410b29e9a9c27b17cf87ebe11b919b36243abebe739f22452914401669ca901e922951804cdf4917580325885db0d863a655e7b6b6cbc6a4df3a5779d3cfbde57d9d5214d5538a4a3e38350bf77f12b09528a39495990dd1fbc70ba7208ac044724a111c22301f88208ba42303bdcc96d2a34ac491a96fa0157ff1c4c4cecfab54bb33d74acda3a8e9184c732a298a356596fe73772022ff63761f00302fd2a7ae6a804ab987812372c7105ca72431454b2ac30d31848817fe718c047c3dda744f126bbef7e2400ff15c79fb20a21f937c50fafd1ed53788682a0b12cac47e5892b7ca89db1c9271ee7211f82c5f33463f50e208b513203d2606e8ea3af749ceb71ab2b5705f6e1678baeb07f9db6f0b340eb58020dbaa140f1a941cdeae9357552bd5c24c140b9880638b2d8809a4fc12058fc3f049b01e5a294d79c781a9ad83d3e7c665d408b259e8f271e8f49c963ef088437ef7c2486d6670279e678c98ee114abd8db429862444bccba803fdccab04a1d9acda0159880b4bfc616e8d49e77c1186c2dc3b4a5dbbe625b6461f0bf305fc6b261c73680f1e726206c3fb3f4e196257dd91bd205eecd45276bd2a3c5e847f53ae83e379f29afa56d5a5495f82a98d323346c6a49eb54113654ccf8e4672e0b0498d9b774f7ab647c9a96e1e6eca41c522d50fe1c26066b2513b5b2608887172d59a8145223b28c3a33d215288ee5800231db19c19df98b61009801ed336603561536da0961dc4960262c550c10c4de301ace190f66cc5514233c3e7e0a30b2894d45b362564ce48c921cdc5ae311606541f8844dad6caa6e37d3f4bb401abc6cc0876fba125102303ca19dda268da3106fa0e91d059478cb8399db1d2acd0be5daffa539a645b2595382190f6fc84eeb9f6f2595cad94a9ad3ad1349fcf32c75188801a85b434baf4732b9da8461ad2bfb067b2a1442a6ae118749168f2aef7f1eb62b8e76a94f4dc36019d8670a1a183cd0b040597bdfd13a13c1c03cc6e1fdba3e7db24907a05e234f7244a79492b7dec3585909cede17053dfd3b56c3db9e544d47258e26097e224e20a9188d22af956bdf40c3298cfe7d5836d7d4bfb8985ac34af0da5e315f3eb7dcf313ef45718a2625ffd1019e53821f642a1bc0a6cb8383449bb017e9016c18b569fab2de645274649a8365dfba7fc680d16913acc19755caf4bc3c1059e2c4cf76566b61b253a1eefb68d2c0afe72d64eec57e8fa0cb00f1dac6576263a4c90f3dda86f1cd369487ab62692e32e3a35349585c0743769144d83a9275b2a56e855078695979b5a3bd90377261cae910a6a8e308999c982f8d418116bc8d26eb162a2b3af3bab1a7187fda4353cf8d902aca127494d7c8527940f51931f6ca1ea2498145331fb17ed44970ab5304c023feb2a46e56f48f05545a402fef3a56c932ded17c41b4aa365335f2c34d7540c60418f10dc81addcd0b08f07886d75313505160a7e2fd04b50d3654fb84961c379c34211ee3ee4b41ab2d9b457e28fa640640ce2812c41c819f7a922b3d0cb71e793de101d0281c66c6885d1fa0139c94ef1fb6e915ee9ca12758ee479d10e1e4a1f2dc59c186f93dbb50c7b242e6cc4c3975b393ae9a7ed41068971b7b85afe337197e8d003f12e9f6edf856e5b05fc00e466ac8c1593c0aeef234d500ad96aa19c56b24d62a01156dcff149a2ae7c86facd368628f93d713c82d5f9e24016f20830e72710deba56d0bec58c9cb751a6af8a9251603436edf8342a3fa415a3dd589f3cbdba5b97c3273f9cbc4a9a4789fe8314418a420afa2f689ce6de00c19fdfb209c0eb506ad5c4d9df321100d55a9e7b130b15f4eb9e0d5474d049c0eb14e38d285295ad2b7277563df559b7d59e8c43d8b3d6c2a1a3aaa4fc695c8366e7af5d14a9b6771163b71d90ab995f4ad7c781cb13b16593ebb799a1da1e1d6bc36cc3cf7f8170a1e791f1a72f96dbc8cee7b5e221cb5bbd2f3d8c526605c506307645365a6f322db37fc080801cd79e554d31cc4cf152a377848a53c8016586d091675a078a58aef6ff9b2e453ef36266206030dce729cbe000c6a2c1e999dbe175b03bc626e40a3f4c02ea386d8709263fd2b7d8f4476342024327e3bf805aa4e007e69994d6c58bb622d69fe25974292dd1089637600f45635ea20e8733bafe22d19badde2271883bb08f5973f4fbd7ba0afd0d8bad0773459f1d32f19ea0f024a0ffb7d2de5754def26db6c703df9d6e74d26b62571c0fcbe7f1910a19dbd44120b23fb855d805fdead4eb93a34c99c680d9665e60bd7499a9e0de20da255ee0b88f832e9f32aef4a80238a16130bc24dd6bb26c8625bf2de6fd3bb5b303650308d4d60016ad585cc8d1d08f00391c81447d592e8bc3cd2e11ebbd9cd3f617933e439c750dc969ffd199f3db9dfa75e058406ff626f9c65fede2bb5620d804590cca0263d0678730d878e5a8b5d615572953ea60a5c81a97e31e55ce0d7a303fae6fc81807315a3ffa9a0da40f4058eb5ac0a7f2d0d1b47deb07e73d88f39dfe9905deb038856d15549854ad03caa5bb6957b4a71b93be1b11ba61998af6f408a1320ddc35f3e8320b1bb9fa4345508ab7025fec19cc4f98f93211cc7ae1382c9b228cb70a2a433f58a44c3b5193da6755624c81b340077e9ad1a2ec65431c5bc041b4c6c936725e78dbf1eef634b3ca03b3a5881a3d300369785c099c8614495d30016f9808ad055bdc46e39b418fb8dbccab98b1ca480d49322e53f5e7e869a5ee33d04fef7adacecd751cd7abbd996e41f50218f98103a1aba81147616739bfc7d1e0980e8bc7f70d89972eefcfca4b2e955e110f9503933e8ebabee65c5a9d73b32c8e5937db18633b2d6c62b771fbfb512acb7ec5d483c2ab633aefe1c035625af091d7d15f9c3036da9fef140e3f75ecf88c189623c81681ee88e53065f72f8e98a15aefb0f55a17f892b126d6c08a26553f87f63b59fedb4a54f825587150a726b19582627f89246b40941f09353159fcb65f8d91e1572b8fe64fc6abf303406ef34b8bb", 0x1000}, {&(0x7f0000006880)="597e83cfd1748cdcd51ce3c8c017babdd809ff65964b9bb9673ef7f1c3271204f6fd929e4891bb892687ba7d49506ece650cf6f82a06b0b750170c7b832d224d5d1908fa", 0x44}, {&(0x7f0000006900)="c4c948db48914cbacee5f42369c6628e1709434b7ee3905ea5d19420396349572245806573c72b532b33c9a93f2d89f2", 0x30}, {&(0x7f0000006940)="b795c5dd563cd8ee3cb6790d7f6a24ee04b7749c6d5f00f1383f5e5b598606ef4356ea77e77ae396da0c03a00a55871fa6827bf32579667b2a44820c831e9cd5003596eacadcf37c49e4c69b9e1802460cbe2d2df5b281562d2e0d53688922d9699b7f0c557a2ea9aade380191943780866137d7a66c6ad6ede82b80f03f182722374d23a36043f4a8bfb2003a7ba5c02a166ad626f8dd09edc35ae59569a0355b66e972d25a620c5f07110671997a0402f18156482ecba5101568fbb987f9c8", 0xc0}], 0x4, &(0x7f0000006a40)=[@iv={0x48, 0x117, 0x2, 0x31, "837f499d6e812a79d38417836530475113b14bcdb7ebaf7c305db0012f1f0bd9bd483f6009029ce799ad174bb57b151e3f"}], 0x48, 0x1}, {0x0, 0x0, &(0x7f0000006b00)=[{&(0x7f0000006ac0)="c60b36c885f0c265e7e2a4cde954ab9f0764376959003b7b376dc3", 0x1b}], 0x1, &(0x7f0000006b40)=[@op={0x18}], 0x18, 0x4048880}], 0x7, 0x40001)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000006d40), &(0x7f0000006d80)=0x4)

[ 1354.456945][ T4828] binder: BINDER_SET_CONTEXT_MGR already set
10:23:22 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x50000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:23 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x28000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1354.502662][ T4828] binder: 4827:4828 ioctl 40046207 0 returned -16
[ 1354.523823][ T4837] binder: BINDER_SET_CONTEXT_MGR already set
[ 1354.539884][ T4837] binder: 4827:4837 ioctl 40046207 0 returned -16
[ 1354.575951][ T4834] Dev loop5: unable to read RDB block 1
[ 1354.602677][ T4834]  loop5: unable to read partition table
[ 1354.611306][ T4834] loop5: partition table beyond EOD, truncated
10:23:23 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x60000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1354.640125][ T4834] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1354.649001][ T4845] binder: BINDER_SET_CONTEXT_MGR already set
[ 1354.670782][ T4845] binder: 4844:4845 ioctl 40046207 0 returned -16
10:23:23 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x38000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1354.775916][ T4834] Dev loop5: unable to read RDB block 1
[ 1354.792225][ T4834]  loop5: unable to read partition table
[ 1354.813528][ T4834] loop5: partition table beyond EOD, truncated
[ 1354.820024][ T4834] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:23 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x68000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1354.872379][ T4858] binder_alloc: 4857: binder_alloc_buf, no vma
10:23:23 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = open(&(0x7f0000000000)='./file0\x00', 0x40c00, 0x2)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00')
sendmsg$TIPC_NL_SOCK_GET(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xc8, r1, 0x18, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0x40, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5f}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x10000}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x81}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x80}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x344}]}, @TIPC_NLA_MON={0x34, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x400}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1f}]}, @TIPC_NLA_MON={0x4}, @TIPC_NLA_NET={0x3c, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3f}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}]}]}, 0xc8}, 0x1, 0x0, 0x0, 0x4010}, 0x1)

10:23:23 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3f000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1355.089993][ T4872] binder_alloc: 4869: binder_alloc_buf, no vma
[ 1355.092114][ T4867] Dev loop5: unable to read RDB block 1
[ 1355.116834][ T4867]  loop5: unable to read partition table
[ 1355.136199][ T4867] loop5: partition table beyond EOD, truncated
[ 1355.161603][ T4867] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:23 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x3e00, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:23 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6c000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:23 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x3ff, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="880de41276d51e7cc7f335d186cef21601866a1249580126e0941e6feabc53b59032e21c52d799c47f391e46051c36d30426ff7fb18e21d236c2fde80690e64c8f3dadf1312a120b3813624b37a4d3caad6feb72d652c0178cb21b2a9c49357263ca3fb8fe6c34c4cea5426281818ff50870375e3b0dd02a62b083a3247b0f6bea780d9c1577585d7a3e"], 0x1)

10:23:23 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x40000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1355.302357][ T4867] Dev loop5: unable to read RDB block 1
[ 1355.337586][ T4867]  loop5: unable to read partition table
[ 1355.349752][ T4886] binder: BINDER_SET_CONTEXT_MGR already set
[ 1355.375532][ T4867] loop5: partition table beyond EOD, truncated
[ 1355.397559][ T4886] binder: 4885:4886 ioctl 40046207 0 returned -16
[ 1355.412715][ T4867] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1355.458934][ T4891] binder_transaction: 41 callbacks suppressed
[ 1355.458953][ T4891] binder: 4885:4891 transaction failed 29189/-22, size 64-16 line 2995
10:23:24 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0x30, 0x12, 0x100000000004000, {0x8, 0x4, 0x0, 0x7fffffff, 0x803e0000}}, 0x30)
getsockopt$inet_sctp_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:24 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x74000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:24 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x48000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:24 executing program 5:
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$bt_bnep(0x1f, 0x3, 0x4)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000dec000)='smaps\x00')
madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008)
r0 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000700), 0x1000000000000094)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0))
fcntl$getown(r0, 0x9)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
read$eventfd(0xffffffffffffffff, 0x0, 0x0)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000300)='/dev/dlm-monitor\x00', 0xa0040, 0x0)
tkill(0x0, 0x0)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, &(0x7f0000000200))
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
socket$inet6_sctp(0xa, 0x5, 0x84)

10:23:24 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x96de, 0x10001, 0xfffffffffffffffd, 0x8}, {0x7, 0x40, 0x2, 0xf922}, {0x10001, 0x9, 0x4, 0x1000}, {0x2, 0x101, 0x101, 0x7fff}]})
r0 = syz_open_dev$radio(&(0x7f0000000080)='/dev/radio#\x00', 0x2, 0x2)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000180)={0x1, 0x1, 0x4})
r1 = memfd_create(0x0, 0x0)
fcntl$setsig(r1, 0xa, 0x7)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f000040f000/0x4000)=nil, 0x4000, &(0x7f00000000c0)=""/152)

[ 1355.871302][ T4912] binder_alloc: 4907: binder_alloc_buf, no vma
[ 1355.884343][ T4913] binder: BINDER_SET_CONTEXT_MGR already set
[ 1355.900766][ T4913] binder: 4905:4913 ioctl 40046207 0 returned -16
[ 1355.907448][ T4912] binder: 4907:4912 transaction failed 29189/-3, size 64-16 line 3148
[ 1355.917755][ T8289] binder_release_work: 42 callbacks suppressed
[ 1355.917762][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1355.930587][ T4917] binder_alloc: 4907: binder_alloc_buf, no vma
[ 1355.944496][ T4910] Dev loop5: unable to read RDB block 1
[ 1355.958006][ T4910]  loop5: unable to read partition table
[ 1355.960879][ T4917] binder: 4905:4917 transaction failed 29189/-3, size 64-16 line 3148
10:23:24 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4c000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1355.969524][ T4910] loop5: partition table beyond EOD, truncated
[ 1355.994367][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1356.006643][ T4910] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1356.018289][ T4921] binder_alloc: 4920: binder_alloc_buf, no vma
[ 1356.047932][ T4923] binder_alloc: 4920: binder_alloc_buf, no vma
[ 1356.056741][ T4921] binder: 4920:4921 transaction failed 29189/-3, size 64-16 line 3148
[ 1356.074688][ T4923] binder: 4905:4923 transaction failed 29189/-3, size 64-16 line 3148
[ 1356.096827][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
10:23:24 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x50000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:24 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x3e80, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1356.125132][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1356.155762][ T4918] Dev loop5: unable to read RDB block 1
10:23:24 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7a000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1356.191371][ T4918]  loop5: unable to read partition table
[ 1356.210883][ T4918] loop5: partition table beyond EOD, truncated
[ 1356.217267][ T4918] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1356.272830][ T4936] binder_alloc: 4933: binder_alloc_buf, no vma
[ 1356.279673][ T4936] binder: 4933:4936 transaction failed 29189/-3, size 64-16 line 3148
[ 1356.304440][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:23:24 executing program 5:
syz_read_part_table(0x4, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$void(r0, 0x5451)
r1 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x1, 0x2)
ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f00000000c0)={r1, 0x100000001})

[ 1356.319991][ T4940] binder: BINDER_SET_CONTEXT_MGR already set
[ 1356.351171][ T4940] binder: 4933:4940 ioctl 40046207 0 returned -16
[ 1356.358122][ T4941] binder_fixup_parent: 20 callbacks suppressed
[ 1356.358132][ T4941] binder: 4937:4941 got transaction with invalid parent offset or type
[ 1356.389565][ T4941] binder: 4937:4941 transaction failed 29201/-22, size 64-16 line 3389
10:23:24 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x60000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1356.409992][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1356.420171][ T4947] binder: 4937:4947 got transaction with invalid parent offset or type
[ 1356.471152][ T4947] binder: 4937:4947 transaction failed 29201/-22, size 64-16 line 3389
[ 1356.482577][ T4953] binder: BINDER_SET_CONTEXT_MGR already set
[ 1356.488820][ T4953] binder: 4951:4953 ioctl 40046207 0 returned -16
[ 1356.496864][ T4953] binder: 4951:4953 got transaction with invalid parent offset or type
[ 1356.510960][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
10:23:24 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x4200, 0x0)
ioctl$KVM_SET_FPU(r0, 0x41a0ae8d, &(0x7f0000000040)={[], 0x400, 0x1000, 0x4, 0x0, 0x9, 0x1, 0x5000, [], 0xcb66})

[ 1356.518928][ T4953] binder: 4951:4953 transaction failed 29201/-22, size 64-16 line 3389
[ 1356.557180][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1356.651168][ T4958] Dev loop5: unable to read RDB block 1
[ 1356.657312][ T4958]  loop5: unable to read partition table
[ 1356.681239][ T4958] loop5: partition table beyond EOD, truncated
[ 1356.689452][ T4958] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1356.821517][ T4958] Dev loop5: unable to read RDB block 1
[ 1356.844982][ T4958]  loop5: unable to read partition table
[ 1356.855215][ T4958] loop5: partition table beyond EOD, truncated
[ 1356.875264][ T4958] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:25 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ifreq(r1, 0x8990, &(0x7f0000000140)={'bond0\x00\x00\x00T\x00\x00\x00\x00\x01\x00', @ifru_names='bond0\x00'})
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:25 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x100000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:25 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x68000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:25 executing program 5:
syz_read_part_table(0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x6a6, 0x5, &(0x7f0000000300)=[{&(0x7f0000000080)="b84c21cc72a4bb06def3a99627933f57e350b6b5d29f72b93dcac3d31cbd7300aa2cb5b54acc32bea7431228fb43969fa6464fcc490c4454e2a212432eecef55dcbcc9c042f39c5b87956f11b5db72c4be18bb3d3231fb2591b985a9253fdfb2656583b0a1d34508d095f67cb915928aa60059f90092314fd010907953ed8311f5929c9b8e99193fc40b1f8e1f238f4c9dea7586fa5d10cc687bb2f464eb75be57b309998d1a095a063fb38351448811cc28", 0xb2, 0xf9}, {&(0x7f0000000140)="657d621521e3c59d43b82f69d86ac27d89f86e97b0868631efca2689c2a6c3dfb1e6287a3609f9e0eed75a9d47d444cec364466f673e366801d91beaae2f4025580c52582d81fc045608ebe909df4dbd533185669dc07ed55b7d526b168c71ce51df18edcbdfbe4424a3b33b1475d7a35b945d5f082970febe34ebfe21ef748c9907407ea9dcc9d9a70cea8a95a3eb30bd6a8c3c914299633d63fc43cd51", 0x9e, 0x4}, {&(0x7f0000000200)="637a2c256ac638777d0183c24bbc598814e563c4cab995cfd662547fa55416a62b3929ab91b3acb8289ef382ea48be0630f36d93d3661ee5780c524b65edd0b11abc5b5833c2f76e98ddbfbf4e0ba82e4ea1262fa67edbd9bee8bc3703164e7219a1a7b6223fca9dba694f77b9cb415b36f8e424c36a9d3e12ed0b8c66bd", 0x7e, 0x9}, {&(0x7f0000000280)="d27ee151298e6e42a1fbe479ee026d7b719bc626402180019de6fa577256d06808b09aaff05fcf0a8948cf1873ec6b54dacb18490dba9489f6e42aeb1a42580e133599cb5910a46552c06632dc4b5eb7244376e3448efe71708999a999838fdf4636088c8de0e420c92a852294", 0x6d, 0x7}, {&(0x7f00000012c0)="37fab738503ef4dd6365d6e11f0322c1fb96c5fd902d62ce1930ffc5dd7f754241d49f80bebd03b4c99aad91fc773d12e88b4fc23bf3bded7a0572b7d5078e5b3ae2216ed99e9ac2f9b3b08770c2a57be81e0827d8b28ecad6f98e8a2fe788271d87e4fe2dbd0d94d151c703eb87ab6fb464764d95a0f572729aa849538f9aad4be2a2643cdd37eed29373bddca9614a317b2ab0f60947972ac080a17e9fe75c041df359b76052978288908784cba206dac473c48aaeb3236d6b7c0230e601734e56dd311fab2b94b6b7a59bbdb236dbc696b20320a76ab01d0a0c7f97d5db5caa0af6cde089ca6012cb22b9556c18bbb107f245e1d7c7d0119b5caac9f46549b1e5ec3779f7ac8227eaab52493a7d21618b2b3c9feeff73b3bfe2284c358f93904c75deeb5b0c20133ed3b200f1f54ce59d69fce0c6e673b387ce998f1d67b19e82929041e4d086c721125c426baa798bf84caeab6be034263717adca3d13a6195270dda6561509f7fb6455c2a7658aaae0d2a157b6d1f3f7961b8098ba5e0ec43309ca643ccb2e9b1e2b5bf50bb738a0cdcdeb23430d2b5c6667d9dcc2226e9d7de11780a82403f383f44299ec37c41bc36bfe02e6aff4beb22e0e635d8a8bc312c78913fcc754ca248dbccccea06bc2c50fa8737be12479da7a0f38fcc523e653fd70adce5ba4356177dffd792704ea194d98c8c402b8627f4694551c9358dc32098f2cdb2e3a27e103645b63a455a881f0767f480f206e933e851e61838adbf6142120c9da19b50bcef55ee600e8a334b1c79e518ee96c72f6f7f677d439dbe40fd986797080f7436714cf98aaf59282a35cbac60664292d8143fa160fe27342309dec9f494499fc1836b0edff0e3cdf50010a08252f39f6c141d537e9a75e4a60915e5b6b9b8da52718f8d5cc469914f645be212946340ed500638366f11ac23ca789be0607de0dedd79b823d0a8da5a4b9c90f73fbfd820d242a2214544b00c299bc0f7a804585b51a950ecd3fef39605d29086f3aee736de14b667beb4d642a4b86ab6ab4b7ec9857b89a46f79f1004f479f5668665b503f57ee5d52b21de7305f81b5b8541f307cb60f8226d1c4ff6933edfff9ca5a3e4344a5cd6f2ab85b30f21aaddc6d7132efb38543d4a218efa35c88b7af723c28b66cb3943abf29a02915168b2a1b58f2b4c630e338641cd29f0b14d4a811b53ee300935e15cda7eba1c5367482e4ed580ca7d7738706e9e7fd08bec12fd047c24656b3f808f5bb1bd3c5d1729386e0ca9c132ca84cf44c747405845cf1f235c3fb63560876bc92ca4382a8ea7f068476a176c0efdf2e96771e7126af22c3ef5bab815af28575dfe824b10df186af761d7d0cb8facbf351ea21a508d03721661064ed5f31d9172f904c499f4370b581ace62ec029f1cb91a504e8f93d6c61b1fc67419da09e3748028849c9ef95a0a5af89ce2b5a9f1ef8ddc75eba70f1a3770016a29ea83e680e3d90a8f0533cac03360b002eac798b8bb2e268b03ce56a1512267f8fd77249e1efea8042430b0589ba189dff23d2ec44032ca5553211521fb238068f6660fb84a5d55cbe08871621fb74994ad8b8addcaf439646387b6c18d5b9e2c0102146782c0a0996506c808d272824c6c2824c40c795b8eeb0195ab64049f3907045fb353a1cdbac8c5c6638a710e4fe05519ee6c885ffe31f2d11ee98a652e7bf070351a045e875caf8c28572c6aa515be6436aeff8d53350e5160b8a2ac07b5360a0995b00175bc2990183e79fe23a23ab7a5693fc2e6c33b6c192d1b32e653f4badff6c1da0d959bb5d308f761f657e59788193af2941099f7dc187e22bef60af5f2b12798856628559fed8b9779f629731fe0400213ff3f223d2e14ab177dd615fde306b4d2f5b7864339a9da023ef41735a212789d6aab95655c90206eb41e5f0c38452be5b1d8620828c783788b64835fafde9b35cb7c2e15475301a66ba0370f90da16e442295fcaef8893f2694c23a261b7882b135c2a8a94383ebc8f171bbfc69ecac3408cb624d7b167ad6c8e462ddd43521b0449e11951bb7b44303c3097a889dcc6475f41a69fb307dc66ec5f0fb4ea8f4a9959b3084dbc97aa26a51916f4ea5ca57c6e7c5e097ad5778c847bd250d6084644dc4ced57f5af5fab0d04e34aa269508db4a3b384458740e346de2150ded44400c2d9ab8ec10d111eaf42950b644ad2ac7a9158b4e849b26bb53f1394cc782688d93fb6a63b608b96889c6c23a5daf74a0a983c0c9101aeb79a90304e319648a8bcd2a609adc3b50b2169985e26af1797c5b5ef5ef973d517a50dede8ae31d2f5cb10d30992f06dfc72e56638b96da168953d6275f755ec6d0458f23eb66619b399cab1ec5780906a8dea41a109bcad5bc3b5c52c1d1730fabddc5bf191f41ee555adb248581a5e137b46908a330f32a376ac00d09b5029cfba19fb8ce1ed3f4efe20ce013edf09de7b53e1cf5484f5506162867bd00804d34b69258f507848a61219e162a8b3dd7cec37ce741d90d00c0a3fd65f66448fb4c4fb716caaa09a435ed38c3de9740331547bf826af6531f48cea31d7f96722cf83e6f09499b880e0fedb49fb61f0fee876bed4c39541344f19f27d30a55f03c64d2d06ace68b9d32b623c5573e7755a2717a86f2283f2be45d90db9d6ba41b9aa2aa82d251babfb18ea2cd6d80b769e00d97bf15813398fb4a6bfd5ea10be7976f91c6a73bcc6de18bd26b76210fd3c383013bf9f3895cd13adc045ac759bf8582c38c531aa72658f12912564c8bcc4f59c915a01c77a5f6475dd679cbd1a6c396dbf66e2668daafd18bf353d241bbc907caaad5a2c53069adc80f5794314955011db599588098527aecf6beb98c981cee0a30c45a14b8d55d36f192ca561f6bc2191512c739951aed249192daaa74cce45ca3fa4870e8f98405724045c6dbef90632fe3b6f9fe8aa79538ee6fa48dc7e899dadbf13e35ee5c5de5c3d1d87c8264490fabccdb86109c074a72e0040b11ca3078a815371952d56aa70bdf7e5a9b8093cb64c76d3feebe081f9daa7cc3cadd38b5e71d23673942e756b5b632231e1f212c8c8da8bc723a011239bf2ca26f33dcb56b8232177779c7defc78cfc66d53b34f6d8f3c3119a4e0e5b21d7c65e0ee1a21b203313eec0de0880bc922a3715d47b2c3d2ef6c71071a67696a39cd18a8fd14b0dcc7d16fec3301eba8bfafbf21f909613cbc78c9345eb566d8259cd73f43bfbe5505dc5c08401814d6ea8655f84afbc1b878f90d820f7e49ac296a9bb252a44822fadc0bc7eef52ce2037a2fe6e0e985e888bfe7195306b0204ea5564371338468ab4a60ed2d1008f77377d9310e282b5339e547083dbf8e77af5468ba33bd2d3b9de791507367b0b66fb9d00d3b9d2249af7a782561a7917fe2afaf1679b97ac9f861cbd9efe01804cd4b46b0cdcc4e9f9d0365158be3b7a6b51b99ddf4e4c1cdc2f7d664b832b799c2f2ef9d39889bf72064ce9b3f1f1c74ce7138e8d9a678acba208fa9807e50563817088a71ed726dc2e2cd8edb4e09c33202b0091d5c34f76aeab7dd0579087551d03ca96fa54f7d49a95c4257aa22fa7c8332c15df2fcea988db2a538b97cc097aa1e9acb97d9657c5ecd861a96659fa239e01f0eeb17385d6f416b59894a1a52ed0077a8c1cbb0fda9ad97bb42c86d9ecd81f990b68c4b18f16daf29aa9ae169a3a774f90b8b0400fec54ce4ecca948f8f66e361d2833f0c0e427df9d08ae4961a1682cf458466d0b8d5b5e105415b2b3c9e2db035e59331a9ff7d97a2ec575bd23f12465d6f74c883086111dd4fbc919433df8ba9bd8dd58c60c3fb4fb49022377fe2ec9fb19d54d394deae2b12bba5d3bd2015e29ed210723938424afe9ace69f1cbb33e6de5eba9de97c91d28cd1902f44040580b95d5fb24b4e591053be65122d136a9eadcb4dd25b9ef3e383517c004195fda288294c12223205422f2c1ead6e611ca81391bb132938bead6f925789839bc7e9a0aa4686bae0e25608743149727d2d1bd07a4cf765cd2c2f383e76b96fe8b589d93816c95e198a7ea871d5eee7b02f1f248c3e126cc659082bf7d41e2ea33b76191e05d060565f8c2b41be588b0df228afb38199152fc437cb34e31cc692617687e43dc7fc4ab0de845d65a227e16361d6d5218c2538348c23bfcb116b145cac51bbe2870367219d5c3346bc64208b6fcf7721c949d8289c663e58bf2b29f1adb4e85e52307455fe2827575e0f8bd372b4e4c88989be0d4cae14a7d806b852e076646b782ce77e121f61860b3c20c8ef8a8993a11b0979d37ba577f2e17b6f777add48a41deeba7d8fb28065e3ea2fad148e6625c61433dc8f163f9d2b08d89773c59aa5bb211dc410f102d0309262eeb5cec71f747fc17e8928af31eb48406c828f15cad7bd5db374554241405a4dbd5e73cdeafed8bbba1670a501f4c6dffdb8ad676875f85e2501a6a9cdcae810c1dddefade3209cca9865eefb05979bf75be86b7985eadc475dcfa14fa8742af2c86527f0733b06737b86125854b334a281355fc0c8ecfd1e2a2cdea3250fbcd1cfc619847554223cae64539a4e27148cf50805b59a8e6e0d6e5d7efb0ec2f82480ab065b9b050c87bb0ebe13a2912ea2ca5cf74c052f3ecd2b25b48990c7c8f5a2cfe94f1993acc79eb38b4c3f3f6bca1bcd35f9fd0c004c2d59f2d7621bb66895cb806868f009fe637dcee526732040cce2bb209b9fac42d7975b55c586eefa6f63e5384224cf3aa95b11056e436232c4c0581126dcd80253cee3adc5545d6fe37d0516159dba0d114e05593e73e0cd5d6aa85e02cf41aead6351e1363116ef38f73c080a124a5bdb769202d5982c1c17c2465b5cf146fc52db798523d76859fe00b8e1d558add0ca453a374e34cdc8854ad2bdd20ce2f1fa98e401d357a426ea4517868c2e7c80dea76dc18e58c71d62af232089db4ce5f1ca49dc4b2d4a9f882e22960896d1eac1bd8f4a6535da60a2c387861f4613f5cc9169e191b9c84b101d75ba9f8978000827d7ca3ad6928d1061f85a868bad818ad21e518e48f668c18eeac9978096c7b012e5e58a023592b61bb1a46fad4fec80d8f3afdee3ab4b8e196b53bc7b7377232115dcc04ab5f561b61b6707ba06f130c1bbc5c77bd25bda5efb69c1be790fbcaa4e12c47c4cd41cb70747f50044930839556397e06eb21544cd05c0450c099f115c2391c4bb8e2c92a198ba1bee8b6aeca4950cfcc7187904333da259082e8eddcf9739a8de3182ef5c655daa33e5151f694f3cf310a3b0c12881aa5dc7845805e9044d415680b1c0bc9ee51110cc9a4844496f1065e5fb525d064125a5e54adfc54f73e725a687f3a7a881e4dd2fb9620d38bf8f27a2c6cab4fbc125b98e7bdfe9bd94c55b498170dd3ea69da8a22ce7cbfcdaf7a761542ae66daea8c75be5de6d6d78a3d4eb71c7448458058e04242f0ef3a78226b63ebd764ca97c340afa3feb95410c8676a886667183fa489e9dd7aba5a3883f58c54a0534fbb381a4a4bb0efb043345ee290f57f976c10ba769af82b02d7be4e1a09d1f7037fefea711d71f7bd7b8203a94d16468a46c87e4a0fa6621aa80bf2af111cbe4bc895697e67cf212d86e2e8cd9d1155a1a7b5b5bfd728a94ec9718c1ae8706720218b845341b78a7c31cc06e0d591f2a51ec0c75e7a9e61f3664318f77edc9c6b02f6deb432c4a19e19c2c7ca742aebaf78721f8c0c464e926db4023a63fd57c002fb4a874f4995b6d8d58", 0x1000, 0x8}], 0x9000, &(0x7f0000000380)='vmnet1+\'$)keyringmd5sum\x00')

10:23:25 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
r0 = memfd_create(0x0, 0x0)
connect$rxrpc(r0, &(0x7f00000000c0)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e20, @multicast1}}, 0x24)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:25 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x3f00, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1357.015019][ T4970] binder: 4968:4970 got transaction with invalid parent offset or type
[ 1357.028535][ T4970] binder: 4968:4970 transaction failed 29201/-22, size 64-16 line 3389
[ 1357.029878][ T4971] binder: BINDER_SET_CONTEXT_MGR already set
[ 1357.048365][ T4971] binder: 4969:4971 ioctl 40046207 0 returned -16
[ 1357.057328][ T4971] binder: 4969:4971 got transaction with invalid parent offset or type
[ 1357.064473][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1357.078504][ T4975] binder: BINDER_SET_CONTEXT_MGR already set
[ 1357.087739][ T4975] binder: 4968:4975 ioctl 40046207 0 returned -16
[ 1357.095651][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1357.103486][ T4977] binder: BINDER_SET_CONTEXT_MGR already set
[ 1357.109680][ T4977] binder: 4969:4977 ioctl 40046207 0 returned -16
[ 1357.117915][ T4976] binder: 4968:4976 got transaction with invalid parent offset or type
[ 1357.178922][   T26] audit: type=1400 audit(1555064605.603:999): avc:  denied  { create } for  pid=4973 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
10:23:25 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6c000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:25 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x200000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1357.335321][ T4998] binder: 4993:4998 got transaction with invalid parent offset or type
[ 1357.376076][ T5001] binder: 4993:5001 got transaction with invalid parent offset or type
[ 1357.385562][ T5000] binder: BINDER_SET_CONTEXT_MGR already set
[ 1357.391752][ T5000] binder: 4999:5000 ioctl 40046207 0 returned -16
[ 1357.408033][ T5000] binder: 4999:5000 got transaction with invalid parent offset or type
10:23:25 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x300000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:25 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = socket$inet6(0xa, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
getresuid(&(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)=<r2=>0x0)
setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000100)={{{@in6=@remote, @in=@broadcast, 0x4e21, 0x1, 0x4e22, 0x7, 0x2, 0x0, 0xa0, 0x2f, r1, r2}, {0x2, 0x4, 0x4, 0x4, 0xea, 0x9, 0x96, 0xfffffffffffffffe}, {0x8001, 0xbe, 0x2, 0x2}, 0x6, 0x6e6bb8, 0x1, 0x0, 0x1, 0x3}, {{@in=@broadcast, 0x4d2, 0x33}, 0xa, @in=@empty, 0x3507, 0x0, 0x3, 0x401, 0x101, 0x1ff}}, 0xe8)
setxattr$trusted_overlay_redirect(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='trusted.overlay.redirect\x00', &(0x7f0000000280)='./file0\x00', 0x8, 0x2)
timer_create(0x2, &(0x7f0000000640)={0x0, 0x35, 0x2, @thr={&(0x7f00000002c0)="98eb7e2d9fbf69c94fc13bdf31f959aab1ceec39035023aa942fc105bb4c4bede18621b543aa52d907715ce7a2a29e273891707cde23976a7ba02b533486041aeae430864018e60ccec19732f40810adebc8433b8fd9194b58739dea0c5292e5be6b9ac809e5f8ac35ba70a81a2db58282b25b7ab0abb73b6ae641748620671f43679d47edd399f31941cfb198233bf4c788fcb2caf5190cd2992606fa72eebc999e0456c9a86c62a71644024df74396a7ed6577f8a31ce56fedfd420c3836a255cafa9ac644358e7796359acc6e5cb22361244835aac7bb", &(0x7f00000003c0)="a74ae07948e5418606f20feb3e618d406b1ff1440e18a0309b9330fa308bd011e80be86833e419a8c5b595372e530b297513b7e7a19dfcd5a508e0e31009253e3b0ee6a1ce9e4b2a59c75bfc11421cb6c8a8d200724ec24335ee2ff1e173fedbc90ac028e9c2e2ebc51df32ea9e2c710754fc33f2a"}}, &(0x7f0000000680)=<r3=>0x0)
timer_gettime(r3, &(0x7f00000006c0))

[ 1357.438015][ T5000] binder: transaction release 6949 bad handle 1, ret = -22
10:23:25 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x74000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1357.509999][ T5005] binder: 5004:5005 got transaction with invalid parent offset or type
[ 1357.582248][ T5009] Dev loop5: unable to read RDB block 1
[ 1357.596038][ T5009]  loop5: unable to read partition table
[ 1357.609648][ T5009] loop5: partition table beyond EOD, truncated
[ 1357.618821][ T5013] binder: BINDER_SET_CONTEXT_MGR already set
10:23:26 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x400000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1357.638914][ T5009] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1357.645326][ T5013] binder: 5012:5013 ioctl 40046207 0 returned -16
[ 1357.784899][ T5023] binder: BINDER_SET_CONTEXT_MGR already set
[ 1357.815220][ T5023] binder: 5022:5023 ioctl 40046207 0 returned -16
[ 1357.887230][   T26] audit: type=1400 audit(1555064606.313:1000): avc:  denied  { ioctl } for  pid=4973 comm="syz-executor.4" path="socket:[219850]" dev="sockfs" ino=219850 ioctlcmd=0x8990 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
[ 1357.921696][ T4989] bond0: cannot enslave bond to itself.
10:23:26 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000040)={<r1=>0x0, 0x401, 0x9, 0x8, 0x7, 0x458}, &(0x7f0000000080)=0x14)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000000c0)={0x3ff, 0xc6, 0x8, 0x0, 0x9, 0xac4, 0x7ff, 0x0, r1}, 0x20)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000001c0)={0x20000000, 0x5, 0x11})
write$binfmt_misc(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="7368e943337fbe6b807befb1a5bb1285d077fb98507b848551c17d369cc3dd10cbf2a1836f5d508311403600b30679589988e9a1cbb231346e2bbd30b9ffb20d2b8a708bbb59b09298217721c6cea3f0aa6defca615845e44f46a006ab48651dc03081a9a9ef7ad5f650c42e76d362125b8f570fa7b9bc06a8c8b2a7ce95cc179de57b4532b09e313360e8d67c27fea2dab8440d032de17e7e0fb37e1ab43f270d3b640bb08761823cbe8756485804f0c1f881b8644b9a9d747b4edb3eec94f3b1a997855830f69510b73b2c17cf1dfc785b910f729a2f05d5aa2d"], 0x1)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000100)={r1, 0x81, 0xde, 0xfffffffffffffff8, 0xfffffffffffffffb, 0x6}, &(0x7f0000000180)=0x14)

10:23:26 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7a000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:26 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e8abe67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x101, 0x0)
ioctl$KDGETLED(r0, 0x4b31, &(0x7f0000000040))

10:23:26 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x500000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1358.087436][ T5040] binder: BINDER_SET_CONTEXT_MGR already set
[ 1358.120855][ T5040] binder: 5033:5040 ioctl 40046207 0 returned -16
[ 1358.131830][ T5041] Dev loop5: unable to read RDB block 1
[ 1358.145323][ T5046] binder_alloc: 5035: binder_alloc_buf, no vma
[ 1358.178150][ T5041]  loop5: unable to read partition table
[ 1358.209857][ T5041] loop5: partition table beyond EOD, truncated
[ 1358.259608][ T5041] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1358.387449][ T5041] Dev loop5: unable to read RDB block 1
[ 1358.394235][ T5041]  loop5: unable to read partition table
[ 1358.400165][ T5041] loop5: partition table beyond EOD, truncated
10:23:26 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
write$P9_RATTACH(r0, &(0x7f0000000100)={0x14, 0x69, 0x2, {0x3, 0x3, 0x5}}, 0x14)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:26 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x4000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:26 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x600000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:26 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0xfdfdffff}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1358.429113][ T5041] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:26 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
arch_prctl$ARCH_MAP_VDSO_X32(0x2001, 0xe719)

10:23:26 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x700000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1358.513538][ T5059] binder: BINDER_SET_CONTEXT_MGR already set
[ 1358.526126][ T5059] binder: 5057:5059 ioctl 40046207 0 returned -16
10:23:27 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0xfffffdfd}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:27 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x1000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1358.669251][ T5078] binder: BINDER_SET_CONTEXT_MGR already set
[ 1358.687394][ T5075] Dev loop5: unable to read RDB block 1
[ 1358.696967][ T5075]  loop5: unable to read partition table
[ 1358.709747][ T5078] binder: 5074:5078 ioctl 40046207 0 returned -16
[ 1358.717843][ T5075] loop5: partition table beyond EOD, truncated
[ 1358.739487][ T5075] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1358.853642][ T5075] Dev loop5: unable to read RDB block 1
[ 1358.859717][ T5075]  loop5: unable to read partition table
[ 1358.874623][ T5075] loop5: partition table beyond EOD, truncated
[ 1358.885505][ T5075] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:31 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000040)={@remote, <r1=>0x0}, &(0x7f0000000080)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000000c0)={'team0\x00', r1})
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000240)=ANY=[@ANYRES16=r1, @ANYRES16=r1, @ANYRES64], 0xfffffffffffffee9)

10:23:31 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x100000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:31 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x2000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:31 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c)
ioctl$VIDIOC_SUBDEV_G_FMT(r0, 0xc0585604, &(0x7f0000000000)={0x1, 0x0, {0x1, 0x8001, 0x301f, 0xbcbf5b372ed04c49, 0xb, 0x4, 0x3, 0x47e2f605ebc79eb8}})
ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f00000000c0))

10:23:31 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x401f, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:31 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
openat$smack_thread_current(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

[ 1363.295737][ T5101] binder: BINDER_SET_CONTEXT_MGR already set
[ 1363.315086][ T5101] binder: 5099:5101 ioctl 40046207 0 returned -16
[ 1363.316282][ T5106] binder_alloc: 5097: binder_alloc_buf, no vma
[ 1363.328269][ T5106] binder_transaction: 21 callbacks suppressed
[ 1363.328284][ T5106] binder: 5097:5106 transaction failed 29189/-3, size 64-16 line 3148
[ 1363.352045][ T5101] binder_alloc: 5097: binder_alloc_buf, no vma
[ 1363.368006][ T5104] Dev loop5: unable to read RDB block 1
[ 1363.371033][ T5101] binder: 5099:5101 transaction failed 29189/-3, size 64-16 line 3148
[ 1363.377553][ T5104]  loop5: unable to read partition table
[ 1363.388102][ T8289] binder_release_work: 20 callbacks suppressed
[ 1363.388109][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
10:23:31 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1363.395799][ T5104] loop5: partition table beyond EOD, truncated
[ 1363.406021][ T5113] binder: BINDER_SET_CONTEXT_MGR already set
[ 1363.422033][ T5104] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1363.433676][ T5113] binder: 5097:5113 ioctl 40046207 0 returned -16
[ 1363.461252][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1363.471349][ T5117] binder_alloc: 5099: binder_alloc_buf, no vma
[ 1363.477740][ T5117] binder: 5099:5117 transaction failed 29189/-3, size 64-16 line 3148
10:23:31 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x200000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1363.561168][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1363.580567][ T5104] Dev loop5: unable to read RDB block 1
10:23:32 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x2800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1363.623632][ T5104]  loop5: unable to read partition table
[ 1363.635709][ T5125] binder_alloc: 5124: binder_alloc_buf, no vma
[ 1363.652694][ T5125] binder: 5124:5125 transaction failed 29189/-3, size 64-16 line 3148
[ 1363.676793][ T5104] loop5: partition table beyond EOD, truncated
[ 1363.683756][ T5104] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1363.703202][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1363.718818][ T5129] binder: 5124:5129 transaction failed 29189/-22, size 64-16 line 2995
[ 1363.740575][ T5131] binder_fixup_parent: 10 callbacks suppressed
[ 1363.740585][ T5131] binder: 5127:5131 got transaction with invalid parent offset or type
[ 1363.753313][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
10:23:32 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f00000001c0)=0xfffffffffffffdf4)
r1 = accept(r0, 0x0, &(0x7f0000000180)=0xff45)
r2 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000080)='NET_DM\x00')
sendmsg$NET_DM_CMD_STOP(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r2, 0xf11, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x90)

10:23:32 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x300000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1363.799040][ T5131] binder: 5127:5131 transaction failed 29201/-22, size 64-16 line 3389
[ 1363.827302][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1363.837694][ T5133] binder: 5127:5133 got transaction with invalid parent offset or type
[ 1363.854777][ T5133] binder: 5127:5133 transaction failed 29201/-22, size 64-16 line 3389
[ 1363.864586][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1363.894945][ T5137] binder: BINDER_SET_CONTEXT_MGR already set
10:23:32 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1363.932675][ T5137] binder: 5136:5137 ioctl 40046207 0 returned -16
[ 1363.960905][ T5142] binder: 5136:5142 transaction failed 29189/-22, size 64-16 line 2995
[ 1363.979356][ T5140] Dev loop5: unable to read RDB block 1
[ 1364.002772][ T5140]  loop5: unable to read partition table
[ 1364.021571][ T5146] binder: 5145:5146 got transaction with invalid parent offset or type
10:23:32 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x400000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1364.031272][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1364.046714][ T5140] loop5: partition table beyond EOD, truncated
[ 1364.068502][ T5140] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:32 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x6000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1364.097462][ T5146] binder: 5145:5146 transaction failed 29201/-22, size 64-16 line 3389
[ 1364.143040][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1364.158427][ T5153] binder: 5145:5153 got transaction with invalid parent offset or type
[ 1364.161531][ T5151] binder: BINDER_SET_CONTEXT_MGR already set
[ 1364.168356][ T5153] binder: 5145:5153 transaction failed 29201/-22, size 64-16 line 3389
[ 1364.184677][ T5151] binder: 5150:5151 ioctl 40046207 0 returned -16
[ 1364.195786][ T5146] binder: BINDER_SET_CONTEXT_MGR already set
[ 1364.208292][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1364.209474][ T5155] binder: 5150:5155 got transaction with invalid parent offset or type
[ 1364.218394][ T5146] binder: 5145:5146 ioctl 40046207 0 returned -16
10:23:32 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3f00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1364.257785][ T5155] binder: BINDER_SET_CONTEXT_MGR already set
[ 1364.267063][ T5140] Dev loop5: unable to read RDB block 1
[ 1364.276765][ T5140]  loop5: unable to read partition table
[ 1364.283816][ T5155] binder: 5150:5155 ioctl 40046207 0 returned -16
[ 1364.296085][ T5140] loop5: partition table beyond EOD, truncated
[ 1364.315395][ T5140] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:32 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x500000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:32 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x800, 0x0)
write$P9_RLCREATE(r0, &(0x7f0000000040)={0x18, 0xf, 0x2, {{0x20, 0x1, 0x3}, 0x6}}, 0x18)
setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000000080)="fe275e630d433db70e67a177fa483177112563a78721d517c212d645f92896a9d79d262552cfcdcabd869824882f24e88afafe349720cbb0da5be8a549d27a8e7ad3755156d0b325fca8f8c47d8ea92ee3335d46bc6da602f6e1de725bde83686132640571694c4eebfa5a7b2a9aadb1d99820105addb33b96d6bb1bb7a4248db45dc2ba", 0x84)

[ 1364.369755][ T5164] binder: 5162:5164 got transaction with invalid parent offset or type
[ 1364.418158][ T5166] binder: 5162:5166 got transaction with invalid parent offset or type
[ 1364.478033][ T5169] binder: BINDER_SET_CONTEXT_MGR already set
[ 1364.495772][ T5169] binder: 5168:5169 ioctl 40046207 0 returned -16
[ 1364.548222][ T5172] Dev loop5: unable to read RDB block 1
[ 1364.554980][ T5172]  loop5: unable to read partition table
[ 1364.569614][ T5172] loop5: partition table beyond EOD, truncated
[ 1364.583196][ T5172] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1364.691961][ T5172] Dev loop5: unable to read RDB block 1
[ 1364.698967][ T5172]  loop5: unable to read partition table
[ 1364.706787][ T5172] loop5: partition table beyond EOD, truncated
[ 1364.715580][ T5172] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:33 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x3)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:34 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x600000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:34 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:34 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x9, 0x40000)
r0 = getpid()
syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/mnt\x00')

10:23:34 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x803e, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:34 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000080))
rmdir(&(0x7f00000000c0)='./file0\x00')
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="73e80ef103acfb9594a9f0ba5edfd660b9bd810ba2ee90457d79623b3dfa573632a25e51e2505f33719fef959173140dbbd1fc06fe19431c959a499b7ee1ec43fcdcd8a01a998b5c69e94c72488ea94ca303d5f2d18124209f91930d8dd044aeb07ef5194d200d84102584fe1106ce39da7d6a72dcefad328ef1277dd91ebf44715a7924e8ce4bb50d58a4fab21ccf64cfa11c013f39694300000000"], 0x1)

10:23:34 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00006ed000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
r0 = inotify_init()
r1 = inotify_add_watch(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x2)
inotify_rm_watch(r0, r1)

[ 1366.527003][ T5200] binder_alloc: 5199: binder_alloc_buf, no vma
[ 1366.528384][ T5205] binder: BINDER_SET_CONTEXT_MGR already set
[ 1366.545210][ T5205] binder: 5194:5205 ioctl 40046207 0 returned -16
10:23:35 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x700000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1366.570571][ T5211] binder: 5194:5211 got transaction with invalid parent offset or type
[ 1366.587730][ T5203] Dev loop5: unable to read RDB block 1
10:23:35 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1366.619105][ T5203]  loop5: unable to read partition table
[ 1366.666428][ T5203] loop5: partition table beyond EOD, truncated
[ 1366.702475][ T5203] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1366.722024][ T5219] binder: 5215:5219 got transaction with invalid parent offset or type
[ 1366.730009][ T5218] binder: BINDER_SET_CONTEXT_MGR already set
[ 1366.760030][ T5218] binder: 5216:5218 ioctl 40046207 0 returned -16
[ 1366.760323][ T5220] binder: 5215:5220 got transaction with invalid parent offset or type
10:23:35 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4c00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1366.849167][ T5203] Dev loop5: unable to read RDB block 1
[ 1366.863479][ T5203]  loop5: unable to read partition table
10:23:35 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x1000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1366.891871][ T5203] loop5: partition table beyond EOD, truncated
10:23:35 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x5000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1366.934676][ T5203] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:35 executing program 5:
r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x52, 0x100)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f0000000080))
syz_read_part_table(0x0, 0xaaaaaaaaaaaaafe, &(0x7f0000000280)=[{&(0x7f0000000640)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

[ 1367.007195][ T5233] binder_alloc: 5231: binder_alloc_buf, no vma
[ 1367.009630][ T5234] binder: BINDER_SET_CONTEXT_MGR already set
[ 1367.036306][ T5234] binder: 5232:5234 ioctl 40046207 0 returned -16
10:23:35 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:35 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x2000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:35 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xa000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1367.270098][ T5248] binder: BINDER_SET_CONTEXT_MGR already set
[ 1367.294549][ T5248] binder: 5245:5248 ioctl 40046207 0 returned -16
[ 1367.301391][ T5246] binder: BINDER_SET_CONTEXT_MGR already set
[ 1367.328778][ T5246] binder: 5244:5246 ioctl 40046207 0 returned -16
[ 1367.328824][ T5250] binder_alloc: 5244: binder_alloc_buf, no vma
10:23:35 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x2800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1367.377202][ T5242] Dev loop5: unable to read RDB block 1
[ 1367.391733][ T5242]  loop5: unable to read partition table
[ 1367.413369][ T5242] loop5: partition table beyond EOD, truncated
10:23:35 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000040)='trusted.overlay.nlink\x00', &(0x7f0000000080)={'L-'}, 0x28, 0x1)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c)

[ 1367.440259][ T5242] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1367.482506][ T5261] binder_alloc: 5259: binder_alloc_buf, no vma
10:23:36 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:36 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f00000000c0)={@initdev, <r1=>0x0}, &(0x7f0000000100)=0x14)
setsockopt$inet6_mreq(r0, 0x29, 0x1d, &(0x7f0000000140)={@loopback, r1}, 0x14)

10:23:36 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x200000000000000, 0x1)
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm-monitor\x00', 0x100, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000180)={0x1, 0xd1, 0x5})
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x2)
ioctl$KVM_GET_PIT2(r0, 0x8070ae9f, &(0x7f0000000200))
ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f0000000100))

10:23:36 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1368.038806][ T5280] binder: BINDER_SET_CONTEXT_MGR already set
[ 1368.048938][ T5278] binder_alloc: 5276: binder_alloc_buf, no vma
[ 1368.055982][ T5280] binder: 5275:5280 ioctl 40046207 0 returned -16
[ 1368.070934][ T5277] Dev loop5: unable to read RDB block 1
[ 1368.074274][ T5280] binder_alloc: 5276: binder_alloc_buf, no vma
10:23:36 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xc000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1368.085518][ T5277]  loop5: unable to read partition table
[ 1368.106281][ T5277] loop5: partition table beyond EOD, truncated
10:23:36 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x3f00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:36 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6c00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1368.166614][ T5277] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:36 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:36 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7400000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:36 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

[ 1368.258578][ T5297] binder: BINDER_SET_CONTEXT_MGR already set
[ 1368.298441][ T5297] binder: 5295:5297 ioctl 40046207 0 returned -16
10:23:36 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)
ioctl$sock_ifreq(r0, 0x8937, &(0x7f0000001480)={'veth1_to_bridge\x00', @ifru_addrs=@can={0x1d, <r1=>0x0}})
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000014c0)=r1)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c)
setsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000000040)="cba8094a3cc5f3667100397e8b98c61f58b52bf2afcd1ce920258ec7a913219efa00ca990a12c25ee15315088aeca450a97764879e1260aa4a6b255911c06d2b07f7508027ae2e3aaecc66cf0dc7f76e8562a911fa880103acc42f4da3056c16719921bca58709e0068298189b0fe74bcfaf0615ff94fb08c6b3ca02dd85eb2c3082081f20ec9d12e9caf7b893dc411b1a0ec941fa51aa9a67eb3880bca429212d53834cbbb5e5b14adfb05aaea8ad68de12ccd00ef5b2e4006f80280f3f83f64145fa875688fbf975dea9", 0xcb)

[ 1368.441230][ T5308] binder_transaction: 26 callbacks suppressed
[ 1368.441250][ T5308] binder: 5306:5308 transaction failed 29201/-22, size 64-16 line 3389
[ 1368.482152][ T5311] binder: BINDER_SET_CONTEXT_MGR already set
[ 1368.488206][ T5311] binder: 5307:5311 ioctl 40046207 0 returned -16
[ 1368.488213][ T8289] binder_release_work: 26 callbacks suppressed
[ 1368.488229][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1368.501566][ T5311] binder: 5307:5311 transaction failed 29201/-22, size 64-16 line 3389
[ 1368.516732][ T5308] binder: BINDER_SET_CONTEXT_MGR already set
[ 1368.536926][ T5308] binder: 5306:5308 ioctl 40046207 0 returned -16
[ 1368.561708][ T5313] Dev loop5: unable to read RDB block 1
[ 1368.563719][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1368.575103][ T5315] binder_alloc_new_buf_locked: 2 callbacks suppressed
10:23:37 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1368.575113][ T5315] binder_alloc: 5306: binder_alloc_buf, no vma
[ 1368.577240][ T5313]  loop5: unable to read partition table
[ 1368.603152][ T5315] binder: 5306:5315 transaction failed 29189/-3, size 64-16 line 3148
[ 1368.618335][ T5313] loop5: partition table beyond EOD, truncated
[ 1368.646670][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1368.646709][ T5313] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:37 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7a00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:37 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4c00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1368.695383][ T5323] binder_alloc: 5322: binder_alloc_buf, no vma
[ 1368.703190][ T5323] binder: 5322:5323 transaction failed 29189/-3, size 64-16 line 3148
[ 1368.719115][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1368.796496][ T5330] binder_fixup_parent: 8 callbacks suppressed
[ 1368.796507][ T5330] binder: 5329:5330 got transaction with invalid parent offset or type
[ 1368.819796][ T5330] binder: 5329:5330 transaction failed 29201/-22, size 64-16 line 3389
[ 1368.841451][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1368.848213][ T5313] Dev loop5: unable to read RDB block 1
[ 1368.855991][ T5330] binder: BINDER_SET_CONTEXT_MGR already set
[ 1368.863608][ T5313]  loop5: unable to read partition table
[ 1368.869795][ T5333] binder: 5329:5333 transaction failed 29189/-22, size 64-16 line 2995
[ 1368.886033][ T5313] loop5: partition table beyond EOD, truncated
[ 1368.902556][ T5313] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1368.911380][ T5330] binder: 5329:5330 ioctl 40046207 0 returned -16
[ 1368.922095][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1368.942637][ T5334] binder_alloc: 5332: binder_alloc_buf, no vma
[ 1368.964620][ T5334] binder: 5332:5334 transaction failed 29189/-3, size 64-16 line 3148
[ 1368.991679][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:23:37 executing program 1:
mmap(&(0x7f0000ff1000/0xf000)=nil, 0xf000, 0x1, 0x50, 0xffffffffffffffff, 0xfffffffffffffffd)
memfd_create(0x0, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8, 0x0)
connect$rds(r0, &(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10)
mbind(&(0x7f0000ff1000/0xf000)=nil, 0xf000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:37 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x5000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:37 executing program 5:
syz_read_part_table(0x1, 0x47, &(0x7f0000000180))
r0 = socket(0x2, 0x5, 0x180000000000000)
setsockopt$inet_tcp_int(r0, 0x6, 0x17, &(0x7f0000000000)=0x5, 0x4)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/policy\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r1, 0x40046411, &(0x7f0000000080)=0x800)
ioctl$UDMABUF_CREATE_LIST(r1, 0x40087543, &(0x7f00000000c0)={0x1, 0x6, [{r1, 0x0, 0xe44d7d9d4a8bfe0b}, {r1, 0x0, 0xfffffffffffff000, 0xfffffffffffff000}, {r1, 0x0, 0x0, 0xfffff000}, {r1, 0x0, 0x1000, 0xfffffffffffff000}, {r1, 0x0, 0x100000000, 0x1000100002000}, {r1, 0x0, 0xfffffffff0000000, 0x10001fffff000}]})
ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000180)={<r2=>0x0, 0x0, 0x4})
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f00000001c0)={<r3=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000200)={r2, r3, 0x7})

10:23:37 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x8000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:37 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x186a0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1369.242135][ T5352] binder_alloc: 5343: binder_alloc_buf, no vma
[ 1369.253539][ T5353] binder: BINDER_SET_CONTEXT_MGR already set
[ 1369.256553][ T5352] binder: 5343:5352 transaction failed 29189/-3, size 64-16 line 3148
[ 1369.259575][ T5353] binder: 5345:5353 ioctl 40046207 0 returned -16
[ 1369.260046][ T5353] binder_alloc: 5343: binder_alloc_buf, no vma
[ 1369.275685][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
10:23:37 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1369.314813][ T5353] binder: 5345:5353 transaction failed 29189/-3, size 64-16 line 3148
[ 1369.347235][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
10:23:37 executing program 5:
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000040)={<r1=>0x0, 0x2}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYBLOB="a52c196cc17ea94e4a0108ed020044ff070005008a1318404052acfd2f58d515b60aece74f645d2ba21ffe9e6e0c2b"], &(0x7f0000000100)=0xe)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000140)=0xe832, 0x4)

10:23:37 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x0, 0x2)
ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0104320, &(0x7f00000001c0)={0x5, &(0x7f0000000100)="f3136147e26c3e2ab5fa44547f177de66a38608f0487e7e7feeeabee300082e21187ea320cca761ea39804ae999e41dd46d25e247b52fba5f1cbc1b47134c3754fd691ab861543b668a8d8655a3f5e950866967f3028412965197e1242f333621fa044ac218d1fe4449bea4fb4c2fa417d5585f6b61321849aed18ef027eb16ad7717256dd615a9c6227508ddbd2fbbb2cff8a356059c30432fa09ddb671"})
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
getsockopt(r0, 0x5, 0x3, &(0x7f00000002c0)=""/39, &(0x7f0000000300)=0x27)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cachefiles\x00', 0x101000, 0x0)
getsockopt$sock_int(r0, 0x1, 0x26, &(0x7f0000000240), &(0x7f0000000280)=0x4)
dup(r1)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

[ 1369.362807][ T5361] binder: 5345:5361 got transaction with invalid parent offset or type
[ 1369.392832][ T5363] binder: BINDER_SET_CONTEXT_MGR already set
[ 1369.406164][ T5363] binder: 5362:5363 ioctl 40046207 0 returned -16
[ 1369.430264][ T5363] binder: 5362:5363 got transaction with invalid parent offset or type
[ 1369.432901][ T5361] binder: 5345:5361 transaction failed 29201/-22, size 64-16 line 3389
[ 1369.461268][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
10:23:42 executing program 4:
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/checkreqprot\x00', 0x80, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={0x0, r0, 0x1, 0x1}, 0x14)
r1 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r1, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:42 executing program 5:
setxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@random={'trusted.', 'em0[\xc4lo\x00'}, &(0x7f0000000080)='proc&\x00', 0x6, 0x1)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

10:23:42 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0xffffffff00000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:42 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:42 executing program 1:
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
r0 = syz_open_dev$vcsn(&(0x7f0000001ac0)='/dev/vcs#\x00', 0x40, 0x470300)
setns(r0, 0x20000)
mincore(&(0x7f000033b000/0x3000)=nil, 0x3000, &(0x7f00000000c0)=""/99)
syz_mount_image$erofs(&(0x7f0000000140)='erofs\x00', &(0x7f0000000180)='./file0\x00', 0x9, 0xa, &(0x7f00000017c0)=[{&(0x7f00000001c0)="55071465df6ccfc5d0c1891b9722dcf25192c3b946c37fff41eeba5bafb05f753272085f6d91cdeabf083138382e7d58c8f329ad1671c710c2f86bfa494319ee98f7fb79bc52b41d4c058592c1c963155cbaca5e552d4ac57d99b54a2ce4241d20395383d95e3a8bc2a073dbb5d1011c623c697639d976dcef8b147a69478836afc31297d28392aa273190fc0b60d719cc708ff0c5232934a69137a37e099cd0a1ed8148ac73a23465cfc1f852597f6baeaadfaaae2959748ad8b007518028f8ab73648081ed07a0f7f29c0d555c6addf96aab6ec06cda71478c5d4c094ecab3de1c6d0fa57ad3681c9b06ef0f6b88b0b655a3786db9fcc28b83d824319de57eabfed21506b8d5a6d124c153fd00144f9ff659fda4e66a9cdd860c24b1a119c8944543b22f55107331462d8440a9bd491325866aa74ffd0c147403758db746fa3f332c8a3c1bf8aef8c0e716e879449cd1a97fe5acc81d2b3bef9e89405b67a4f3a28d2882d080456a6e6577ff9d19e8926f0fe42e5f747d412b494b40101160b26ba2fff56a02b70554a5928cac3bbb98cf635643f411b28f6bcd7b4cbf23d25b4ac515e77c364ab9407e509281884d3a795ff39f8ad4fdd0c7f612862e2c7b27dba969df0f821c79bdd2b9e507f15a5435fb2bd52fa927b658aae174752c2936c08236ac4b3e4573b640f4e44cc00da55f12c0f5917b173381eda08828b562d14e8333d6b8c360dc85aaa864a007803cfdca27024abf352338d0f480894fc1a031b4ed2aac73027d1aac70a9258ff371e40ea047616983f80125de17a6aee605ea589056afa25f20837e84f1358d2cd305ab0f696dc3424163a63b4d7d089aa3e60f5e517b8eedecc40b35ab1d4db937b75cd3ec01d0c13424ca14285e124b5b9acf7d75fc4933867263817abe69da53dc18b970bd7bc5b0704eeed6a69bd3b3934820a9f8115db714fd8e44afd57f8d25a81a423141b4e46f8baa34b79ea8878dfc3852d915979d43a3ace3874b8eb79052e34356ec71a78d373c016d3ea11d66cccdaf68dad0584754b6414c8ef999c6b14859d680e5d6ab5abffe801d62fb27a8bf3398c5e1e6f4793ff90794630cb1f9325c302d4e398c8cfc288c99b2f3a17e4b140aeab727bf462551ea67482b4b9f755a051dba8eda66b6be73d96e0fdef3b31b1ac9861efef0354aa056653ca862c54a52712ee2f8a8af22d7b3382ba51bb2c83f13956603b7a43b62cca790fde4b445bc176b74f9e8bcd6c5e6e2fe7a698b29fc74020762a90bbde6a82570e10576cd73085ea789e8f038c0b8a80d7f6655d4696c7385978736681b426d7d3279f5e8c6234d4d569d3eeaab54c9211a4e2aeac277ac234ae78a474d9f301897722b97c65757c2e68fe4bcf5e7fdf95a90474d460df2c64d1fc3e93c29d67081bd10c1c11a693c26c2a076641eea435fdb98c49021392655fbec4086ce57db5a1b4749089595a9dc07006e2582bc3eb61ad941df4ca60b0c46710419e6ede8eecc537bbe31a10fd2a1ba9b7e149e09ae824cc0984a9170cfcf4a037e817fcd229ee9459731fd070b9f795eff0228b4bfdc397e0db34eb38da00c502957f036f5cd1efd887437ce37f8372e8a246cd945eb0e60b8be9585216992e265b857c60c1bb1ec937f6c032d41c0b16ccdad0fc9715b2570d229e2260dd926c6ed8baeb88fd0c398abaed72cd2d5b470b5e6538d91cb7077b41011588b495b37648b807dee3a2cbb84acd0ed5f10e95a98facbe815e827e1f9ddca266709a225cf3bda12130105c80bbd63143bf66a8510dc6ab9a16608d31ed27e3ab507504ce3ab10eb791eca064505a9b1ff30a4de2f56e5d8936e215f9f33d94d89ea87b9b43a4c90995e2f2e50f433424947df42bb0454b5bc7bbb558f8ae86489e2072977ad65baf6dc22407d203dcb8ececb20e17ca676e1d1810a7818f2804b9880f3630fd9adf13869ac5bedda3f89c898e9dc4a91b441e128e73f9cf7145d492195d350b779bb45137e724d70ecd72805bcd4c836bac036cbb6199d6bf4638b6007d20956728fbbae979eb5228ad630b0daff1831c96a580fd62e12b28ed00e37801846e33741d68888e32809fa15620f411a6306ea091737a1bd8b0e79f81cf6917f09dcd05ee35c3040a166b217a0ca5acddcbb4068e86a713c9155ea4ba311adf28e0ee4ae8a2c2c206c281b799fb2a41504c65f1664e142b2684f913b477d430f48ed58032b3478b66219683146e06fb7ae94dcd8e6a43d2016415306338409182b8511c57d3cd6becbb0ab04ff462514bb0d4153ba6c447aa47538b8cf549a77bcd7c2bd2bda17a022f5f981b9be03afa2c5f4873317b65267fa20b18de27fd7c4395d08bd9f59894f6e98cff8c83534dcfe3ac57bdd5e10e31c4037dba7863ba1ead5a305cdfdb320a90a6dc18b623086c832ab0dc961e55142c297265a08ca350efee768e0840efc4aaac5fe985cecf18cce46a28f461e6949738df8c8c899e06f219bf6aab60ec0b94f3aa989c33f8ed24d2b84532f5922c7748b3d67b7e67c954b112b81151f13bd27c0ff14c793451b9fb01f01e13c32c5b465d4d7172f9682b49a421f65ee8355afa124a1163eda3003402a0c2e5680888171d36bafaa91c1a7ddddaeb0fb842b7d4a70b895e582e42678ce505ba83d0665b2544b2ad124a6865f1ec0b24a235575685cad84f05d946a30df8b794a796f7ee30872733dfb335e53b66168aa86aa436791cf9d832b79f5d9c4122ee372b3f77ad62240e39997f416e8bc5b7f4dafab0e02fb8803e217cca725104615a5a1f4a3eeb4ef720a34ba6b14b9254fbf91cb8b2f1036535bea4fe0104f20200511a8f4e7946caca46b47145a2002938e55219b92b59c90cf9b305867acc45479b51cdb9ab15bcd96006109d91cf2e47bad9da53c1766cf174500a32102af28d1a28d35f8802c0d777d5c7638a7e409462dda167416f17a36818bcbd1e4dcf1fdfc4dcb97b5201f1aaa8fe69c5b4dd0bd329f223b2e398c66d22990484fea41506e77215b1eaa23f46793b1a5fb70c8d1587f0565f9612e9783bdea4060731a99b490bde69fbcccddb59795645841db64e1a0c4c4782922d1d80b44f8f3827fecdab076ec9ae7c9093d3f73169bd1fa931eb7f7c1fb36fbf0daeaae832c36fff486677a629c7344daa4d5f8813cb1690a9e22ad62f2649137ffbbed83ca0c8c49e043586eafe7fb8cb9f30c7f69d96f8f9ee0a0bd1dc848abde31c2f1b831e5b0ce8cfc4319f03e7ba43e36256560e4fe8323de67fde1e296c9ab6fd23b0144263e44c4ff45e29cdd162d6884a510ac727c688bce546c1e9946c4fe057ec54d53b9bad3de3cafd2ea571d817688f29daa4d37f7555bf5aff268d6133acbb5709732bedc8af314b522b1e354115e6ffefe772f773522b2f03f9417b2b28637a38d85be54dc7c29f8b14b1d000aa64ff66f4956b55ffcde97fce0f5c2a293aec263e65374307323bae479b6e9f3a8ee06ab6924212f81806aad2fb50ec372430e01f9d00c43ebcd5ba1773a086f35765a556aeec328e68cd0d945d4b483fa862ad889822b20d5305fc49553724eec7593368d48d5270c3313758193b71fae4d4c228719b6c3fd0061df9ff41a7f4d377f955bdd8ef8cb1cd356484b63466c7b0586f2271193566fec175034c029f88bc1d6f2ca74d436983e872df63db8a5c616bd1b714f203a01118ae05a1e1f071254a374554c887bcd7f6d1aaf852e3add6c52c728d1a8b1298bb05472af302cb0311d35d7fbf4f0c22cfb23550456c08640a08cad27f762302a6d9b0a4f5a978f7dd0689c336acef75f793c17efe4e6974cf2bd14ed6a801cf9418cc7921def636cf503088fa26a00898d0d09fe39deea3e75228b7f40d9a575d141e15a09343a156780fe3605a41a64df5f617b69e24f100fe527d563e5b36a8571da390cc5d6ea0c794e47a349f80238d0da4b65d06b626de70434700fd53c50b4f4a952f0a9e16ada7edab2faf8f13cca4e7747b54d2c05fcd63f2b6b10f7772b41cda0f7d585a4a89f8904f7e7a6ecd33db88b3684d4a1194a3923bb3124f87a3a76a6921456b49dbb2e6ce883acf0bba34cd751edc2232f71986679b94924ac51d5ea8e1fdbf075a58fcf8a94bf545cc444eb3171d76f61f9d641d78da042288bdaa9676cf9bd09187c7b6480c970329a10cd20e5e2378a3b7b701aa0e1b696bd8d77d783429929b46a49602f0f6117a0015ed25ffb9eb4e09282b720223a70621b5ca8dde9b6a499c0a2f2cae409e9f394e140d7c79b25d4dbb22e9dccaffd5f6c21b8d8bf59659a87d2417cb04b7b337dccbb883ad15fed7ebac604dc7befb9cdf454d716cb910933b6f07a836c06c2b81c96ffaadb3be6c2c67f569a6876d2bdadbe0fa297f4bffe26b83ce93c4ce0c5c82622ae0f27d4bf5f3457ac3c3f468ca501c9bb62eaef724656cfa7a68b315924f4de37ddcd537f2b6d4a624be5d5229a0fd0821e00be6963824c1091701097426594a5cd178738e63e76ac0f891ced3d76f347c93ad6ce0dd91514cd3865447f707d2a142e5838b77c760baacb50ba17e07488578cd7c4f63d990efc661bebc85443d609c2fb5c1c72ecdf64d3c7d02e0f037d3076b0d48345e31b468f74b9dbe3e87e7564cb9122d21c388014384d2c70bea82f37593fa9a98d1608c6ec4452b904cb7c6e530507ef3bbe3c120e516c30277d3ddaef90e9bb4f91ea85edf2acde924c395711490d5b664cc54d61cced56ac662bd971eb66e1e335f9caf13ca0fccf1f88bfca22e4da23c15b1786ed8a9e112e275d6e770958368f7c168aab5d106337a3661f5f821c921f5b9b35844aced548115ca8067a235e862c9a5d1cd8e73cd67ef440ead5737ac43cd23db08f17eb384e6da08c30cee562804d42a824c24b95611474f98a3efe0d8e08ae0cd794c631c7d05cc5203a2866c64d18280b04a297b8c8243d3db086beba4d3c067ae830334baf52cae7b032413c2818b3029fe673df2a4df1ac10e52644d2691e2048dca6878de046f5a39b8d6a1a24066d1153f6326bb3c9594a8b44adc654641bd5fb9ef531d99d6636fe9cd6dc136d24cc2bc6311e6d714709de8a024ca04a9b89c749f0d217b33bd73f6f35b8e1420dc51e478c00b5241a04ad9333583613f479bb298422469c64608a6e3d8f9452a912d9e28e15dc293e0e34b27f36e37e0034272ec9ad99d550fd9ffe261e54511b4979b084f71e6e85d0bdc7fdff580adbe88ad3cb3df367a2115db7111c9705d7b1c5fa60222d00c0877a21a2c6dae7a9ee7dad7f5087ba5059e5a599c062d300b5cba4fe1b4f87326a9d744b9c70b238dc87c197763287c08ac0182ecbe57e6b0e8efd4ad3e838095d5c41cb5816552af5e6afaeb5f95acac225b35ea916e98f9e72f1d4dfc598c36bae4658bad43ce6e29aab82092faa07f35888abc9b21db95eab0560f18ef50f521663709eac417c28495c3de1f2f0b62b25241977067c2d84073dadbc633a86580fc0846d060db3cb6d4e7fe53f5ecea71ab65a209d88ccf9443898d8284d8b9f1fc6804ce00182d19017bc7da5c5e48e9f1e386d29905d92816085dbf6a631b649654c87eb42a7c7b0a58af5e385506905b791ee3cf806aa0712929560d741c5d3b8cf970a22a4e8e0ed57ce9a3658f717f7372c7238f80c2521149eb009d6e3794140ce44ada2d5fedd01a621c9ab91f0ca0ea9b9489a74b205b6d86007fb3a4ffcea6c7b74965747dc6beb5f1806eec0dd8f", 0x1000, 0x6}, {&(0x7f00000011c0)="c322af8399c9d0b3bb0db6ed7d56cf3ac131a5e6d3ecd2759471e3e041887a5374a6466d5a8db213d5e7cf2c05e991f7b4b2bb75a64193528b8951aee1629b28878ad39f019c5169", 0x48, 0x3f}, {&(0x7f0000001240)="8e0259de22e579daa973741f06c2a0b932af99a859ecc87caf85b85ec8973a6a71758e848a3cf5a294b905ceae97c23529efeccfc318a26bd9b7c41925dc71339d8f327d71267f1d2dc9f807c60f3da53f19fd89fefc3910c7023071c2d38c35d931c538cb33114863eab3357dcb6f0233f8d8448da9962e1bab726c203befceae74000676e29f60951f5ff71b8582d51f15a79a6958eeca67b3943024487d43aa3f031959f16119827152265b51a7ff98eb209f811062a36af5aa2895230a984adc00dc7f6e69731ee1", 0xca, 0x8ff7}, {&(0x7f0000001340)="611e1104241bbcc84a12c9a62e06f81ba5e0deba663a3a94e7dbcb9deac5d303835eaba1df7ca3c81249de80e49d61264fb0130d6d25c538fbff6e9027c6c58d683e34afe55a56bab244a9e9ddb68c01e197912ecc3e160acef72bf86785e19bedad944ed6362d180ad4a3281aa618f4e7", 0x71, 0x8001}, {&(0x7f00000013c0)="2d97d8158b8d31aaec243a7cc475148e22e59ee7a5a4b45759ad50cf29b6fb6b645e27bd645792b45d29656d84c59588eda7f9dd67e4abe10358ab0905ed81c1cac554a5b750db2e264bd7c627a7c00f78b8a56610a020e9dd065fba3e3737db12a48180c9ec12c0f823a4163b0748a97699ce4317b778478f15a2eeb64eb738a94954b3e355c0af37b8", 0x8a, 0xfffffffffffffffa}, {&(0x7f0000001480)="db6469413b70c7ca4dbe8f6ece00ea2aae2a414818904d5a2ffc91817052c62bb5f1b493e0136cacdcf7f22e10d66c8d037d6731da0bbdc9fbea7b9572bd301476fab29702fcaf178f26e3d10d26ebf05737433e14b77f605bd228a70283aae76e0dc774ee7936e6fcb798c841915f77c71c42695edeb6", 0x77, 0xfffffffffffffffe}, {&(0x7f0000001500)="30f0b63770060b53609859838615cec1d27e4741916d3106", 0x18, 0x4}, {&(0x7f0000001540)="dcdaecab47a14d3448162e331b1c87cab2dc94c8a0808617bbbb1cc42ee15fb45e59f8d216ddcff95cf044df8d36e4664f91b62f640dd930b1df36d17d11c46cb44469ba4cfcfd5a24e3d7da9407764add6e7213d0c04ea7633b870e0ef23d85e61d495b29", 0x65, 0x7b7d}, {&(0x7f00000015c0)="1b8b1f75cdc22f06d77a5e7de3d7ec12aa292dc88332a93113bfad5658e32970eab24b5572c4f6837d6157058d1539a920498ddffcd59a4d299f7f9f347664c8cfe9ecc66b13b51401d3334bef2de3d6cd1af64f53e91ff372e59b96661083cd2095ac41114bd3991b1662a07fab121f1243142843921972ec23d55d53ec721ebd40f6b543a0af3aba39bbef1335cabfb79e880b482229fe5fd31d7bb966b81c5e445fce47354ee2831e4d5b4c26f12bf3cc83acbd88b3a08910a165e5906b8d4b366e83604788bc1d966d0854a1c5074bee785cd4186433dd01ae6088787c28cadb01ce12deb15a838a505c9f298f64f2d64cdaf87ca252ff0e448c", 0xfc}, {&(0x7f00000016c0)="01ac04f51c6d1c1d3f6a5f219cb5c1f13015edab0c0c37349db51ab2feb62caaf7b495f3a255b7d5e95ea18ca00ab9f5620ceb0b8698204f0e53444de2f275fc7135bd84d105f5220b415b72da40aa4e5508a7847cdf4e92c3babd2ecd017b4437986b7a6d4da2e12d17d7624af9d58661d5f15e4046f70d54cf90817fad15c17b5a1d9dd73be70e51f3c6a9a232333aa94d469c5e524a609ec0215bb6af0fd6cc4a5dd9a85fbba64523bce96304cc51274335af85c880d6e5248db850a2bae9c5151c", 0xc3, 0x6}], 0x1006808, &(0x7f00000018c0)={[{@user_xattr='user_xattr'}, {@fault_injection={'fault_injection', 0x3d, 0x3}}, {@noacl='noacl'}, {@noacl='noacl'}, {@nouser_xattr='nouser_xattr'}, {@noacl='noacl'}], [{@smackfstransmute={'smackfstransmute', 0x3d, 'vmnet1@'}}, {@permit_directio='permit_directio'}, {@dont_hash='dont_hash'}]})
munlock(&(0x7f0000ffa000/0x3000)=nil, 0x3000)
r1 = syz_open_dev$mouse(&(0x7f0000001a00)='/dev/input/mouse#\x00', 0x4, 0x129000)
ioctl$VIDIOC_CROPCAP(r1, 0xc02c563a, &(0x7f00000019c0)={0xc, {0x114, 0x1, 0x7, 0x4}, {0x91, 0xffffffffffffffdd, 0xfffffffffffffffb, 0x3}, {0x0, 0x2}})
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000001a40)={0x6, &(0x7f0000001980)=[{}, {}, {<r2=>0x0}, {}, {}, {}]})
ioctl$DRM_IOCTL_GET_CTX(r1, 0xc0086423, &(0x7f0000001a80)={r2, 0x3})

10:23:42 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x2000b, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1373.802147][ T5387] binder_alloc: 5380: binder_alloc_buf, no vma
[ 1373.819753][ T5391] binder: BINDER_SET_CONTEXT_MGR already set
[ 1373.825190][ T5387] binder_transaction: 1 callbacks suppressed
[ 1373.825209][ T5387] binder: 5380:5387 transaction failed 29189/-3, size 64-16 line 3148
[ 1373.834800][ T5391] binder: 5379:5391 ioctl 40046207 0 returned -16
[ 1373.857996][ T5391] binder_alloc: 5380: binder_alloc_buf, no vma
[ 1373.865122][ T5391] binder: 5379:5391 transaction failed 29189/-3, size 64-16 line 3148
[ 1373.867469][ T8289] binder_release_work: 1 callbacks suppressed
[ 1373.867476][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
10:23:42 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f0000ffc000/0x2000)=nil, 0x2000, &(0x7f0000000480)=""/152)

[ 1373.903095][ T5389] Dev loop5: unable to read RDB block 1
[ 1373.909582][ T5387] binder_alloc: 5380: binder_alloc_buf, no vma
[ 1373.910456][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1373.916131][ T5389]  loop5: unable to read partition table
[ 1373.930544][ T5397] binder: 5379:5397 got transaction with invalid parent offset or type
[ 1373.939448][ T5387] binder: 5380:5387 transaction failed 29189/-3, size 64-16 line 3148
[ 1373.950313][ T5389] loop5: partition table beyond EOD, truncated
[ 1373.960941][ T5389] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1373.973724][ T5397] binder: 5379:5397 transaction failed 29201/-22, size 64-16 line 3389
[ 1373.979976][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
10:23:42 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6c00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1374.007879][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
10:23:42 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x1000200, 0x0)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00')
sendmsg$FOU_CMD_GET(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xc000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r1, 0x2, 0x70bd27, 0x25dfdbfe}, 0x14}}, 0x10)

10:23:42 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x2}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1374.105655][ T5404] binder: BINDER_SET_CONTEXT_MGR already set
[ 1374.132670][ T5404] binder: 5403:5404 ioctl 40046207 0 returned -16
[ 1374.175206][ T5404] binder: 5403:5404 transaction failed 29189/-22, size 64-16 line 2995
[ 1374.192451][ T5406] Dev loop5: unable to read RDB block 1
[ 1374.200484][ T5411] binder: 5410:5411 got transaction with invalid parent offset or type
[ 1374.212069][ T5406]  loop5: unable to read partition table
[ 1374.224884][ T5406] loop5: partition table beyond EOD, truncated
[ 1374.232164][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1374.237851][ T5413] binder: BINDER_SET_CONTEXT_MGR already set
[ 1374.238573][ T5411] binder: 5410:5411 transaction failed 29201/-22, size 64-16 line 3389
[ 1374.260655][ T5413] binder: 5403:5413 ioctl 40046207 0 returned -16
[ 1374.261480][ T5406] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1374.281875][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1374.292060][ T5414] binder: 5410:5414 got transaction with invalid parent offset or type
10:23:42 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7400000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1374.316145][ T5414] binder: 5410:5414 transaction failed 29201/-22, size 64-16 line 3389
[ 1374.341788][ T5406] Dev loop5: unable to read RDB block 1
[ 1374.348682][ T5406]  loop5: unable to read partition table
[ 1374.355425][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
10:23:42 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1374.382099][ T5406] loop5: partition table beyond EOD, truncated
[ 1374.436401][ T5406] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1374.471953][ T5425] binder: 5422:5425 got transaction with invalid parent offset or type
[ 1374.480446][ T5427] binder: BINDER_SET_CONTEXT_MGR already set
[ 1374.486782][ T5425] binder: 5422:5425 transaction failed 29201/-22, size 64-16 line 3389
[ 1374.498586][ T5427] binder: 5419:5427 ioctl 40046207 0 returned -16
[ 1374.505344][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1374.526656][ T5429] binder_alloc: 5422: binder_alloc_buf, no vma
[ 1374.527341][ T5425] binder: BINDER_SET_CONTEXT_MGR already set
[ 1374.546696][ T5429] binder: 5419:5429 transaction failed 29189/-3, size 64-16 line 3148
[ 1374.551698][ T5425] binder: 5422:5425 ioctl 40046207 0 returned -16
[ 1374.565432][ T5428] binder_alloc: 5422: binder_alloc_buf, no vma
[ 1374.572410][ T5428] binder: 5422:5428 transaction failed 29189/-3, size 64-16 line 3148
[ 1374.581580][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1374.590564][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:23:43 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0x30, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffffffffffe23)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='w'], 0x1)

10:23:43 executing program 5:
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000040)='./file0\x00', 0x1, 0xa, &(0x7f0000000740)=[{&(0x7f0000000080)="4abaa2ec0de858ec46c3fa61386f1f48df4d09e21d1d5b5fdc99d575405a2dd69e194fb8cdf0bfeab74b29d9030983", 0x2f, 0x1f}, {&(0x7f00000012c0)="1305b7e4484a3d535ca7f69c56db71d4948ade7f5be98c22b46a800df58f0f24fd976dd8dedb6a81736e47519e161148302dc52ea6ee169391c280d2b063a608da253d10ceac804ccceec17b942da7b86828a0ede1f5366d544f8cf22bcbee67fe073ca63b6cdb769d12439790d3facbe3e0d0a0bdcabac9fc1c79a1dd5937b4908ca15cbac83c1b17118be620f6ac5a8eabe2fde50888cd333b7b856b7538932c8c5cf3b7d93b7e11e62203fe1d2bb0d0c7410324e78d6659cc0a21df2694a8c2576bb7eb84fff0830478e53ed8f424843a6cda77bc53f1f45c00dc5142b0a33891bd1faceeaf929437b7c3bab587774d07971fbf002036e5c04e2221f50574eb5cba1bfe00e2a01f765c234dbf125f5a70d07868d3ef62a79b516f4038ada208f7df460042e04a8f2eb489376858c6d5769d2e5172fdb5977d0683ae02c437186198af8fc4c5a47da6c05e1b760b4922720fe2c1c6f73c35ee53dffb58f98f992ce7b377f50e77aea6fc8a2184a0041d08f423f5a0ca0619bd10e2069dfe645a9db7fcba2a8b39724b667aa907da8db4c4afad6bb2f36f4a8ce28fe34ecd90e9dbc548460ecd4c582c03fbb9aee5760dd4c2fb4e0d01bf77f31bd65a3d24e34ba364bf9a76d0f4c701e56a5d800adb2a5c710384a5b173f7e89ef693d4fee18925455d4b4b924db39749623c2554a3e20229e90901a7227432a9123ef625f5d4a3bbd440c2f3f4b53860e1f4ae36d6cd013645e65ce729a757d731962ad45e88c403fdd41a02391d4a885e579825f365035918b6208bc0989911d2a692c8345faaebdd897e499bcee636d4746eec7b82413a9bb913e71c5756959c7faf991e4ed957572dfe1a53e32c8ba9ba6c2d8d1a77ac429d0317c2e12fb4f11a31a99e9c8be1d3fe60223e75600eaff817e62f9220cc5dead1be1cfcf21d17de500fb4b2f2d57d5aebfec05e0b0777bc8a0635b88ac8a63e7c7c219ce51f2fc7a815e37e497afd6829839fd1ba8baca9540908c31b442289543fcd1040a2c2c495349a68cbb92bcbc1c0c98482cfbeed3f2e8d8c6c232a65d419c6882e1db4d775b980303ef5e0c2447fb8099736a73069a7f5bd15a6e0bcce284dc1c05a40078857f82e39b921cae54c6a2e203c160a8b4f5999f49e7bba280cf6961e26daa1073c5d842322060766b31ff7505dcb882e09153cf7caabdda9b52f5c1d0958c979e3d8d73d5c399c9bb30793b47ae35c920ef48f1f51c02a1c61c1ef349bcce2670f3585f9beac857e4ea7f196b8ec5a73f77e1439ba3345fc15b9bb7ce4bdb1bc4efe902acf5b22af753bc3bd50398de9993227c1d59644512734aeb2ea02cfb519a062a03d3f9b4cf32ac8986f41b367ac33eb726d709e32309c5ce29c914aa7b864a67b17fe4d148eb11877bb4cca9f23e95f177924ddbf300b556612b20cbacf186851b56939322071f38c2ad763bdecc654f23a43edc404f6ac256d90e5544cf29922d441568cc2ef4ea62bb7c011648254a03c3ec77c584353cc16d0ea086dd97fdf52e9c74d75c08edf806300f5ab1e5fad0c2c08ae892852a0629bc1ad23deb8f8cb0b6dd19e6b67bdfefd070050b1da0e83439583c55b5e6be5110e31f096b8931d26da2c567e0c7893f365075a7438df1275cd103ee64102695f7e22a85729001643b28f97e4a0f150582b9e37d140cbc5896f0acccc92595ad0e82708e80b7f1802955ea50a613a5ba56ffc4334180ee2db43b20fd5597d8a8a725d0648becd456bd0c070a6fd6b9195a930d64a8472d901cf0b318aa3368f9a9cd953d5db3495d30fdc7f8e165ddece3c13f088a231f8f4e5b554bc5612bbf17f78a06a10cff0a26d7163d5b137d217e5ef5d100ddd445e969659d330f169ef4df5accc4d0dcc08ff8845dcc6228a04101995f946a20ab7bde013feefab9458d8b976db5d558ece71876792c08848920568a3e1f35fd887da961f5f2bc1fe06865ff87fea94304d29e2eef37b9b81ef9d5d8b8a8b560ed74fe723ec9c335234faa164df975be619db802f35369ecdf18d8838e44ef4abf3ec67bef401a94919d20e760f0f9c05622423115f810c3cb662f71b97085d3f431ef620943ffd063e0d7e32c92ed7bb6859915a006c1269e4fd6adb1a8178008b67e5792b22e1284251f82e677554cefbb14547f547f4701c83360c7b97b1cbd92536102d41015fae8456b35228e0719340d9df1c55c6536f592cab8cdd7e3f8ed59e0ec0b84ec91cbe9d53038c25dc91732447714bec3d338e70df0ce3c731aac72f939b43d8d597bee032fe4bfb0b43eade51068a1983f715c480cace97987c92757e13b82e182de7525b3c03c8a12e139c866e065679be17eae14d2026d2f7c9812641bf926c6cf80a370a69de40d625c4a7b2cc1d96522aa6bfc48ca488eec864a881d699398e9eb166f1dc190019c58ad226b100a6501923bf511d92e09be5ea7e70cb661d4be7538ed42a26841a7075752c0dd2f06b4568f36ba9404c897897789b02d571e807a5c2051b98bbb21affca191d723a54e089c96e333bdd3d057d12d94fa1c459438b1f17fbb0b36038ca4172689ca6ceabc88acb610bbbb44650af399adf50c6cc5f756a5922ea0f4f45440c2b49e3724d95e8d8756526ab9da5afeba8da86da0de246bb40789b418647bea9f822a712aaaf68d42f43eff1f83f9ba819460b0270b62f909abe3a06eef64b304b8b45fd1c4562691a472737c56d70b65f7046c6b4c4b62f5bec2ed17f0f5eec644a967c868d037dac7396feb638c3965e60756e0ba0811c191a72f97530f769091e2c3ff742925a51b5a1daafe4e9fde8b0062daf12a3aae54ddf097dd3def90c4c56baa972dd192a39fed3019361125f5f07ea0daa478bc68f5a2709a8cdaf39d0c6ff703f8910f9c68ca819d9f4cbc3668c0d635798d90b389d026017dd93e68c5826505f2327753af3d256585f806f6edbb44ddd92b9a21c731546a0511b4c03c34d31a87af7e25aae51f5c97167ed548c346a7cfd5e2d4360d8f0e49bf6e019f60a10195edd6c0b52c0789774ffaa58d02b685d0291b4a0d730cbd75bf06e6db5642f1c420c0fd94d0fa4fcb6037e15a7049b7048ee8ef6d99a5c0cdfbba39ca3d53693d09af68d96f60112aaa2c539e1555cb88b4f79b8b680dc083f4eb0e1588a338b6b50b4b297056ef443af97224b1391537e9623f2e4b5773553f054616f1e18905fc4d0b745a98aa4159e8b78b94fc4e07d47f76b0f2398a9462d2ff5b23191cc6fd42f4e7d238cb229a348735f65b0d730662afae05132ecffa6cc6ab7a63123a8b66bebd483eddf87a8f904d73f79de334e4dfa556347cc856c535fda201c40483bf9eea5ecacbe3b53f1bdebcaf2f3ad958f9e0cc951bfe38ed928a86cbd34eb30990a81665503beea98a5723a952f31598e1f6c8a8ab909dd9c51277bf4f329639d70551d807b11f6cfbe3382c4a4869c2ff9e89c55e909e24c6288f5998449be54b5a2763f0bf887952977b1b87c4e111391ce1c3dc0bca3c46c4b8c04c48cbb9268aaafbf77b05894bce4c840621c050eeeb885fbba258f3adc206858f4bc98de4a2aa922e7ecb2609a2723e2cfbfbab0ff89c4b8e99179e822f43fdcc85e29bb8d69c65c5b40a48ea464bdd113e988efa148f353831b33c174b256a74232821ccbd490361ceae756d29767b8d4cd8d034bf55257cbd894f550be80b257f85e884bcd56f7a9dee4cb5a4ae7cb64cb0fca5416af947a6d7424b7bc5c0a7c04a75c1b4626a2468ba6f565350cc3560df769360de27d3296a476f0ccc39ab957a79481f2c3e3e93a784b7706745986accc8010859bbed1965df9930c652a3e9c69f6dd4bde65c650f736d897f37196e27602b48d935bda02d9a08c3387cb165aba1d655146b4b2c067fb9598b4ea0756415c699976861b671fc5492013e5836e2bde5bfe5d82b2bda4a4e2e0bbd9a1e34b8fb7e587b601a28f4f046f5eb7b369b64746f68bd7638c56b2ca7750f86817d7e2710e46ce9ba9f086e62f97493c639e3b86a7b7e89733b2560d8844aa26d9557400804bc6890c3e49c5f0b0f818999e4548f47ff66c69640cae9f83602f9ef0c9986f65ff3ed60dda7d8bdbb43b39fa5e4877a362be1db6e8831d6d333be32ea23c6d7912a2ec5710ad0c662f6c0c79e33db9fac105db90a84d2f46a1ce07a5a1e9e5398f68558dd8259823b5a1c1a6ba26fd325af925871be55eff58d8d32b0803a79c9d4855291fdf4555275dc67b81831be39619c59a7e13c7c9b7fc70e8da89f0dc00be8f5db923118ca8136af3b1b18719f1981137def9cce5b86c209e24c7f853478b950a062dd8793f225f3701312e2493ae8937b9c6b527db05c47d471663334c940651c2fd567c158423aa408d21cebd7ff43dac6aaf70fa6642718cf40ba3710d276e8f7675e13866beb7a09fa9a233b23c6dd871e8d37fb7d2499ecf0dac6987e5528600ee7c4cbf595a7e335ecbc13fe265b23f3b5cee9ec3289ca63bcb277ef2de2a9adac5b066bdfffa76cda395fc8a4229a814c43bfcfa0fc5d88f10c69a99d0e067cee29d9a2d90f06e40dde26e4d21e7220d648880b08cfbd1d691acc76e493fd841687b5c8030464f294ae228ef4b8f55eb09ab355430b28e6598162cbd3b8a4ad661820fa4046acd4cd4c63a37dad5bf976a1355dfeb04364d45eb87f50bcaea5ef62355d6177b6fa55d1a9782cce39d204a10219961ec8ec489ff958729c4ec4e803e35c0e2e3995c18e50cfc02e65bb140836bc67f14d903a8ea259eba87cd7e95f4699220cd8a518d552eb1cb516f314f821bb24e6e852660a4d5428b7148cfa086e96e1a90945ae50ff5de981cfe50e6e464963ccb8d792c666a30694ce1d78599513cffaf445d23635b3148ebb3de84eb89bc32007ac2932da13bd3081a580cdcd49b3f58b958857d30fea57e80ea2e113c8bf72860d4401bb97c289f73fec19fc17b0fd473753950c97d56cd5d4575a45f8b226db4c83ceccf80fff89bbb1b75b7af376d6b89279ef1bc6589ba9078308ab445ee4f06dc3d1cc80f006de34c0cd4fb9a120169a73f110f10f029e9b7cff780de1a220c43a670c1a2ab28f248a7d79d1ae507725ba3c430063d8bb6067dae1d9b6bd4765cd67569b525f8e75953ed5e77319cf3f440fc5d7cb353b337011407b7e8c5de9819eb38b8f92ae97172e253b37f9daab90e2d0dfb522770aba54a66b630f4c7a67a1647a195737a656b080ed6c9ed5b37ab5ba8ddd3fb52d1ebdbc3c8f3bae7cf308ac9c0be619417ebaa405cd1a91df5466a0f1344f1edd7c4af1e390e6666c10d638385a66cfd37ee6b96092a872b9580fe1f2e67dad0ec5f63ea18b5103e9cb742a8a8f1a722f5db615e85993a575d397711aaa80d60f7186fc7740ffd7c4fc138c19dcd579c2e125d1ba5b42e2de94a8a3db0320dd26bcdbd61f76ce892156fae5b4fe8319165134f28c72e446cef6c96bb51f797329e7efb074fa94ba088876000bb5013ec391621b28868b8a83c970d503f75bd63faae33d962ae7ee2de7c35072767124ad78cd72b83278e23f8309bb71b561974f9930b443f424426aa4f9657d1e8a1a7aee0662d494f8d0cadb376192dfc47b3fdd1318823afcd95455d4a1530ab5290463a7dfc915344483dfde2551b30f0b017339df8aee2f709c2cb89f5805c149173c032c9aecd694c76b7ebfb9f83f753e29b84a76296a4b39200b1676b103e5f6a3e9b62995c1333a1f7e98a935bd02b0d7e97935e", 0x1000, 0x81}, {&(0x7f00000000c0)="00193dccb3af202e6783fa80c0de401eb786ae6b9d544305886e48a3c6b3dc2330cf722c48cc366ae121e3dfed0528ac2ea736c49f72957bf68159beec95b4edb3b3a7552d3375bb32723e7944c68a75e18b1dc4ca66a0d76f95e5585f1d51ad58096fcfaacdeb64182621f08c46f75151c919ce0db646a533d1ca69f13e624448611bd030262a46b49fca6f7f9d945c9fa7255dfe02981dc6eae3221d2b3f26e4a107eb30a9b9bfa2c2d541bac7c9845e8a925a4234e55732dd6228369a4e45196222fa", 0xc4, 0x9a80}, {&(0x7f00000001c0)="a7cdbf37be27e8faa39410c68dfe8c9113fe5dbeeaaa5a714ff2db5feda98e3b6762104b450264565443e2642cc1aa49f5f0e716b7bef465081e5214ef0e888f0bb1d8deeceaecbe", 0x48, 0x1}, {&(0x7f0000000240)="84ad1bef741901a77eca311eef47c2f51ab7f31d2ed516608246a97dd9258795f7d0cf23829723240ccfd354bbd0d0963ec14daacb171da24272388234773ae293e212109e7a", 0x46, 0x3ff}, {&(0x7f00000002c0)="0f4f5e7fc4d72d31a13ad4f72d95d04cdc2f29e2b6dd69f7d4e48a12233e60244235fa76e7df17d87fcf75e73c272a6f3aeea849d8bd4610866a51c60282f1735ca1fc89df503ac4935838a1813f0b49e22edbce35166a86c55b737b2a0dfedf52f068ba13f52e3ec592bc733700af47a96de94f7ba09deb703888b042c33ca72c89d9c6fb2eef73cd0a3ee43739aa03da3a8ef8a84b", 0x96, 0x7}, {&(0x7f00000022c0)="e04781ddda3aa5081ab3b06dd65d12e01d9de58fe5a49c259911b699b927d30be07c58a3c97b00fd8af9c0643d237ec31fa0af2d0559165d5cca38b0bd957a4b75c3b01bf1c7fbdca21a2b8124699d59542f1bea5a3fdb8a777ec63dd0aaf53203f4557a004b68c17b3bce2376a33e4dfca6237333802df1f11ff9680c1bf6da0d82d574895dd1187a7cdc8c4fdb0c6ce22af6d930e8ae1e3c0d4b4d3b02e826b56bf1fab0d033669c88adb15edae6ab5be10ec409fa06f9affb08b0f7705ec372cc5141337fa5e8042320cc6b8f454593ff3c429639cad6e42554680c465b3da6804cdc060c9174d99f9f848efe739365e068e6536d7acde65e992c8cad01ba79f371cc5e99188a038dfe27eaea78ffa816e2d022f49cc802a00428b9630f2bd0f6222e37b264d3e3c0f9b13d4e379a99df09e9b6c8d8bee8355332b42fffdeb0c82eeb94686a62a35e2e8e040078df77366df910e2ae1294600e918a43bbb14863b8abf50c18ba77626b84c565d3868f063ad9281c3adddb7de24deda7c22d95be9b3d2a269e5cc708807cafb599cfff9418cc44588153b09ea1e95b232fc73db2c1349b7d9379355aaf8dbf73841d9df04d84dcc3e0d1e17cf9c8806333c61bf2f15e2388bedd26e09d4284ee9ef493bea8816b16368252fbf805577eb283a6b842713d0d20a9edbda523def382826716ba3b8450e54fbbe9260ad65401f585d83c0ae3dc4ccb08abf1f2652e2e40c5c2d69fa82dcf2ff489525a9b651586fd8869d339dd0891f6406697e42c9a0fdb17a09017862e0571cf313239ed91fbd6400c92c27dc307ae5b025e7099673888b3a2697a8c10b52be5f2e629a1815927f9134834b6eac9c645cee5ee9c23d94f2ef29d509131b1cb2dfc25ac9871b402e8a90455281ac5d69ce220706c6ae1cd45eca1974184fa26ffb83d1129000e93afb009944034236edc1fc652f97c83f7599d1b7477080af8fc988038b5a68812f26b4ecf45845c0daf9f6f6cbeb12f6d3f6524de507aaffd2049a95e7ac8ab76693331de3c2fb1ff2e8848e164ea94ae9c927259eb2b5db7380ae125c71938ee58106a0bb7b681d7699b85e4bc005dd6939d4504ead5fbc7115be862c3f1a10c1603091f4d16d4531556bee9e1aba98539caff0d03b3edb74aa972de406a419028f3a79da9fb07a41153c031ac81f6db3f275fff3d4baa6547888f0b7153e12bf980010293171443290ddcd1a2a02a6f09ca363dd07fec6aca6d8749fdc8f4d0715c2950b4651572c5de3973e4320a940cd160cc2de602fa2ace9650704a1baafc30810901a32858558ebc3e8a09774500a9c0ec4352c9847d6daa090daac5e6b00593288c317f6d63815de50b3b358e4ccc936b0a225fd9f0fd8d162eec46ee097d904b7cad41b77d9cf85ef74ac8408e3678896090df4fa017e46b102b28476fd12defed6460b866c6ca54aae4b7283cddec2eeb8997fdd0311ce817831c4fc7f2c0cec2c7fcdc6453e0d701b7855fb5976f1f56d068d04c1bae3c9c655161c7aa070d2eada1aa5d6e886661c2d1574a6378f782f8b7f1cb1b2a1532a106cf18490a3c4c095356573aedbd3ab218a40199282ed2c20c9d9583a942e6289db2d9dc03134562752dd06151b4e40da30c710174b07eb9d6e4a4f7182605df094ba09e94dd9035955efc893e2fb8a8d3cf4d65aa0e1ab6cf0e4a3cb85dbfe330705849dd77d60c180e52625c462de7faf3d94d5525593efcad69882df657c03d1d385121bb85cff9fbbc116ef98110b98bdaaa14d1cf77d3416fbbae215f06dd78f098cab8be83febc6f676adde7942381e48b46a4f8f85d5d50e6fe7ffa32f6aa938aad31b24797479d3f9eda9947f05bb5ecd1114872c41c250db25ba0ac2eef92e776ab4f07cf975894fc12273113eef43904f2388b64dab43f944f8099b02a68b56e2fad04cf208c5000e7158f78996c5e4df41248d064b1409cb1afdbbf2ea80bb97545a61621f4536d8aee8faed67cd9e906c7321ac0d64340911e259dcb00189e1dab855ee7386528c5a7fcbb4972009ed2283b9adde68c94b0829ad4cd4f4e683e252ef9f81b270d5afde9533a3b8f86aef6c377e37cdaab5a0f21b76b50029d0a8a6eb0c28ba2fc122962544aef981e4fa288ca23c95262de449cbab5bc5cb31575f7d029d02cf9382bd74bde21b0840d0b88087b2a19707788ac7bd38778b3d2d67765c0deadcc0aba30c1437627f6b754122188442a56cdc7e035f9d845374ebe8a2a42b91d6ca9a568ecbd250a71d63b2f5770af3cff0d3e4f7983c02129f2579944cba17f943e3338c2ec0855e359b94502a052a838186a31de408b2d2c10bc0e2535b892179d68353a74c6172b1046ad76623da3900aef40f1768184e617b468dc782e5eaaa154f07de82e780f211562772903627a5b66adccd3927d3debdb7c91f217d34acf639b3ed567787d3a0032cc8f7cc56af3839a9c2c163ea2cb116cf04745cd8f8f67b22e296dc5b31cc3605355b9a4c902f232adf5e88476af8437e6c7ad08821a86186c071a676acecc44051a658889b91c5b48a327ff285b1a23975ade86609e5f82a05520dc9d0c10d224ce490ca424caf84ef99497e27c874d0ddd99b324d8dd806c10a4ec1706c592cb9afe673fccb083e1dc55f0c2305a3aebc6d81919e7a261d15e0e06c621eab4f694b29ffe8e7129e25677b58796a1518c9fe0f083d25f5b8d942c5c3e7583812b4a436aedb84a9724cd5c3dc27a171644cef739b5b73b032fe5af86771ea3194291b7c2ae2b3a041be59e9da8bd25e583047a034990eadf473931e0724f33ace14332b384f9ab22c9e6e121eec2e01754c0e3e94f59833271180500456afe2b2cc78b855faeb5057e2e410ce25ea122488cbae26971fead7c20f587569fea1f14cd5341b905b45ae5bc5582a590fcc63d214272e386a26f968332adae1f1e9107133489e06fbf17eef158bee6277bc194b071461ecd861e423e92b3e784045171d730fb9168749735286c58028cfe95bb9bc6f7a06ba3fb62038ddafdceb863b516df4891a1941d3458d6c1d99d994f75d4427faab9bf326c587d6d6ddba8c3d9d1c936bd4ab3945565d963abfdffadc3e568af149321375449d7cd13feaa6f86f40af646f406b486ef07d978ceb8e7e4e3104b01e163fdf1233a81f762022785d5acb21bb4c2c91fd3665ef12e5e58e19ad54a51ed2ee69790fd0d3134705679916473f33f9974a8f29dec18fad2dba45a263626b49f32edaca6502df8c1194c4bee353ed01eca800e9d3272321c7b112ba09d111ca0f3304c34d3bca6c2c856b9e7ad6667213e9cacc1d579bf8b0ed94ce1c4194821ee405bb60bdaaa88ce164e543a48100034132bc209636bbceb181ee0b2161881e19e508fd626cfd104b021244fb0bdc7eb9f8902b63618f14fbd949c3fe6f0243573553573cee970bd1ebfe0e6a374b10e2c01f05fe9f429b6a07285ed0e9acb1fa4f952f069708fcb47c14da87cc4160213aa399afd6e3895355e0d24dee955d81294f6cefa6283ae7c97830fda720b455368d9c11898b38fc765c630857b104f5d4b30a4d374af8aa32404c3029c8553b3f3cdc087484ab42570ca1a2b2f42c8595879140abc13156d5c1dd46161b9ba178b494f0d53dd441dc64f38c528af6603b2ef0f82a6dffdbf43df2597bd3f6ad9126d22959dbd16893aa33606e9999257a2ad073f77ebb7d665d14072ce4d9f1c816899697ccdd15ad131beab47be7c5409b218a84d8bd0b86c609ab7cb73669df4d3356722960f26f29307d6532d5d6fd237b1d554aaf962f21e7daea6081226cb141c9b49ab046e9006ffb32a92f44cbfb5d7e4ee469b8ed06e1656833200481051557d68054b670db9ee141fc07905a1843768b6d1eeab15a79ec673068930e955cf6b94b2f983bf162dc89aa5779dd0d6469dc05b8c61909c847b380f65b537afdba1d322736f0cd4195624d3d99c8ac1e1be31b7d1a93067110e32e3c9b86131f1e3c3a4f7f97ea71eb5c45eaade520d40b1107b631ac9796bed87f2cf3a6a10e03ee1ffc097948e3113c6a3d7fad71f9f5705f437a8edae97769f5e4185f58ec50112538f12fc9bf8f511013a4cc3d295912b95191c49066f8eca113e8bf23c254bc4c99cfc590972b758bea3b3d2c78fdb29ebecc80da0fa6ef792c90a30a8b0706063834543b637c5d095496ddcd6eec62318c253c3cb4f10b35ea6200ec81843a0da5eba6e83842fd765d050d7e778254f6cb56c8b5d6aabdb0b5f020857bb505a058f8248548e8feaa87adf665c23b9db52d1b964a5baa27aa8d2798e30c03bc677fcfee67eab1e4658b45f0728194c319e6935bcb550de6d26e783d625be50f7c7ed30b65546fa640af65dae2f2c546671208f7d8d8291c10ab113b81325d964a042c9e0fafee6fdd7501b6a0ee355ed6ba3e59c5891cd981957cac897a6e8a1ba19a87208d9c6b968b79afe0999821427c0eb2fd0fc5aaecc18c69612e0e96f70b2df6c82cc983e3115f07a01bfcb2ac288e0db7fa12ff6c297b621f45d2d994074266c44a6e40789ea6cb738e7285b1739e8178429061270b1cad576406b93f4739385817696ce30b2b0d2277066ce7193ca1a083b50a23e02c4230d4e9abb5e93a8009333bdd8387a313ab92d0ffa536882a1c5033598fcce45f382f76d64e0c061bf6359e4356ff4912e6514af816205cc6dfdd52f5046a0c5b15da581517c0677eeabc9709ee62c89080e8d7422e57302d8551bb901ee3bdfb37e9ac00760f5e0a5ab561c3738a781eafeb1e635f001d365647537f6628c88ca46b0b77760dbafb9b6aeb5a171b5e18baa55d8a072644a1084160baa822019ccf0ec5c260c213e934d86c1b859ab6bd4d7c3f064d38a7c58d76f548b0e6b7f015b40a0caeb591d6e0d9267d3cdbd6fd5c04c6321d0e862d403ba4642490fdffa7d39fa7beb2935840f793a084dbc749d6b086b01ac11bd9af51041a80dbba5ecf872352f6a6decd48dbf930e46f1d48cb3e87886a827a049fa012b50a242abd9eb2a8d737e98ab39d88bd4cae16aab1be2481b852634842c0e740d42db8f025947a9b589df1c734ff22cac94219778ac2982f4ee07e892d55856a57bfee934e0c35ee77ab168bb5766e505617bcda13cd7387613d8195986604dd1c409b235b1ab39785d31efe7511183bc90aac194b0e392e156e19598650a941bdc88f58c074afa4da08da31a9f567f7a15a1e0cf48f84453ce479c9ecc15df47cb6a6c637efab02890a69c6b7757be6c2bdc29d68ee5b12d0b6dd0f67500da2b802a9886067ca8ed1e3b795b6aaec973aefae40de893ff4e213cd7590681692806211353877d5477dcb48c7e3f668d4f73bdfd35a7abc49df7b84b496c75bcb656a6fc13c9e9e181b9facf93e4efde09b53a0efae3c11486a5ac67af3062df9e447cac40215b4ddc0ff9bab906a3a4423ef58b6229caad77261caa377c8b42cfeb97e6bb85fbc43d5381b0e92508162fddf63023ee0ed3583ae23409815a9c7d0230c1c02333449c56d33ad8bde0448240b89be19bc65abada63fe5ce42740d403307072f15565e45e5c5984432e7b33020811fe9a94bf1c32138f7b70ba1081685180934ee3b94bb3c32741492232168073ec576230e0e519927902d0ed8eb4ceb864f31c3f9c298ee61d8aac24b57c9d360c24305c544860828589e081b974f6cf13b0fdd5f0265b437a6aa78d432281b18ce82a4b6eb84a6731e455aeba195dde3dff", 0x1000, 0x1}, {&(0x7f0000000380)="ffdc8f841415d1d4154d0252a25da4979f352153c41a09771dbb9071cee2ebbfa99ce7eb01f149ab2ac74f8921b654ae17e54c4ff99a785a9cffdde294097fc43c1e5015dd6c726f6e744ae57a21f9e3273366d120a1", 0x56, 0x5}, {&(0x7f0000000640)="8e6de20d2e675f6ddcdca26c4ecac38a5867e731ee865dcfbbf528447be49af6d74e4e11d4d5f69aa81d9b734a53eb47ee2edc99d3f731eb3cf2c2f87c39ce9bcfe7e155c072fd35f2bd6b8659cc24cd1daea196f3f62033a99e029ba83e170879cb1354a91f5f904c14d7af21f20a247f83954140920592c3136e2ba9f5d6039d24e060fbcf15d69e5ba84229be6ef7e1468086d50f8cee150be2da73fe5fe7d3a83b141ae6f586b4cce4421457fc58474bba312a5db91c9a1c4e7d036b3dcbfdc8526113e31b37d1039c776cddcc4828e96d", 0xd3, 0x6}, {&(0x7f00000032c0)="c700a1a303159ff5bb3c66580a4d2e41241e39f7952ddd75f480f374f712f0355c50f02e45b50e06e9c231e9a1e01a85cb229e40f33e83becfc2ab73e30badfe38f0495ec37e445e0a8b742c7ce931e5c0d6bca200452d53d991e1bf6ddc562e1960b19ed59c301437f3c8b1ed610e2a019551b71b03a451417ed3c3a3bef616f0af22b0a05ea6db8ee61934afbb1445645d5682a115655ef25429ac4fd0033e6a3c937f4e64a8c2b11075429a17915da72d48dc09667e0ddff1e16421966aec3f628ddd8295392b69b29c56827845773bc2c08c90d8e9a395cac9e99e597ad10b806ba23e1ae3f47070adc794c540ca78a3c563edc355de490cd509b22ee7cfd88d9ec72047b3cf76b04b535495e77ec335b9ec0a34f9f5a37556c436484cbf286fadc1486be83374d11077880de4c54ba95242d0a259a5a51ee485adbbe992a387b2100fd52942686baa9674d4555928ff3fd28079d2f375f0d8c32516628c81bfb39f360ac4f190f7e2f69cd94fc59d8daa9718f696143c6b5a9ad28f6b1c429cdc288aa970865e70e533307f9b99833f7ae63bf8c68d0d7c6c77046bb13d8ae041f1797863b470c72a1f47f8ed9eb2b5907fc63d93855c8507a62dd609535624671777d94d6063a063de9a1453d572982fb2aaa043dbc25da9bd892c174813e301d7950aa4fcf83fe9287aeb6e52812c7276c6bd9d7836b002b25a57d9aff622989c678ae8363e44dbeae051899011014c0cbf028d33554cbfd84169a0c959373418d3dddd3509be5c4b4aeb1430023dc7aa1a90b7a2659f2fca94232932424e15900ece6aab06b902ffbc7ebe850a0f647e5937be976b390fb396c84c1d59caa343e8206f8d30db48e310545886abbbb749cd1380b972836cd9098d0fac168dbcef4c27fd7fd76d54fb7aed14373fe1dccf660d6740490ae4c83edd7ed389cc9e3d648056d01981a8e8603550711446824237a7cc3c45518697fc9d2706ff6353651cf752cb782437f4083b010be9a7db821a1b2a8edf3663069d902a44849549d011517bd2c1db9159799e717ba56966a3ecfa69975121ec39f87d29d88f14abc1db6f7f4f88abf29cc9ebb481dd3efea102e697c8271fa9fd814a3ec8f39edecea2f82ef7e5f2a2425186e0db8c19c3c5f0bd817300d2a8faa5c5bd1fb16de005c5fe8427131267c390d5eea2d508b2025364acb3b7dbc2b52da44d9713a8d785c50c063547b78c63487e47105212b6ae77e2151303869f7f2c5d1480f6587dffb4b547f58a83fbf5e7ed535b5668d08c91a5cca39ebbf201b66380b8bef2f1eca5904fcfabf3a1589d9437a6d3c99f1fb73773ccc1f244cdffc3c2d231c7e5b94cfb995d33274823704c63c494a9fb6c5cb20b8e36d2bf0983745844a7c5d0652c8aa289ffc4699486382aae84ff7c84c8d7de884e2e5395c42adbfb5ce65bdf1c4fafd95e7b413331e61cdb8d1f9472ff6ef4dcd590511f73d33f0ba54455767a4f47fb688afe4311d41fb0612251896fe6d4f1548faf2b6e68cef4bf8ef158d095b97ab2e9fb22e613173e4b23e4a7c36276bad716c4c11a6985e4c56da41a8d3c9aeaf893c6a207b7355f995fb5978853405b82068fcecde847a047872b8a8c55171fd25fd1ea6b408e16bebd0398906c58ac94b94d9018102095a96bf9de5afc51d35ca0baaf8075e98ac822704a236427bb09baa63721eab29070760c883f26c4a3a809d6552257496d8ee811b3ccccb40be0a00151b180f87951509848935931e2fc8bce39f798ab97268494367294caeb93e38da872040bb47b233de0041fa8f809f717b3cb159bef42de289287e88cf52be4123ed158ec1b3fe185b06951396d010d845a5b75de28b280c76f91a5de2632cc919bd43c19a446aaf262daeab895cce6e828c9e0e4745e2531de53392c0b9c9e22f49f0feca653f7e5bf1643b2ff66cab38eadcfea6222c30fa7002504c10aa29048ec458028fe772e5790b64b264d2449e154aec4d4ba0b4d1c480dc817f27a5a76b029603f849ec3c89614946bbffb7cdd6506b3f59e5c6e4d4307b008af1f56e754ce0cfc33a0a8365729996e73961eefb568fa04a32724846a553ac829478902b336d840c60be8c66814c13f8fdc95e83f04db4ee221dc2aee5ffdcf9dee8d859d77516989177039c7c26476df343c2a3da9abde7d1a42f41878ec69ea4ec516778ee8cdb72897758e2045c01c7308838a351c80c43b4de16274df7040c01708cfb3b985ed83e6f4fa342edeeb9c6118d4feea9da3c22fbb3ab97306c3207cac52a5db405ab9054d2e03138a86ddd254dabbeb79c6e769e42d0b1f888fb8e92761ecda90a7773a8af648206c4c08e5a11c0cf6e14b4f019d3d64a89fb5fc50b74923a28362ab641db102887b01ed9d408ac767ab636845862b0ccf6b8183bd9747eaea78634277fb89ddf1a89c75c15d9f892da55be837318a97851c750365ecd8fd09428cceb2b1d982740c27fb32f543414c96fdc9a37832c0c156f8dc6cadf95f9985badb0037263f325970589e0efa8601198cfa62939dee7e6e31856c5e14ef3a1c558aa2811bdc1c9473c1a4e76ec0fb76b5c8db6442432b26601ec5b90483ae6ed15d83e03b9457dcfb0ef90ea17a4be00981ba5988c520c2c27845d31ddfb365c0e0a334dbe2b17dfedad348c2ee951e1e834c8c36baf83f6e991ca3acc7d62a5b4b97d336677820951412449c40148d106fe7cc2fd56e5239dea4badd35b03c8c3db2db88f5f975869d251a982d9800a9948ab857dd0d241a24e23c4f766ebba349275bc9de0c353535126a67314d0d3c72e978218d9efb4b2dbdaea31fb12b1d8a3fc7e8d5bdd341bfe4b99b9cd2c34edaeafabfa29a66868172e21ea381d034c192398dc62c805175bad2b3ac5537e22829433fd648e278c740f2dc068235b93531babd375df104507522c60ff4dd437a0e0dd755a445dcfcc3571d4600c1829e8e44790483bb03f50705bddfd19190ae8771403864f5ca89939685f2e4d5f77abb811cec3cfff7fea2827cc8be308003d5bbacc74b9cccc3f14bd6aabb4c46b6f9dbac7c7a15b2761da6d8c9489b65a82cfa4716d7b9e0ac1de1f756c50110f763e2005eb359ee9af678b9c8d353ffbcf9ec95fbfcbd95024977c0746df3baafe1b8bb6b679302ec78bdf83af034a20c2d5467e8669bed1f5c735642c1f48576fde0c041faeb0430cfdabb9901fc7b1e277c2b907572d091762ddd3d20346fb3f79bfd471d9b5423c1fdaa854fe4387a47bd465d32ae040e0d02bc9e25b87a5924b221307fe4573a25df7c0aacde1ef166bc514253d3f5693d4d20d05281acf62be88f4b61cc410ef1069969dcfe8b2516c0043a5a7b9770a2006457658b6d91e6aeb07392d44d69978e1d870c71cf5a0d59709a5a6e85645db772b7e414ba2285f198c85bbf5d70aa5f0bd2207114221b3c1fd8a3da337830212a873819f8e989688e9ff2d3c7dababf5c4336cf83ca50eba7212175d2336d13586c2d9334a2f0d5ce4679fa98694a0c6655928c76073b1873b3aad62d1e902584cf654b7f3adf63bcdf09fbb00063f8b36bcfd2646c422cb52f9433c9a8ebad106bd58e3a2dfaaf722505fb10f5ac0f5b753ec9c8f96b4f790a6b37c0366011731940f22d60d6119b529268e3167974330aab612b64d1453fbf2cca1115e9c8fe2e36c9685eb94e910f159592d923d8e9f293a05b97f1eb8a29b1e84db4f10fa91a3a11bf1d5fa48731baacf1524256adba8f47b396d52585f8550b9c8d5c7495a0bcc6a60114ca91ce8c5fbefa8624c66794288ec9305c463d0e37bb21c8c7a50c93a210a3669440a293a6d03b7ded01fb18c8c77f5ac9a0f394bd5c5b713fb240182e493f4c6cd8e420187475b6eadc179dae96095e9c9c1ae345bd89b421b621a1d94270e2e894eec85d4d4ac569efcc6acbf4ac3427799398e9a8cde25b4f796de0c9c74f438a688983cdc021a475e3bfd44a341990ab6ee29afe5a6d6c83c968f879aab226bae09e6e2438f3584b634de3ff5bb43dfa02ee80873f8ad0b6f5ff31d82844928739ab31fbe1f0a461002bb2e890dae5de0782e526090701150a2602535332ee32a7c5060c0fb19c95f9ff738b07daa501b9dfbebbff54fef5d3730aa0d848f65504ddad45c16cd87e417fdbb70dbd660de5a181c9fb47a7f418e8411ebab1bfa7a8095046ad276131820b1ec826646bce9b1e2b16733be2456687855aad2e0b3d33c8e126f3e98ec7beb1e8885798bc073352a57dd12c29a2c02b58d11cfbf665f8d940b568e8bff3d693b6fb5dac01c137c9fcd57d6beff027e562b47d14c3c76b6660c3638c3e9e8549f0ab1ab2f664acde5bb73bd47911a377f3773a09e8d624687a034966d3c11555dfffb4c225da65b7cb8cb45e7828b1afcd1ddfbf701d03fe9e81ea373d3b86c8639d1b55fac11b6d74dae78e0110368e65dfe3404c0ae40292dbd318637754d4effcbfa2abf89edf853c6c2024b5d6eb2dd3611976f89321c2d434738809a1349e6e721d87b682cfefc32f896b07b50be839715b4f76237a345bedd4319987b943d810a53be95991570438bdd17c6b93cb3c27cbeb9c8848107e58c9e99dd4ad3b1b2fd2b304923e646f82677e2f838558e99d22298a939211a004f5f39037e9ba2101784234733095627d308ecc8679a35a62f2eda455de9937536b6ceb09f0ade20f47b5b65b28c3bc35a23e7fb7b3932ff7868bda84c452d06e26b090ae510efdd5d7a602ba692604b76a1cf563ef9850e29d5714a3c20415521d4d45927da37952073804b6eca66b644686b7a866922aed5ee0624a9f3a34fb8b03e5cf0bd89af973ebbbed7e01ec483f9b2ce04c4d99aee65d8c960c03be30c56c8802b9eb89879e1479e614a9025e052a7e08d20dc7b304a4c161b3cbd0b3d3ea6b3267f47814563a56f909a03e62efe93bc08a0d960bfed8e3ae5f9d67b5d453cb7bdf1ed317cdcca57c47040fd257bfbc10de4e13642528b7e1408425db5be6c0ae5f3d65a704300e2c155c0de7abea0c78780774d3c01fea3ec376428adf6110d7a541cabecdc089c280f40c7336b0d2738f4a5a101a84e87f3d4fb6a5c36afd319f3cebc8b48dbe2d2a4224fc97c871bc07222af9cb3c9edcfa1f8fed775df3881aeaf6fde45e8fdd9f988280420e752bf531208e16cea46b16b009f7a2e50c019911acdde4c28c41a6577609759da65cc38213a3e24a0f2468814a531b01b181c04c025cd4c0c2436299b81ca9ed1d38d0d7ca48f8bb17778496933a9c40b0466b70281dadc6c02ed58eb25fb5e421f99747d8b860611e598ce47456c6673d0faf86cc39b7f776c2349c0987da8929b6a9b27fec8dc660c73f1b39825a6060f1ae4dc130ecdbaa87d103b3af46629bcb9698aec1f77b538861704ae1184471c5bc50181a0eaa797b95c7ae005c5bcda4a2e16995aa6a49d1d2fe4dd65dd38580aeab792dc31e1627e3acd21e24f3ed828a89da0df23f21513eca461af027ff5a762823a33bffb0ce715d9dbf7b44e46c2c744de8eb88b36d76d7eceded2d1866d8d8406743cd2acd2ed3e6ac36229cc094c9093368bf47519376c59db9064cf86bc157eb49e504794b6c39b46f1165a019112f9fb3e863854877ebd66aee7f9bdb492ad181fd71041ef0fadac054e917d9965d86fd101060690a893e629ab32dd231404ca31c4e9d5a782cb4f2f2478a5c4935b296438d82c6f2cdcef3638ce3a1323a1e0007ac7470417a3eadd96932fe76", 0x1000, 0x4}], 0x0, &(0x7f0000000840)={[{@noloccookie='noloccookie'}, {@meta='meta'}, {@noacl='noacl'}, {@localcaching='localcaching'}, {@quota_quantum={'quota_quantum', 0x3d, 0x6}}], [{@dont_measure='dont_measure'}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]})
lstat(&(0x7f0000000400)='./file0\x00', &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setfsuid(r0)
r1 = shmget$private(0x0, 0x2000, 0x90, &(0x7f0000ffb000/0x2000)=nil)
shmctl$IPC_INFO(r1, 0x3, &(0x7f00000009c0)=""/86)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

10:23:43 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:43 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x320000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:43 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x7a00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1374.785552][ T5446] binder: 5440:5446 got transaction with invalid parent offset or type
[ 1374.787396][ T5443] gfs2: invalid mount option: dont_measure
[ 1374.810794][ T5443] gfs2: can't parse mount arguments
[ 1374.832394][ T5451] binder: 5440:5451 got transaction with invalid parent offset or type
[ 1374.841649][ T5447] binder: BINDER_SET_CONTEXT_MGR already set
[ 1374.874622][ T5447] binder: 5445:5447 ioctl 40046207 0 returned -16
10:23:43 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x5}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1374.885986][ T5447] binder: 5445:5447 got transaction with invalid parent offset or type
[ 1374.968714][ T5458] binder: 5457:5458 got transaction with invalid parent offset or type
[ 1374.990271][ T5459] binder: 5457:5459 got transaction with invalid parent offset or type
10:23:43 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000766000/0x3000)=nil, 0x3000, 0x2, 0x800000020008031, r0, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:43 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x4)

10:23:43 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0xfdfdffff00000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:43 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:43 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1375.335794][ T5469] binder: 5466:5469 got transaction with invalid parent offset or type
[ 1375.353737][ T5468] binder: BINDER_SET_CONTEXT_MGR already set
[ 1375.379757][ T5468] binder: 5467:5468 ioctl 40046207 0 returned -16
[ 1375.396341][ T5470] Dev loop5: unable to read RDB block 1
[ 1375.404561][ T5470]  loop5: unable to read partition table
[ 1375.416699][ T5470] loop5: partition table beyond EOD, truncated
[ 1375.436241][ T5470] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:43 executing program 1:
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={<r0=>0xffffffffffffff9c})
perf_event_open(&(0x7f0000000380)={0x7, 0x70, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x80000001, 0x2004, 0x4, 0x4, 0x8001, 0x1, 0x4, 0x401, 0x8, 0x7fffffff, 0x6, 0xa62, 0x7, 0x7, 0x1, 0x7, 0x1000, 0x1, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x8, 0x1899, 0x1f, 0x8, 0x3, 0x100000001, 0x76bc, 0x8, 0x0, 0x1, 0x4, @perf_config_ext={0x9e, 0x7}, 0x10000, 0x8, 0x80000001, 0x6, 0x7, 0xbe, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000100)=<r1=>0x0)
tkill(r1, 0x41)
socket$unix(0x1, 0x7, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1001ffc, 0x890, r0, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x3, 0x10000000001)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:44 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x80000000000006)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000380)=ANY=[], 0x29c)
r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
preadv(r0, &(0x7f0000000200)=[{&(0x7f00000001c0)=""/7, 0x7}], 0x1, 0x0)
ioctl$KDADDIO(r0, 0x4b34, 0x6)
add_key(&(0x7f0000000040)='blacklist\x00', &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, r1)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000180)='tls\x00', 0x4)

10:23:44 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x2}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:44 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x10}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:44 executing program 5:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x400, 0x0)
write$P9_RLCREATE(r0, &(0x7f0000000180)={0x18, 0xf, 0x1, {{0x22, 0x4, 0x8}, 0x100000000}}, 0x18)
r1 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$FS_IOC_GETFSLABEL(r1, 0x81009431, &(0x7f00000001c0))
ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0xc0505510, &(0x7f0000000100)={0x80, 0x3, 0x0, 0x0, &(0x7f0000000040)=[{}, {}, {}]})
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x5}])

10:23:44 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$vcsn(&(0x7f0000000180)='/dev/vcs#\x00', 0x0, 0x7a0ed0bc8a61a6a1)
ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f00000001c0)={0x4, 0x1, 0x36, 0x4, 0x7})
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x101000, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r1, 0x29, 0x45, &(0x7f0000000100)={'NETMAP\x00'}, &(0x7f0000000140)=0x1e)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:44 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x1000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1376.062335][ T5503] binder_alloc: 5497: binder_alloc_buf, no vma
[ 1376.071007][ T5499] binder: BINDER_SET_CONTEXT_MGR already set
[ 1376.080524][ T5499] binder: 5495:5499 ioctl 40046207 0 returned -16
10:23:44 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:44 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x28}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:44 executing program 5:
syz_read_part_table(0x0, 0xa, &(0x7f0000000800)=[{&(0x7f0000000000)="b5a47308d75ea609735987f01b7e0f76bc119b5cbb6c7a32d9187e310b047b167e5d20d4a22793ae8c95dc12ec04016c6bbcac2c4a98c70d661ba700419ef599a10963b4829f8c12", 0x48, 0x3}, {&(0x7f0000000080)="570c7edd805e426286fdc11726ac0f642b06f60b92b190f2fb7a0003d15a5eb8cf90a0b038e56db1285a908acda7f82cca3576c25cc87a050a8e3ca1d33bf4b543d8ee30be6c178cde85f2461e33b05aa8f523404f522b61ac7902532f13ef039d9d04b5dec5d78d84fce2782a3dd9d263846586387c3d39f523d7b6335c3599d5f5f6cf", 0x84, 0x9}, {&(0x7f00000012c0)="b03cdb09b8e65bfd46f24d0d631c0ec9f3975b9bd41ec05c8dea4b32b9dc0091dbe52d7d7dcd052701623807d11f089b2c8b2358593b591b458d1906fe5af2d7decf67075479653cac76a6e63dfb304b1c9d2105df3c6b6775f96bffae90be9df5461c764363061ee97f5e8ae46b29b5b802796e52e88be993c0feb85223569bec7a8043f178ba99627fb29861638eaa368867264d12056f280908b256c7a9b75f557311e5528125a370479172ad76cfedb36c7b32f81e3a7295af2491f8fbe715bbd0b877096aaf9bf334654fee2e6c821c000455f0c1d9880f1162cab7287959ff389c1d08823e5175cef6b7ca8568192676efcad75f24dde8237722fc1b614bfce744b2ba6210817ebd28f4a16ee8e612c0262c56a6fca4f72536684f485b31107dd445eb5214988a6adcf07b03ec046e9ea0dae3f9c77b1bf9f32af907c99bc5657d096c9ef39bd09d281afc9db8dbfc9a603539597fb179727e27dd2199d3d1c509a29e09c0e99e80de40f81a1053ad2630751e6dfd96986634ad7b1f6a6cd7a745b6088cfff16b1fa5c2c57cdd8b07f88fbaae8955f51deb2dcb3a7b0ddb428ce23dcc6f2544ca319c61e25d85c94c5a757d510e2e52ed090f9ed9c81dd02e526214d40182eff5353c379e61b0758bde54108487482ffa3697ec4cb046922e2b65305be6cd6b3aa0035d45b72b4ab45df16baea8337637e27f1e125b0f36c11fa3ba004d2181a6632982b038bd3486f09d878aa993cfed954a077993b50719c21bcf217ae64bf72286e2e1529c8b45ff8072e2ef07f25e62f761ed5e7b17414870045e497ffff75932e84dd1bdfdf8fbff53fe636eba90a99622b7ae4df5b60552469036a071fe87d69a35a714302f6c992863fb97ab35d039bb4189f6f6812aa4fe7b466f60ce9f3753b6174cf68f3001811023d18d0b721dffb49d5badf30f4d091fea36cc9b032929fb8697aafd476b1ea834e41fafcadf2d1f7f53cbe6c29dd98470f8adb178ee7ac88e80204a9ca44ba0bd9542eead875f8d3a4d2af5ced0cccb1de9c7e29397fa7af6e7cefa54797735ca0fd774ecf6cb06fc1781bec54344ecd44ca4bec8552c94e249c3a23c519bd93bc0b731caf4217e974e78053f67a6f23944860452e43835e615d2081d180b91fb02f65c59ec3d0b5bac9bc4e11c89f520417dc1541ac2e65577a18e31134863832767236f7b2f04ae1cbae53dadb9b50fe4ec77b99e3791a09460b5dd32a8ec8cdb979634ef25e391d824ad03b2857a7794221512c1b5be2d8e6494210488f742c28a59c2ca315a7fb3115b0d396d2003bfa22b338d199d6d785747534486639e9bb03e1a2b064a9559696f06ea0a28691e839f8e0bd74830d300f21738bc4682069113e5266a9a32fa58c78f53acd7a0ae0061936f4ddc6bc5552385897e56211307b30f5ed27687d2295bdc9145e75a0fd908114dd9298bc663dc334394531b2739aecd672ef5b2b278150451259c5b2bb5ec6d0292832e0dd9565950ec2e3a693ebc9b3f31e97c7944fd6d4d73f25e673c9760b632f537a660f9b54ccb322897785f40732c1ef58b39c131eb13968505cdca4cf12c68c2e3a3aa82c4386348dfd282c1c018cb46a7ad23d0ac5422d3d7d2b91d17d1777f1c1e242e759474826af2840c73ae133a45cfad052662d27642b9e48cab1702187dac0c5b6038d08ebd504cc15644c7eb622f5d9999d4bd0310993714b460ae5fc588d6092f4d06bf145354d9494c613e26552a9615b303b5e2d4304b39dc82e6288a88c81163d0a92eba737e9324ea3819b965708ea8688dedaf0adc385a580e31cf71c7fb3a79cc79bea4e73e6d597c57ad267a0cc8044bc8d8b29c482fbc76d2fc15b950f2e3319d1a6374cd90ccd15802a826261b0a17014bd15396b927d04b739977e5823e0135dc298d2bbd2f0cb864263cf9399f7ecd5641b56d070e67b92e7612ccc44f563d3698bf6e6fc4b63ae8e31229b672a7cfe32567faf6fee118afca3bdc3e4f25ca342ca65b222d241ae0ff41b86bb5b6ff2b469ecf59038bdcd301c04d8ae6f9de652860bbafc51fd262e9ba151648b57a350aeaf9e7e55b4c180c8f428661989aa6ce273a97f28784738c888ea9c59ae12965158e0879f0a3ba772e1e0df6c5403b97fb7c935c35f78497c23631678f4c59ed00983191628f600ca9f7f247033e2bc935e383efb277a0d65cd124a3974f194cafbf879e2d7c49c45e37534a0adcdcbdd806e262b7ce9a8c686627939232ffaed3c2aafc92267b8731a57d3c1d1fb55a30250c41fafaa6502bbcccdd4ddb3ded77675449f570959869d14d54c6b87b23a8e363bac1dfce33c73869207a0c29a49b51f19dd190914234fe57f0dbe68b7f6498e3737825161d18afcf9cb6626194e3d85159d38414964c0cea934d2f5f6cbacbed4f8fc49d04ecd3e30febc7a9b21a8c2371a8c37ce4aef3785f2787fcf7cb03c42d8c096fe8b9e3655a396b54c4e5f9b2170ea5a8a1021c032b2f8c6636d8c3a142bfc050bf9d91f083387f25c742127facd9e204e0f8fb06bf25e0991b4345601cf391edfaa67eb4f5579d76407e9691e3b53a4ea905aad8e4b7eba3f296fb21c5c482a6e0da123a082cdf0d27f6b488c88b4157629dcc36d1c14ca57e41f7ace2154b8ceb16da0d0b2acd2a91938b7e1b72c96b6d4c653699570c7f252ce5c0d1a0a3960fa531d6981d9f6a176cd8a0d98dbdf58883ba1b9abe94709e712b1ec2f6d338b8694f096ff226b8df161ec0b4beecbe8d029aeed0d1928cefc0a0075e1237aa519086ac6960a37014dac2da5408be3ab0d1b1233a4c225f68208950d9ac90a78f0d6465202e0aac64f2c101a5463cd3abc5f7328a246d97fa200726d632efa5e9596dd2b92b5bd3050532c72c1e92c1100c2778ea629ea78583f2d89f7e3bccbff50f43bb3a5bea83142b2abc680b9e7c3c2cdf4d90fe6b9e7a1689186828c7d638ae6f72c6e050b8809f7511687ef9d5ffe7080049687708a48a10bec010d91998ce34c61e1a3aa51773890f72765835e30922114a56976075177b3092139fc73f7108cee870592fe5b383ee4dea68f547f87ce175f95d431e4e3b57a727495deeab4daeccbd4343601c27b1e9715b6a5ee78c278ea881e905225fbaae643ce94acf783bac0f80045615e9fdcea7d01422dddb7322dcc719f83d7c9b34d7f102e83ad29e4676c6fbba112722693ed3db8e65554007ba8a11fcd6347aca5c5aec5b9494e9ed85027ad37260f95a4685f1f644011fe98ac78dd1f28157f1bc97aee4f03763b10b50c212a6648063fb1f7ab36e6e6a433752b587d858b7c5d8f45860a18619b9e4c350972c2d97be11cac9f33bda9fff2c16297c22e134d1b93e9667f06b417f6e30b91b2436e9a1c5f0d2149f8e59a6b7367dea778f7ca15f70feb398fe7aaec09615f606fb306be1bda4721855c0b98c62ef2a06794870f4ca42078100a8c1822154f7a717c799ff89e72a257c0ffa723c843b0dff3cfd755d72456bf2b7f4b83a1574833dd1831ad2894f8069cf482c34acea17e68aa165b77546f975f9128df333f298160958296074bc04d59033b6143826d8d41df6a2f73c2b97d44867c09aa02fbc8af36689e95c864965667c7a74c31bdbd0733105971578a2ae62c2599ea24fab478a152c6c6860072a84861173704b638011110a8b2ddf188e9d75f09b4477887e9ef49984ba50932cab8651dfe458be035f8763fb2337c6f405fad3321c5b434e00c792c94bbedfdacddf27f4b3abf3c3b5256d85e6e1575bc8b4903b4aa91533f88840dcad2b93e58f781a5e112b801f635932b8f553e18a1ba00a45e28fa018e2c66ac9c92a10824911388bc6de0865d7d7721822b55eeb9a29341753f8c41d71b255ab407b677c3d0d8b18af2df0b3d0e523e212fa574f523fa15b1a5f6d053374095afe6dc2daeaf26fd011812ef0be30a2874e200ab2a24e76fa75544d8abe8f510d5523b8be63f0e8a99fc38e773958a373342cff851275fc7ecbd804d99f1a0119baf25315d03e897396dfcc467c61062e55a332a571fa4c0c2d827385ea4fe5e5199335599657ff01971aac0349fa4e85df4fe47c1a3089cbb356b9b85ea50c55f16838e5dd8fc261030edd9a40bd5e40ae3bf5438bd92fe906590f7427b145e8385450c29fff0745c22301cdf9d07d983c4fb2ac9f743c6af63e5817dd7523fcab302d808a48b733c10471d5e99b050130b9965101b841f1a6ea15f2079dc8452dc243b8915260b202cb8740bed123545ed87ae12bfda3a10fb528201fb1a2c7542a501708dea2918620d8b676283e4c62806e6b9c6d14c3c8b998f58abeba8ab2749d19ad148bfb3582538a8734edc452c1166fb31b2afe1e230160fb532a2dc2b495cfcd3eaaa868e2be8f7a04d2765fb3684c285d31bc652ff6d69fa5c27beb5a79c2d9280f84320657917b8c472111b0677dc056f1a03154a59f69d2e4ab0c28b44af894a54ce78f262cea633d22cd94169aa8372e64b0ae5568af6c29c7a0b56679c99d4ca03569da2086313c73c750e2ee388f9a4cbd4ba1a0c1925437e9cf7c5d33f05320c2b541b89e417047347125327a5d7ad38f0553719c7c6550bf1093643028acf49d99aecb177422ae27851e0c6d228daa5b18ff80c9ffadd180f1be0a5a455cb5cd8fd58c795169981a35b56bb8122485202738ba7ce0f107767202b87cd4f8daa2d01e70ccfcd6dd3f115f3843e12cdef3f99fc53ddddf2e40b93e537c3f34da2b0ed7d2451e353d271a03e70f6f9ac408d6e8f203835fd0e4218e533f972e433e9320b507422d119cf60d1b114f2284d980901521cd999d44c96fca6ea9009163bfccdef70d4518d70baec6c0f4127024eb68c647ec7cf71521aae7d932aac4447df5d1cab69b7e6ad35bd77315aa7923a8efc4706b175606fcaa784638913266694eea9b0f183486cd4c968ebcbb07777b6e9f5dab9661af6c5703c23dbe7ee16d9f942ffabd138bb4531f3d6011b24eac0dd57c5d5c5a027848bd0b74684fcd5ce5f8514698e921329d5d7e97b053f325a7b3019c4e15c948b53fb47046e68a91fc225682e122c10dc30470bec69ec5b7c3260e944104a083caf18aa3932faa7b395e9661313d07bb9b6a5120e1438f542ff683e8e5896878320cc6b10021e5e18c5e1a41cfc151528d2ac0545bf6fcd789aa73c1cce085390fba309c4a57072c0a18490e92eb5e5b3823e699a71eb4651fc731223a08cd6dda7c056b9d7b53e37ae2ca1963dbab7d6dd2450bef10f43b5395778c3287d9e3963400839adc807a3a6b51b88c28066d7a6acf38d8c2870c08b8bd7fba245d3a18442a3409a2969ea859029bcd64f6c607ff3bf0a16f2d37d54f0158c15ec9f22d1cbd8901471c29cd9407b9d024abe466804ca6c1259a6ffda68ba67d81b99d90d04dd2b8730935de46f471e48287ee7b309d2e43d6ebde03989fbbd2a0325471f32d1cb263387483db9b30426989be8f3713174eef47a9fb025d4332b22fc5c5f6afaed5aed265e0a948ed8000bf1de3ea1fea3620481e9c093e0c494633540a09feb92ffdc71b4855a74a9f0cf1e571539b5d7b3d50a7f247f5293cd3a59daeb4621a73d32d8b3765e5665f6222d155e9eb9f30a5523bd57e662aea47fd39d1ad6a734e2da415f05ad7a59dce7de6ffa7842208735d10905b38eb55d1f17638e914cfc93c8153eaffc5039891300b01d9393da52d8efe64ef457f92e385a0ade031e6b5e6ec22099f069cd7", 0x1000, 0x4}, {&(0x7f00000022c0)="0324f00bed3eff1e0fd620555dacb8ddd8278ee85998b5a3da034f05331f8d09d92fef78d43bf18bd393efdef23d6e5cac25438b7232935cce5e558574af543fcf01104649ff38f78a45e1d17b9bac7b661b4c2da14d48f62d53e5cd23438d6002c8d47a18e24696034948755d985a66d1c1b24441f28b202e0a53f7587bc7c558f4b58b4256eae94e408fbbd6fbf72f8c26b98a0588a82767448e400700d4445d03275d82bb4dcbf0c7da55dd1b9becc01586df99f0c035eb3b998a649202c56a4b052dc0641ca48522078da03044ce790f9f6729da6acbd7b42c299a1f82bbed7ea1a11a1c21ff0b66ff0b880644d7b9f81109e12f08a85b3e61f373f3eb20f6aa2140b7812b3823b00fc859ca25cc44839f2a773ef68b4716449bbf2ce4919f5f3496a116186fc8373e674a5e5496ac6fcd97d1d7d6bfefc95af7de2d2d0fccda5d18db738b55bb975083a231385586ec2adeda51b9081c36294751c8416da0018a49d32df3c677e6f1769e711545d40bfdb2c00d542a198a38c4a5fbc69e3cbc9fb5dde0ae5ec1605fc5eb85977a2890693866dd872d52d8fe1ff3e912451ed4cfb48d63ccdbda96095437b7aeaaf230680806caa8cecbafe5be3ffc06d20c093422e9d8fc0a7c1f8fa494634b31c332674d8367aebcb0770778e03b8dc00ccab792af1f03a79e7c51dbdefd39f68e1b09d807ff8381622e3754f573a6747d0b34e7884759f2ef597832a1dd673a4e9bbf119a8f27c807a0960f6fddec2d3fa1943086af2a4b5c388d7d84d3fbadcd21b21e966619b101f9434040849bf9c43b6e3187165669a2746a08d71013e3f5b9fc67b8e1106281ecbc1a24d4993c7976f7181cd970c8de3d8b87f30aa519952eeae4e189d0cecac6eb24962c7bef74c383d2eeb19827be08692a01135773c3804811e8713d7cbc16e6d4743fc4677c39d7b3389fd4117233a97abaa06578616a017101d659f92fbf642d98c417b172c6aa81ea4c60ac17142442569a62d793bf4d751575f82a15d016e81f5c28a32679bea9a46d50fdfc4033dd74d86b1ae6c555bc1a58476beb2dbd58dbb24197fab6788b9454cb73483c831470905f678a03ebcdd7487d452e89e4dcc4a3a3d28653c87f75b634adeb0f2e373fb4ac663ddf09bd0af07b01008962279c078fe92c6fc3cd3ab76625170004cb47855b55f2d5454f6190beb2a70368ddfbc3300a8d16f9b4e8e31a331391b416e449a0ddc019a06f571265b7de23d84ab4d89b4579c9c58bfbfaf89805082e3683eac2285e425b54aac57087f119ff48582f23244d2199238573c7f8140c998905ad944b53a617b104f2a7f1489c7afb42fc0d067aecb4d59ef59cd1e02035039eae09ecbc70786b8e3f777a3750d8ca3d1d399f9432752b55c3d3b98b7495016eb7d751348fb225862b9ba3d5fa6026c7861d8aeeb67ae31fe7342102f581f40f8a5c33c862be7f563d2296232dfbc31176636c70be26d4a6d352f964be2e78400fd46705eea04ce62472e525f2880e73cc75b831f471b9dd0e97197e51644024d6fe1e043548cacdbd38c8534e55fa3fedf9d86027bdcd97ba82ae0b1f3509bb63fe7fa54c28944410ac21d4aaa124f4d177e07f5449271f815ec1f06ba05d1eb08669672be75bf115abfa9249496fba1fe48763cc74e26b012e13fc5b21d7586b1219dd4a88510495d648e5d126be5d9fe90ec14bbf338a74ba862ed3246e05e815a33564d0955e6ec36698cc45cb2f1a9d7eaf4043661c27673682a17adade9591fc1fdc445d9c92408fd072480941331f538a0b42ebc45b3d0dd67e741bc62dff7ff4f0277cb979e163e0662219b9273bcff973e4a9ccb7e93aab4770515d744ef62bbd343c499efe67ca7ba74dd568b3fbe0c39745b937216f2558d0fce7dee75b7e86b18c12247983463caa3ff3656ef8d47dc1dc1f98318105d763c58b9f5484dc4bf494161400b138effcf9ac5f3585d26ecc9e4b78bd973102e1e0d9a037b5bf881253179a825e4a52933c65ae99b2d82bf92212583ac2fb961590f41574d75da91cd5722ab3d61665391d9b89769f30d7ff71351fc9e9da9ae80b08fe7ca92762ba1645f02b99a9071ed847a12e8e6cfaefcb8f5607c96fc602c8b5f142fcc10b95ed2b8dae584f82e9d30902b9de1eb800c9d0638b559b69fb4eb7d67e72faa2bc47dd6c4c85aa517ab717d433796ba8c5c571564ac1831669c1c7c313f84072de73e84331208b8412ae6f9614e328a0e989ff1c588adc5f7d1505acbae78a93e81e7055daf669867f98820568d512f86ad17346457b78c731bac95098365b93fc1819422f54af009a753cee0bc44203209b68690e657066683c0981c63a7373bab3c3be5de28ab91154ad4e5969a93142ef62afb301b0af93b71263cd9ee821f6c6e04b208e105091547deeeed5fe1a77b390f5d9bff64b6ef4809a081cec586b4381e2419e937cbfdcdc7fdffbfe7089d997a4b11b0549643d88cd0a96ba5455e0e13a519912b836bce79a79a6c935ee00ee5aa0abb4705a413f1b1b9729a60a055fa6ac7027c22759eda0e43fbeb9d547bb97f27b58cec07f9f2c7768dd3c3e233435bde28dc9e198db6541c33984d9fb9a4f79b4c2055ef043009333c06cfe861c40ab28fc2569be4824ff44f2cd7ead79ad63b175dea146c582845dc53975234a54a926e29be1eae2052092aa3f3cc8cf037dda9c2052f8e98ae43782763f693a66d1d8e017b43da5bc7ca7fd0ab874ebe42d833b5bb5f83394aad7f05abd5414dc32fa3d5bee861c805ba21caafd165e11cd256574161cf4d273ca20f3ae8dc890a711aef2451b53b51fda8bb8f7b6bc3e7a72a0755c987c14349f8411c4a1731a02fc6e9886c9eb2280e2c1b47668391bfd4c3028482bd25c71d64fe50b612ba230b610ed8df6cab5bb4c6e28173f242990870a0fcd2f576a4a0ca178cf1b37e7319c8276a70720cdbbe462cc08ce7a3bfe2da99091978a1e6102cfce71058849a7c937abd968f3fddeb1ecc036ceeaa8954792f7742094c697f9e6af145c19c6320d02ef95b81af9fbef068bfee67a95152d3c4b5ca9adf6fd600589b2240c0124085eaecec18efd6e0dd86c003f8692f0ad385e2cbae95fa4073ae62928cac5db9709baf338fe9b6abdd05a2b319a5957abc26e15b8d6b5b7b63519c217588d657d2600e9520aff97b5cd418e16f6d6f61778172e4f9c1af0924e466cba741a21042bb2c90ae7d67dded0c6012750271bb2ac014f992db9c16803b87a56b459aa0e9dc17dc61ac0316ff0c6989b57046127027fe20e90d2d2a7a5da6c992165c72403c9ebaaaf3665497d2b5266bfe90336e6e6b330d52a637638b8ade909cbd511e6df4d793203c42a38bdcf606029f45c3991ed18840e940858f6c596759618bd09ba5062c0790655b2bcf7d0f40c418adcc26f35e59262d92c44ae321b3878a3f61ee4380eefba36e4de844c7386b5e60ebd9f11c122312e7ad6f21d7f31bbecd2a11d75dee9a497d4b993a3d62d765175ab00b9ba82f930f6457e7685447f3a46a459f8bdf64862f671e1921bd668019d79f8d2ddef371a2c0daac87dc7afd62f2d54d30c19c1ee9d07bb579fa19d5c60e1aafc9f92ae6d398e1a15038322590d9a886c1a885bdd1301ced968827f1082b3de71998d8b52629f54612cff151019489a35c4afad5d609c9028d79cd86899606268bee4d5ea5a42ccc680c2e671ce6cb09f52550d252aaf20e605061806392e0b1fd5a3d9140f431ffa0391e00549c788b7cd3f5b03306f36eabf061e23ccd7eaa8cc0b85a8ce81d72eb725a8c30183ca8f03a176c4a63413286e1a65213488b56f566ff2890556e40d951b4fec92e725920fa0d41deeb0a5dcc515794ee447c1b23c76e28a46e816ad69083a79400b631ab3b672ffbbf52cf80b9b71bc86a24d06eebb574deba895ee933fdfc7af6b3a87d04bfc10862d4c315b6d75e7355ce73e33b020fcd4c630851c7a38a7165319a8980a4f7ec765bfb56f5b2ee4c723535f21d13f91f6d5192767cdffa6106b06e97130435893f0b64a3822168e274897374fb441fca3cc560542f9a0031a636b4a3e3bc2a6b05b691ded9c7592731d05dd5914be11dda506d540af14b5c8b7f525e00712cadaa8df76fe65b8e2842bd5188a9fe700dd9c095850872a22edb78199df325403d320e89718ba5b8faab5b39fba6718ae7d541d1cf4442b4b018102e8721b992a47d4b744368a77897e7fffa9a0a4a92c13b4471b73ded2820835a9822b42cb95473eb80ab9ab93163baf4149ad15909e4469274830833f68da6adb5bf6a8f23c2c70f509754825ed844e7dfca9017a76e6784bcc63165a488952d1c628d748f4b6686906b293cbae52170dd42b913a45c445db44f9ee957489211b10566a343502d86834fdcfce9c1f083ee3d8a84a6f663eb93312e7f946bb7c1ca45111a2de035e23f6a7e05600e5c4600adceca9fb34ca716ca010f5832dfc8a1f66b4f2d213ac7e6e57c0c09769a6288fb26b5975692e090c751475d12b1f6199c738fd479c6ec5e0f428efc4824f203f7db51caf459fe66959fe2c2afb5a5406f5c88d425e9e3b22230c4a657a0ca1d88b4c2fa96e66cfbbd5178fc1500736cde9fca7d99c4a9f062191019f5af2dd768eb1ea99171f6c702f626f949a063f44eb23da36d25892966296a573f190d931cbe831f793117e8a25c435b7d5aae08c9d7e1f68278c5411e2dc643f8f4b040d3c0b628fddcc15d30eed0c0cbab632c08b9d91f53af03ee7e06bab1b17d6280accaeb820dd98c7fb73dc967e085a900f2fd5b8d09db26f14a187cf2ea2a2bb4f55710d76a533e34070e0886c54ff6df8142c6b7160f37fe0c8cff5bda6805bacf1a545e9a82cd3e53c5666d0026f8f9abff5c4ec662079412f8ca29d1ac357b14e0935a013f37307da942c0927ee995e7b405bcd0aaebcd406ce91a0480138ad1ab4da6be864737bd238c2131c703182df9e160a514dddcd208df914ed261fc16dd0fc8475a5a2ef8e4bb4ee57db8cbda8e2b4bdba00b6852b8bf119494da5faab03d2578bf07486db8ee1a6f5f3784c4d641379cc4a55b5159d4eb437d554813046ab331d6ea7c8f0b55f6d7438ce2f4f08a0a9cd96d6ce7ea10448bcfb00dfd51c3cd55f62396f6a1fd38586f2311eb2beeae490d3a23c4399ca1bcd85563a10a94c9f49e97fd22afccf59817368e3269d66c3df0e3996d33c8eda8462d3998a4f722fb73c3879cf5d447edec291b11626da48c21061d1b50af385d9415368430a652a2a1f538b2928d25d193667a8c2f0e838ff37e91ae8309511ce87f8764b243b90977c1b5de4fb52be9cd2219e620d86ed1767d3ca3c92cf2bb945ffe3ee381380395b5953e2955f25344fc0e7fa6a1799f33b8696177d10363e771a0a72c591f95da069108458b5ed749e539bc2394630f5c612989226f35cb397cb03987c0e81df9c062bcca55f9fbb6da23d7ed820477dbc75c85af154b95f52af5ce03aa1b8c83a060631ee369e4efc3feb02b0520f2df1f99b051093c4156024fd07e4b67df50e5ec70179519fc5ae12f4b83012732c9efb61ae8f3b5ea48581a4ee882c4390f4e24884e0494991b6235f371b45ad20f52318e47a795c5407cc5d5fce46b8e0890bd5ae4b89fcdf6950833efcdb03dd9a33f513f85775ffd585bc1ad0678d6ce3775afb709dea103c800da3b6969c84175ce32cdab9f83ff77e1343a8f62e1aea4c0f21a262d29b49e0bfd8b32579", 0x1000, 0x101}, {&(0x7f0000000140)="8b000ef02f0b2b8d6642612b43863725d8d6964ace929ca819756fdf15f8feefac4c6e4f9da42e956942e4d0543910cce41aaba2af8760cfbd6926b9c6b94cc5db2f0f0e7a5d96ed1fab03140ee0ab94ec0f573f95f75cb87fbf329223077fecf4f7ebeed407deffa278d42ae7b689b88eac72621a5d83c84bc373644f2d88741a30433b636330e2d366eb160dfcb09772b5d1ad8f32fada66c361ea882906449195f97b73f1a41059648e37b7ffff4f86257f1c4ab3d68b83c64f6e7866578136a3612d8a9c24ec5c6c5df1e252d9e968b8ac5a8093469ca67a4b97894b214de4d50b5d15e64dd8", 0xe8, 0x101}, {&(0x7f0000000240)="a995391ef1b93f7bbc011a15283c13efb223c93ede5099f43ec5b1b2e24cb04f34c3fed9680b6277812b91c15555bf1d4f21bb865e2a18c3775a6b31d495d0104bae7cd68abb9568347e77a080f356ccc808e3b530c0bb29104cbc19ebed9c86c2297a251450d174b5c38124451f22aff7811dd08e55fc2290438a48107c1e3f8fba243404fda4113b0bfa1d446a20849145ee709c3d1fce778f18c3eee9f61758ae1b5babe0ec589cc0dd6ac65c0246ce960c4e47fb34e16df54f20277802847d97a9ce821f9609f56a9ecb7c155f73", 0xd0, 0x8}, {&(0x7f0000000340)="e94ac7c8c0182c05942b5c913ffec8c2e7bd1bed2d41f65e6a0da73587c4233b7feffe2ce0d2dcd770430c26a2c30643fbd475a5baccad9f882d09637fd6d2424a506a4da31108a66472f01fa441bbeaccea51be0928e121360c4e936666d4eedad17c9b2fab6591402bf2d85122e24275a7a334242a138d4e238f577305a5a6e2775621da721b3c368ba1bb082fd07358b1f0d0ef93d3799d95b2598651a1b713d5e006085c6af8f8454150af6d366e72916f598346ff296aaedf57c9639966e7f60c60332e114e3a2f34f575d06cfa89f53155d210b4c42627662879f199ff985cb1cebe", 0xe5, 0xffff}, {&(0x7f0000000640)="007bf413ff1857a0136dfa706b6cb0ac81c20ede1f51555435a30ce5e547c15690f5a85daf17f6498d4735d866bff46fe19c28d3d428e9ddd969143cba3668819e8afee0d98656e7176e6d69bf801847d35fa88a0c2da5b91b33c5074a53165662550899bfe3b4fa933f4ac59f7bbbc92d18562adc3410e2114adae266ce27ac037b68256906e650f94a674b8808be9efb9ed3a0e8148cbde5e436e35dad482c442162e4926b4a16860a", 0xaa, 0x400000000}, {&(0x7f0000000700)="a3b23b4322ad60948cc191b318383e67a15c5d1c88471a00c8aeda86fae6ccfda02e18161074192ab5e184f9029a656eace02685dd174313ea25368b950ad5b14b40c0ad3b8650a18b3cc9c20db55bddd614dd380a3f93bbdeba59a7220b389e4828d4", 0x63, 0x9}, {&(0x7f0000000780)="ae5193fd1ad83d96bf74ba3552d456e4fe755f6c38757305e03fa49fe3f4c16bd45c3938e9b03fef45e01f38aa48097e63b67ff7f330faadceea9beb05138d0237dddc551228d7aaba198fb7f16b1d1bc03b4c9fd06280fbe100286aa656df79848b15d67217097507417c578118ed934a", 0x71, 0x9}])

[ 1376.268973][ T5517] binder_alloc: 5515: binder_alloc_buf, no vma
[ 1376.306212][ T5521] binder: BINDER_SET_CONTEXT_MGR already set
10:23:44 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1376.343933][ T5521] binder: 5519:5521 ioctl 40046207 0 returned -16
10:23:44 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x38}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1376.462635][ T5529] binder_alloc: 5528: binder_alloc_buf, no vma
10:23:44 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x5}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1376.652156][ T5540] binder_alloc: 5537: binder_alloc_buf, no vma
10:23:45 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0x30, 0x12, 0x100000000004000, {0x8, 0x2, 0x0, 0x800000, 0x803e0000}}, 0x30)
setsockopt$RXRPC_UPGRADEABLE_SERVICE(r0, 0x110, 0x5, &(0x7f0000000040)=[0x3, 0x2], 0x2)
write$binfmt_misc(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="541e5178c376c5469c8f04c80edb372eeecc836de0c3dca0096878b3d5f4e39e3bf78993ad2a43dc157381ef3342d850cbed7b306ffd557efd5473f81d4281777703c9619a67988da8199ed52e1892af4b683ef025a50505b66cc0349f9ab9cc635855bc978dc3b7c05512d27f02a5178b4d", @ANYPTR64=&(0x7f0000000180)=ANY=[@ANYPTR64=&(0x7f00000000c0)=ANY=[@ANYPTR64], @ANYPTR=&(0x7f0000000100)=ANY=[@ANYRESHEX=r0], @ANYRES16=r0, @ANYRESHEX=r0, @ANYRESDEC=r0, @ANYRES64=r0, @ANYBLOB="13bb5a142ac3f43c693b000048a227d91a9399fcf1bd0bea8c34eaf7a7810319449037bfbbb83c7e3fa2faa4ba59433e7a9f241b5a370523c25494a0b41105088043199b1462ff62cfab80bdc6f801983e7d1e1365ecd9a435957ecf097a43a7472aba5d7a9f75674e2213b3", @ANYRESDEC=0x0, @ANYRES32=r0]], 0x7a)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000300)={'mangle\x00'}, &(0x7f0000000080)=0x54)

10:23:45 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x8000, 0x0)
write$capi20_data(r0, &(0x7f0000000040)={{0x10, 0xfff, 0x8, 0x82, 0x5, 0xffffffff}, 0xf9, "20554395af03dc6ccb945d792ffbf3faf2967f8eeab5da964dc1ee5db33af251ea911cfba1890022ca42a5653404709dbb872adb7af087481ffc63bb68b8ff1c19f5a9e347fba6a1de14394ad039a927dcde81d6e39562e5337ed5314f81e36b4cf1c81ab47a91218e28fd2901dc0b5e040b15388a097a0c6ca70eafe969474a2750f9fe559e8e4884baa465cb050c6db204d4f595eab86e554b8ef1be46d64cb47edeaa93f70c889bc13ce40c5671c43a84faecba74647e2bdf5e26759d392c73acb5e4a94fe759c988283500d0664a4e5a20b4e8aa9a00e74e7055b912b8806f31d5e66344eda831f03195d34df38b729e248a817f76ec5c"}, 0x10b)

10:23:45 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x48}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:45 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1376.984306][ T5557] binder_alloc: 5555: binder_alloc_buf, no vma
[ 1377.000393][ T5560] binder: BINDER_SET_CONTEXT_MGR already set
[ 1377.025439][ T5560] binder: 5553:5560 ioctl 40046207 0 returned -16
[ 1377.041611][ T5558] Dev loop5: unable to read RDB block 1
[ 1377.059067][ T5558]  loop5: unable to read partition table
[ 1377.065443][ T5558] loop5: partition table beyond EOD, truncated
[ 1377.080851][ T5558] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1377.204289][ T5558] Dev loop5: unable to read RDB block 1
[ 1377.209924][ T5558]  loop5: unable to read partition table
[ 1377.219257][ T5558] loop5: partition table beyond EOD, truncated
[ 1377.225734][ T5558] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:45 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x3)
memfd_create(0x0, 0x2)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000080}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="300418ef", @ANYRES16=r1, @ANYBLOB="300026bd7000ffdbdf25050000000c000200080002004e2100002c000100080004004e240000080004004e210000080004004e2200000800050002000000080002003b00000008000400000200000800040001000100080004000000fcff0800050005000000"], 0x6c}, 0x1, 0x0, 0x0, 0x400c000}, 0x8000)

10:23:45 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:45 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x2000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:45 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4c}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:45 executing program 5:
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x40800, 0xa)
fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000400))
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x400, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x80)
write$selinux_context(r1, &(0x7f00000000c0)='system_u:object_r:etc_t:s0\x00', 0x8)
write$P9_RLCREATE(r1, &(0x7f0000000280)={0xfffffffffffffeb3, 0xf, 0x2, {{0xc0, 0x3, 0xa}, 0x1}}, 0x133)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000680)={<r2=>0x0}, &(0x7f00000006c0)=0x8)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000700)={r2, 0x7}, &(0x7f0000000740)=0x8)
getsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f00000001c0)={@multicast2}, &(0x7f0000000200)=0x8)
accept$ax25(r1, &(0x7f0000000780)={{0x3, @null}, [@null, @netrom, @null, @null, @rose, @netrom, @null]}, &(0x7f0000000800)=0x48)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
lsetxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='security.ima\x00', &(0x7f0000000140)=@md5={0x1, "01aa9e59dd2137e6aa64c56bb890f6ba"}, 0x11, 0x1)
fstat(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
ioctl$SIOCAX25GETUID(r1, 0x89e0, &(0x7f0000000080)={0x3, @default, r3})
ioctl$int_out(r1, 0x5460, &(0x7f0000000240))
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000340)={0x4, [0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000380)=0x14)
ioctl$HDIO_GETGEO(r1, 0x301, &(0x7f0000000640))

10:23:45 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x50}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:45 executing program 5:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x40, 0x0)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00')
sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f0000000640)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000400)={&(0x7f0000000100)={0x2d4, r1, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x4c, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7db6ddf2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x915d}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1ff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4a}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x200}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xf4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffff}]}, @TIPC_NLA_LINK={0x4}, @TIPC_NLA_BEARER={0x154, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x81}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0xc9, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x5}}, {0x14, 0x2, @in={0x2, 0x4e21, @empty}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @loopback}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x3, @remote, 0x1f}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'hwsim0\x00'}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe03}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'ip6tnl0\x00'}}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb0}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}]}, @TIPC_NLA_NET={0x1c, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}]}, @TIPC_NLA_MON={0x34, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x80}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x300}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x400}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3d}]}, @TIPC_NLA_NET={0x1c, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x4}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}]}, @TIPC_NLA_MEDIA={0x7c, 0x5, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x74f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7e767b98}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100000000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_MON={0x1c, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80000001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1000}]}, @TIPC_NLA_MEDIA={0x18, 0x5, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}]}]}]}, 0x2d4}, 0x1, 0x0, 0x0, 0x4000810}, 0x0)
r2 = inotify_add_watch(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x40000000)
inotify_rm_watch(r0, r2)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

[ 1377.454970][ T5582] binder: BINDER_SET_CONTEXT_MGR already set
[ 1377.467843][ T5582] binder: 5579:5582 ioctl 40046207 0 returned -16
[ 1377.485134][ T5590] binder: BINDER_SET_CONTEXT_MGR already set
[ 1377.494331][ T5590] binder: 5579:5590 ioctl 40046207 0 returned -16
10:23:46 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x10}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1377.670616][ T5606] binder: BINDER_SET_CONTEXT_MGR already set
[ 1377.682295][ T5606] binder: 5603:5606 ioctl 40046207 0 returned -16
[ 1377.692831][ T5602] Dev loop5: unable to read RDB block 1
[ 1377.703195][ T5602]  loop5: unable to read partition table
[ 1377.714305][ T5602] loop5: partition table beyond EOD, truncated
[ 1377.736750][ T5602] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:46 executing program 4:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000040)=ANY=[@ANYRES16=r0], 0x2)
timerfd_gettime(r0, &(0x7f0000000080))

10:23:46 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000180)=""/152)

10:23:46 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x60}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:46 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x28}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:46 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
getrandom(&(0x7f0000000000)=""/164, 0xa4, 0x2)

10:23:46 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x38}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1378.222723][ T5621] Dev loop5: unable to read RDB block 1
[ 1378.228778][ T5621]  loop5: unable to read partition table
[ 1378.267423][ T5621] loop5: partition table beyond EOD, truncated
[ 1378.282414][ T5621] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:46 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x3000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:46 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x68}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:46 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x48}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1378.409049][ T5641] binder: BINDER_SET_CONTEXT_MGR already set
[ 1378.438171][ T5621] Dev loop5: unable to read RDB block 1
[ 1378.448598][ T5641] binder: 5639:5641 ioctl 40046207 0 returned -16
10:23:46 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6c}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1378.461838][ T5621]  loop5: unable to read partition table
[ 1378.478603][ T5621] loop5: partition table beyond EOD, truncated
10:23:47 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4c}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1378.535045][ T5621] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:47 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x74}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1378.687025][ T5662] binder: BINDER_SET_CONTEXT_MGR already set
[ 1378.707065][ T5662] binder: 5659:5662 ioctl 40046207 0 returned -16
10:23:47 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)

[ 1378.943975][ T5670] Dev loop5: unable to read RDB block 1
[ 1378.950588][ T5670]  loop5: unable to read partition table
[ 1378.963913][ T5670] loop5: partition table beyond EOD, truncated
[ 1378.976216][ T5670] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:47 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0adc1f123c123f319bc070")
rt_sigprocmask(0x2, &(0x7f0000000040), 0x0, 0x8)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x141000, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f00000002c0)=ANY=[@ANYRES32=<r2=>0x0, @ANYBLOB="61000000caf0bcc11fd7847b347fb35df7a7ce36e9bb88b3272b471f9df5a5e2c36ed77fd26aa10d3360e694e5e923b9fdde9e616adcd0a6de0315b1bd1a62bfd1ac67f0f38ce3c832d9dfa224dd3b4b1293569b3b60a596a7e2633f3901ebf7cef6d5032026a410c7c8e1b89a"], &(0x7f0000000200)=0x69)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000240)={r2, 0xa49}, &(0x7f0000000280)=0x8)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f0000ffe000/0x2000)=nil, 0x2000, &(0x7f00000000c0)=""/64)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:47 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7a}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:47 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x10000001, 0x31, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000000080))

10:23:47 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x50}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1379.152711][ T5670] Dev loop5: unable to read RDB block 1
[ 1379.158366][ T5670]  loop5: unable to read partition table
[ 1379.164650][ T5670] loop5: partition table beyond EOD, truncated
[ 1379.183625][ T5670] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1379.226414][ T5682] binder_fixup_parent: 22 callbacks suppressed
[ 1379.226424][ T5682] binder: 5680:5682 got transaction with invalid parent offset or type
[ 1379.247333][ T5682] binder_transaction: 41 callbacks suppressed
[ 1379.247349][ T5682] binder: 5680:5682 transaction failed 29201/-22, size 64-16 line 3389
10:23:47 executing program 5:
r0 = accept$nfc_llcp(0xffffffffffffff9c, &(0x7f0000000000), &(0x7f0000000080)=0x60)
getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f00000000c0)=""/67, &(0x7f0000000140)=0x43)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

[ 1379.277492][ T5684] binder: BINDER_SET_CONTEXT_MGR already set
[ 1379.301200][ T5684] binder: 5681:5684 ioctl 40046207 0 returned -16
[ 1379.326382][ T5690] binder: 5681:5690 got transaction with invalid parent offset or type
[ 1379.344444][ T8289] binder_release_work: 41 callbacks suppressed
[ 1379.344452][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1379.371258][ T5691] binder_alloc_new_buf_locked: 3 callbacks suppressed
10:23:47 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x4000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1379.371265][ T5691] binder_alloc: 5680: binder_alloc_buf, no vma
10:23:47 executing program 4:
syz_emit_ethernet(0x6e, &(0x7f0000000080)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "02290f", 0x38, 0x3a, 0x0, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @mcast2, {[], @icmpv6=@pkt_toobig={0x5, 0x0, 0x0, 0x0, {0x0, 0x6, "9433df", 0x0, 0x29, 0x0, @loopback, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb]}, [], "802a08000000006b"}}}}}}}, 0x0)

[ 1379.434440][ T5691] binder: 5680:5691 transaction failed 29189/-3, size 64-16 line 3148
[ 1379.434469][ T5690] binder: 5681:5690 transaction failed 29201/-22, size 64-16 line 3389
[ 1379.479809][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1379.501937][ T5695] Dev loop5: unable to read RDB block 1
[ 1379.510858][ T5695]  loop5: unable to read partition table
10:23:48 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x300}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1379.537734][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1379.551160][ T5695] loop5: partition table beyond EOD, truncated
10:23:48 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x60}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1379.578995][ T5695] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:48 executing program 4:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x7)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x84050000, @loopback}], 0x1c)

[ 1379.634722][ T5707] binder: 5705:5707 got transaction with invalid parent offset or type
[ 1379.650958][ T5707] binder: 5705:5707 transaction failed 29201/-22, size 64-16 line 3389
[ 1379.693589][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1379.719902][ T5714] binder: BINDER_SET_CONTEXT_MGR already set
[ 1379.734370][ T5708] Dev loop5: unable to read RDB block 1
[ 1379.749140][ T5708]  loop5: unable to read partition table
[ 1379.754893][ T5707] binder: BINDER_SET_CONTEXT_MGR already set
[ 1379.754930][ T5707] binder: 5705:5707 ioctl 40046207 0 returned -16
[ 1379.755016][ T5716] binder_alloc: 5705: binder_alloc_buf, no vma
[ 1379.775025][ T5714] binder: 5713:5714 ioctl 40046207 0 returned -16
[ 1379.799194][ T5719] binder: 5713:5719 transaction failed 29189/-22, size 64-16 line 2995
[ 1379.806212][ T5708] loop5: partition table beyond EOD, truncated
[ 1379.825145][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1379.829442][ T5708] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1379.840067][ T5716] binder: 5705:5716 transaction failed 29189/-3, size 64-16 line 3148
10:23:48 executing program 4:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x7)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x2c010000, @loopback}], 0x1c)

10:23:48 executing program 5:
fstat(0xffffffffffffff9c, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', &(0x7f0000000040)='./file0\x00', 0x6, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000080)="53622c7a46c886e477ef09c2c085810bc488e4cd861effe25021dcf3", 0x1c, 0x9}], 0x10a0034, &(0x7f0000000180)=ANY=[@ANYBLOB='utf8,iocharset=maccroatian,map=normal,smackfsroot=,mask=^MAY_EXEC,dont_measure,fowner<', @ANYRESDEC=r0, @ANYBLOB=',permit_\x00irectio,\x00'])
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

[ 1379.896101][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
10:23:48 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
r0 = memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
r1 = dup3(r0, r0, 0x80000)
ioctl$VIDIOC_SUBDEV_G_CROP(r1, 0xc038563b, &(0x7f00000000c0)={0x1, 0x0, {0x3, 0x10001, 0x9, 0x8}})
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:48 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x500}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:48 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x68}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1380.038812][ T5728] binder_alloc: 5725: binder_alloc_buf, no vma
[ 1380.045883][ T5728] binder: 5725:5728 transaction failed 29189/-3, size 64-16 line 3148
[ 1380.063500][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1380.098180][ T5733] binder: BINDER_SET_CONTEXT_MGR already set
[ 1380.107205][ T5733] binder: 5725:5733 ioctl 40046207 0 returned -16
[ 1380.134783][ T5732] binder: 5731:5732 got transaction with invalid parent offset or type
10:23:48 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6c}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:48 executing program 5:
syz_read_part_table(0x0, 0xaaaaaaaaaaaab85, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x8001, 0x180)
setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000040)=0x1400000000000000, 0x2)
sendto$x25(r0, &(0x7f0000000640)="db5ebfcbb61b6369c6fbf25986a690a4bc6496ec76f7ec1808f1fd95fdbc62345c9ee985cd348bd936d9ebac444d17d73026665efffb32fcd07a990b1cc082fcbee1612eb2282678e9910a5c81e598e7905bcdb49006e4053d26dcb44d9c64729b5a080452af86a249e87f020d0f173953fbc156193c1bcbd1704f48f68ad50e7e857c9381ff6448c1d2df4e82a91add31d799ff7b794355518f327d7db87d8e93e1a7f0340e00eaa97f5647032e3728e871e27a1229b890fb5f29d5046ce69f44208b6b17d6807b098f5480bec5c1270e", 0x0, 0x4000000, &(0x7f0000000180)={0x9, @null='               \x00'}, 0x12)
ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000280)={0x0, {0x2, 0x4e21}, {0x2, 0x4e22, @local}, {0x2, 0x4e23, @broadcast}, 0x100, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x7, 0x4a4})
ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000240)={0xa30000, 0x8, 0x6, [], &(0x7f0000000200)={0x9a0918, 0x9, [], @p_u16=&(0x7f00000001c0)=0x80000000}})

[ 1380.211134][ T5732] binder: 5731:5732 transaction failed 29201/-22, size 64-16 line 3389
[ 1380.241358][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1380.254603][ T5732] binder: BINDER_SET_CONTEXT_MGR already set
[ 1380.283022][ T5742] binder: 5731:5742 got transaction with invalid parent offset or type
[ 1380.297440][ T5732] binder: 5731:5732 ioctl 40046207 0 returned -16
[ 1380.325370][ T5742] binder: 5731:5742 transaction failed 29201/-22, size 64-16 line 3389
[ 1380.340433][ T5746] binder: BINDER_SET_CONTEXT_MGR already set
[ 1380.360645][ T5746] binder: 5743:5746 ioctl 40046207 0 returned -16
10:23:48 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x5000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:48 executing program 4:
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000005fc0), 0x800000000000059, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f00000000c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x974, 0x20c0)
ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000780)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x111}}, 0x20)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000080), 0xf6)
ioctl$BLKIOMIN(0xffffffffffffffff, 0x1278, &(0x7f0000000200))
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)
mmap$binder(&(0x7f0000953000/0x2000)=nil, 0x2000, 0x3, 0x100010, r0, 0x0)

[ 1380.368605][ T5746] binder: 5743:5746 got transaction with invalid parent offset or type
[ 1380.384167][ T5746] binder: 5743:5746 transaction failed 29201/-22, size 64-16 line 3389
[ 1380.400913][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1380.416563][ T8289] binder: undelivered TRANSACTION_ERROR: 29201
[ 1380.420507][ T5752] binder: BINDER_SET_CONTEXT_MGR already set
[ 1380.438234][ T5752] binder: 5743:5752 ioctl 40046207 0 returned -16
10:23:48 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x600}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:48 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x74}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1380.510577][   T26] audit: type=1400 audit(1555064628.933:1001): avc:  denied  { map } for  pid=5756 comm="syz-executor.4" path="/dev/admmidi0" dev="devtmpfs" ino=221919 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:device_t:s0 tclass=file permissive=1
[ 1380.608559][ T5766] binder: 5764:5766 got transaction with invalid parent offset or type
[ 1380.641201][ T5749] Dev loop5: unable to read RDB block 1
[ 1380.646831][ T5749]  loop5: unable to read partition table
10:23:49 executing program 4:
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000005fc0), 0x800000000000059, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f00000000c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x974, 0x20c0)
ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000780)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x111}}, 0x20)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000080), 0xf6)
ioctl$BLKIOMIN(0xffffffffffffffff, 0x1278, &(0x7f0000000200))
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)
mmap$binder(&(0x7f0000953000/0x2000)=nil, 0x2000, 0x3, 0x100010, r0, 0x0)

[ 1380.664502][ T5768] binder: 5764:5768 got transaction with invalid parent offset or type
[ 1380.707531][ T5749] loop5: partition table beyond EOD, truncated
[ 1380.714654][ T5770] binder: BINDER_SET_CONTEXT_MGR already set
[ 1380.728693][ T5770] binder: 5769:5770 ioctl 40046207 0 returned -16
10:23:49 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x700}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1380.754634][ T5749] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1380.765907][ T5774] binder: 5769:5774 got transaction with invalid parent offset or type
[ 1380.793174][ T5774] binder: transaction release 7328 bad handle 1, ret = -22
10:23:49 executing program 4:
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000005fc0), 0x800000000000059, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f00000000c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x974, 0x20c0)
ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000780)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x111}}, 0x20)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000080), 0xf6)
ioctl$BLKIOMIN(0xffffffffffffffff, 0x1278, &(0x7f0000000200))
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)
mmap$binder(&(0x7f0000953000/0x2000)=nil, 0x2000, 0x3, 0x100010, r0, 0x0)

[ 1380.881165][ T5779] binder: 5777:5779 got transaction with invalid parent offset or type
10:23:49 executing program 1:
r0 = creat(&(0x7f0000000200)='./file0\x00', 0x4)
setsockopt$RDS_GET_MR(r0, 0x114, 0x2, &(0x7f0000000380)={{&(0x7f0000000240)=""/228, 0xe4}, &(0x7f0000000340), 0x26}, 0x20)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x4c180, 0x0)
getsockopt$XDP_STATISTICS(r1, 0x11b, 0x7, &(0x7f0000000180), &(0x7f00000001c0)=0x18)
r2 = request_key(&(0x7f00000003c0)='blacklist\x00', &(0x7f0000000400)={'syz', 0x1}, &(0x7f0000000440)='/dev/sequencer2\x00', 0xfffffffffffffffa)
select(0x40, &(0x7f00000015c0)={0x9, 0x101, 0x5, 0x9133, 0x8, 0x0, 0x7, 0x3}, &(0x7f0000001600)={0x1, 0x6, 0x79, 0x460d, 0x3ff, 0x400, 0x81, 0x9}, &(0x7f0000001640)={0x0, 0x7, 0xf43c, 0x7, 0x100000000, 0x0, 0x80000000}, &(0x7f0000001680))
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000480)={r2, 0x3, 0x7}, &(0x7f00000004c0)={'enc=', 'raw', ' hash=', {'wp512-generic\x00'}}, &(0x7f0000000540)="7976724aadf83b36b823b68d1dcba2d0dab58887ba77c4503acce05e0c3b07d7545d4efd5ac913dad9177418e6581810f5e41da469519940ca4663e3770ce94f2f37393cc30d458f84f5bd60965fccce5ee53abf5ebaff", &(0x7f00000005c0)=""/4096)
socket$caif_stream(0x25, 0x1, 0x1)
ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000000140)={0x0, 0x7fffffff, 0x1d2fc000000, &(0x7f0000000100)=0xa1})
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
ioctl$UI_SET_RELBIT(r1, 0x40045566, 0x0)

10:23:49 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7a}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:49 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x2000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:49 executing program 5:
r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x1, 0x8000)
fcntl$notify(r0, 0x402, 0x29)
getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000040), &(0x7f0000000080)=0x40)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r0, &(0x7f00000000c0)={0x2})

10:23:49 executing program 4:
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$admmidi(0x0, 0x974, 0x20c0)
ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)
mmap$binder(&(0x7f0000953000/0x2000)=nil, 0x2000, 0x3, 0x100010, r0, 0x0)

10:23:49 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x6000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1381.478245][ T5804] binder: BINDER_SET_CONTEXT_MGR already set
[ 1381.485516][ T5799] Dev loop5: unable to read RDB block 1
[ 1381.501274][ T5799]  loop5: unable to read partition table
[ 1381.508970][ T5799] loop5: partition table beyond EOD, truncated
[ 1381.519261][ T5804] binder: 5796:5804 ioctl 40046207 0 returned -16
10:23:50 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x2800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:50 executing program 4:
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$admmidi(0x0, 0x974, 0x20c0)
ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)
mmap$binder(&(0x7f0000953000/0x2000)=nil, 0x2000, 0x3, 0x100010, r0, 0x0)

[ 1381.525985][ T5799] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1381.565557][ T5804] binder_alloc: 5796: binder_alloc_buf, no vma
10:23:50 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x300}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:50 executing program 5:
syz_read_part_table(0xffff, 0x0, &(0x7f0000000000))
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

10:23:50 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1381.758807][ T5831] binder: BINDER_SET_CONTEXT_MGR already set
[ 1381.776344][ T5831] binder: 5829:5831 ioctl 40046207 0 returned -16
[ 1381.791040][ T5832] binder: BINDER_SET_CONTEXT_MGR already set
[ 1381.797339][ T5832] binder: 5829:5832 ioctl 40046207 0 returned -16
10:23:50 executing program 4:
rt_sigsuspend(&(0x7f00000000c0), 0x8)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r0, 0x1000000000016)

10:23:50 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3f00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:50 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x500}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:50 executing program 5:
lsetxattr(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)=@random={'system.', '\x8b\x00'}, &(0x7f0000000300)='/dev/adsp#\x00', 0xb, 0x2)
r0 = syz_open_dev$adsp(&(0x7f0000000200)='/dev/adsp#\x00', 0x5, 0x200000)
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5387, &(0x7f0000000240))
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000000)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x370, 0x23}])

10:23:50 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x7000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:50 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000840)='/dev/qat_adf_ctl\x00', 0xc0080, 0x0)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000880)={'raw\x00'}, &(0x7f0000000900)=0x54)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100)=0x7ff)
sendmsg(r1, &(0x7f0000000800)={&(0x7f0000000200)=@in={0x2, 0x4e23, @broadcast}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000280)="35595a81d99334df7729a850c53d639a2b488b969da195f45d6c", 0x1a}], 0x1, &(0x7f0000000300)=[{0x48, 0x0, 0x9, "03feba3dae5fe412a070e153f605748070be567bea793eb506abe58621ebd11400730d6dce493d66bc7d761983420d179934f761"}, {0x90, 0x0, 0xffff, "64af8327bd2d9acd1bb6a06e98e96d887b2eb04c9e48f7b8adff535c4f576a7e0c8c95bdd40ce897daacc1ce177786c4e33de53f5f8b512a4af6b51f252079c61159f25eb598debe551fad93f9a896676e5fb2dd307e38afd3d57ae2a5a05706bb4bfd550d7ac3c9d5477a12972338bed6fffa84d76c740a8db152b46420"}, {0x60, 0x88, 0x80, "794c5b3d05b28b224abdfb386801b34c83cef178ff7dda9bf569962a15625b8917f7d49d4f7e14d6eb6060c427ded7d526f464ff883cb53385608a465542a1e6caa59eebb3c76129b182"}, {0xa0, 0x0, 0xffff, "653ab45b3eaa6e4831afb4089c9890e0e2b50e7ef6ba779d26c2b4d9062a6e55bafb31ce2751c2045331504dbb44eb7abacc4a450d9062c404ee2a69b3fa38abc4469fef4697a5b658ed9dcba4bcaee89835c56f700cc9be5c17ce14e985dc5d070abaa19e7c9f2b5aaf0f84b514da2408c7b88bafe8e7486e259d07c158a623eddf9d3751974ed44c2c"}, {0x40, 0x189, 0x4, "2ace7de354b2569e9359cd17ce3ef2a07e712d54ed660f47d304b9825353191813c427102c1f3909696a"}, {0xb0, 0x10e, 0xa3fb, "7875a7c401b6f4f389661af8226c8ac41f613ec821e990155f8b22b9223b873022318bf841c42d6af36dba7bb46f63e362a371ae47bef0201f88898869be7c5be2d0f6bd2a7ce934c1ce3417dbcf3ef6f211ba76eaeef52063c86263254e044eb604f25b91252b9372a358e126e79613ef56cbefcf48ff4a3ec2a9178f9a4b07f13d1f44b75d45c2811ef50ef448b12bde99b9ad35387ddddb13"}, {0xb8, 0x109, 0x80000000, "ef98fffef6c61fe39af86c7e6ca36c763cb26c15811589dc3e76594213ab680d4e83f0df458dfa2c2af99b4ce3eec0bcc2a5fe37b615be017324b60bdf92fa0c2432ff0ac3589ee41c2f6cf37e7f94ad4577cdaba3e6664ccdcc021200ef5929146b5b4f1fb7935bc678933acf7c620ffe0b026d4c30ef3f9c7f22e7571f15c71c6d6881d495af6b74efec50d05cc739f3897caa0da305f501cba1e9142f93f904ba2889"}, {0x70, 0x10b, 0x9, "ab92b39313134a2429bd2fd2a4dc46712690624b4fb948419f378a1ab304d7f2b926e1f2b072e8b5453faccc8681c7b6b8f4a1516b5ef040e7a1b09070bd915678d4a0f607b40bb3cda91791e0410cc14fc82b2cf3f57b01d6af9cda76f958"}, {0x68, 0x119, 0x5, "28166d9fdfe4e73938edb283cd15311a7040f28f39ae05065a4b5754e629a638332ac5d1e6a784e418b4302ccf6fbd93cee4d2ebf9011313ea4c9caaa0d12b647368229a300991fb45381f5c2e5e1619c9"}, {0xa0, 0x0, 0xfffffffffffffffa, "7bacb9309c4c8f30a7bbf003eeffaa4a3a29da8051a0e346de30d8efff265e08679bdf95d5c1fcbfb248f4a5d324afe051064ea3ba39c33efe6a3529d5de912124d6a03049a7886cfad1286a0223ac49a8879c79641c4b2ab997c33d853a4879f361ae456afbc273114bd53662ebfbea0f5da4dfa331f9ae0fb0e8253865ffb391718be67ac9505f2deb538e8813a250"}], 0x4f8}, 0x51)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_opts(r2, 0x29, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x8)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
sendmmsg(r2, &(0x7f0000005fc0), 0x8000000000000fc, 0x3c00000000000000)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000940)={{{@in6=@mcast2, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@loopback}, 0x0, @in=@multicast2}}, &(0x7f0000000a40)=0xe8)
ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f0000000040)={@local, @remote, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x8, 0x400, 0x5, 0x100, 0x200, 0x90020, r4})
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

[ 1382.455584][ T5860] binder_alloc: 5859: binder_alloc_buf, no vma
[ 1382.478468][ T5858] binder: BINDER_SET_CONTEXT_MGR already set
[ 1382.496828][ T5866] binder: BINDER_SET_CONTEXT_MGR already set
[ 1382.497214][ T5858] binder: 5857:5858 ioctl 40046207 0 returned -16
[ 1382.517446][ T5866] binder: 5859:5866 ioctl 40046207 0 returned -16
[ 1382.524806][ T5862] Dev loop5: unable to read RDB block 1
[ 1382.532157][ T5862]  loop5: unable to read partition table
[ 1382.539287][ T5871] binder_alloc: 5857: binder_alloc_buf, no vma
10:23:51 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x600}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1382.552971][ T5862] loop5: partition table beyond EOD, truncated
[ 1382.568652][ T5862] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:51 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:51 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x700}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1382.616153][ T5874] binder_alloc: 5873: binder_alloc_buf, no vma
10:23:51 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="025f5cc5c3a6c8d5c52dcabe22151adae0fa916e925f954e9187a7813aa5071a93f38eec8e3d0d3feea4d0311b86876d733f0566868141f2463d327e2be6a1dd7562308a002bbf857809fd0d86a7f3a7cada0db6938fdd0a62e6e6813f02a9c57fff8b9efcf79f96f74208952f069af6754f09fef00bfa2a28a6e1fa4f7060f629c0c4c850a9191c4329b3b6cf9c2a954e3781ace1214f64cff8b78c91804bade9b4d8805c366f6e1666f319eefe231206d5ad24b8a0225d", 0xb8)

[ 1382.709303][ T5882] binder_alloc: 5881: binder_alloc_buf, no vma
[ 1382.723116][ T5883] binder: BINDER_SET_CONTEXT_MGR already set
10:23:51 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x2000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1382.749456][ T5883] binder: 5880:5883 ioctl 40046207 0 returned -16
10:23:51 executing program 4:
inotify_init()
pivot_root(0x0, 0x0)
openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = gettid()
getgid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000))
getsockopt$inet_buf(r0, 0x0, 0x0, 0x0, 0x0)
ioctl$TCGETS(0xffffffffffffffff, 0x5401, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0)
ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, 0x0)
tkill(r1, 0x1000000000016)

[ 1382.834568][ T5890] Dev loop5: unable to read RDB block 1
[ 1382.842666][ T5894] binder: BINDER_SET_CONTEXT_MGR already set
[ 1382.856070][ T5894] binder: 5893:5894 ioctl 40046207 0 returned -16
[ 1382.867148][ T5890]  loop5: unable to read partition table
10:23:51 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x2800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:51 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1382.882817][ T5897] binder: BINDER_SET_CONTEXT_MGR already set
[ 1382.895446][ T5897] binder: 5893:5897 ioctl 40046207 0 returned -16
[ 1382.906642][ T5890] loop5: partition table beyond EOD, truncated
[ 1382.945050][ T5890] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1382.990001][ T5905] binder_alloc: 5903: binder_alloc_buf, no vma
10:23:51 executing program 4:
r0 = gettid()
syz_open_procfs(r0, &(0x7f0000001640)='net/ip_vs_stats_percpu\x00')
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet(r2, &(0x7f0000000500)={0x2, 0x0, @local}, 0x10)
setxattr(&(0x7f0000000340)='./file0\x00', &(0x7f0000000b00)=ANY=[@ANYBLOB="74656530200099f7f3b0b90b4fb88d3921cb954f09b9bc2cac34c3026d27cde75de1d01e2ccc5116a291e00402e256e6275345000000e9810abbd511d85443b7fef6ea1e14772b695e006725a270e437d150c36def8976c7d3936b01000e9fdb8ce05a24fef7bf72e54b6acf6639ba20001c000000000000f2000000000000000000000000000000000035c45884fab5251cffb061d7eaa599d22bf087c304804b8965eb33fd613944900627ec1e83a4f4736c417cd635a67bf54eb73aac9d5ba69cd285d474c079288472b1fb73fa473183104ff6f654e0a9681462bc6c9bd1fd5680670ccf957d112e9d3cf30ebfaa49877fb7c3513aede0c8cf510a4227382511020bcb34ff5cd54ff82e1ba7710968e03978ee9e8d1bcc4707b2476255a1eb557467863d087cb7e35ea84dd197d40ccf40f5b5c9140f365c24e342431beea98a41e5f579c0c045e421d5e29c49d317fe1ccacb2e927c7d207f64d514b62c8dc34889c1ed6a3f1a6934957cce0fd46e8dc96c38428209b2312fdc48c8820c46cabf4845897bf12880614b46bdcb61901d4602cf6e99f3298e37fd704d4762f5fcb787b065ef3a309b65fcb2a5cbe02d0abcb8fa8f196f71f72b5cb57f8c6b6bf37735c38643bd443300000000002d7c217a4e921033e854c6f9757e4fc4d5129739f902f0b031625a15219b99ba610c778c6b5234ff3e1fde828d003a2c999c0e7a80d0800838df906521098753129d00c261325938086abb174ddfd6eab278fd8a65f0daf678f43197e2690393994a2f73a8dc6453dba9496b199296ac147b1d39fed43242dbd82fb805f1a372e7fc4088327f502656b3c8f1b610ab3aad8b32b0cbc4883336252dd8b0151eecbfd1e17adc8f7a4046d4bf64a6fe712af79450ed71a6eca037f32bc7d711aeb81f638a73c39eb307da8fecfeeafd92be8e28718394bdbc655dd4b3e5b3e91e0a1ce6042c2fcc58a51c1101d4e1d05e4f8115c6d183ac4630c60ccd2f5f6e"], 0x0, 0x0, 0x2)
ioctl$sock_inet_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f00000004c0))
syz_extract_tcp_res$synack(&(0x7f0000000300), 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000080)={0x750, {0x2, 0xffffff7ffffffffe, @dev={0xac, 0xc}}, {0x2, 0x4e21, @remote}, {0x2, 0x0, @broadcast}, 0xfd00})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)=<r3=>0x0)
ptrace(0x11, r3)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000680)='./file0\x00')
ioctl$sock_inet_SIOCGIFDSTADDR(0xffffffffffffffff, 0x8917, &(0x7f0000000280)={'vcan0\x00', {0x2, 0x0, @multicast1}})
sendmsg$key(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000ac0)=ANY=[@ANYPTR64=&(0x7f0000000e80)=ANY=[@ANYBLOB="2a36d47aa70cdb93cc4298005e59c50c210f6cd6286fc7ea920d8f779edd997f53b98c7c898b700ca20c821a960100677db1629717156ff21d4c974aaf947dc6860951460614be6e896843c20df1d1890fdeef8441ae936bf601358b72a5a6968c06fa52cac5dbc264da99484508aef36020503b831be1231c2698816f987974308a50503bb8e9f844d3625b696acff6edcc0daffdea5d7f0476d0874241fb4fbf183999b15a58644e7a9a8bb8601fb644ab392a3bab515f74696db00ff722dcd5e3e288db3cc8279db52fe170c44f600da11cefe8d3497cfa93dea194", @ANYRESHEX=r3, @ANYRES64=r1, @ANYRESDEC=r1, @ANYRESHEX=r2, @ANYRES16]], 0x8}}, 0x1)
r4 = socket$packet(0x11, 0x3, 0x300)
accept4(r4, 0x0, 0x0, 0x0)
getsockopt$EBT_SO_GET_INFO(r1, 0x0, 0x80, &(0x7f0000000940)={'broute\x00'}, &(0x7f0000000000)=0x78)
r5 = socket$key(0xf, 0x3, 0x2)
capset(&(0x7f00000006c0)={0x200f1526, r3}, &(0x7f0000000440)={0x7, 0x7, 0x51, 0x800, 0x0, 0x7})
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setpipe(r5, 0x407, 0x6)
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000540), 0xc)
r6 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
getsockopt$EBT_SO_GET_ENTRIES(r1, 0x0, 0x81, &(0x7f00000008c0)={'broute\x00', 0x0, 0x3, 0x64, [], 0x100000000000008f, &(0x7f0000000400)=[{}], &(0x7f0000000840)=""/100}, &(0x7f0000000200)=0x299)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000380)='threaded\x00', 0x9)
ioctl$BLKROGET(r6, 0x125e, &(0x7f0000000040))
openat$dir(0xffffffffffffff9c, &(0x7f0000000780)='./file1\x00', 0x80, 0x40)

10:23:51 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1383.110031][ T5890] Dev loop5: unable to read RDB block 1
[ 1383.134478][ T5890]  loop5: unable to read partition table
[ 1383.154092][ T5890] loop5: partition table beyond EOD, truncated
[ 1383.163394][ T5918] binder_alloc: 5915: binder_alloc_buf, no vma
10:23:51 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x8000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1383.206323][ T5890] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:52 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
r0 = memfd_create(0x0, 0x0)
semget(0x3, 0x7, 0x8)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f00000000c0)={0x8, 0x2, 0x6, 0x6a, 0x8})
mbind(&(0x7f00008b0000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x3, 0xffffffffff)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:52 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4c00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:52 executing program 5:
r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1000, 0x200000)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000080)='nbd\x00')
r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x80, 0x0)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0x40400, 0x0)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x40)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, r1, 0x800, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x8}, @NBD_ATTR_SOCKETS={0x1c, 0x7, [{0x8, 0x1, r2}, {0x8, 0x1, r3}, {0x8, 0x1, r4}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x1)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

10:23:52 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3f00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:52 executing program 4:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffffffffffd, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x3, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x11)
setsockopt$sock_attach_bpf(r0, 0x29, 0x1b, &(0x7f0000000040)=r0, 0x52d)
close(r0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000003840)={&(0x7f0000000040)=@un=@abs, 0x80, &(0x7f00000000c0)}, 0x0)

10:23:52 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x9000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1384.212531][ T5946] binder: BINDER_SET_CONTEXT_MGR already set
[ 1384.231625][ T5942] Dev loop5: unable to read RDB block 1
[ 1384.237885][ T5942]  loop5: unable to read partition table
[ 1384.244791][ T5946] binder: 5937:5946 ioctl 40046207 0 returned -16
[ 1384.253064][ T5947] binder: BINDER_SET_CONTEXT_MGR already set
[ 1384.263623][ T5942] loop5: partition table beyond EOD, truncated
[ 1384.271251][ T5947] binder: 5933:5947 ioctl 40046207 0 returned -16
[ 1384.274869][ T5942] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1384.282186][ T5952] binder_transaction: 27 callbacks suppressed
[ 1384.282204][ T5952] binder: 5933:5952 transaction failed 29189/-22, size 64-16 line 2995
10:23:52 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:52 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:23:52 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x5000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1384.320335][ T5947] binder_fixup_parent: 13 callbacks suppressed
[ 1384.320345][ T5947] binder: 5933:5947 got transaction with invalid parent offset or type
[ 1384.336043][ T5947] binder: 5933:5947 transaction failed 29201/-22, size 64-16 line 3389
[ 1384.405952][ T5959] binder_alloc_new_buf_locked: 1 callbacks suppressed
[ 1384.407266][ T5959] binder_alloc: 5954: binder_alloc_buf, no vma
[ 1384.445522][ T5959] binder: 5954:5959 transaction failed 29189/-3, size 64-16 line 3148
[ 1384.459482][ T5955] Dev loop5: unable to read RDB block 1
[ 1384.471154][ T5955]  loop5: unable to read partition table
[ 1384.486796][ T5965] binder: BINDER_SET_CONTEXT_MGR already set
[ 1384.496837][ T5955] loop5: partition table beyond EOD, truncated
10:23:53 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1384.507855][ T5965] binder: 5963:5965 ioctl 40046207 0 returned -16
[ 1384.507887][ T8289] binder_release_work: 29 callbacks suppressed
[ 1384.507901][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1384.514476][ T5966] binder: BINDER_SET_CONTEXT_MGR already set
[ 1384.514493][ T5966] binder: 5954:5966 ioctl 40046207 0 returned -16
[ 1384.532146][ T5955] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1384.549910][ T5968] binder_alloc: 5954: binder_alloc_buf, no vma
[ 1384.616978][ T5968] binder: 5963:5968 transaction failed 29189/-3, size 64-16 line 3148
[ 1384.640522][ T5972] binder_alloc: 5971: binder_alloc_buf, no vma
10:23:53 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x8000, 0x0)
ioctl$UI_SET_FFBIT(r0, 0x4004556b, 0x58)
openat$cgroup_int(r0, &(0x7f0000000040)='cpuset.mem_hardwall\x00', 0x2, 0x0)

10:23:53 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4c00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1384.659764][ T5972] binder: 5971:5972 transaction failed 29189/-3, size 64-16 line 3148
[ 1384.672216][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1384.725789][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1384.733739][ T5975] binder: 5963:5975 transaction failed 29189/-22, size 64-16 line 2995
[ 1384.804744][ T5978] Dev loop5: unable to read RDB block 1
[ 1384.821818][ T5981] binder_alloc: 5980: binder_alloc_buf, no vma
[ 1384.834946][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1384.847393][ T5978]  loop5: unable to read partition table
[ 1384.863585][ T5981] binder: 5980:5981 transaction failed 29189/-3, size 64-16 line 3148
[ 1384.888030][ T5978] loop5: partition table beyond EOD, truncated
[ 1384.907425][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1384.921391][ T5978] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1385.022222][ T5978] Dev loop5: unable to read RDB block 1
[ 1385.029263][ T5978]  loop5: unable to read partition table
[ 1385.044592][ T5978] loop5: partition table beyond EOD, truncated
[ 1385.081003][ T5978] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:53 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
r0 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x642, 0x420002)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000100)={0x6, 0x7, 0x81, 0x0, 0x12, 0x3ff, 0x1ff, 0x1, 0x8, 0x9, 0xffff, 0x8})

10:23:53 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:53 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x5000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:53 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:23:53 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xa000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:53 executing program 5:
r0 = msgget(0x1, 0x0)
msgsnd(r0, &(0x7f0000000000)={0x3, "0439664cfbf1ac4abb21b7827402adad2dae471c103eb9adfbd6d19d502a60e440f3eae083cde96038e3ed85e4e97337f154a15fea6f933e8efc3d5880341751fc3676d50399837a50ffa6a2099715b872ea292e91b6bd78759d1c865e8a5835612354f4c6fc12238aa6be8bfee1b2e0bcec14f1e8497562f6c5cd728ea6f086ebefa0305d30324db412229b9a1abc78eea0a2b3ed598b1a05e008481a9462386e5f1cd06de0b62de9cb8869a7775b498e340f6a41cb6b8e0acf7017e780e2414f70e210b0ee296c49ca39b90642a3e3b5dbb7ee543ac91a5b4f"}, 0xe2, 0x800)
r1 = socket$inet(0x2, 0x8000e, 0x7)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f00000001c0)={<r2=>0x0, 0xda, "ff9416ba14c1649601b213e2950c437c40cec491785eb5166ac52c3db89ef17fe28fb0b5e870e7a6562d8a4b70f478e49bde91699a7ae06b71a0890b35431082af80d3111f2a6ef8c980afbf2aa4957c4c0f1412f5bf223b1c1b12fc8650d4f81b96fc5c2b18be811b0d95fdd2bedbe615bbd2e299e6c2edef8e3756f799a00833cae31400ce774a605a1d46fcddc752709b6b7aea0b65b3c9bc209bf199a7dc7682c486cfb550fcd25d17cb2ffb6bebbf6ee3de260fa009444e019c380dbada265adf2708aeae7df58d1f013dc3d5a8c65508a2173d014ce944"}, &(0x7f00000002c0)=0xe2)
getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000300)={r2, 0x3}, &(0x7f0000000340)=0x8)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

[ 1385.301586][ T5997] binder_alloc: 5996: binder_alloc_buf, no vma
[ 1385.307959][ T5997] binder: 5996:5997 transaction failed 29189/-3, size 64-16 line 3148
[ 1385.339699][ T6007] binder: BINDER_SET_CONTEXT_MGR already set
10:23:53 executing program 5:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x81, 0x0)
sigaltstack(&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080))
bind$llc(r0, &(0x7f0000000040)={0x1a, 0x300, 0x80, 0x100000000, 0x100000001, 0x0, @remote}, 0x10)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
connect$bt_sco(r0, &(0x7f0000000280)={0x1f, {0x2, 0x3, 0x1ff, 0xffffffff, 0x7ff, 0x1000004}}, 0x8)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vsock\x00', 0x200, 0x0)
setsockopt$nfc_llcp_NFC_LLCP_MIUX(r0, 0x118, 0x1, &(0x7f0000000200)=0x7d9d, 0xffffffffffffff74)
r1 = gettid()
waitid(0x1, r1, 0x0, 0x1, &(0x7f00000000c0))

[ 1385.361800][ T6007] binder: 6001:6007 ioctl 40046207 0 returned -16
[ 1385.377003][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1385.398325][ T6013] binder: 6001:6013 transaction failed 29189/-22, size 64-16 line 2995
10:23:53 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1385.445527][ T6016] binder: 6001:6016 transaction failed 29189/-22, size 64-16 line 2995
[ 1385.454270][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1385.483952][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
10:23:53 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1385.547679][ T6017] Dev loop5: unable to read RDB block 1
[ 1385.586276][ T6024] binder_alloc: 6023: binder_alloc_buf, no vma
[ 1385.604042][ T6017]  loop5: unable to read partition table
[ 1385.609790][ T6017] loop5: partition table beyond EOD, truncated
[ 1385.632774][ T6026] binder: BINDER_SET_CONTEXT_MGR already set
[ 1385.638803][ T6026] binder: 6025:6026 ioctl 40046207 0 returned -16
[ 1385.652720][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1385.661153][ T6027] binder: BINDER_SET_CONTEXT_MGR already set
[ 1385.676229][ T6027] binder: 6023:6027 ioctl 40046207 0 returned -16
[ 1385.683597][ T6017] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1385.689729][ T8289] binder: undelivered TRANSACTION_ERROR: 29189
[ 1385.700619][ T6028] binder: 6025:6028 got transaction with invalid parent offset or type
10:23:54 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6800}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:54 executing program 5:
syz_read_part_table(0x0, 0x0, &(0x7f0000001280))

10:23:54 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6c00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1385.896224][ T6035] binder_alloc: 6033: binder_alloc_buf, no vma
[ 1385.957487][ T6043] binder: 6039:6043 got transaction with invalid parent offset or type
[ 1386.011459][ T6047] binder_alloc: 6039: binder_alloc_buf, no vma
[ 1386.016838][ T6043] binder: BINDER_SET_CONTEXT_MGR already set
[ 1386.070971][ T6043] binder: 6039:6043 ioctl 40046207 0 returned -16
10:23:54 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x80000, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:54 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6c00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:54 executing program 5:
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
ioctl$VIDIOC_LOG_STATUS(r0, 0x5646, 0x0)
sched_yield()
r1 = add_key$keyring(&(0x7f0000000200)='keyring\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000400), &(0x7f0000000440)=0x4)
r2 = request_key(&(0x7f00000002c0)='id_resolver\x00', &(0x7f0000000300)={'syz', 0x2}, &(0x7f0000000340)='security\x00', 0xfffffffffffffffd)
r3 = syz_open_dev$vcsn(&(0x7f0000000380)='/dev/vcs#\x00', 0x4, 0x40)
ioctl$EVIOCSKEYCODE_V2(r3, 0x40284504, &(0x7f00000003c0)={0x9, 0xe, 0x4, 0x7, "04aafe11d346264e89544b57a40b52d9914b67fdaca8ae5bd668c4df0293549f"})
keyctl$instantiate(0xc, r1, &(0x7f0000000280)=@encrypted_load={'load ', 'ecryptfs', 0x20, 'user:', ']', 0x20, 0x6, 0x20, [0x32, 0x36, 0x63, 0x38, 0x65, 0x0, 0x0, 0x75]}, 0x33, r2)
syz_read_part_table(0x0, 0x176, &(0x7f0000001280)=[{&(0x7f0000000000)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
ioctl$TIOCSLCKTRMIOS(r0, 0x5457, &(0x7f0000000480))

10:23:54 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:23:54 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xb000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:54 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7400}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1386.531038][ T6057] binder_alloc: 6056: binder_alloc_buf, no vma
[ 1386.545134][ T6067] binder: BINDER_SET_CONTEXT_MGR already set
[ 1386.558132][ T6067] binder: 6058:6067 ioctl 40046207 0 returned -16
10:23:55 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7400}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1386.593782][ T6064] Dev loop5: unable to read RDB block 1
[ 1386.599413][ T6064]  loop5: unable to read partition table
[ 1386.657217][ T6064] loop5: partition table beyond EOD, truncated
10:23:55 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7a00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1386.714980][ T6080] binder_alloc: 6079: binder_alloc_buf, no vma
[ 1386.759732][ T6064] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1386.786874][ T6084] binder: 6082:6084 got transaction with invalid parent offset or type
[ 1386.804373][ T6085] binder: 6082:6085 got transaction with invalid parent offset or type
10:23:55 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7a00}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:55 executing program 5:
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000640)={{{@in6=@loopback, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast1}}, &(0x7f00000003c0)=0xe8)
r1 = syz_open_dev$midi(&(0x7f0000000400)='/dev/midi#\x00', 0x200, 0x204000)
semget(0x0, 0x3, 0xb0)
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000800)={0x3, 0x8})
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000040)='./file0\x00', 0xfffffffffffffffa, 0x6, &(0x7f0000000300)=[{&(0x7f0000000080)="998ae0ec07202b36d7a4b9417ed413c72f989f22d0e6c6b59fcac2d91b779cd36a7431a6c958c7c7dbf35580ff3f6e3461d408f7a132b07086cd413b97f1e53db9dc2039b58601ef78c92f2b57dda571449491a8ec8c2170b47898080c54b99305a10863677c39dbd7c5a7ce203e942945182ec64af1b31602e697a91e921bb0947461ead2c753b28b575ccf0362be9771aadb761ac0fa56a0117da44dc61c9faf0172d064c07da6206b17cf360b0e41f15179acb900a3cf9d179d599a12ccb4ab74e0a03727d99e5b60330e31442b0a30a45ede23c3d621fa97752a7385714f63d4387f097333e3be04940d6422", 0xee, 0x9}, {&(0x7f0000000180)="e277142503d69b0417fd6514ab7921035035bf00d2", 0x15, 0x5}, {&(0x7f00000001c0)="28dbae0af58a1d68d7138033fed564ef22f849a4090e0d2e6f1c7fd5edb31baa15ce8cb55129069187de3dffdce7268da2f2de661d05a562a9f03e96a275704f2e99e00ace17a9cbf2f593a3b392540501b1afb28190", 0x56, 0x100}, {&(0x7f0000000240)="0f5b6d8ece178cfd35ecd928ce71c042239cb11c27bada484b82a361347b24ef211facf25da13edf1ee10773206d053aeb174b7e53c47ba34cabdf5c981aa4dbee302287be42ccbd01fea41581d2889851c644684c7dc41d0e9eea4e8f0288", 0x5f}, {&(0x7f00000002c0)="3f36bf91e9488a3d2890907166d02dfb51f73964484abe1ee35f17904a4081c278", 0x21, 0x7fffffff}, {&(0x7f00000012c0)="410cf91a3def73c37b23af7e4960ee6529f4ad0c75a31fb0b8918b56db72baaf0be8252346a892b33a3f6dff953593eaabd838920f415531daf715675867bb4cc7997ea903d16ef8181a0fb13a3a8b7077cca6fda362cf2f91ed6d1b6dbb910efa2f1aa0013604ef4e85337367b67ac1eca5248296793630c45cbfd210bfefa2d3410136e696de68f08a6cd8673da622172b94524ed82a61158cbd3b521ab8decb425862795e91b7a94e0c5e50c5df4acf7dc0380b7535301ce5b3ebb152ada97cf7948904f81da482a9cdc45415fcceb0808c8e59ff94c604a54809e0abb31dc6b24502fefed3cb8e1b61edaa49d49a3b6be780902751f208b6099510dbbe93608960af01fe699849f99e0ee641f49d1dbbb9b21be0bf11da197c4991161499da0a95e4334e427b11eb9fbd9a077ceb5469c648e71dc98d4baf69e0850684f7bee4574106422513366f05798acf5d70a1d684948b7ae594fbeeb514c8379fa01cf1eeaa4dd822cf0272494725d443e736d5de25968c536cc6610667723d1b6ae4e4eec88ba486659fe1dc94bfc3db99b8a2ceb6880f9c70f0cfc76cb54e6334c40a0afa6f537d8c0a05ca53ddc88a080c6422623091085da99ee1af12e31ae54b802c73b99c6fcf15d37ed607e9b1bd04e98563a091f652915bd19b3614581f6a629db4493447df48a8077d84059bd53c73a5a3a43ddef2ac958e815aaf84c0b287ea3b440cca9e9de813a1b0b4b6acc482111ff1cebb6a96ee0f20e06eda466362240530dffecdb0c4670c4c1a6965f40a4140067384010cfa332afac3980d5cba39f444391402f293f928ff69659c870925d8047e2007e30e4a382d369b9f7c9bf1c184ff3e61b8ab6dff74b69dc995cafd634e6d88da618dc824bae0834ecf5cf925ce28408dac34619b9c0628c6421c77fd0ae1d6615db54835fc7b10a232374bd287f708b58aff8002a740bfdb016b07ad5d3f830f7a7721380f6fd6853727052498358056e2dd1249668ca4068a6f02c2ecf0cc332cd5a68e96f68c84ff06206cf97ff9e6ddfd3438d9dd37704bfeb4eb8c74955c6c06e359973de3671794d61e0136f48740b8f4df473af9533d72bff6b0793ce78351d3c4f35d5e32a3580c16170f723e1363b26336dd3c8ac6eff17d04c5a60273f8cd47b800382f173a0d403ed93e131c6de7de73cf5ed379433ac91b952b1db9fb290903bdfcc626e8b926d76d176a01821d307a21d3b95a364d0da24411187a34f5ff15895077d32aae31b190e89ac6004a632b36cbd8b796a4e14297b68b3d1615e6a121fde6ab9a5e7e402ff40dd0622ed3055aebb179b7ccd74d6d8b03a44013493947e1dcccef155585800f8581c3bf460c52560d5a154c9cb1eca147b8e844848781f789eb79388e6673556c140969665271904427cdbca87b96f0e9b6a46ae9873c12fb7b55f9243f0900a062365ac1212246efcc3af706af0a939d25216806c2611f45d369e67893204952ba0127dbaea51b621c29bbaca70d62049ae4ffe9788ffca7ed64a43ab24ca4efaa7a75524d54d574a3bcddb17d1ccbeaa8abef428ef78f105a647f7fd6e634c805cd9dd9beb96ac0493707aaf592d8ad5810a2fd9f5467371b7e3b7eeda011c1dde14141197eee4582146ab4a53692f594fa2b4527c3442792f18ae91a579aa81e373e144f06bd84f0d17363fc6036d71b1a9b5b09a0f9684d6a7850d68bcf43af123f8800d71077a6c95364c20e5a70134ae7792790a12669543a1ac5f1794e7b1983e18baf4839a6637742703cd4b2215d3e66e16313c27b72a0449f844b7ae937a6112a4717136782025664c2197a18836e6a30f8a77d17d25f8f3b3060757b376bcf936767a9b5d62cd2685f5375276190bdd23b2a1a693c95b52ca0f43f01ce1dd9c7afff48a6a24f30ae47a911f68ed40d9030bbed0979dbdee871a30ba39d8a367c874acd831a5a30f912cdb719d99291361cec0e19554d1fba68d0ec110b73d8dadcdf2e270cfc404393a285b9ab29fa4151ae067f8f54a98ee449af637cd89e158597bd6bcdbba67f457554a4474142d24bcde36da9f84ad013cb3759384b157ddd5a549e9a771b94e7a44978a4115411504fe3a155fb04f5aaa921715ead13b0f26859bd0e357db27b7cb764910024028896f4d304e1b7726449a515503043c1cd148c7a4849edb22b88f0bafc81e0580c23e4037dd788d673489a3ed8ca7bbc87060293636e107bdd77185dc0bcf2508af05323ed659246becc687e91c7e32f627f51e825e5114b1c89abe36bb7a515d9ab7a9d9fc68f3aafe80b475050f530d620872700808be87b0fc92d0ca44d979bcd1e366993ed50426488b941b54036517f0837d502f42c1c6c6ad111f5ec67d784cc92cb46af8ce8824d002ffe774e17c652c35c41d2c55acff25a52bf6695a595f222ea4c918cb30d7a214120fffc3c0c171b7454eddca9c12348fc36eb69e51475d3da1865bba6a9812bbae52bd30096d1f80c0aa03b87a03d1b9ca3d4d7f519fb4a48f750d44d249beea3a54f2bc00d87c54668dd18a83c65bfb0ac3ae4bb3662f7f2982079816f3702fa8581b76883caae56e1999731e35be42551f10b5eae6f57ce7e3302f52bf331e1a147a299c497b69a2fd5cf1a70edc6bdf7a9464225fbc388698596969773e38a7ce2ed2dec12fda0f62b52542a008fb6bb80eed85437598690bcbb49f18b0199db37b4ff4582f5623bfc4da4b88ce94aff877b606ce845cd8a2e95215b6d39efeabc9b671f2a6ee2fcf4f735f979dcd43d8fa70904cfcc9f3b29446966728fe5883beee072180d7c1b45a35a6b2754b3d3571be84b256c69930e55ad95d32ebcd411c849133b82d01a5bf85e2c622d55b4277d820615614db69885843603baf33ab9596fb384c805ee779549a1c9e32fe5789bf8a47a30bd9139f1e3e0969e0bc529173e0fd5fc6f0e2d081dcbe8db144e96d2074c251fa95ad644405354b9923902e374b76b7e8d4b31af7eac90843205a4d0388d979b9752a13a19c0853ef700b8765bcf9f430d761bb01e87526f646ad5ee1111ef8fd429cd9e9aee68d85a327708f4dbe89bc7970b9a33614e4bbe8b2cc2a552696f5bf582ba190c371db12d2eeafbb2540d2adfd54b1fcc3ed9f195009546e1bdca357237a4df4141ca2cca6e66c8912cd04d2a24a55433937f333320d7bbfea881a06a6b8708e324690af40aa99af182fa6f5dc02ac11867e523a83ce94c15a606c87fa7437bac2c922bcc023f43d4c971a31f7bf254769156795ad05eef62d56f15967b2aa3c4c30b042ee1b5a80fc0ef85aa6de2b2062992d5f72f0e2bb4e3af15d4c9d4b19ff6a2c13f229668d84432294a965ee57e6ef15d6611f7fd6f01b376dd207ed31a9b332a823165debf53de04756a4a777f7f36ea31e473adbdc692dc2eef9d2055894cf4e6223d72dbc045716ec0ff81f5d38e2a4c3ed6b66432b619fb9901c6269330ed062dc6863c09039f30c59d2b07d2f4155a737110f776dd77af756be292afc856d3822e8159df5dc060c48bcee0d0f785adb846baffeab3600ae66d96df342c5b6be81f1d3df40bbd9cb80f3f94cc6e6892706a15833650849ef3e1852f5156cfe044a30976848803bd76dd3df48800d0bb740c4313a168adcd64e558c70677deb548b0d0076f528a5a3ad695ca1977de5c4aca00cd7c298293001b788535e567e6bf79226736b3ca71cd270014cc4b57e8bca49d7e3a92e8c2cf1a94e839622b16c081aa813807a2ed726a1f9cfdca19a21d290959f0106f3d664d2b0d1e8bfb1449238382b935a009360c6808309e9b8bb8298997fb69a048b30152d6af65c82d2fb28d22e2bf024aaa18ae57abc53692d666541ed8a156406bdf5db145caf4ced0ce40b03b8353936093f3350214332bc2944071e9b3868efe5e7a36b92a29fdb5ad21a29bb24a6ca419cfe52bf2b8882e8d7186ad4f013f57d21c76b27d9c977c6b1d6a9061305ae912aec40942ecd0758a85c641b9fa3a61551f7ebfb4ca3e213c9d6fe3ee93d172b818ec463aaaff8d04af79890fbcf6e243b9ba34236be805e5bb83c8eb8743bec233e06a598ea3d00b8fc86dff3371b549d32ca6f8185a27007967efddb264b42391263eb3bdfc74b0e37ff04d9e1d17162fe2a801f9fb57c539c94875bbdd1f195454a0f3822b2275d76731cf096adee7ac5eabf1ddbd222102cec924b436a6987fc1c70cccd9242d228fd6589d23c97d33498bd54767f7b526a7fddc16c08be25edde72ffbd9427e8b074217b1423081e97c81f7fa5568346f00b75b22478d80544dc4e47668d36c115359b5ade46d6b40631518f8e64eb5ca7b8a4c80c6dc82d9ef6bc7d70f098d6393470811a5c6cca55d8d5f166efff7e46424021abfc53036ef7644618384db3c882244f8793f08974d19a2a5921eaa41a38547ac750522d786299db5db531b68f2d34d897a2444f285363a39d247d982135170bda94ff23e5c2d76b38c666b141ad09dab16490deb989d1d6805ad45b753d27aa8d8f4ade14859865d43c55893b6f2cb09bbf9989f8a3a07da41a545dc0e1bfc40d792defc78aa02da9a62bf9f3c60b1e683513b81b924f3228d5bcfae5b967845108de81a3014a4776591010e16b76d197d0eb6f07c68e34444fdc600453ce321e84f988a191b1c82b37ff2cb6b6a57a3d548e05704b38c11a61a618ef3135c0057fd1cc2eb294babcf4ca2d4a31ce08deba539331eb95f96a8dd4a3d9e169a9b7239b901a772c08bd8033f68cd18ab90181e3f66ef1aa0411731a67ed73a6db09c930eeec340d12ad3209030eff38686034722998a03c53432477086f95304a7738dd208fbc8220bae5dcca0c3cc4cab1fff6e70fd10f7b5d4c804dbf708636e1dce62fa32d2481cf6095cbf41638f708a1bad68156cc56f632880db5ca2790ec77e2c780ae3c8abaa4d340e4a0e4e6ef520660aa271c25d029bdc278f1a12159ba7e362c06ce1f0973d3f4f9fa934965d26bdcbc2320d9fcf2bcacb578c734b3997630b9070eb0f67b9d42d3214464dffd0fbf7350bf8daa5d481c1948f1e8e4a6dc8a21f10806636d43df0654cb07fc9d530664dc070b3a2847349d18033a118ce04171b4eb539d82669517fb6c8ddcbf32236829e6c16f40d73401f283af31e99728d2bd39108148442fad88ce8521e07d47103dc38b77989eb0bbb3c734d638620120451dbd43ebfaa04cd0164a96d3f3230965bde910aa54130c4c5e70b704f365ee641727b39b0048cfe3c00ddad2666af13d478da3ba04b004488100476acf33391b222a0c37f9172afa92bf4320c70b2af451d9af284cf475fbbcbf8bde85ec23719244fc36eaff6f72cc6285fa9927bffddd5e79ddcf5922119510d8a0b0706254990516428bf81be22952f44d136ed45974a2db4ac96e3482e551edfdecc74a138e6933d6573be224676a2df86ef82c613330dc105829887dd92c10db1f0617af138d644a49389013f9ab0afcfbe807ffe92f9369e27ae8e63d8b12d647d3c519f211f95e6d8deaa76cc0f3cfef07741b8e538227513360d348c404f3acabf9a4f8708041c5d8f279bc95ff29db93fcc64e784b288fc491a689dd6e32740d9a257e6b7944a0e0f486f55ff29b0b62579868289ace02fdbc76bec9d71bc1429efe5ff4bfbcbd13bf4cb0f134b99457d3757e754e834058ac6b3519f8105156c7ad150ccf7be249314ac66eaf72c595bd22fcef917c849a7ff5b9ae4f7c1a3c44d47facbf1fa9b36f6b0", 0x1000, 0x2}], 0x40000, &(0x7f00000008c0)=ANY=[@ANYBLOB="6e6f61636c2c6e6f757365725f78617474723c757365725f78617474722c6e6f61636c2c61636c2c6661756c745f696e6a656374696f6e3d3078303030303030303030303030303030312c66c54f2a63691e23f98661756c745f696e6a656374696f6e3d3078303030303030303030303030303762372c61636c2c6661756c745f696e6a656374696f6e3d3078303030303030303030303030303230302c666f776e65723ec805177d04a01087c11e1b0c60667882beb455167fa117800b032a8d77662f0f5a3de22df6b4d48e819dc0ab1bda7cffe34669ca055dc3780f6edac5078a2d38836374999c3ee1f90a8f970defda0768afbd0ba5452d1805289c7871b799c522366c3cfae0bfd5e6d78d77671873996cab4acf122c25149238d38c2b5dbf8bdeb335abc859635a72", @ANYRESDEC=r0, @ANYBLOB=',obj_role=,\x00'])
bind$bt_sco(r1, &(0x7f0000000740)={0x1f, {0x0, 0x4, 0x0, 0xe, 0xaf6a, 0xfffffffffffffff7}}, 0x8)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

10:23:55 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x1000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:55 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
socket$unix(0x1, 0x0, 0x0)

[ 1387.055058][ T6100] binder: 6099:6100 got transaction with invalid parent offset or type
[ 1387.080946][ T6102] Dev loop5: unable to read RDB block 1
[ 1387.086761][ T6102]  loop5: unable to read partition table
[ 1387.094245][ T6102] loop5: partition table beyond EOD, truncated
[ 1387.104717][ T6108] binder: 6099:6108 got transaction with invalid parent offset or type
[ 1387.110918][ T6107] binder: BINDER_SET_CONTEXT_MGR already set
[ 1387.139739][ T6102] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1387.164870][ T6107] binder: 6099:6107 ioctl 40046207 0 returned -16
[ 1387.258602][ T6102] Dev loop5: unable to read RDB block 1
[ 1387.269543][ T6102]  loop5: unable to read partition table
[ 1387.284850][ T6102] loop5: partition table beyond EOD, truncated
[ 1387.329423][ T6102] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:56 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x2)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

10:23:56 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x1000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:56 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xb000200, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:56 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x2000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:56 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:23:56 executing program 5:
eventfd2(0x5, 0x80003)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$BLKPBSZGET(r0, 0x127b, &(0x7f0000000380))
truncate(&(0x7f0000000080)='./file0\x00', 0x4)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x5, 0x100, 0x8204, 0x0, 0x2, 0x2, 0x3f, 0x0, <r1=>0x0}, &(0x7f00000000c0)=0x20)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f00000003c0)={r1, 0x8}, 0x8)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={r1, 0x3, 0x1, [0x80000001]}, &(0x7f0000000140)=0xa)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00')
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0xe8, r2, 0x610, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x80, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8b4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x10001}]}, @TIPC_NLA_MEDIA_PROP={0x4}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}]}, @TIPC_NLA_MON={0x54, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x100000000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7f}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3ff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x100000000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x80}, 0x48800)

10:23:56 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
syz_read_part_table(0x160000000000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000000)="3a5152befbbd96223690dac7f60ea174dcd818328a6033", 0x17, 0x81}])
r0 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x5, 0x200200)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000000c0)={<r1=>0x0, 0x1, 0x8, [0x200, 0x80000001, 0x0, 0x5c6, 0x7, 0xffff, 0x6, 0xffffffffffffffc3]}, &(0x7f0000000100)=0x18)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000140)=@assoc_value={r1, 0x100}, 0x8)

[ 1387.633357][ T6130] binder: BINDER_SET_CONTEXT_MGR already set
[ 1387.647781][ T6130] binder: 6122:6130 ioctl 40046207 0 returned -16
[ 1387.656334][ T6131] binder: BINDER_SET_CONTEXT_MGR already set
[ 1387.665291][ T6131] binder: 6121:6131 ioctl 40046207 0 returned -16
10:23:56 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:56 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x2000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1387.831165][ T6140] Dev loop5: unable to read RDB block 1
[ 1387.836799][ T6140]  loop5: unable to read partition table
[ 1387.844867][ T6147] binder: 6144:6147 got transaction with invalid parent offset or type
[ 1387.874310][ T6140] loop5: partition table beyond EOD, truncated
[ 1387.890044][ T6149] binder: BINDER_SET_CONTEXT_MGR already set
[ 1387.909262][ T6149] binder: 6148:6149 ioctl 40046207 0 returned -16
[ 1387.909724][ T6151] binder: 6144:6151 got transaction with invalid parent offset or type
10:23:56 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1387.925531][ T6140] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1387.943974][ T6152] binder: 6148:6152 got transaction with invalid parent offset or type
10:23:56 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x280, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, &(0x7f0000000040)={0x5, 0x7, 0x1ff, 0x100, 'syz0\x00', 0x3f})

[ 1388.032819][ T6152] binder: transaction release 7477 bad handle 1, ret = -22
10:23:56 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x5000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1388.181549][ T6160] Dev loop5: unable to read RDB block 1
[ 1388.194448][ T6160]  loop5: unable to read partition table
[ 1388.227708][ T6160] loop5: partition table beyond EOD, truncated
[ 1388.270924][ T6160] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:57 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:57 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:57 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x800, 0x0)
write$P9_RCREATE(r0, &(0x7f00000000c0)={0x18, 0x73, 0x2, {{0xc4, 0x4, 0x7}, 0x9d}}, 0x18)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x80000001, 0x2)
fchmodat(r2, &(0x7f0000000080)='./file0\x00', 0x110)
sendto(r1, &(0x7f00000002c0)="17bec6204d678b", 0x7, 0x20000000, &(0x7f0000000300)=@in6={0xa, 0x4e24, 0x9, @mcast2, 0x8}, 0x80)
r3 = shmget(0x0, 0x2000, 0x78000000, &(0x7f0000ffd000/0x2000)=nil)
shmctl$SHM_INFO(r3, 0xe, &(0x7f0000000100)=""/233)

10:23:57 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
pkey_free(0xffffffffffffffff)

10:23:57 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xc000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:57 executing program 1:
r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
connect$rxrpc(r0, &(0x7f0000000100)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e20, @broadcast}}, 0x24)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r3 = syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x0)
syz_init_net_socket$ax25(0x3, 0xd415f5dfe131c0ac, 0xcc)
read$rfkill(r3, &(0x7f0000000300), 0xfffffc99)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000140)={<r4=>0x0, 0x80c7}, &(0x7f0000000280)=0x8)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f00000002c0)={r4, 0x8}, &(0x7f0000000340)=0x8)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)

[ 1388.808640][ T6185] binder: BINDER_SET_CONTEXT_MGR already set
[ 1388.834639][ T6191] Dev loop5: unable to read RDB block 1
[ 1388.836438][ T6185] binder: 6181:6185 ioctl 40046207 0 returned -16
10:23:57 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1388.861631][ T6198] binder: BINDER_SET_CONTEXT_MGR already set
[ 1388.868139][ T6191]  loop5: unable to read partition table
[ 1388.872098][ T6198] binder: 6181:6198 ioctl 40046207 0 returned -16
[ 1388.884236][ T6191] loop5: partition table beyond EOD, truncated
[ 1388.907042][ T6191] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:57 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:57 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
pkey_free(0xffffffffffffffff)

[ 1388.963256][ T6202] binder: BINDER_SET_CONTEXT_MGR already set
[ 1388.970600][ T6202] binder: 6201:6202 ioctl 40046207 0 returned -16
[ 1389.021638][ T6191] Dev loop5: unable to read RDB block 1
[ 1389.041524][ T6191]  loop5: unable to read partition table
10:23:57 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x10000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1389.065405][ T6191] loop5: partition table beyond EOD, truncated
[ 1389.079793][ T6191] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
10:23:57 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x5000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:57 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x10000, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={<r1=>0x0, 0x80000001}, &(0x7f0000000080)=0x8)
setsockopt$inet_mreqsrc(r0, 0x0, 0x2e, &(0x7f0000000100)={@loopback, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000000c0)={r1, 0x7f, 0xfffffffffffffffd}, 0x8)
acct(&(0x7f0000000140)='./file0\x00')

10:23:57 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
pkey_free(0xffffffffffffffff)

10:23:57 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x20000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1389.230392][ T6223] binder: BINDER_SET_CONTEXT_MGR already set
[ 1389.269267][ T6223] binder: 6221:6223 ioctl 40046207 0 returned -16
[ 1389.305070][ T6232] binder_transaction: 33 callbacks suppressed
[ 1389.305100][ T6232] binder: 6221:6232 transaction failed 29189/-22, size 64-16 line 2995
10:23:57 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1389.348188][ T6235] binder_fixup_parent: 10 callbacks suppressed
[ 1389.348199][ T6235] binder: 6233:6235 got transaction with invalid parent offset or type
[ 1389.367449][ T6235] binder: 6233:6235 transaction failed 29201/-22, size 64-16 line 3389
[ 1389.380486][ T6237] binder: 6233:6237 got transaction with invalid parent offset or type
[ 1389.389811][ T6237] binder: 6233:6237 transaction failed 29201/-22, size 64-16 line 3389
10:23:57 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

[ 1389.404313][ T6229] Dev loop5: unable to read RDB block 1
[ 1389.409951][ T6229]  loop5: unable to read partition table
[ 1389.462829][ T6229] loop5: partition table beyond EOD, truncated
[ 1389.485169][ T6243] binder_alloc_new_buf_locked: 5 callbacks suppressed
[ 1389.485177][ T6243] binder_alloc: 6238: binder_alloc_buf, no vma
[ 1389.506379][ T6243] binder: 6238:6243 transaction failed 29189/-3, size 64-16 line 3148
[ 1389.508524][ T6229] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1389.537860][ T1829] binder_release_work: 34 callbacks suppressed
[ 1389.537868][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:23:58 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xd000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:58 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x28000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:58 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1b0000001a008100a00f80ecdb4cb9040a4865160b000000d4126e", 0x1b}], 0x1}, 0x0)

10:23:58 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x4)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x80100, 0x0)
ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000100))

10:23:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:58 executing program 5:
r0 = socket$inet6(0xa, 0x5, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x10, &(0x7f0000000180)=[@in={0x2, 0x4e23, @loopback}]}, &(0x7f0000000200)=0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x1d, &(0x7f0000000100)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0x10)
getsockopt$inet6_mreq(r0, 0x29, 0x0, 0x0, 0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, 0x0)

[ 1389.717106][ T6253] binder: 6251:6253 got transaction with invalid parent offset or type
[ 1389.802203][ T6263] binder: BINDER_SET_CONTEXT_MGR already set
[ 1389.818212][ T6263] binder: 6257:6263 ioctl 40046207 0 returned -16
[ 1389.826191][ T6253] binder: 6251:6253 transaction failed 29201/-22, size 64-16 line 3389
[ 1389.840872][ T6263] binder: 6257:6263 got transaction with invalid parent offset or type
[ 1389.862998][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1389.876126][ T6269] binder: 6251:6269 got transaction with invalid parent offset or type
[ 1389.883548][ T6263] binder: 6257:6263 transaction failed 29201/-22, size 64-16 line 3389
[ 1389.904611][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
10:23:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x10000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1389.907374][ T6269] binder: 6251:6269 transaction failed 29201/-22, size 64-16 line 3389
[ 1389.913952][ T6271] binder: BINDER_SET_CONTEXT_MGR already set
[ 1389.938356][ T6271] binder: 6257:6271 ioctl 40046207 0 returned -16
[ 1389.942522][ T6090] binder: undelivered TRANSACTION_ERROR: 29201
10:23:58 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x38000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1390.054417][ T6274] binder_alloc: 6273: binder_alloc_buf, no vma
[ 1390.082591][ T6274] binder: 6273:6274 transaction failed 29189/-3, size 64-16 line 3148
[ 1390.110497][ T6279] binder: BINDER_SET_CONTEXT_MGR already set
[ 1390.130325][ T6279] binder: 6278:6279 ioctl 40046207 0 returned -16
[ 1390.130332][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1390.152157][ T6279] binder: 6278:6279 transaction failed 29189/-22, size 64-16 line 2995
10:23:58 executing program 5:
creat(&(0x7f0000000280)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[], [], 0xedc0}})

10:23:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x20000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1390.166704][ T6090] binder: undelivered TRANSACTION_ERROR: 29189
[ 1390.176345][ T6282] binder: 6278:6282 got transaction with invalid parent offset or type
[ 1390.226933][ T6282] binder: 6278:6282 transaction failed 29201/-22, size 64-16 line 3389
[ 1390.266840][ T6090] binder: undelivered TRANSACTION_ERROR: 29201
10:23:58 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3f000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1390.306002][ T6288] binder: BINDER_SET_CONTEXT_MGR already set
[ 1390.320322][ T6288] binder: 6286:6288 ioctl 40046207 0 returned -16
[ 1390.340491][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1390.431031][ T6295] binder: 6292:6295 got transaction with invalid parent offset or type
[ 1390.458875][ T6090] binder: undelivered TRANSACTION_ERROR: 29201
[ 1390.469809][ T6296] binder: 6292:6296 got transaction with invalid parent offset or type
10:23:58 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

[ 1390.499027][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
10:23:59 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xe000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:23:59 executing program 5:
syz_execute_func(&(0x7f0000000480)="410f01f964ff0941c3c4e2c99758423e46d8731266420fe2e33e0f1110c442019dcc6f")
mknod(&(0x7f0000000000)='./file0\x00', 0x103e, 0x0)
clone(0x3102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040))
read(r0, &(0x7f0000000180)=""/11, 0x5)
r1 = epoll_create1(0x0)
execve(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ptmx\x00', 0x0, 0x0)
read(r2, &(0x7f0000000140)=""/11, 0xfd30)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100))
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x401, 0x0)
r4 = dup3(r2, r3, 0x0)
ioctl$EVIOCGKEYCODE_V2(r4, 0x80284504, 0x0)
r5 = syz_open_pts(r0, 0x0)
dup2(r1, r5)

10:23:59 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x28000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:59 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x40000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1390.748204][ T6306] binder_alloc: 6305: binder_alloc_buf, no vma
10:23:59 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x8, 0x0, 0x0, 0x10000000002)
r0 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x0, 0x40)
getsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000100), &(0x7f0000000200)=0x63)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
syz_open_dev$amidi(&(0x7f0000000180)='/dev/amidi#\x00', 0x4, 0x1)

10:23:59 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x38000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1390.856899][ T6316] binder: 6315:6316 got transaction with invalid parent offset or type
[ 1390.901407][ T6323] binder: 6315:6323 got transaction with invalid parent offset or type
[ 1390.912631][ T6324] binder: BINDER_SET_CONTEXT_MGR already set
[ 1390.925354][ T6324] binder: 6320:6324 ioctl 40046207 0 returned -16
10:23:59 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x48000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1390.956610][ T6325] binder: BINDER_SET_CONTEXT_MGR already set
[ 1391.007745][ T6325] binder: 6320:6325 ioctl 40046207 0 returned -16
10:23:59 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4c000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:59 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3f000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:59 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x50000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1391.168904][ T6337] binder: BINDER_SET_CONTEXT_MGR already set
[ 1391.195036][ T6337] binder: 6334:6337 ioctl 40046207 0 returned -16
[ 1391.212818][ T6337] binder_alloc: 6334: binder_alloc_buf, no vma
10:23:59 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x40000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:23:59 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

[ 1391.385019][ T6347] binder_alloc: 6345: binder_alloc_buf, no vma
10:24:00 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x10000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:00 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x60000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:00 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x48000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:00 executing program 5:
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
ftruncate(r0, 0x2081fc)
r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f00000001c0)="0adc1f123c123f319bc070")
fcntl$setstatus(r1, 0x4, 0x40400)
write$FUSE_WRITE(r1, &(0x7f0000000080)={0x18}, 0x18)

10:24:00 executing program 1:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
munlock(&(0x7f0000832000/0x3000)=nil, 0x3000)

10:24:00 executing program 4:
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

[ 1392.593155][ T6367] binder: BINDER_SET_CONTEXT_MGR already set
[ 1392.599206][ T6367] binder: 6365:6367 ioctl 40046207 0 returned -16
10:24:01 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x68000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:01 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4c000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:01 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6c000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1392.839731][ T6387] binder_alloc: 6384: binder_alloc_buf, no vma
10:24:01 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000300)='/dev/loop#\x00', 0x0, 0x0)
ioctl$LOOP_GET_STATUS64(r0, 0x4c05, &(0x7f0000000100))

10:24:01 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x50000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1392.948509][ T6391] binder: BINDER_SET_CONTEXT_MGR already set
[ 1392.977638][ T6391] binder: 6388:6391 ioctl 40046207 0 returned -16
10:24:01 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x74000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1393.061020][ T6398] binder_alloc: 6397: binder_alloc_buf, no vma
10:24:01 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x11000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:01 executing program 5:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000002, 0x32, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6100)
write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0xf642e7e)
openat$apparmor_thread_exec(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000440)='TIPC\x00')

10:24:01 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x60000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:01 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7a000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1393.431794][ T6417] binder_alloc: 6413: binder_alloc_buf, no vma
[ 1393.441797][ T6416] binder: BINDER_SET_CONTEXT_MGR already set
[ 1393.447817][ T6416] binder: 6414:6416 ioctl 40046207 0 returned -16
10:24:02 executing program 1:
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/checkreqprot\x00', 0x0, 0x0)
write$P9_RAUTH(r0, &(0x7f0000000100)={0x14, 0x67, 0x2, {0x80, 0x4, 0x4}}, 0x14)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
syz_open_dev$vbi(&(0x7f0000000140)='/dev/vbi#\x00', 0x3, 0x2)

10:24:02 executing program 4:
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:02 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x100000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:02 executing program 5:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xd000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:02 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x68000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1393.833836][ T6434] binder: BINDER_SET_CONTEXT_MGR already set
[ 1393.859393][ T6434] binder: 6430:6434 ioctl 40046207 0 returned -16
[ 1393.861399][ T6437] binder: BINDER_SET_CONTEXT_MGR already set
[ 1393.876508][ T6437] binder: 6429:6437 ioctl 40046207 0 returned -16
10:24:02 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x200000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:02 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6c000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1394.009003][ T6448] binder: BINDER_SET_CONTEXT_MGR already set
[ 1394.017996][ T6448] binder: 6446:6448 ioctl 40046207 0 returned -16
10:24:02 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x300000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1394.051984][ T6451] binder: BINDER_SET_CONTEXT_MGR already set
[ 1394.075924][ T6451] binder: 6446:6451 ioctl 40046207 0 returned -16
10:24:02 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x20000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:02 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x74000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:02 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x400000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1394.291522][ T6461] binder_alloc: 6460: binder_alloc_buf, no vma
[ 1394.336755][ T6461] binder_transaction: 38 callbacks suppressed
[ 1394.336778][ T6461] binder: 6460:6461 transaction failed 29189/-3, size 64-16 line 3148
[ 1394.365307][ T6467] binder: BINDER_SET_CONTEXT_MGR already set
[ 1394.371869][ T6467] binder: 6465:6467 ioctl 40046207 0 returned -16
[ 1394.386578][ T6467] binder: 6465:6467 transaction failed 29189/-22, size 64-16 line 2995
[ 1394.411348][ T6471] binder_fixup_parent: 22 callbacks suppressed
[ 1394.411358][ T6471] binder: 6465:6471 got transaction with invalid parent offset or type
10:24:02 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7a000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1394.429392][ T6471] binder: 6465:6471 transaction failed 29201/-22, size 64-16 line 3389
[ 1394.493922][ T6474] binder_alloc: 6473: binder_alloc_buf, no vma
[ 1394.514470][ T6474] binder: 6473:6474 transaction failed 29189/-3, size 64-16 line 3148
[ 1394.547594][ T8296] binder_release_work: 38 callbacks suppressed
[ 1394.547602][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
10:24:03 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f00000025c0)='io\x00')
ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000002600)={&(0x7f00000b3000/0x3000)=nil, 0x3000})
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-vsock\x00', 0x2, 0x0)
preadv(r1, &(0x7f00000024c0)=[{&(0x7f0000000100)=""/91, 0x5b}, {&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f0000002180)=""/124, 0x7c}, {&(0x7f0000002200)=""/176, 0xb0}, {&(0x7f00000022c0)=""/73, 0x49}, {&(0x7f0000002340)=""/122, 0x7a}, {&(0x7f00000023c0)=""/230, 0xe6}], 0x8, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000002540)='/dev/null\x00', 0x0, 0x0)
ioctl$BLKSECTGET(r2, 0x1267, &(0x7f0000002580))

10:24:03 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x500000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:03 executing program 4:
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:03 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0xfdfdffff}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:03 executing program 5:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/152)
r0 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x642, 0x420002)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000100)={0x6, 0x7, 0x81, 0x0, 0x12, 0x3ff, 0x1ff, 0x1, 0x8, 0x9, 0xffff, 0x8})

[ 1394.949425][ T6488] binder_alloc: 6487: binder_alloc_buf, no vma
[ 1394.970787][ T6488] binder: 6487:6488 transaction failed 29189/-3, size 64-16 line 3148
[ 1394.989352][ T6490] binder: BINDER_SET_CONTEXT_MGR already set
[ 1395.007495][ T6490] binder: 6486:6490 ioctl 40046207 0 returned -16
[ 1395.007517][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1395.020336][ T6493] binder: BINDER_SET_CONTEXT_MGR already set
[ 1395.036765][ T6493] binder: 6487:6493 ioctl 40046207 0 returned -16
[ 1395.044154][ T6490] binder: 6486:6490 transaction failed 29189/-22, size 64-16 line 2995
10:24:03 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0xfffffdfd}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1395.069165][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
[ 1395.083487][ T6495] binder_alloc: 6486: binder_alloc_buf, no vma
[ 1395.089735][ T6495] binder: 6486:6495 transaction failed 29189/-3, size 64-16 line 3148
[ 1395.134483][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:24:03 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x600000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:03 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x3e000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1395.248301][ T6500] binder_alloc: 6499: binder_alloc_buf, no vma
[ 1395.281502][ T6500] binder: 6499:6500 transaction failed 29189/-3, size 64-16 line 3148
[ 1395.320024][ T6502] binder: BINDER_SET_CONTEXT_MGR already set
[ 1395.349595][ T6502] binder: 6501:6502 ioctl 40046207 0 returned -16
[ 1395.354856][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
[ 1395.363203][ T6506] binder: BINDER_SET_CONTEXT_MGR already set
[ 1395.376997][ T6506] binder: 6499:6506 ioctl 40046207 0 returned -16
[ 1395.377037][ T6507] binder_alloc: 6499: binder_alloc_buf, no vma
[ 1395.407232][ T6507] binder: 6501:6507 transaction failed 29189/-3, size 64-16 line 3148
10:24:03 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x100000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1395.422646][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1395.431335][ T6507] binder: 6501:6507 got transaction with invalid parent offset or type
[ 1395.449947][ T6507] binder: 6501:6507 transaction failed 29201/-22, size 64-16 line 3389
[ 1395.470372][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
10:24:03 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x700000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1395.583317][ T6515] binder_alloc: 6512: binder_alloc_buf, no vma
[ 1395.590469][ T6516] binder: BINDER_SET_CONTEXT_MGR already set
[ 1395.600042][ T6516] binder: 6514:6516 ioctl 40046207 0 returned -16
[ 1395.615436][ T6516] binder_alloc: 6512: binder_alloc_buf, no vma
[ 1395.621177][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1395.626912][ T6516] binder: BINDER_SET_CONTEXT_MGR already set
[ 1395.637992][ T6516] binder: 6514:6516 ioctl 40046207 0 returned -16
[ 1395.638110][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1395.670874][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
10:24:04 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x200000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:04 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x1000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1395.841437][ T6526] binder: 6523:6526 got transaction with invalid parent offset or type
[ 1395.866253][ T6527] binder: BINDER_SET_CONTEXT_MGR already set
[ 1395.878718][ T6527] binder: 6524:6527 ioctl 40046207 0 returned -16
[ 1395.886506][ T6526] binder: BINDER_SET_CONTEXT_MGR already set
[ 1395.898970][ T6526] binder: 6523:6526 ioctl 40046207 0 returned -16
[ 1395.906008][ T6528] binder_alloc: 6523: binder_alloc_buf, no vma
10:24:04 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x80000000000006)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000380)=ANY=[], 0x29c)
r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
preadv(r0, &(0x7f0000000200)=[{&(0x7f00000001c0)=""/7, 0x7}], 0x1, 0x0)
ioctl$KDADDIO(r0, 0x4b34, 0x6)
add_key(&(0x7f0000000040)='blacklist\x00', &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, r1)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000180)='tls\x00', 0x4)

10:24:04 executing program 4:
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:04 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x300000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:04 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x2000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:04 executing program 5:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x9000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:04 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x3f000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1396.368670][ T6547] binder: 6545:6547 got transaction with invalid parent offset or type
[ 1396.372497][ T6548] binder: BINDER_SET_CONTEXT_MGR already set
[ 1396.390354][ T6548] binder: 6544:6548 ioctl 40046207 0 returned -16
[ 1396.399667][ T6548] binder: 6544:6548 got transaction with invalid parent offset or type
10:24:04 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x400000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1396.413749][ T6552] binder: BINDER_SET_CONTEXT_MGR already set
[ 1396.419979][ T6552] binder: 6544:6552 ioctl 40046207 0 returned -16
[ 1396.427910][ T6547] binder: BINDER_SET_CONTEXT_MGR already set
[ 1396.456395][ T6547] binder: 6545:6547 ioctl 40046207 0 returned -16
[ 1396.456523][ T6553] binder_alloc: 6545: binder_alloc_buf, no vma
10:24:05 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x2800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:05 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x500000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1396.546563][ T6558] binder_alloc: 6557: binder_alloc_buf, no vma
10:24:05 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x600000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1396.691197][ T6565] binder: 6563:6565 got transaction with invalid parent offset or type
[ 1396.707370][ T6567] binder: 6563:6567 got transaction with invalid parent offset or type
10:24:05 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:05 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x700000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1396.858018][ T6574] binder: 6573:6574 got transaction with invalid parent offset or type
[ 1396.874754][ T6576] binder: 6573:6576 got transaction with invalid parent offset or type
[ 1396.950294][ T6579] binder: BINDER_SET_CONTEXT_MGR already set
[ 1396.966277][ T6579] binder: 6578:6579 ioctl 40046207 0 returned -16
10:24:05 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:05 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3f00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:05 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x1000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:05 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x4800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:05 executing program 4:
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:05 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x40000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1397.278521][ T6597] binder: 6593:6597 got transaction with invalid parent offset or type
[ 1397.285715][ T6599] binder: BINDER_SET_CONTEXT_MGR already set
10:24:05 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x2000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:05 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1397.320602][ T6599] binder: 6594:6599 ioctl 40046207 0 returned -16
10:24:05 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x6c000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:05 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x2800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:05 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1397.515207][ T6615] binder: BINDER_SET_CONTEXT_MGR already set
[ 1397.541766][ T6615] binder: 6612:6615 ioctl 40046207 0 returned -16
10:24:06 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:08 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:08 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4c00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:08 executing program 5:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$FUSE_POLL(r0, &(0x7f0000000080)={0x18, 0x0, 0x7, {0x6}}, 0x18)
write$FUSE_INTERRUPT(r0, &(0x7f0000000040)={0x10, 0x0, 0x2}, 0x10)
openat(r0, &(0x7f0000000100)='./file0\x00', 0x418800, 0x80)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x1000, @local, 0xfffffffffffffffd}], 0x1c)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:08 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x3f00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:08 executing program 4:
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:08 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x401f0000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1400.330315][ T6644] binder_fixup_parent: 6 callbacks suppressed
[ 1400.330326][ T6644] binder: 6636:6644 got transaction with invalid parent offset or type
[ 1400.347071][ T6643] binder: BINDER_SET_CONTEXT_MGR already set
[ 1400.370827][ T6643] binder: 6638:6643 ioctl 40046207 0 returned -16
[ 1400.378046][ T6643] binder: 6638:6643 got transaction with invalid parent offset or type
[ 1400.403681][ T6643] binder_transaction: 30 callbacks suppressed
[ 1400.403702][ T6643] binder: 6638:6643 transaction failed 29201/-22, size 64-16 line 3389
[ 1400.418379][ T6644] binder: 6636:6644 transaction failed 29201/-22, size 64-16 line 3389
[ 1400.442063][ T1829] binder_release_work: 27 callbacks suppressed
[ 1400.442070][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1400.455849][ T6651] binder: BINDER_SET_CONTEXT_MGR already set
[ 1400.488362][ T6651] binder: 6636:6651 ioctl 40046207 0 returned -16
[ 1400.488366][ T6653] binder: BINDER_SET_CONTEXT_MGR already set
[ 1400.488391][ T6653] binder: 6638:6653 ioctl 40046207 0 returned -16
[ 1400.507611][ T6652] binder: 6636:6652 got transaction with invalid parent offset or type
[ 1400.520838][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
10:24:09 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1400.556235][ T6652] binder: 6636:6652 transaction failed 29201/-22, size 64-16 line 3389
10:24:09 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x5000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1400.611166][ T8296] binder: undelivered TRANSACTION_ERROR: 29201
[ 1400.638567][ T6656] binder: BINDER_SET_CONTEXT_MGR already set
[ 1400.664886][ T6656] binder: 6655:6656 ioctl 40046207 0 returned -16
[ 1400.711597][ T6659] binder: 6655:6659 transaction failed 29189/-22, size 64-16 line 2995
[ 1400.730304][ T6660] binder: 6658:6660 got transaction with invalid parent offset or type
[ 1400.747094][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1400.753941][ T6661] binder: BINDER_SET_CONTEXT_MGR already set
[ 1400.769463][ T6661] binder: 6655:6661 ioctl 40046207 0 returned -16
[ 1400.776321][ T6660] binder: 6658:6660 transaction failed 29201/-22, size 64-16 line 3389
[ 1400.808779][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
10:24:09 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1400.816684][ T6660] binder: BINDER_SET_CONTEXT_MGR already set
[ 1400.833965][ T6663] binder: 6658:6663 transaction failed 29189/-22, size 64-16 line 2995
[ 1400.869616][ T6660] binder: 6658:6660 ioctl 40046207 0 returned -16
[ 1400.888521][ T6666] binder_alloc_new_buf_locked: 7 callbacks suppressed
[ 1400.888529][ T6666] binder_alloc: 6665: binder_alloc_buf, no vma
[ 1400.904379][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:24:09 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1400.935974][ T6666] binder: 6665:6666 transaction failed 29189/-3, size 64-16 line 3148
10:24:09 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

[ 1400.977484][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:24:09 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x4c00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1401.038274][ T6670] binder: 6669:6670 got transaction with invalid parent offset or type
[ 1401.082836][ T6670] binder: 6669:6670 transaction failed 29201/-22, size 64-16 line 3389
[ 1401.106542][ T6676] binder: BINDER_SET_CONTEXT_MGR already set
[ 1401.114640][ T6676] binder: 6675:6676 ioctl 40046207 0 returned -16
[ 1401.127455][ T6670] binder: BINDER_SET_CONTEXT_MGR already set
[ 1401.136220][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1401.146338][ T6676] binder: 6675:6676 transaction failed 29189/-22, size 64-16 line 2995
[ 1401.157047][ T6677] binder: 6669:6677 transaction failed 29189/-22, size 64-16 line 2995
[ 1401.170140][ T6670] binder: 6669:6670 ioctl 40046207 0 returned -16
[ 1401.179388][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1401.195525][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:24:11 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x60000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:11 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:11 executing program 5:
socket$inet6_dccp(0xa, 0x6, 0x0)
r0 = openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
fcntl$getownex(r0, 0x10, 0x0)
ioctl$EVIOCSABS3F(0xffffffffffffffff, 0x401845ff, &(0x7f0000000040)={0x6, 0x0, 0x7, 0x5, 0x0, 0x401})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/snapshot\x00', 0x80001, 0x0)
r1 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r1, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)
write$apparmor_exec(r1, &(0x7f0000000040)={'stack ', '\x00'}, 0x7)

10:24:11 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x5000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:11 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:11 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

[ 1403.408395][ T6688] binder_alloc: 6687: binder_alloc_buf, no vma
[ 1403.432973][ T6696] binder: BINDER_SET_CONTEXT_MGR already set
[ 1403.444887][ T6696] binder: 6689:6696 ioctl 40046207 0 returned -16
10:24:11 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6c00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:12 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1403.644061][ T6712] binder: 6710:6712 got transaction with invalid parent offset or type
[ 1403.693211][ T6714] binder: 6710:6714 got transaction with invalid parent offset or type
[ 1403.718410][ T6713] binder: BINDER_SET_CONTEXT_MGR already set
[ 1403.741337][ T6713] binder: 6711:6713 ioctl 40046207 0 returned -16
10:24:12 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7400000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1403.782287][ T6715] binder: 6711:6715 got transaction with invalid parent offset or type
[ 1403.849654][ T6715] binder: transaction release 7821 bad handle 1, ret = -22
[ 1403.877031][ T6718] binder: 6717:6718 got transaction with invalid parent offset or type
[ 1403.910903][ T6715] binder: 6711:6715 got transaction with invalid parent offset or type
[ 1403.931019][ T6715] binder: transaction release 7828 bad handle 2, ret = -22
10:24:12 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7a00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:12 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6800000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1404.107223][ T6726] binder_alloc: 6723: binder_alloc_buf, no vma
[ 1404.115687][ T6727] binder: BINDER_SET_CONTEXT_MGR already set
[ 1404.136558][ T6727] binder: 6722:6727 ioctl 40046207 0 returned -16
10:24:12 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x803e0000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1404.153457][ T6727] binder_alloc: 6723: binder_alloc_buf, no vma
10:24:12 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x6c00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1404.339771][ T6737] binder_alloc: 6736: binder_alloc_buf, no vma
10:24:14 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)

10:24:14 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x8000000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:14 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:14 executing program 5:
socket$inet6_dccp(0xa, 0x6, 0x0)
r0 = openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
fcntl$getownex(r0, 0x10, 0x0)
ioctl$EVIOCSABS3F(0xffffffffffffffff, 0x401845ff, &(0x7f0000000040)={0x6, 0x0, 0x7, 0x5, 0x0, 0x401})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/snapshot\x00', 0x80001, 0x0)
r1 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r1, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)
write$apparmor_exec(r1, &(0x7f0000000040)={'stack ', '\x00'}, 0x7)

10:24:14 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7400000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:14 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xa0000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1406.489978][ T6751] binder_alloc: 6747: binder_alloc_buf, no vma
[ 1406.498409][ T6749] binder: BINDER_SET_CONTEXT_MGR already set
[ 1406.519830][ T6749] binder: 6745:6749 ioctl 40046207 0 returned -16
[ 1406.527019][ T6751] binder_transaction: 13 callbacks suppressed
[ 1406.527037][ T6751] binder: 6747:6751 transaction failed 29189/-3, size 64-16 line 3148
[ 1406.551911][ T6758] binder_alloc: 6747: binder_alloc_buf, no vma
[ 1406.558311][ T6758] binder: 6745:6758 transaction failed 29189/-3, size 64-16 line 3148
[ 1406.576022][ T8296] binder_release_work: 13 callbacks suppressed
[ 1406.576029][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
[ 1406.596772][ T6749] binder: BINDER_SET_CONTEXT_MGR already set
[ 1406.606303][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
[ 1406.617739][ T6758] binder: 6745:6758 transaction failed 29189/-22, size 64-16 line 2995
[ 1406.628864][ T6749] binder: 6745:6749 ioctl 40046207 0 returned -16
[ 1406.640397][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
10:24:15 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0x7a00000000000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:15 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0xffffffff00000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1406.779946][ T6768] binder_alloc: 6766: binder_alloc_buf, no vma
[ 1406.799173][ T6768] binder: 6766:6768 transaction failed 29189/-3, size 64-16 line 3148
[ 1406.813174][ T6769] binder: BINDER_SET_CONTEXT_MGR already set
[ 1406.829505][ T6769] binder: 6767:6769 ioctl 40046207 0 returned -16
[ 1406.854081][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
[ 1406.864348][ T6771] binder: BINDER_SET_CONTEXT_MGR already set
[ 1406.921959][ T6771] binder: 6766:6771 ioctl 40046207 0 returned -16
[ 1406.922051][ T6770] binder: 6767:6770 transaction failed 29189/-22, size 64-16 line 2995
[ 1406.959474][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1406.967385][ T6769] binder_fixup_parent: 2 callbacks suppressed
[ 1406.967395][ T6769] binder: 6767:6769 got transaction with invalid parent offset or type
[ 1407.010309][ T6769] binder: 6767:6769 transaction failed 29201/-22, size 64-16 line 3389
[ 1407.037482][ T8296] binder: undelivered TRANSACTION_ERROR: 29201
10:24:15 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85, 0x0, 0x0, 0xfdfdffff00000000}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:15 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x66642a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:15 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, 0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

[ 1407.276911][ T6780] binder_alloc: 6774: binder_alloc_buf, no vma
[ 1407.293018][ T6782] binder: BINDER_SET_CONTEXT_MGR already set
[ 1407.299572][ T6780] binder: 6774:6780 transaction failed 29189/-3, size 64-16 line 3148
[ 1407.325540][ T6782] binder: 6777:6782 ioctl 40046207 0 returned -16
[ 1407.336550][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:24:15 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xa0860100, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1407.380175][ T6783] binder: 6777:6783 transaction failed 29189/-22, size 64-16 line 2995
10:24:15 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)

10:24:15 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x66642a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:15 executing program 5:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000740)={r0, 0x9, 0xc}, &(0x7f00000003c0)={'enc=', 'oaep', ' hash=', {'sha384-avx\x00'}}, &(0x7f0000000780)="426029a63743197a6d98f614b78f45e8281b5d56c3d4566758d0e90efbea9208291f5415a12d5094c5910cf48ccff66a42820ff39fd31e6b575f5caa59c6226e0b8b0e38c2ff5ec13460b46bfda3f42e44440f158860a2ed476a0f93cd27fb9964367aeceace3a0048811b607131b9208aed758dc0550d3c46b13217caecf1d3157e216b8f2c984150563d841a191bb9f65b2261e1ac5a3fc2d5811e0650aa976bbde21f643de7", &(0x7f0000000640)="083064139b1dbb962ddb830d3de013f417223f605a699f8415bb713ae5daf79885011bbd9bd6dc2ae54fbb4fd6e7c2768a5cc1f30dac2c014e6ee2c6b6a3c609d0941053ca3910e1cd9c6577bfc738d03b96dee5e4da4332fc1fca617d69bc33bc3dd888f12da1489e27666afc523943e2b5d812653644e8c4afc7c5dc164cec3d7421d2a70a08cde937ea66ce1acda9e4c622fed89a2f425b0d15f78a71a79785af43676f9ce67a7ff811a24ece406a26af6a140b64234429931e32116d451c54b3bc915a1325ad8a8cb857274c46ab022b197f29c2a86c9b93f66ef85f1e837193e9dba2d00cf2b56dbe91c0f8ee269fd1b797")
clock_gettime(0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0)
stat(0x0, &(0x7f00000007c0))
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00'}, 0x58)
r2 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, 0x0)
ioctl$DRM_IOCTL_AGP_UNBIND(r2, 0x40106437, &(0x7f0000000b00)={0x0, 0x1f})
ioctl$VIDIOC_G_FREQUENCY(r2, 0xc02c5638, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, 0x0)
recvfrom$inet(0xffffffffffffffff, &(0x7f0000002340)=""/4096, 0x1000, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000021c0)=[{{&(0x7f0000000180)=@pppoe={0x18, 0x0, {0x0, @remote}}, 0x80, &(0x7f0000000600)=[{0x0}, {0x0}, {&(0x7f0000000440)=""/45, 0x2d}], 0x3, &(0x7f0000000680)=""/76, 0x4c}}, {{&(0x7f0000000700)=@pptp={0x18, 0x2, {0x0, @remote}}, 0x80, &(0x7f0000000dc0)=[{&(0x7f0000000480)=""/21, 0x15}, {&(0x7f0000000780)=""/8, 0x8}, {&(0x7f0000000bc0)=""/252, 0xfc}, {&(0x7f0000000d40)=""/74, 0x4a}, {&(0x7f0000000b40)=""/46, 0x2e}, {0x0}], 0x6, &(0x7f0000000f40)=""/88, 0x58}, 0xffff}, {{&(0x7f00000012c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f0000001a40)=[{&(0x7f00000014c0)=""/177, 0xb1}, {&(0x7f0000001580)=""/162, 0xa2}, {&(0x7f0000001640)=""/72, 0x48}, {&(0x7f0000001340)=""/59, 0x3b}, {&(0x7f00000016c0)=""/82, 0x52}, {&(0x7f0000001740)=""/203, 0xcb}, {&(0x7f0000001900)=""/176, 0xb0}, {&(0x7f00000019c0)=""/113, 0x71}], 0x8}, 0x6}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001d00)=""/229, 0xe5}, 0xe21c}, {{&(0x7f0000001e00)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f00000020c0)=[{&(0x7f0000001e80)=""/222, 0xde}, {0x0}, {0x0}], 0x3}, 0x4}], 0x5, 0x40000000, 0x0)
r3 = accept$alg(r1, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x167, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x3ed, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400})
setxattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)=@known='trusted.overlay.impure\x00', &(0x7f0000000380)=' hash=', 0x6, 0x1)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

[ 1407.499298][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
[ 1407.501196][ T6782] binder: 6777:6782 got transaction with fd, 0, but target does not allow fds
[ 1407.535545][ T6793] binder: BINDER_SET_CONTEXT_MGR already set
[ 1407.561944][ T6782] binder: 6777:6782 transaction failed 29201/-1, size 64-16 line 3292
[ 1407.577257][ T6793] binder: 6789:6793 ioctl 40046207 0 returned -16
[ 1407.577347][ T6797] binder: 6789:6797 got transaction with fd, 0, but target does not allow fds
[ 1407.624429][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
10:24:16 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x66646185, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1407.694240][ T6800] Dev loop5: unable to read RDB block 1
[ 1407.707103][ T6797] binder: 6789:6797 transaction failed 29201/-1, size 64-16 line 3292
[ 1407.709385][ T6800]  loop5: unable to read partition table
[ 1407.781191][ T8296] binder: undelivered TRANSACTION_ERROR: 29201
10:24:16 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x66646185, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1407.821709][ T6800] loop5: partition table beyond EOD, truncated
[ 1407.884547][ T6806] binder: 6804:6806 got transaction with invalid parent offset or type
[ 1407.899616][ T6800] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1407.924839][ T6809] binder: BINDER_SET_CONTEXT_MGR already set
[ 1407.959577][ T6809] binder: 6807:6809 ioctl 40046207 0 returned -16
[ 1407.966303][ T6810] binder: BINDER_SET_CONTEXT_MGR already set
[ 1407.999619][ T6811] binder: 6804:6811 got transaction with invalid parent offset or type
[ 1408.027411][ T6812] binder: 6807:6812 got transaction with invalid parent offset or type
[ 1408.053715][ T6810] binder: 6804:6810 ioctl 40046207 0 returned -16
10:24:16 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, 0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:16 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x73622a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1408.134827][ T6812] binder: 6807:6812 got transaction with invalid parent offset or type
10:24:16 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x73622a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1408.283038][ T8296] binder: release 6816:6817 transaction 7882 out, still active
[ 1408.296213][ T6817] binder: BINDER_SET_CONTEXT_MGR already set
[ 1408.315188][ T8296] binder: unexpected work type, 4, not freed
10:24:16 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xc0000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1408.349656][ T6817] binder: 6816:6817 ioctl 40046207 0 returned -16
[ 1408.350412][ T6825] binder: BINDER_SET_CONTEXT_MGR already set
10:24:16 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x73682a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:16 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)

[ 1408.394582][ T6825] binder: 6823:6825 ioctl 40046207 0 returned -16
[ 1408.413781][ T8296] binder: undelivered TRANSACTION_COMPLETE
[ 1408.423240][ T6827] binder_alloc: 6816: binder_alloc_buf, no vma
10:24:16 executing program 5:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000740)={r0, 0x9, 0xc}, &(0x7f00000003c0)={'enc=', 'oaep', ' hash=', {'sha384-avx\x00'}}, &(0x7f0000000780)="426029a63743197a6d98f614b78f45e8281b5d56c3d4566758d0e90efbea9208291f5415a12d5094c5910cf48ccff66a42820ff39fd31e6b575f5caa59c6226e0b8b0e38c2ff5ec13460b46bfda3f42e44440f158860a2ed476a0f93cd27fb9964367aeceace3a0048811b607131b9208aed758dc0550d3c46b13217caecf1d3157e216b8f2c984150563d841a191bb9f65b2261e1ac5a3fc2d5811e0650aa976bbde21f643de7", &(0x7f0000000640)="083064139b1dbb962ddb830d3de013f417223f605a699f8415bb713ae5daf79885011bbd9bd6dc2ae54fbb4fd6e7c2768a5cc1f30dac2c014e6ee2c6b6a3c609d0941053ca3910e1cd9c6577bfc738d03b96dee5e4da4332fc1fca617d69bc33bc3dd888f12da1489e27666afc523943e2b5d812653644e8c4afc7c5dc164cec3d7421d2a70a08cde937ea66ce1acda9e4c622fed89a2f425b0d15f78a71a79785af43676f9ce67a7ff811a24ece406a26af6a140b64234429931e32116d451c54b3bc915a1325ad8a8cb857274c46ab022b197f29c2a86c9b93f66ef85f1e837193e9dba2d00cf2b56dbe91c0f8ee269fd1b797")
clock_gettime(0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0)
stat(0x0, &(0x7f00000007c0))
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00'}, 0x58)
r2 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, 0x0)
ioctl$DRM_IOCTL_AGP_UNBIND(r2, 0x40106437, &(0x7f0000000b00)={0x0, 0x1f})
ioctl$VIDIOC_G_FREQUENCY(r2, 0xc02c5638, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, 0x0)
recvfrom$inet(0xffffffffffffffff, &(0x7f0000002340)=""/4096, 0x1000, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000021c0)=[{{&(0x7f0000000180)=@pppoe={0x18, 0x0, {0x0, @remote}}, 0x80, &(0x7f0000000600)=[{0x0}, {0x0}, {&(0x7f0000000440)=""/45, 0x2d}], 0x3, &(0x7f0000000680)=""/76, 0x4c}}, {{&(0x7f0000000700)=@pptp={0x18, 0x2, {0x0, @remote}}, 0x80, &(0x7f0000000dc0)=[{&(0x7f0000000480)=""/21, 0x15}, {&(0x7f0000000780)=""/8, 0x8}, {&(0x7f0000000bc0)=""/252, 0xfc}, {&(0x7f0000000d40)=""/74, 0x4a}, {&(0x7f0000000b40)=""/46, 0x2e}, {0x0}], 0x6, &(0x7f0000000f40)=""/88, 0x58}, 0xffff}, {{&(0x7f00000012c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f0000001a40)=[{&(0x7f00000014c0)=""/177, 0xb1}, {&(0x7f0000001580)=""/162, 0xa2}, {&(0x7f0000001640)=""/72, 0x48}, {&(0x7f0000001340)=""/59, 0x3b}, {&(0x7f00000016c0)=""/82, 0x52}, {&(0x7f0000001740)=""/203, 0xcb}, {&(0x7f0000001900)=""/176, 0xb0}, {&(0x7f00000019c0)=""/113, 0x71}], 0x8}, 0x6}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001d00)=""/229, 0xe5}, 0xe21c}, {{&(0x7f0000001e00)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f00000020c0)=[{&(0x7f0000001e80)=""/222, 0xde}, {0x0}, {0x0}], 0x3}, 0x4}], 0x5, 0x40000000, 0x0)
r3 = accept$alg(r1, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x167, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x3ed, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400})
setxattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)=@known='trusted.overlay.impure\x00', &(0x7f0000000380)=' hash=', 0x6, 0x1)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

[ 1408.459257][ T8296] binder: send failed reply for transaction 7882, target dead
10:24:17 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x73682a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1408.529769][ T6834] binder: 6830:6834 got transaction with invalid handle, 0
[ 1408.567497][ T6839] binder_alloc: 6830: binder_alloc_buf, no vma
10:24:17 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x77622a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1408.686454][ T6844] binder_alloc: 6842: binder_alloc_buf, no vma
[ 1408.713924][ T6845] Dev loop5: unable to read RDB block 1
[ 1408.767458][ T6845]  loop5: unable to read partition table
10:24:17 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x77622a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1408.812373][ T8296] binder: release 6850:6851 transaction 7896 out, still active
[ 1408.814778][ T6845] loop5: partition table beyond EOD, truncated
[ 1408.829721][ T8296] binder: unexpected work type, 4, not freed
[ 1408.837289][ T6851] binder: BINDER_SET_CONTEXT_MGR already set
[ 1408.860017][ T6852] binder_alloc: 6850: binder_alloc_buf, no vma
[ 1408.861780][ T8296] binder: undelivered TRANSACTION_COMPLETE
[ 1408.898174][ T6851] binder: 6850:6851 ioctl 40046207 0 returned -16
[ 1408.899130][ T8296] binder: send failed reply for transaction 7896, target dead
10:24:17 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x77682a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1408.937919][ T6845] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1408.966312][ T6855] binder_alloc: 6854: binder_alloc_buf, no vma
10:24:17 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x77682a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1409.127025][ T6862] binder: 6860:6862 got transaction with invalid handle, 0
[ 1409.163456][ T6863] binder: 6860:6863 got transaction with invalid handle, 0
10:24:17 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, 0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:17 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0x1000000, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1409.217160][ T6865] binder: BINDER_SET_CONTEXT_MGR already set
[ 1409.260964][ T6865] binder: 6864:6865 ioctl 40046207 0 returned -16
10:24:17 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xfeffffff, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:17 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0x1000000, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1409.427892][ T1829] binder: release 6872:6875 transaction 7914 out, still active
[ 1409.441962][ T6875] binder: BINDER_SET_CONTEXT_MGR already set
[ 1409.448146][ T1829] binder: unexpected work type, 4, not freed
10:24:17 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:17 executing program 5:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000740)={r0, 0x9, 0xc}, &(0x7f00000003c0)={'enc=', 'oaep', ' hash=', {'sha384-avx\x00'}}, &(0x7f0000000780)="426029a63743197a6d98f614b78f45e8281b5d56c3d4566758d0e90efbea9208291f5415a12d5094c5910cf48ccff66a42820ff39fd31e6b575f5caa59c6226e0b8b0e38c2ff5ec13460b46bfda3f42e44440f158860a2ed476a0f93cd27fb9964367aeceace3a0048811b607131b9208aed758dc0550d3c46b13217caecf1d3157e216b8f2c984150563d841a191bb9f65b2261e1ac5a3fc2d5811e0650aa976bbde21f643de7", &(0x7f0000000640)="083064139b1dbb962ddb830d3de013f417223f605a699f8415bb713ae5daf79885011bbd9bd6dc2ae54fbb4fd6e7c2768a5cc1f30dac2c014e6ee2c6b6a3c609d0941053ca3910e1cd9c6577bfc738d03b96dee5e4da4332fc1fca617d69bc33bc3dd888f12da1489e27666afc523943e2b5d812653644e8c4afc7c5dc164cec3d7421d2a70a08cde937ea66ce1acda9e4c622fed89a2f425b0d15f78a71a79785af43676f9ce67a7ff811a24ece406a26af6a140b64234429931e32116d451c54b3bc915a1325ad8a8cb857274c46ab022b197f29c2a86c9b93f66ef85f1e837193e9dba2d00cf2b56dbe91c0f8ee269fd1b797")
clock_gettime(0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0)
stat(0x0, &(0x7f00000007c0))
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00'}, 0x58)
r2 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, 0x0)
ioctl$DRM_IOCTL_AGP_UNBIND(r2, 0x40106437, &(0x7f0000000b00)={0x0, 0x1f})
ioctl$VIDIOC_G_FREQUENCY(r2, 0xc02c5638, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, 0x0)
recvfrom$inet(0xffffffffffffffff, &(0x7f0000002340)=""/4096, 0x1000, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000021c0)=[{{&(0x7f0000000180)=@pppoe={0x18, 0x0, {0x0, @remote}}, 0x80, &(0x7f0000000600)=[{0x0}, {0x0}, {&(0x7f0000000440)=""/45, 0x2d}], 0x3, &(0x7f0000000680)=""/76, 0x4c}}, {{&(0x7f0000000700)=@pptp={0x18, 0x2, {0x0, @remote}}, 0x80, &(0x7f0000000dc0)=[{&(0x7f0000000480)=""/21, 0x15}, {&(0x7f0000000780)=""/8, 0x8}, {&(0x7f0000000bc0)=""/252, 0xfc}, {&(0x7f0000000d40)=""/74, 0x4a}, {&(0x7f0000000b40)=""/46, 0x2e}, {0x0}], 0x6, &(0x7f0000000f40)=""/88, 0x58}, 0xffff}, {{&(0x7f00000012c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f0000001a40)=[{&(0x7f00000014c0)=""/177, 0xb1}, {&(0x7f0000001580)=""/162, 0xa2}, {&(0x7f0000001640)=""/72, 0x48}, {&(0x7f0000001340)=""/59, 0x3b}, {&(0x7f00000016c0)=""/82, 0x52}, {&(0x7f0000001740)=""/203, 0xcb}, {&(0x7f0000001900)=""/176, 0xb0}, {&(0x7f00000019c0)=""/113, 0x71}], 0x8}, 0x6}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001d00)=""/229, 0xe5}, 0xe21c}, {{&(0x7f0000001e00)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f00000020c0)=[{&(0x7f0000001e80)=""/222, 0xde}, {0x0}, {0x0}], 0x3}, 0x4}], 0x5, 0x40000000, 0x0)
r3 = accept$alg(r1, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x167, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x3ed, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400})
setxattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)=@known='trusted.overlay.impure\x00', &(0x7f0000000380)=' hash=', 0x6, 0x1)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

[ 1409.473978][ T6876] binder_alloc: 6872: binder_alloc_buf, no vma
[ 1409.490763][ T1829] binder: undelivered TRANSACTION_COMPLETE
[ 1409.490962][ T6875] binder: 6872:6875 ioctl 40046207 0 returned -16
[ 1409.496702][ T1829] binder: send failed reply for transaction 7914, target dead
10:24:18 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:18 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1409.717810][ T6892] binder: 6891:6892 got transaction with too large buffer
[ 1409.760356][ T6897] binder: BINDER_SET_CONTEXT_MGR already set
[ 1409.781757][ T6893] Dev loop5: unable to read RDB block 1
[ 1409.794775][ T6897] binder: 6895:6897 ioctl 40046207 0 returned -16
[ 1409.794819][ T6892] binder: BINDER_SET_CONTEXT_MGR already set
[ 1409.819587][ T6892] binder: 6891:6892 ioctl 40046207 0 returned -16
[ 1409.835558][ T6893]  loop5: unable to read partition table
10:24:18 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:18 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1409.894773][ T6893] loop5: partition table beyond EOD, truncated
[ 1409.955108][ T6893] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1410.025212][ T6904] binder: 6902:6904 got transaction with too large buffer
[ 1410.033985][ T6905] binder: BINDER_SET_CONTEXT_MGR already set
[ 1410.051279][ T6905] binder: 6903:6905 ioctl 40046207 0 returned -16
[ 1410.083976][ T6904] binder: BINDER_SET_CONTEXT_MGR already set
[ 1410.127696][ T6904] binder: 6902:6904 ioctl 40046207 0 returned -16
10:24:18 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:18 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:18 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500), 0x0)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:18 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xffffff7f, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1410.391074][ T6919] binder: BINDER_SET_CONTEXT_MGR already set
10:24:18 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1410.439505][ T6921] binder: 6916:6921 got transaction with too large buffer
[ 1410.441165][ T6919] binder: 6912:6919 ioctl 40046207 0 returned -16
10:24:18 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x5}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1410.484758][ T6925] binder: 6916:6925 got transaction with too large buffer
10:24:19 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x5}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:19 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1410.673300][ T6938] binder: BINDER_SET_CONTEXT_MGR already set
[ 1410.703310][ T6938] binder: 6930:6938 ioctl 40046207 0 returned -16
[ 1410.715324][ T6937] binder: 6935:6937 got transaction with too large buffer
10:24:19 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1410.736600][ T6940] binder: BINDER_SET_CONTEXT_MGR already set
[ 1410.752622][ T6940] binder: 6939:6940 ioctl 40046207 0 returned -16
[ 1410.757272][ T6941] binder: 6935:6941 got transaction with too large buffer
[ 1410.775802][ T6940] binder: 6939:6940 got transaction with too large buffer
10:24:19 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:19 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:19 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1410.933118][ T6948] binder: 6946:6948 got transaction with too large buffer
[ 1410.963017][ T6951] binder: 6946:6951 got transaction with too large buffer
[ 1411.029841][ T6955] binder: BINDER_SET_CONTEXT_MGR already set
[ 1411.046000][ T6955] binder: 6953:6955 ioctl 40046207 0 returned -16
[ 1411.054711][ T6956] binder: BINDER_SET_CONTEXT_MGR already set
10:24:19 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1411.084683][ T6956] binder: 6954:6956 ioctl 40046207 0 returned -16
10:24:19 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x77622a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1411.185206][ T6962] binder: 6960:6962 got transaction with too large buffer
10:24:19 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500), 0x0)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

[ 1411.228507][ T6964] binder: BINDER_SET_CONTEXT_MGR already set
10:24:19 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xfffffffe, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1411.298197][ T6964] binder: 6963:6964 ioctl 40046207 0 returned -16
10:24:19 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:19 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x10}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:19 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x10}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:19 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x73622a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1411.467283][ T6982] binder: BINDER_SET_CONTEXT_MGR already set
[ 1411.482028][ T6982] binder: 6978:6982 ioctl 40046207 0 returned -16
[ 1411.497824][ T1829] binder: release 6980:6985 transaction 7984 out, still active
[ 1411.510413][ T1829] binder: unexpected work type, 4, not freed
[ 1411.524412][ T1829] binder: undelivered TRANSACTION_COMPLETE
[ 1411.531919][ T6987] binder_transaction: 38 callbacks suppressed
[ 1411.531936][ T6987] binder: 6978:6987 transaction failed 29201/-22, size 64-16 line 3357
10:24:20 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x28}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:20 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x73622a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1411.569669][ T8296] binder: send failed reply for transaction 7984, target dead
[ 1411.586489][ T6987] binder: 6978:6987 transaction failed 29201/-22, size 64-16 line 3357
[ 1411.590203][ T8296] binder_release_work: 38 callbacks suppressed
[ 1411.590209][ T8296] binder: undelivered TRANSACTION_ERROR: 29201
[ 1411.670794][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1411.700397][ T6993] binder: BINDER_SET_CONTEXT_MGR already set
10:24:20 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x28}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1411.717303][ T6994] binder: BINDER_SET_CONTEXT_MGR already set
[ 1411.728331][ T6993] binder: 6991:6993 ioctl 40046207 0 returned -16
[ 1411.747134][ T6994] binder: 6992:6994 ioctl 40046207 0 returned -16
[ 1411.756982][ T6996] binder: 6991:6996 transaction failed 29189/-22, size 64-16 line 2995
[ 1411.770386][ T6997] binder: 6992:6997 transaction failed 29189/-22, size 64-16 line 2995
[ 1411.799374][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
[ 1411.814374][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
10:24:20 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x10}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:20 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x38}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1411.845386][ T7000] binder: 6998:7000 transaction failed 29201/-22, size 64-16 line 3357
[ 1411.894797][ T8296] binder: undelivered TRANSACTION_ERROR: 29201
[ 1411.907601][ T7003] binder: 6998:7003 transaction failed 29201/-22, size 64-16 line 3357
[ 1411.945689][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1411.964559][ T7006] binder: BINDER_SET_CONTEXT_MGR already set
10:24:20 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500), 0x0)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:20 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x38}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1411.985901][ T7006] binder: 7005:7006 ioctl 40046207 0 returned -16
[ 1411.986419][ T7007] binder: BINDER_SET_CONTEXT_MGR already set
[ 1412.031054][ T7007] binder: 7004:7007 ioctl 40046207 0 returned -16
[ 1412.040160][ T7006] binder_alloc_new_buf_locked: 7 callbacks suppressed
[ 1412.040171][ T7006] binder_alloc: 6998: binder_alloc_buf, no vma
[ 1412.069233][ T7009] binder: 7004:7009 transaction failed 29189/-22, size 64-16 line 2995
[ 1412.076132][ T7006] binder: 7005:7006 transaction failed 29189/-3, size 64-16 line 3148
10:24:20 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x1000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1412.149981][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1412.160559][ T7015] binder: BINDER_SET_CONTEXT_MGR already set
[ 1412.191116][ T7015] binder: 7005:7015 ioctl 40046207 0 returned -16
[ 1412.191430][ T7014] binder: 7012:7014 transaction failed 29201/-22, size 64-16 line 3357
[ 1412.219714][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1412.294981][ T7014] binder: BINDER_SET_CONTEXT_MGR already set
[ 1412.334143][ T8296] binder: undelivered TRANSACTION_ERROR: 29201
10:24:20 executing program 1:
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:20 executing program 5:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000740)={r0, 0x9, 0xc}, &(0x7f00000003c0)={'enc=', 'oaep', ' hash=', {'sha384-avx\x00'}}, &(0x7f0000000780)="426029a63743197a6d98f614b78f45e8281b5d56c3d4566758d0e90efbea9208291f5415a12d5094c5910cf48ccff66a42820ff39fd31e6b575f5caa59c6226e0b8b0e38c2ff5ec13460b46bfda3f42e44440f158860a2ed476a0f93cd27fb9964367aeceace3a0048811b607131b9208aed758dc0550d3c46b13217caecf1d3157e216b8f2c984150563d841a191bb9f65b2261e1ac5a3fc2d5811e0650aa976bbde21f643de7", &(0x7f0000000640)="083064139b1dbb962ddb830d3de013f417223f605a699f8415bb713ae5daf79885011bbd9bd6dc2ae54fbb4fd6e7c2768a5cc1f30dac2c014e6ee2c6b6a3c609d0941053ca3910e1cd9c6577bfc738d03b96dee5e4da4332fc1fca617d69bc33bc3dd888f12da1489e27666afc523943e2b5d812653644e8c4afc7c5dc164cec3d7421d2a70a08cde937ea66ce1acda9e4c622fed89a2f425b0d15f78a71a79785af43676f9ce67a7ff811a24ece406a26af6a140b64234429931e32116d451c54b3bc915a1325ad8a8cb857274c46ab022b197f29c2a86c9b93f66ef85f1e837193e9dba2d00cf2b56dbe91c0f8ee269fd1b797")
clock_gettime(0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0)
stat(0x0, &(0x7f00000007c0))
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00'}, 0x58)
r2 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, 0x0)
ioctl$DRM_IOCTL_AGP_UNBIND(r2, 0x40106437, &(0x7f0000000b00)={0x0, 0x1f})
ioctl$VIDIOC_G_FREQUENCY(r2, 0xc02c5638, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, 0x0)
recvfrom$inet(0xffffffffffffffff, &(0x7f0000002340)=""/4096, 0x1000, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000021c0)=[{{&(0x7f0000000180)=@pppoe={0x18, 0x0, {0x0, @remote}}, 0x80, &(0x7f0000000600)=[{0x0}, {0x0}, {&(0x7f0000000440)=""/45, 0x2d}], 0x3, &(0x7f0000000680)=""/76, 0x4c}}, {{&(0x7f0000000700)=@pptp={0x18, 0x2, {0x0, @remote}}, 0x80, &(0x7f0000000dc0)=[{&(0x7f0000000480)=""/21, 0x15}, {&(0x7f0000000780)=""/8, 0x8}, {&(0x7f0000000bc0)=""/252, 0xfc}, {&(0x7f0000000d40)=""/74, 0x4a}, {&(0x7f0000000b40)=""/46, 0x2e}, {0x0}], 0x6, &(0x7f0000000f40)=""/88, 0x58}, 0xffff}, {{&(0x7f00000012c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f0000001a40)=[{&(0x7f00000014c0)=""/177, 0xb1}, {&(0x7f0000001580)=""/162, 0xa2}, {&(0x7f0000001640)=""/72, 0x48}, {&(0x7f0000001340)=""/59, 0x3b}, {&(0x7f00000016c0)=""/82, 0x52}, {&(0x7f0000001740)=""/203, 0xcb}, {&(0x7f0000001900)=""/176, 0xb0}, {&(0x7f00000019c0)=""/113, 0x71}], 0x8}, 0x6}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001d00)=""/229, 0xe5}, 0xe21c}, {{&(0x7f0000001e00)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f00000020c0)=[{&(0x7f0000001e80)=""/222, 0xde}, {0x0}, {0x0}], 0x3}, 0x4}], 0x5, 0x40000000, 0x0)
r3 = accept$alg(r1, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x167, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x3ed, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400})
setxattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)=@known='trusted.overlay.impure\x00', &(0x7f0000000380)=' hash=', 0x6, 0x1)
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x23}])

10:24:20 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x48}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1412.345134][ T7020] binder: 7012:7020 transaction failed 29189/-22, size 64-16 line 2995
[ 1412.389208][ T7014] binder: 7012:7014 ioctl 40046207 0 returned -16
[ 1412.416682][ T7027] binder_alloc: 7024: binder_alloc_buf, no vma
[ 1412.416782][ T6090] binder: undelivered TRANSACTION_ERROR: 29189
10:24:20 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x48}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:20 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4c}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:21 executing program 1:
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1412.579210][ T7031] Dev loop5: unable to read RDB block 1
[ 1412.629269][ T7038] binder_alloc: 7037: binder_alloc_buf, no vma
[ 1412.642893][ T7042] binder: BINDER_SET_CONTEXT_MGR already set
[ 1412.658154][ T7031]  loop5: unable to read partition table
[ 1412.667738][ T7042] binder: 7039:7042 ioctl 40046207 0 returned -16
10:24:21 executing program 1:
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:21 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4c}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:21 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x50}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1412.717763][ T7031] loop5: partition table beyond EOD, truncated
[ 1412.788538][ T7031] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1412.906297][ T7056] binder: BINDER_SET_CONTEXT_MGR already set
[ 1412.917752][ T7056] binder: 7055:7056 ioctl 40046207 0 returned -16
[ 1412.970128][ T7060] binder_alloc: 7051: binder_alloc_buf, no vma
10:24:21 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{0x0}], 0x1)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:21 executing program 1:
r0 = syz_open_dev$dspn(0x0, 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:21 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x32000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:21 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x50}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:21 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x66646185}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:21 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x60}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:21 executing program 1:
r0 = syz_open_dev$dspn(0x0, 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:21 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x60}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1413.265353][ T7077] binder_alloc: 7076: binder_alloc_buf, no vma
[ 1413.300433][ T7083] binder: BINDER_SET_CONTEXT_MGR already set
10:24:21 executing program 1:
r0 = syz_open_dev$dspn(0x0, 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:21 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x68}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1413.320862][ T7083] binder: 7081:7083 ioctl 40046207 0 returned -16
[ 1413.346670][ T7087] binder: 7084:7087 got transaction with invalid parent offset or type
[ 1413.431115][ T7093] binder: BINDER_SET_CONTEXT_MGR already set
[ 1413.449283][ T7093] binder: 7092:7093 ioctl 40046207 0 returned -16
10:24:21 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x68}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:21 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x66646185}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1413.483015][ T7096] binder: BINDER_SET_CONTEXT_MGR already set
[ 1413.508385][ T7096] binder: 7092:7096 ioctl 40046207 0 returned -16
[ 1413.595868][ T7102] binder: BINDER_SET_CONTEXT_MGR already set
[ 1413.615188][ T7102] binder: 7101:7102 ioctl 40046207 0 returned -16
10:24:22 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{0x0}], 0x1)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:22 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x0, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:22 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x100000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:22 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6c}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:22 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6c}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:22 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x50, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:22 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x0, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:22 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{0x0}], 0x1)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:22 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x0, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1414.060956][ T7126] binder: BINDER_SET_CONTEXT_MGR already set
[ 1414.080784][ T7126] binder: 7119:7126 ioctl 40046207 0 returned -16
[ 1414.080788][ T7130] binder: BINDER_SET_CONTEXT_MGR already set
[ 1414.080810][ T7130] binder: 7127:7130 ioctl 40046207 0 returned -16
10:24:22 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x74}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1414.110324][ T7126] binder: 7119:7126 got transaction with invalid parent offset or type
[ 1414.143005][ T7126] binder: transaction release 8070 bad handle 1, ret = -22
10:24:22 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x50, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1414.187896][ T7137] binder: BINDER_SET_CONTEXT_MGR already set
[ 1414.220386][ T7136] binder: BINDER_SET_CONTEXT_MGR already set
[ 1414.228662][ T7137] binder: 7135:7137 ioctl 40046207 0 returned -16
10:24:22 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1414.253077][ T7136] binder: 7127:7136 ioctl 40046207 0 returned -16
10:24:22 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7a}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:22 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x74}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1414.294205][ T7144] binder: BINDER_SET_CONTEXT_MGR already set
[ 1414.327759][ T7144] binder: 7142:7144 ioctl 40046207 0 returned -16
[ 1414.463722][ T7154] binder: BINDER_SET_CONTEXT_MGR already set
[ 1414.474573][ T7154] binder: 7152:7154 ioctl 40046207 0 returned -16
[ 1414.492815][ T7156] binder: BINDER_SET_CONTEXT_MGR already set
[ 1414.498960][ T7156] binder: 7152:7156 ioctl 40046207 0 returned -16
10:24:23 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x200000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:23 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:23 executing program 5:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xc, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:23 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x300}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:23 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7a}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:23 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:23 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1414.992801][ T7166] binder_transaction: 22 callbacks suppressed
[ 1414.992810][ T7166] binder: 7165:7166 got transaction with too large buffer
[ 1415.007147][ T7168] binder: BINDER_SET_CONTEXT_MGR already set
[ 1415.021554][ T7168] binder: 7167:7168 ioctl 40046207 0 returned -16
[ 1415.045909][ T7168] binder: 7167:7168 got transaction with too large buffer
[ 1415.061391][ T7179] binder: 7165:7179 got transaction with too large buffer
[ 1415.076172][ T7168] binder: transaction release 8095 bad handle 2, ret = -22
10:24:23 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x500}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:23 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:23 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x300}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1415.204829][ T7188] binder: 7187:7188 got transaction with too large buffer
[ 1415.234840][ T7191] binder: 7187:7191 got transaction with too large buffer
10:24:23 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x600}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1415.258459][ T7193] binder: BINDER_SET_CONTEXT_MGR already set
[ 1415.269794][ T7193] binder: 7192:7193 ioctl 40046207 0 returned -16
10:24:23 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x500}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1415.346460][ T7198] binder: 7197:7198 got transaction with too large buffer
[ 1415.371415][ T7198] binder: BINDER_SET_CONTEXT_MGR already set
[ 1415.398991][ T7198] binder: 7197:7198 ioctl 40046207 0 returned -16
[ 1415.427170][ T7202] binder_alloc: 7201: binder_alloc_buf, no vma
10:24:24 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x300000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:24 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x700}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:24 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x600}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:24 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f5e0ff, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:24 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1415.779305][ T7214] binder: 7212:7214 got transaction with too large buffer
[ 1415.793814][ T7215] binder: BINDER_SET_CONTEXT_MGR already set
[ 1415.799824][ T7215] binder: 7210:7215 ioctl 40046207 0 returned -16
[ 1415.822131][ T7213] binder: BINDER_SET_CONTEXT_MGR already set
[ 1415.832491][ T7213] binder: 7211:7213 ioctl 40046207 0 returned -16
[ 1415.843734][ T7219] binder: 7212:7219 got transaction with too large buffer
[ 1415.844223][ T7218] binder_alloc: 7212: binder_alloc_buf size 100000016 failed, no address space
[ 1415.874548][ T7218] binder_alloc: allocated: 80 (num: 1 largest: 80), free: 12208 (num: 1 largest: 12208)
[ 1415.893867][ T7213] binder: 7211:7213 got transaction with too large buffer
10:24:24 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:24 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:24 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f5e0ff, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1415.927646][ T7224] binder: BINDER_SET_CONTEXT_MGR already set
[ 1415.997964][ T7224] binder: 7211:7224 ioctl 40046207 0 returned -16
[ 1416.005626][ T7228] binder: 7226:7228 got transaction with too large buffer
10:24:24 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x700}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:24 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2800}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1416.048154][ T7234] binder: BINDER_SET_CONTEXT_MGR already set
[ 1416.078691][ T7234] binder: 7230:7234 ioctl 40046207 0 returned -16
[ 1416.108616][ T7239] binder_alloc: 7237: binder_alloc_buf, no vma
[ 1416.133376][ T7240] binder_alloc: 7237: binder_alloc_buf, no vma
10:24:24 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:24 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3800}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1416.370351][ T7253] binder_alloc: 7251: binder_alloc_buf, no vma
10:24:25 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x400000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:25 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:25 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3f00}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:25 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2800}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:25 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1416.689550][ T7264] binder_alloc: 7259: binder_alloc_buf, no vma
[ 1416.698502][ T7266] binder: BINDER_SET_CONTEXT_MGR already set
[ 1416.709337][ T7267] binder: BINDER_SET_CONTEXT_MGR already set
[ 1416.715977][ T7266] binder: 7260:7266 ioctl 40046207 0 returned -16
[ 1416.721311][ T7264] binder_transaction: 51 callbacks suppressed
[ 1416.721328][ T7264] binder: 7259:7264 transaction failed 29189/-3, size 64-16 line 3148
[ 1416.726625][ T7267] binder: 7262:7267 ioctl 40046207 0 returned -16
[ 1416.738443][ T6090] binder_release_work: 51 callbacks suppressed
[ 1416.738450][ T6090] binder: undelivered TRANSACTION_ERROR: 29189
[ 1416.759834][ T7266] binder: 7260:7266 transaction failed 29189/-22, size 40-16 line 2995
[ 1416.771313][ T7271] binder: 7262:7271 transaction failed 29189/-22, size 64-16 line 2995
[ 1416.771602][ T6090] binder: undelivered TRANSACTION_ERROR: 29189
[ 1416.805783][ T6090] binder: undelivered TRANSACTION_ERROR: 29189
[ 1416.817799][ T7271] binder: 7262:7271 transaction failed 29201/-22, size 64-16 line 3357
[ 1416.833839][ T6090] binder: undelivered TRANSACTION_ERROR: 29201
10:24:25 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:25 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3800}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:25 executing program 5:
syz_read_part_table(0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000000440)="36d4eba5289f69e841c18e691746f3aa26f2bac57c7e9c17518d1e44b782736dd564b1fd09c2644daa36fb9635301a232b2e6add2a5898dc7a35d7d521fc0fae0cd26876b0ec3b79330e0f9a862e8c6902fce7ea6ea3edf7c3fe33c9e65b6c26ea3a6b41a9a3e5a0a4abf02849787d07e9b81e0cbc19fdef0bd8900e8af58b4a1f9bbf0e2d526647e2bf8f29bfdf667a71092bdbf07ad4c4cf0ccc4e7d5b42da41264018bbd41140f9a2106d413de799e570a9e65236007b04ba224288efc8922fa720cee5945768bb8bdce0ad1fb93ba197f014798b82e7d92f264822b60eec69001014ca167dc56324005e027611b0055a1e0d9ffd953cf171dacb9c645b1e743a005550000c3d8282cf3c0fe0df0bb8ed2c4eb40fa0240d28d40e759d885674d309352a8a2721bf78a5bc052f6b0e8124ab8190dbdfadc55c3c6fed53de4b442d64bea80cf17ead7d05235a2bc9fbaa46c008933e6648120ed1279350c9d54ab491d01c22bbdf6f82a5cdce76a35c8b88e5f640a25f0f44d91fa804df24745858e2a707e738b5500f03dd28d89572c42eb6ec80014616440b24bcf4b783c1f0db3a8663ff06e45ca85f51ae17dce0e1b95df6fb0167561c0c8dbbc159543e69be67943622fab91613a7c8ae100609631ccf7232421936b37955a586", 0x1dd, 0x59}])

10:24:25 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1416.951003][ T7278] binder: 7276:7278 transaction failed 29189/-3, size 64-16 line 3148
[ 1416.951660][ T7281] binder: BINDER_SET_CONTEXT_MGR already set
[ 1416.965815][ T7281] binder: 7277:7281 ioctl 40046207 0 returned -16
[ 1416.978525][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1416.987658][ T7278] binder: 7276:7278 transaction failed 29189/-3, size 64-16 line 3148
[ 1417.000034][ T7288] binder: 7277:7288 transaction failed 29189/-3, size 64-16 line 3148
[ 1417.002330][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1417.009516][ T7282] Dev loop5: unable to read RDB block 1
[ 1417.020324][ T7282]  loop5: unable to read partition table
[ 1417.033360][ T7282] loop5: partition table beyond EOD, truncated
[ 1417.042197][ T6090] binder: undelivered TRANSACTION_ERROR: 29189
10:24:25 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3f00}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1417.050027][ T7288] binder: 7277:7288 transaction failed 29201/-22, size 64-16 line 3357
[ 1417.065244][ T7282] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[ 1417.074430][ T6090] binder: undelivered TRANSACTION_ERROR: 29201
10:24:25 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4800}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1417.141283][ T7292] binder_alloc_new_buf_locked: 3 callbacks suppressed
[ 1417.141291][ T7292] binder_alloc: 7291: binder_alloc_buf, no vma
10:24:25 executing program 5:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x1000000feffffff, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1417.237747][ T7292] binder: 7291:7292 transaction failed 29189/-3, size 64-16 line 3148
[ 1417.249063][ T7297] binder: BINDER_SET_CONTEXT_MGR already set
[ 1417.270030][ T7297] binder: 7296:7297 ioctl 40046207 0 returned -16
[ 1417.270479][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1417.283401][ T7299] binder: BINDER_SET_CONTEXT_MGR already set
[ 1417.296531][ T7299] binder: 7291:7299 ioctl 40046207 0 returned -16
[ 1417.303208][ T7297] binder_alloc: 7291: binder_alloc_buf, no vma
[ 1417.309622][ T7297] binder: 7296:7297 transaction failed 29189/-3, size 64-16 line 3148
[ 1417.332505][ T6090] binder: undelivered TRANSACTION_ERROR: 29189
10:24:25 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x500000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:25 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, 0x0, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:25 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:25 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4c00}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:25 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x5000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1417.528110][ T7315] binder: BINDER_SET_CONTEXT_MGR already set
[ 1417.549936][ T7315] binder: 7311:7315 ioctl 40046207 0 returned -16
10:24:26 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:26 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4800}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:26 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:26 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6800}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1417.862240][ T7330] binder: BINDER_SET_CONTEXT_MGR already set
[ 1417.880127][ T7330] binder: 7326:7330 ioctl 40046207 0 returned -16
10:24:26 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4c00}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:26 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6c00}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:26 executing program 5:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1002002, 0x800000000008031, 0xffffffffffffffff, 0x0)
memfd_create(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x10000000002)
mincore(&(0x7f00008ea000/0x2000)=nil, 0x2009, &(0x7f0000000000)=""/152)

[ 1418.029015][ T7344] binder_alloc: 7343: binder_alloc_buf, no vma
[ 1418.042903][ T7346] binder: BINDER_SET_CONTEXT_MGR already set
[ 1418.054960][ T7346] binder: 7345:7346 ioctl 40046207 0 returned -16
[ 1418.081345][ T7346] binder_alloc: 7343: binder_alloc_buf, no vma
10:24:26 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, 0x0, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:26 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7400}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:26 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x600000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:26 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x5000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:26 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1418.429708][ T7363] binder_alloc: 7361: binder_alloc_buf, no vma
[ 1418.438538][ T7364] binder: BINDER_SET_CONTEXT_MGR already set
[ 1418.464030][ T7364] binder: 7360:7364 ioctl 40046207 0 returned -16
[ 1418.559218][ T7373] binder_alloc: 7372: binder_alloc_buf, no vma
10:24:27 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:27 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7a00}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:27 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6800}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:27 executing program 5:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff35, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1418.766746][ T7381] binder_alloc: 7378: binder_alloc_buf, no vma
[ 1418.769099][ T7383] binder: BINDER_SET_CONTEXT_MGR already set
[ 1418.781261][ T7383] binder: 7380:7383 ioctl 40046207 0 returned -16
10:24:27 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6c00}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:27 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x1000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1418.812662][ T7389] binder_alloc: 7380: binder_alloc_buf, no vma
[ 1418.894891][ T7396] binder_alloc: 7394: binder_alloc_buf, no vma
10:24:27 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:27 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, 0x0, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:27 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7400}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1419.092793][ T7409] binder_alloc: 7408: binder_alloc_buf, no vma
10:24:27 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x700000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:27 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:27 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7a00}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1419.273304][ T7418] binder: BINDER_SET_CONTEXT_MGR already set
[ 1419.296699][ T7418] binder: 7417:7418 ioctl 40046207 0 returned -16
10:24:28 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:28 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:28 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x1000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:28 executing program 5 (fault-call:0 fault-nth:0):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

10:24:28 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1419.736053][ T7438] FAULT_INJECTION: forcing a failure.
[ 1419.736053][ T7438] name failslab, interval 1, probability 0, space 0, times 0
[ 1419.741598][ T7439] binder: BINDER_SET_CONTEXT_MGR already set
[ 1419.770079][ T7438] CPU: 1 PID: 7438 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1419.775680][ T7439] binder: 7429:7439 ioctl 40046207 0 returned -16
[ 1419.778114][ T7438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1419.778121][ T7438] Call Trace:
[ 1419.778153][ T7438]  dump_stack+0x172/0x1f0
[ 1419.778179][ T7438]  should_fail.cold+0xa/0x15
[ 1419.806808][ T7438]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1419.812621][ T7438]  ? ___might_sleep+0x163/0x280
[ 1419.817480][ T7438]  __should_failslab+0x121/0x190
[ 1419.822419][ T7438]  should_failslab+0x9/0x14
[ 1419.826936][ T7438]  __kmalloc+0x2dc/0x740
[ 1419.831190][ T7438]  ? fput_many+0x12c/0x1a0
[ 1419.835615][ T7438]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1419.841857][ T7438]  ? strnlen_user+0x1f0/0x280
[ 1419.846532][ T7438]  ? __x64_sys_memfd_create+0x13c/0x470
[ 1419.852082][ T7438]  __x64_sys_memfd_create+0x13c/0x470
[ 1419.857467][ T7438]  ? memfd_fcntl+0x1550/0x1550
[ 1419.862236][ T7438]  ? do_syscall_64+0x26/0x610
[ 1419.866924][ T7438]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1419.872301][ T7438]  ? trace_hardirqs_on+0x67/0x230
[ 1419.877329][ T7438]  do_syscall_64+0x103/0x610
[ 1419.881931][ T7438]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1419.887822][ T7438] RIP: 0033:0x458c29
[ 1419.891716][ T7438] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1419.911322][ T7438] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 1419.919733][ T7438] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000458c29
[ 1419.927700][ T7438] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004bdb87
10:24:28 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x5000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:28 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1419.935677][ T7438] RBP: 000000000073bf00 R08: fe03f80fe03f80ff R09: 00000000fbad8001
[ 1419.943649][ T7438] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2fdbaf66d4
[ 1419.951619][ T7438] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1420.015827][ T7450] binder: BINDER_SET_CONTEXT_MGR already set
[ 1420.030292][ T7450] binder: 7449:7450 ioctl 40046207 0 returned -16
[ 1420.045687][ T7450] binder_transaction: 25 callbacks suppressed
[ 1420.045696][ T7450] binder: 7449:7450 got transaction with too large buffer
10:24:28 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:28 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1420.059193][ T7450] binder: transaction release 8289 bad handle 1, ret = -22
[ 1420.202350][ T7461] binder: 7460:7461 got transaction with too large buffer
10:24:28 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x800000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:28 executing program 5 (fault-call:0 fault-nth:1):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

10:24:28 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1420.245032][ T7463] binder: 7460:7463 got transaction with too large buffer
[ 1420.301852][ T7467] binder: BINDER_SET_CONTEXT_MGR already set
[ 1420.314332][ T7467] binder: 7466:7467 ioctl 40046207 0 returned -16
[ 1420.384711][ T7468] FAULT_INJECTION: forcing a failure.
[ 1420.384711][ T7468] name failslab, interval 1, probability 0, space 0, times 0
[ 1420.414177][ T7468] CPU: 1 PID: 7468 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1420.422110][ T7468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1420.432186][ T7468] Call Trace:
[ 1420.435499][ T7468]  dump_stack+0x172/0x1f0
[ 1420.439830][ T7468]  should_fail.cold+0xa/0x15
[ 1420.444405][ T7468]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1420.450211][ T7468]  ? ___might_sleep+0x163/0x280
[ 1420.455059][ T7468]  __should_failslab+0x121/0x190
[ 1420.460034][ T7468]  ? shmem_destroy_callback+0xc0/0xc0
[ 1420.465399][ T7468]  should_failslab+0x9/0x14
[ 1420.469931][ T7468]  kmem_cache_alloc+0x2b2/0x6f0
[ 1420.474815][ T7468]  ? __alloc_fd+0x430/0x530
[ 1420.479302][ T7468]  ? shmem_destroy_callback+0xc0/0xc0
[ 1420.484676][ T7468]  shmem_alloc_inode+0x1c/0x50
[ 1420.489424][ T7468]  alloc_inode+0x66/0x190
[ 1420.493734][ T7468]  new_inode_pseudo+0x19/0xf0
[ 1420.498393][ T7468]  new_inode+0x1f/0x40
[ 1420.502544][ T7468]  shmem_get_inode+0x84/0x780
[ 1420.507215][ T7468]  __shmem_file_setup.part.0+0x7e/0x2b0
[ 1420.512748][ T7468]  shmem_file_setup+0x66/0x90
[ 1420.517428][ T7468]  __x64_sys_memfd_create+0x2a2/0x470
[ 1420.522794][ T7468]  ? memfd_fcntl+0x1550/0x1550
[ 1420.527568][ T7468]  ? do_syscall_64+0x26/0x610
[ 1420.532231][ T7468]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1420.537516][ T7468]  ? trace_hardirqs_on+0x67/0x230
[ 1420.542554][ T7468]  do_syscall_64+0x103/0x610
[ 1420.547131][ T7468]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1420.553001][ T7468] RIP: 0033:0x458c29
[ 1420.556913][ T7468] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1420.576513][ T7468] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
10:24:29 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:29 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:29 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x5000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1420.584933][ T7468] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000458c29
[ 1420.592913][ T7468] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004bdb87
[ 1420.600881][ T7468] RBP: 000000000073bf00 R08: fe03f80fe03f80ff R09: 00000000fbad8001
[ 1420.608855][ T7468] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2fdbaf66d4
[ 1420.616825][ T7468] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
10:24:29 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:29 executing program 5 (fault-call:0 fault-nth:2):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1420.670000][ T7479] binder: BINDER_SET_CONTEXT_MGR already set
[ 1420.700904][ T7479] binder: 7477:7479 ioctl 40046207 0 returned -16
10:24:29 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:29 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x10000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:29 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

[ 1420.812983][ T7494] FAULT_INJECTION: forcing a failure.
[ 1420.812983][ T7494] name failslab, interval 1, probability 0, space 0, times 0
10:24:29 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1420.885584][ T7501] binder: 7498:7501 got transaction with too large buffer
[ 1420.905817][ T7502] binder: 7498:7502 got transaction with too large buffer
[ 1420.948899][ T7494] CPU: 0 PID: 7494 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1420.956836][ T7494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1420.966894][ T7494] Call Trace:
[ 1420.970207][ T7494]  dump_stack+0x172/0x1f0
[ 1420.974559][ T7494]  should_fail.cold+0xa/0x15
[ 1420.979157][ T7494]  ? find_held_lock+0x35/0x130
[ 1420.983927][ T7494]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1420.989744][ T7494]  ? ___might_sleep+0x163/0x280
[ 1420.989765][ T7494]  __should_failslab+0x121/0x190
[ 1420.989782][ T7494]  should_failslab+0x9/0x14
[ 1420.989798][ T7494]  kmem_cache_alloc+0x2b2/0x6f0
[ 1420.989819][ T7494]  ? __put_user_ns+0x70/0x70
[ 1420.999594][ T7494]  ? shmem_alloc_inode+0x1c/0x50
[ 1420.999614][ T7494]  ? rcu_read_lock_sched_held+0x110/0x130
[ 1420.999635][ T7494]  security_inode_alloc+0x39/0x160
[ 1420.999653][ T7494]  inode_init_always+0x56e/0xb50
[ 1420.999672][ T7494]  alloc_inode+0x83/0x190
[ 1421.038520][ T7494]  new_inode_pseudo+0x19/0xf0
[ 1421.043231][ T7494]  new_inode+0x1f/0x40
[ 1421.047310][ T7494]  shmem_get_inode+0x84/0x780
[ 1421.051994][ T7494]  __shmem_file_setup.part.0+0x7e/0x2b0
[ 1421.058071][ T7494]  shmem_file_setup+0x66/0x90
[ 1421.062769][ T7494]  __x64_sys_memfd_create+0x2a2/0x470
[ 1421.068150][ T7494]  ? memfd_fcntl+0x1550/0x1550
[ 1421.072927][ T7494]  ? do_syscall_64+0x26/0x610
[ 1421.077609][ T7494]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1421.082893][ T7494]  ? trace_hardirqs_on+0x67/0x230
[ 1421.088040][ T7494]  do_syscall_64+0x103/0x610
[ 1421.092639][ T7494]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1421.098549][ T7494] RIP: 0033:0x458c29
[ 1421.102445][ T7494] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1421.122516][ T7494] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 1421.130936][ T7494] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000458c29
[ 1421.138922][ T7494] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004bdb87
[ 1421.146912][ T7494] RBP: 000000000073bf00 R08: fe03f80fe03f80ff R09: 00000000fbad8001
[ 1421.160965][ T7494] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2fdbaf66d4
[ 1421.168950][ T7494] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
10:24:29 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x20000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:29 executing program 5 (fault-call:0 fault-nth:3):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

10:24:29 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x900000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:29 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x10000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1421.298691][ T7519] FAULT_INJECTION: forcing a failure.
[ 1421.298691][ T7519] name failslab, interval 1, probability 0, space 0, times 0
[ 1421.342194][ T7519] CPU: 1 PID: 7519 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1421.350122][ T7519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1421.360167][ T7519] Call Trace:
[ 1421.363469][ T7519]  dump_stack+0x172/0x1f0
[ 1421.364104][ T7520] binder: 7516:7520 got transaction with too large buffer
[ 1421.367804][ T7519]  should_fail.cold+0xa/0x15
[ 1421.367824][ T7519]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1421.367844][ T7519]  ? ___might_sleep+0x163/0x280
[ 1421.367866][ T7519]  __should_failslab+0x121/0x190
[ 1421.395123][ T7519]  should_failslab+0x9/0x14
[ 1421.397904][ T7520] binder: BINDER_SET_CONTEXT_MGR already set
[ 1421.399649][ T7519]  kmem_cache_alloc+0x2b2/0x6f0
[ 1421.399665][ T7519]  ? current_time+0x6b/0x140
[ 1421.399682][ T7519]  ? ktime_get_coarse_real_ts64+0xf0/0x2b0
[ 1421.399697][ T7519]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1421.399713][ T7519]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1421.399735][ T7519]  ? timespec64_trunc+0xf0/0x180
[ 1421.406767][ T7520] binder: 7516:7520 ioctl 40046207 0 returned -16
[ 1421.410568][ T7519]  __d_alloc+0x2e/0x8c0
[ 1421.410587][ T7519]  d_alloc_pseudo+0x1e/0x30
[ 1421.410603][ T7519]  alloc_file_pseudo+0xe2/0x280
[ 1421.410618][ T7519]  ? alloc_file+0x4d0/0x4d0
[ 1421.410642][ T7519]  ? lockdep_annotate_inode_mutex_key+0x5b/0x70
[ 1421.467999][ T7519]  __shmem_file_setup.part.0+0x108/0x2b0
[ 1421.473643][ T7519]  shmem_file_setup+0x66/0x90
[ 1421.478309][ T7519]  __x64_sys_memfd_create+0x2a2/0x470
[ 1421.483668][ T7519]  ? memfd_fcntl+0x1550/0x1550
[ 1421.488413][ T7519]  ? do_syscall_64+0x26/0x610
[ 1421.493073][ T7519]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1421.498347][ T7519]  ? trace_hardirqs_on+0x67/0x230
[ 1421.503356][ T7519]  do_syscall_64+0x103/0x610
[ 1421.507949][ T7519]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1421.513833][ T7519] RIP: 0033:0x458c29
[ 1421.517736][ T7519] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
10:24:30 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x20000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:30 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x28000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1421.537327][ T7519] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 1421.545744][ T7519] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000458c29
[ 1421.553698][ T7519] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004bdb87
[ 1421.561647][ T7519] RBP: 000000000073bf00 R08: fe03f80fe03f80ff R09: 00000000fbad8001
[ 1421.569597][ T7519] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2fdbaf66d4
[ 1421.577545][ T7519] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
10:24:30 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1421.634439][ T7533] binder: 7529:7533 got transaction with too large buffer
[ 1421.643175][ T7532] binder: BINDER_SET_CONTEXT_MGR already set
[ 1421.659805][ T7532] binder: 7528:7532 ioctl 40046207 0 returned -16
[ 1421.666645][ T7534] binder: 7529:7534 got transaction with too large buffer
[ 1421.674566][ T7532] binder: 7528:7532 got transaction with too large buffer
10:24:30 executing program 5 (fault-call:0 fault-nth:4):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

10:24:30 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x38000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1421.695266][ T7535] binder: BINDER_SET_CONTEXT_MGR already set
[ 1421.715587][ T7535] binder: 7528:7535 ioctl 40046207 0 returned -16
10:24:30 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:30 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x28000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1421.825557][ T7543] binder: 7540:7543 got transaction with too large buffer
[ 1421.851286][ T7547] FAULT_INJECTION: forcing a failure.
[ 1421.851286][ T7547] name failslab, interval 1, probability 0, space 0, times 0
[ 1421.868370][ T7543] binder_transaction: 54 callbacks suppressed
[ 1421.868388][ T7543] binder: 7540:7543 transaction failed 29201/-22, size 64-16 line 3357
[ 1421.901512][ T7551] binder: BINDER_SET_CONTEXT_MGR already set
[ 1421.907687][ T7547] CPU: 1 PID: 7547 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1421.915581][ T7547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1421.925719][ T7547] Call Trace:
[ 1421.929021][ T7547]  dump_stack+0x172/0x1f0
[ 1421.933365][ T7547]  should_fail.cold+0xa/0x15
[ 1421.938051][ T7547]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1421.943865][ T7547]  ? ___might_sleep+0x163/0x280
[ 1421.948730][ T7547]  __should_failslab+0x121/0x190
[ 1421.953672][ T7547]  should_failslab+0x9/0x14
[ 1421.958174][ T7547]  kmem_cache_alloc+0x2b2/0x6f0
[ 1421.963033][ T7547]  __alloc_file+0x27/0x300
[ 1421.967461][ T7547]  alloc_empty_file+0x72/0x170
[ 1421.972237][ T7547]  alloc_file+0x5e/0x4d0
[ 1421.976489][ T7547]  alloc_file_pseudo+0x189/0x280
[ 1421.981431][ T7547]  ? alloc_file+0x4d0/0x4d0
[ 1421.985946][ T7547]  ? lockdep_annotate_inode_mutex_key+0x5b/0x70
[ 1421.992201][ T7547]  __shmem_file_setup.part.0+0x108/0x2b0
[ 1421.997841][ T7547]  shmem_file_setup+0x66/0x90
[ 1422.002522][ T7547]  __x64_sys_memfd_create+0x2a2/0x470
[ 1422.007896][ T7547]  ? memfd_fcntl+0x1550/0x1550
[ 1422.012667][ T7547]  ? do_syscall_64+0x26/0x610
[ 1422.017345][ T7547]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1422.022642][ T7547]  ? trace_hardirqs_on+0x67/0x230
[ 1422.027672][ T7547]  do_syscall_64+0x103/0x610
[ 1422.032271][ T7547]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1422.038167][ T7547] RIP: 0033:0x458c29
[ 1422.042062][ T7547] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1422.061679][ T7547] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 1422.070101][ T7547] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000458c29
[ 1422.078077][ T7547] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004bdb87
[ 1422.081012][ T7551] binder: 7549:7551 ioctl 40046207 0 returned -16
[ 1422.086060][ T7547] RBP: 000000000073bf00 R08: fe03f80fe03f80ff R09: 00000000fbad8001
[ 1422.086070][ T7547] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2fdbaf66d4
[ 1422.086078][ T7547] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1422.093004][ T7555] binder: 7549:7555 transaction failed 29201/-22, size 64-16 line 3357
10:24:30 executing program 5 (fault-call:0 fault-nth:5):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

10:24:30 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x10, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

[ 1422.100799][ T1829] binder_release_work: 54 callbacks suppressed
[ 1422.100806][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1422.112244][ T7543] binder: BINDER_SET_CONTEXT_MGR already set
[ 1422.172209][ T7553] binder: 7540:7553 transaction failed 29201/-22, size 64-16 line 3357
[ 1422.182774][ T6090] binder: undelivered TRANSACTION_ERROR: 29201
[ 1422.197965][ T7543] binder: 7540:7543 ioctl 40046207 0 returned -16
10:24:30 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x38000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1422.221263][ T6090] binder: undelivered TRANSACTION_ERROR: 29201
[ 1422.260469][ T7564] FAULT_INJECTION: forcing a failure.
[ 1422.260469][ T7564] name failslab, interval 1, probability 0, space 0, times 0
[ 1422.314609][ T7564] CPU: 1 PID: 7564 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1422.322532][ T7564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1422.332585][ T7564] Call Trace:
[ 1422.335880][ T7564]  dump_stack+0x172/0x1f0
[ 1422.340245][ T7564]  should_fail.cold+0xa/0x15
[ 1422.341339][ T7568] binder_alloc_new_buf_locked: 6 callbacks suppressed
[ 1422.341347][ T7568] binder_alloc: 7567: binder_alloc_buf, no vma
[ 1422.344849][ T7564]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1422.344871][ T7564]  ? ___might_sleep+0x163/0x280
[ 1422.344894][ T7564]  __should_failslab+0x121/0x190
[ 1422.352429][ T7568] binder: 7567:7568 transaction failed 29189/-3, size 64-16 line 3148
[ 1422.357807][ T7564]  should_failslab+0x9/0x14
[ 1422.357824][ T7564]  kmem_cache_alloc+0x2b2/0x6f0
[ 1422.357846][ T7564]  ? rcu_read_lock_sched_held+0x110/0x130
[ 1422.366082][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1422.368476][ T7564]  ? kmem_cache_alloc+0x32e/0x6f0
[ 1422.368499][ T7564]  security_file_alloc+0x39/0x170
[ 1422.368517][ T7564]  __alloc_file+0xac/0x300
[ 1422.417147][ T7564]  alloc_empty_file+0x72/0x170
[ 1422.421923][ T7564]  alloc_file+0x5e/0x4d0
[ 1422.426149][ T7564]  alloc_file_pseudo+0x189/0x280
[ 1422.431064][ T7564]  ? alloc_file+0x4d0/0x4d0
[ 1422.435551][ T7564]  ? lockdep_annotate_inode_mutex_key+0x5b/0x70
[ 1422.441779][ T7564]  __shmem_file_setup.part.0+0x108/0x2b0
[ 1422.447396][ T7564]  shmem_file_setup+0x66/0x90
[ 1422.452056][ T7564]  __x64_sys_memfd_create+0x2a2/0x470
[ 1422.457423][ T7564]  ? memfd_fcntl+0x1550/0x1550
[ 1422.462170][ T7564]  ? do_syscall_64+0x26/0x610
[ 1422.466825][ T7564]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1422.472100][ T7564]  ? trace_hardirqs_on+0x67/0x230
[ 1422.477133][ T7564]  do_syscall_64+0x103/0x610
[ 1422.481708][ T7564]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1422.487585][ T7564] RIP: 0033:0x458c29
[ 1422.491457][ T7564] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
10:24:31 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xa00000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:31 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3f000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:31 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3f000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1422.511039][ T7564] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 1422.519433][ T7564] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000458c29
[ 1422.527383][ T7564] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004bdb87
[ 1422.535342][ T7564] RBP: 000000000073bf00 R08: fe03f80fe03f80ff R09: 00000000fbad8001
[ 1422.543316][ T7564] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2fdbaf66d4
[ 1422.551291][ T7564] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
10:24:31 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x10, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

[ 1422.599414][ T7574] binder: 7571:7574 transaction failed 29201/-22, size 64-16 line 3357
[ 1422.628014][ T6090] binder: undelivered TRANSACTION_ERROR: 29201
[ 1422.635902][ T7577] binder: BINDER_SET_CONTEXT_MGR already set
10:24:31 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x0, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:31 executing program 5 (fault-call:0 fault-nth:6):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1422.663678][ T7574] binder: BINDER_SET_CONTEXT_MGR already set
[ 1422.670219][ T7577] binder: 7575:7577 ioctl 40046207 0 returned -16
[ 1422.685956][ T7578] binder_alloc: 7571: binder_alloc_buf, no vma
[ 1422.697543][ T7583] binder: 7575:7583 transaction failed 29189/-22, size 64-16 line 2995
[ 1422.709013][ T7574] binder: 7571:7574 ioctl 40046207 0 returned -16
[ 1422.722429][ T6090] binder: undelivered TRANSACTION_ERROR: 29189
[ 1422.731466][ T7578] binder: 7571:7578 transaction failed 29189/-3, size 64-16 line 3148
10:24:31 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x40000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1422.773176][ T6090] binder: undelivered TRANSACTION_ERROR: 29189
[ 1422.789949][ T7591] FAULT_INJECTION: forcing a failure.
[ 1422.789949][ T7591] name failslab, interval 1, probability 0, space 0, times 0
[ 1422.816296][ T7591] CPU: 0 PID: 7591 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1422.824216][ T7591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1422.834270][ T7591] Call Trace:
[ 1422.837580][ T7591]  dump_stack+0x172/0x1f0
[ 1422.841934][ T7591]  should_fail.cold+0xa/0x15
[ 1422.846557][ T7591]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1422.852378][ T7591]  ? ___might_sleep+0x163/0x280
[ 1422.857241][ T7591]  __should_failslab+0x121/0x190
[ 1422.862193][ T7591]  should_failslab+0x9/0x14
[ 1422.866701][ T7591]  kmem_cache_alloc+0x2b2/0x6f0
10:24:31 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x10, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

[ 1422.871560][ T7591]  ? notify_change+0x6d5/0xfb0
[ 1422.876329][ T7591]  ? do_sys_ftruncate+0x41e/0x550
[ 1422.881364][ T7591]  getname_flags+0xd6/0x5b0
[ 1422.885872][ T7591]  getname+0x1a/0x20
[ 1422.889762][ T7591]  do_sys_open+0x2c9/0x5d0
[ 1422.894181][ T7591]  ? filp_open+0x80/0x80
[ 1422.898430][ T7591]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1422.904684][ T7591]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1422.910147][ T7591]  ? do_syscall_64+0x26/0x610
[ 1422.914833][ T7591]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1422.920911][ T7591]  ? do_syscall_64+0x26/0x610
[ 1422.925595][ T7591]  __x64_sys_open+0x7e/0xc0
[ 1422.930119][ T7591]  do_syscall_64+0x103/0x610
[ 1422.934724][ T7591]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1422.940611][ T7591] RIP: 0033:0x412bc1
[ 1422.944504][ T7591] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1422.964201][ T7591] RSP: 002b:00007f2fdbaf5a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
10:24:31 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:31 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x40000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1422.972623][ T7591] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000412bc1
[ 1422.980596][ T7591] RDX: 00007f2fdbaf5b0a RSI: 0000000000000002 RDI: 00007f2fdbaf5b00
[ 1422.988566][ T7591] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1422.996563][ T7591] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004
[ 1423.004798][ T7591] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1423.037395][ T7597] binder_alloc: 7594: binder_alloc_buf, no vma
[ 1423.062075][ T7597] binder: 7594:7597 transaction failed 29189/-3, size 64-16 line 3148
10:24:31 executing program 5 (fault-call:0 fault-nth:7):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1423.094502][ T7604] binder: BINDER_SET_CONTEXT_MGR already set
[ 1423.112449][ T7604] binder: 7602:7604 ioctl 40046207 0 returned -16
[ 1423.112455][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1423.133956][ T7606] binder: 7603:7606 transaction failed 29201/-22, size 64-16 line 3357
10:24:31 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x48000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1423.165149][ T6090] binder: undelivered TRANSACTION_ERROR: 29201
[ 1423.179520][ T7608] binder: 7603:7608 transaction failed 29189/-22, size 64-16 line 2995
[ 1423.207389][ T6090] binder: undelivered TRANSACTION_ERROR: 29201
[ 1423.250354][ T7613] FAULT_INJECTION: forcing a failure.
[ 1423.250354][ T7613] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1423.255964][ T7614] binder: BINDER_SET_CONTEXT_MGR already set
[ 1423.263594][ T7613] CPU: 0 PID: 7613 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1423.263606][ T7613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1423.263612][ T7613] Call Trace:
[ 1423.263639][ T7613]  dump_stack+0x172/0x1f0
[ 1423.263664][ T7613]  should_fail.cold+0xa/0x15
[ 1423.263692][ T7613]  ? __lock_acquire+0x548/0x3fb0
[ 1423.276533][ T7614] binder: 7610:7614 ioctl 40046207 0 returned -16
[ 1423.277545][ T7613]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1423.277562][ T7613]  ? __lock_acquire+0x548/0x3fb0
[ 1423.277585][ T7613]  should_fail_alloc_page+0x50/0x60
[ 1423.327358][ T7613]  __alloc_pages_nodemask+0x1a1/0x7e0
[ 1423.332740][ T7613]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[ 1423.332755][ T7613]  ? find_held_lock+0x35/0x130
[ 1423.332780][ T7613]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1423.332800][ T7613]  cache_grow_begin+0x9c/0x860
[ 1423.332814][ T7613]  ? getname_flags+0xd6/0x5b0
[ 1423.332829][ T7613]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1423.332846][ T7613]  kmem_cache_alloc+0x62d/0x6f0
[ 1423.332860][ T7613]  ? notify_change+0x6d5/0xfb0
[ 1423.332881][ T7613]  ? do_sys_ftruncate+0x41e/0x550
[ 1423.343358][ T7613]  getname_flags+0xd6/0x5b0
[ 1423.343385][ T7613]  getname+0x1a/0x20
[ 1423.387822][ T7613]  do_sys_open+0x2c9/0x5d0
[ 1423.392246][ T7613]  ? filp_open+0x80/0x80
[ 1423.396497][ T7613]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1423.402775][ T7613]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1423.408236][ T7613]  ? do_syscall_64+0x26/0x610
[ 1423.412914][ T7613]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1423.418982][ T7613]  ? do_syscall_64+0x26/0x610
[ 1423.423663][ T7613]  __x64_sys_open+0x7e/0xc0
[ 1423.428174][ T7613]  do_syscall_64+0x103/0x610
[ 1423.432863][ T7613]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1423.438756][ T7613] RIP: 0033:0x412bc1
[ 1423.442651][ T7613] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1423.462269][ T7613] RSP: 002b:00007f2fdbaf5a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1423.470704][ T7613] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000412bc1
[ 1423.478677][ T7613] RDX: 00007f2fdbaf5b0a RSI: 0000000000000002 RDI: 00007f2fdbaf5b00
[ 1423.486662][ T7613] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
10:24:31 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xb00000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:31 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x48000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:31 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:31 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4c000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1423.486671][ T7613] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004
[ 1423.486680][ T7613] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1423.574701][ T7613] gfs2: not a GFS2 filesystem
10:24:32 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x0, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:32 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1423.615330][ T7631] binder: BINDER_SET_CONTEXT_MGR already set
[ 1423.627835][ T7631] binder: 7620:7631 ioctl 40046207 0 returned -16
[ 1423.635304][ T7629] binder: BINDER_SET_CONTEXT_MGR already set
10:24:32 executing program 5 (fault-call:0 fault-nth:8):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1423.701134][ T7629] binder: 7625:7629 ioctl 40046207 0 returned -16
[ 1423.731704][ T7643] binder: BINDER_SET_CONTEXT_MGR already set
[ 1423.742433][ T7644] binder: BINDER_SET_CONTEXT_MGR already set
10:24:32 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4c000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1423.748446][ T7644] binder: 7625:7644 ioctl 40046207 0 returned -16
[ 1423.759282][ T7643] binder: 7637:7643 ioctl 40046207 0 returned -16
[ 1423.779435][ T7646] FAULT_INJECTION: forcing a failure.
[ 1423.779435][ T7646] name failslab, interval 1, probability 0, space 0, times 0
10:24:32 executing program 4 (fault-call:4 fault-nth:0):
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

[ 1423.849664][ T7646] CPU: 1 PID: 7646 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1423.857589][ T7646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1423.867659][ T7646] Call Trace:
[ 1423.870969][ T7646]  dump_stack+0x172/0x1f0
[ 1423.875319][ T7646]  should_fail.cold+0xa/0x15
[ 1423.879928][ T7646]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1423.886354][ T7646]  ? ___might_sleep+0x163/0x280
[ 1423.891213][ T7646]  __should_failslab+0x121/0x190
[ 1423.896195][ T7646]  should_failslab+0x9/0x14
[ 1423.900718][ T7646]  kmem_cache_alloc+0x2b2/0x6f0
[ 1423.905591][ T7646]  ? __save_stack_trace+0x99/0x100
[ 1423.910901][ T7646]  __alloc_file+0x27/0x300
[ 1423.910926][ T7646]  alloc_empty_file+0x72/0x170
[ 1423.910944][ T7646]  path_openat+0xef/0x46e0
[ 1423.910960][ T7646]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1423.910975][ T7646]  ? kasan_slab_alloc+0xf/0x20
[ 1423.910996][ T7646]  ? kmem_cache_alloc+0x11a/0x6f0
[ 1423.920170][ T7646]  ? getname_flags+0xd6/0x5b0
[ 1423.920181][ T7646]  ? getname+0x1a/0x20
[ 1423.920196][ T7646]  ? do_sys_open+0x2c9/0x5d0
[ 1423.920210][ T7646]  ? __x64_sys_open+0x7e/0xc0
[ 1423.920226][ T7646]  ? do_syscall_64+0x103/0x610
[ 1423.920248][ T7646]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1423.969510][ T7646]  ? __lock_acquire+0x548/0x3fb0
[ 1423.974554][ T7646]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 1423.980152][ T7646]  ? __alloc_fd+0x430/0x530
[ 1423.984740][ T7646]  do_filp_open+0x1a1/0x280
[ 1423.989260][ T7646]  ? may_open_dev+0x100/0x100
[ 1423.993960][ T7646]  ? lock_downgrade+0x880/0x880
[ 1423.998827][ T7646]  ? kasan_check_read+0x11/0x20
[ 1424.003686][ T7646]  ? do_raw_spin_unlock+0x57/0x270
[ 1424.008814][ T7646]  ? _raw_spin_unlock+0x2d/0x50
[ 1424.013672][ T7646]  ? __alloc_fd+0x430/0x530
[ 1424.018212][ T7646]  do_sys_open+0x3fe/0x5d0
[ 1424.022638][ T7646]  ? filp_open+0x80/0x80
[ 1424.026885][ T7646]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1424.026907][ T7646]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1424.026929][ T7646]  ? do_syscall_64+0x26/0x610
[ 1424.026952][ T7646]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1424.043578][ T7646]  ? do_syscall_64+0x26/0x610
[ 1424.043603][ T7646]  __x64_sys_open+0x7e/0xc0
[ 1424.043620][ T7646]  do_syscall_64+0x103/0x610
[ 1424.043643][ T7646]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1424.069412][ T7646] RIP: 0033:0x412bc1
[ 1424.073410][ T7646] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
10:24:32 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x50000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:32 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x60000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:32 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x68000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1424.093197][ T7646] RSP: 002b:00007f2fdbaf5a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1424.101630][ T7646] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000412bc1
[ 1424.109921][ T7646] RDX: 00007f2fdbaf5b0a RSI: 0000000000000002 RDI: 00007f2fdbaf5b00
[ 1424.118077][ T7646] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1424.126072][ T7646] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004
[ 1424.134059][ T7646] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
10:24:32 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xb00020000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:32 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x50000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:32 executing program 5 (fault-call:0 fault-nth:9):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

10:24:32 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6c000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1424.528888][ T7677] binder: BINDER_SET_CONTEXT_MGR already set
[ 1424.536412][ T7681] FAULT_INJECTION: forcing a failure.
[ 1424.536412][ T7681] name failslab, interval 1, probability 0, space 0, times 0
[ 1424.546855][ T7677] binder: 7674:7677 ioctl 40046207 0 returned -16
[ 1424.559379][ T7681] CPU: 1 PID: 7681 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1424.567283][ T7681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1424.577339][ T7681] Call Trace:
[ 1424.580655][ T7681]  dump_stack+0x172/0x1f0
[ 1424.585021][ T7681]  should_fail.cold+0xa/0x15
[ 1424.589664][ T7681]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1424.595492][ T7681]  ? ___might_sleep+0x163/0x280
[ 1424.600351][ T7681]  __should_failslab+0x121/0x190
[ 1424.605315][ T7681]  should_failslab+0x9/0x14
[ 1424.609825][ T7681]  kmem_cache_alloc+0x2b2/0x6f0
[ 1424.614689][ T7681]  ? rcu_read_lock_sched_held+0x110/0x130
[ 1424.620515][ T7681]  ? kmem_cache_alloc+0x32e/0x6f0
[ 1424.625552][ T7681]  security_file_alloc+0x39/0x170
[ 1424.630600][ T7681]  __alloc_file+0xac/0x300
[ 1424.635027][ T7681]  alloc_empty_file+0x72/0x170
[ 1424.639789][ T7681]  path_openat+0xef/0x46e0
[ 1424.644209][ T7681]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1424.644224][ T7681]  ? kasan_slab_alloc+0xf/0x20
[ 1424.644237][ T7681]  ? kmem_cache_alloc+0x11a/0x6f0
[ 1424.644248][ T7681]  ? getname_flags+0xd6/0x5b0
[ 1424.644260][ T7681]  ? getname+0x1a/0x20
[ 1424.644280][ T7681]  ? do_sys_open+0x2c9/0x5d0
[ 1424.664538][ T7681]  ? __x64_sys_open+0x7e/0xc0
[ 1424.677937][ T7681]  ? do_syscall_64+0x103/0x610
[ 1424.682717][ T7681]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1424.688798][ T7681]  ? __lock_acquire+0x548/0x3fb0
[ 1424.693736][ T7681]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 1424.699097][ T7681]  ? __alloc_fd+0x430/0x530
[ 1424.703675][ T7681]  do_filp_open+0x1a1/0x280
[ 1424.708156][ T7681]  ? may_open_dev+0x100/0x100
[ 1424.712818][ T7681]  ? lock_downgrade+0x880/0x880
[ 1424.717650][ T7681]  ? kasan_check_read+0x11/0x20
[ 1424.722497][ T7681]  ? do_raw_spin_unlock+0x57/0x270
[ 1424.727589][ T7681]  ? _raw_spin_unlock+0x2d/0x50
[ 1424.732420][ T7681]  ? __alloc_fd+0x430/0x530
[ 1424.736942][ T7681]  do_sys_open+0x3fe/0x5d0
[ 1424.741351][ T7681]  ? filp_open+0x80/0x80
[ 1424.745586][ T7681]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1424.751807][ T7681]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1424.757261][ T7681]  ? do_syscall_64+0x26/0x610
[ 1424.761948][ T7681]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1424.768014][ T7681]  ? do_syscall_64+0x26/0x610
[ 1424.772685][ T7681]  __x64_sys_open+0x7e/0xc0
[ 1424.777172][ T7681]  do_syscall_64+0x103/0x610
[ 1424.781742][ T7681]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1424.787608][ T7681] RIP: 0033:0x412bc1
[ 1424.791496][ T7681] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1424.813199][ T7681] RSP: 002b:00007f2fdbaf5a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1424.821588][ T7681] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000412bc1
10:24:33 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x0, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:33 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:33 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x74000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:33 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x60000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:33 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xc00000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1424.829536][ T7681] RDX: 00007f2fdbaf5b0a RSI: 0000000000000002 RDI: 00007f2fdbaf5b00
[ 1424.837484][ T7681] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1424.845434][ T7681] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004
[ 1424.853411][ T7681] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
10:24:33 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7a000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1424.956984][ T7698] binder: BINDER_SET_CONTEXT_MGR already set
[ 1425.001044][ T7698] binder: 7693:7698 ioctl 40046207 0 returned -16
10:24:33 executing program 5 (fault-call:0 fault-nth:10):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

10:24:33 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x100000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1425.121711][ T7712] FAULT_INJECTION: forcing a failure.
[ 1425.121711][ T7712] name failslab, interval 1, probability 0, space 0, times 0
[ 1425.134806][ T7712] CPU: 1 PID: 7712 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1425.153391][ T7712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1425.163457][ T7712] Call Trace:
[ 1425.166765][ T7712]  dump_stack+0x172/0x1f0
[ 1425.171113][ T7712]  should_fail.cold+0xa/0x15
[ 1425.175708][ T7712]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1425.181528][ T7712]  ? ___might_sleep+0x163/0x280
[ 1425.186384][ T7712]  __should_failslab+0x121/0x190
[ 1425.191331][ T7712]  ? loop_info64_to_compat+0x6d0/0x6d0
[ 1425.196795][ T7712]  should_failslab+0x9/0x14
[ 1425.201303][ T7712]  kmem_cache_alloc_trace+0x2d1/0x760
[ 1425.206679][ T7712]  ? lockdep_init_map+0x1be/0x6d0
[ 1425.211715][ T7712]  ? loop_info64_to_compat+0x6d0/0x6d0
[ 1425.217178][ T7712]  __kthread_create_on_node+0xf2/0x460
[ 1425.222638][ T7712]  ? lock_acquire+0x16f/0x3f0
[ 1425.227349][ T7712]  ? kthread_parkme+0xb0/0xb0
[ 1425.232044][ T7712]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1425.238293][ T7712]  ? kasan_check_read+0x11/0x20
[ 1425.243148][ T7712]  ? mutex_trylock+0x1e0/0x1e0
[ 1425.248377][ T7712]  ? loop_info64_to_compat+0x6d0/0x6d0
[ 1425.253937][ T7712]  kthread_create_on_node+0xbb/0xf0
[ 1425.259146][ T7712]  ? __kthread_create_on_node+0x460/0x460
[ 1425.264872][ T7712]  ? lockdep_init_map+0x1be/0x6d0
[ 1425.269918][ T7712]  ? lockdep_init_map+0x1be/0x6d0
[ 1425.274956][ T7712]  lo_ioctl+0xc1b/0x2150
[ 1425.279208][ T7712]  ? lo_rw_aio+0x1120/0x1120
[ 1425.283808][ T7712]  blkdev_ioctl+0x6f2/0x1d10
[ 1425.288399][ T7712]  ? blkpg_ioctl+0xa90/0xa90
[ 1425.293011][ T7712]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1425.298928][ T7712]  ? ___might_sleep+0x163/0x280
[ 1425.303795][ T7712]  block_ioctl+0xee/0x130
[ 1425.308137][ T7712]  ? blkdev_fallocate+0x410/0x410
[ 1425.313171][ T7712]  do_vfs_ioctl+0xd6e/0x1390
[ 1425.317773][ T7712]  ? ioctl_preallocate+0x210/0x210
[ 1425.322888][ T7712]  ? selinux_file_mprotect+0x620/0x620
[ 1425.328354][ T7712]  ? __fget+0x381/0x550
[ 1425.332518][ T7712]  ? ksys_dup3+0x3e0/0x3e0
[ 1425.336949][ T7712]  ? do_sys_open+0x31d/0x5d0
[ 1425.341558][ T7712]  ? tomoyo_file_ioctl+0x23/0x30
[ 1425.346509][ T7712]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1425.352750][ T7712]  ? security_file_ioctl+0x93/0xc0
[ 1425.357868][ T7712]  ksys_ioctl+0xab/0xd0
[ 1425.362030][ T7712]  __x64_sys_ioctl+0x73/0xb0
[ 1425.366633][ T7712]  do_syscall_64+0x103/0x610
[ 1425.371240][ T7712]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1425.377130][ T7712] RIP: 0033:0x458a97
[ 1425.381028][ T7712] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1425.400636][ T7712] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1425.409056][ T7712] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
10:24:33 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x68000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1425.417040][ T7712] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1425.425012][ T7712] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1425.432983][ T7712] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1425.440952][ T7712] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1425.462324][ T7714] binder_transaction: 23 callbacks suppressed
[ 1425.462333][ T7714] binder: 7713:7714 got transaction with too large buffer
[ 1425.477994][ T7716] binder: 7713:7716 got transaction with too large buffer
10:24:34 executing program 4:
r0 = timerfd_create(0x0, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x200000)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000080)={<r2=>0x0, 0x5}, &(0x7f00000000c0)=0x8)
syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x2, 0x101000)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000100)={r2, 0x600}, &(0x7f0000000140)=0x8)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:34 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x200000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:34 executing program 5 (fault-call:0 fault-nth:11):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1425.549825][ T7720] binder: BINDER_SET_CONTEXT_MGR already set
[ 1425.556140][ T7720] binder: 7719:7720 ioctl 40046207 0 returned -16
[ 1425.563668][ T7720] binder: 7719:7720 got transaction with too large buffer
[ 1425.669469][ T7726] binder: 7724:7726 got transaction with too large buffer
[ 1425.704995][ T7732] binder: 7724:7732 got transaction with too large buffer
[ 1425.716230][ T7730] FAULT_INJECTION: forcing a failure.
[ 1425.716230][ T7730] name failslab, interval 1, probability 0, space 0, times 0
[ 1425.736771][ T7730] CPU: 1 PID: 7730 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1425.744679][ T7730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1425.754738][ T7730] Call Trace:
[ 1425.758052][ T7730]  dump_stack+0x172/0x1f0
[ 1425.762400][ T7730]  should_fail.cold+0xa/0x15
[ 1425.766980][ T7730]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1425.772787][ T7730]  ? ___might_sleep+0x163/0x280
[ 1425.777623][ T7730]  __should_failslab+0x121/0x190
[ 1425.782560][ T7730]  should_failslab+0x9/0x14
[ 1425.787047][ T7730]  kmem_cache_alloc+0x2b2/0x6f0
[ 1425.791898][ T7730]  __kernfs_new_node+0xef/0x690
[ 1425.796752][ T7730]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1425.802219][ T7730]  ? __lock_acquire+0x548/0x3fb0
[ 1425.807164][ T7730]  kernfs_new_node+0x99/0x130
[ 1425.811853][ T7730]  kernfs_create_dir_ns+0x52/0x160
[ 1425.816967][ T7730]  internal_create_group+0x7f8/0xc40
[ 1425.822249][ T7730]  ? bd_set_size+0x89/0xb0
[ 1425.826679][ T7730]  ? remove_files.isra.0+0x190/0x190
[ 1425.831977][ T7730]  sysfs_create_group+0x20/0x30
[ 1425.837253][ T7730]  lo_ioctl+0x10af/0x2150
[ 1425.841608][ T7730]  ? lo_rw_aio+0x1120/0x1120
[ 1425.846186][ T7730]  blkdev_ioctl+0x6f2/0x1d10
[ 1425.850778][ T7730]  ? blkpg_ioctl+0xa90/0xa90
[ 1425.855365][ T7730]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1425.861174][ T7730]  ? ___might_sleep+0x163/0x280
[ 1425.866009][ T7730]  block_ioctl+0xee/0x130
[ 1425.870339][ T7730]  ? blkdev_fallocate+0x410/0x410
[ 1425.875348][ T7730]  do_vfs_ioctl+0xd6e/0x1390
[ 1425.879932][ T7730]  ? ioctl_preallocate+0x210/0x210
[ 1425.885027][ T7730]  ? selinux_file_mprotect+0x620/0x620
[ 1425.890466][ T7730]  ? __fget+0x381/0x550
[ 1425.894605][ T7730]  ? ksys_dup3+0x3e0/0x3e0
[ 1425.899031][ T7730]  ? do_sys_open+0x31d/0x5d0
[ 1425.903605][ T7730]  ? tomoyo_file_ioctl+0x23/0x30
[ 1425.908547][ T7730]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1425.914773][ T7730]  ? security_file_ioctl+0x93/0xc0
[ 1425.919870][ T7730]  ksys_ioctl+0xab/0xd0
[ 1425.924009][ T7730]  __x64_sys_ioctl+0x73/0xb0
[ 1425.928583][ T7730]  do_syscall_64+0x103/0x610
[ 1425.933171][ T7730]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1425.939055][ T7730] RIP: 0033:0x458a97
[ 1425.942937][ T7730] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1425.962527][ T7730] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
10:24:34 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:34 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6c000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:34 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_alloc(0x0, 0x3)
r1 = pkey_alloc(0x0, 0x1)
pkey_free(r1)

10:24:34 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x300000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1425.970928][ T7730] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1425.978880][ T7730] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1425.986831][ T7730] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1425.994780][ T7730] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1426.002732][ T7730] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1426.038001][ T7730] gfs2: not a GFS2 filesystem
10:24:34 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xd00000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1426.089303][ T7744] binder: 7739:7744 got transaction with too large buffer
[ 1426.111418][ T7745] binder: BINDER_SET_CONTEXT_MGR already set
[ 1426.127350][ T7745] binder: 7735:7745 ioctl 40046207 0 returned -16
10:24:34 executing program 5 (fault-call:0 fault-nth:12):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1426.201224][ T7749] binder: BINDER_SET_CONTEXT_MGR already set
10:24:34 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x400000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1426.244362][ T7749] binder: 7735:7749 ioctl 40046207 0 returned -16
[ 1426.269082][ T7757] FAULT_INJECTION: forcing a failure.
[ 1426.269082][ T7757] name failslab, interval 1, probability 0, space 0, times 0
[ 1426.282300][ T7757] CPU: 1 PID: 7757 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1426.290203][ T7757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1426.300263][ T7757] Call Trace:
[ 1426.303574][ T7757]  dump_stack+0x172/0x1f0
[ 1426.307921][ T7757]  should_fail.cold+0xa/0x15
[ 1426.312528][ T7757]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1426.318432][ T7757]  ? __save_stack_trace+0x99/0x100
[ 1426.323552][ T7757]  __should_failslab+0x121/0x190
[ 1426.328494][ T7757]  should_failslab+0x9/0x14
[ 1426.333105][ T7757]  kmem_cache_alloc+0x47/0x6f0
[ 1426.337879][ T7757]  ? save_stack+0xa9/0xd0
[ 1426.342224][ T7757]  ? save_stack+0x45/0xd0
[ 1426.346668][ T7757]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1426.352492][ T7757]  ? kasan_slab_alloc+0xf/0x20
[ 1426.357280][ T7757]  radix_tree_node_alloc.constprop.0+0x1eb/0x340
[ 1426.363619][ T7757]  idr_get_free+0x425/0x8d0
[ 1426.368148][ T7757]  idr_alloc_u32+0x19e/0x330
[ 1426.372746][ T7757]  ? __fprop_inc_percpu_max+0x230/0x230
[ 1426.378297][ T7757]  ? mark_held_locks+0xf0/0xf0
[ 1426.383075][ T7757]  idr_alloc_cyclic+0x132/0x270
[ 1426.387952][ T7757]  ? idr_alloc+0x150/0x150
[ 1426.392420][ T7757]  __kernfs_new_node+0x171/0x690
[ 1426.397367][ T7757]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1426.402833][ T7757]  ? kasan_check_read+0x11/0x20
[ 1426.407694][ T7757]  ? _raw_spin_unlock_irq+0x5e/0x90
[ 1426.412898][ T7757]  ? __schedule+0x1387/0x1cc0
[ 1426.417595][ T7757]  ? __lock_acquire+0x548/0x3fb0
[ 1426.422629][ T7757]  kernfs_new_node+0x99/0x130
[ 1426.427315][ T7757]  kernfs_create_dir_ns+0x52/0x160
[ 1426.432445][ T7757]  internal_create_group+0x7f8/0xc40
[ 1426.437735][ T7757]  ? bd_set_size+0x89/0xb0
[ 1426.442164][ T7757]  ? remove_files.isra.0+0x190/0x190
[ 1426.447470][ T7757]  sysfs_create_group+0x20/0x30
[ 1426.452329][ T7757]  lo_ioctl+0x10af/0x2150
[ 1426.456669][ T7757]  ? lo_rw_aio+0x1120/0x1120
[ 1426.461534][ T7757]  blkdev_ioctl+0x6f2/0x1d10
[ 1426.466139][ T7757]  ? blkpg_ioctl+0xa90/0xa90
[ 1426.470733][ T7757]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1426.476552][ T7757]  ? ___might_sleep+0x163/0x280
[ 1426.481409][ T7757]  block_ioctl+0xee/0x130
[ 1426.485743][ T7757]  ? blkdev_fallocate+0x410/0x410
[ 1426.490778][ T7757]  do_vfs_ioctl+0xd6e/0x1390
[ 1426.495378][ T7757]  ? ioctl_preallocate+0x210/0x210
[ 1426.500494][ T7757]  ? selinux_file_mprotect+0x620/0x620
[ 1426.505958][ T7757]  ? __fget+0x381/0x550
[ 1426.510135][ T7757]  ? ksys_dup3+0x3e0/0x3e0
[ 1426.514585][ T7757]  ? do_sys_open+0x31d/0x5d0
[ 1426.519180][ T7757]  ? tomoyo_file_ioctl+0x23/0x30
[ 1426.524127][ T7757]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1426.530368][ T7757]  ? security_file_ioctl+0x93/0xc0
[ 1426.535488][ T7757]  ksys_ioctl+0xab/0xd0
[ 1426.539665][ T7757]  __x64_sys_ioctl+0x73/0xb0
10:24:34 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x74000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1426.544261][ T7757]  do_syscall_64+0x103/0x610
[ 1426.548859][ T7757]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1426.554752][ T7757] RIP: 0033:0x458a97
[ 1426.558696][ T7757] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1426.578300][ T7757] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1426.586713][ T7757] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1426.594687][ T7757] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1426.602668][ T7757] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1426.610730][ T7757] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1426.618706][ T7757] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1426.641552][ T7757] gfs2: not a GFS2 filesystem
10:24:35 executing program 5 (fault-call:0 fault-nth:13):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1426.677366][ T7765] binder: 7763:7765 got transaction with too large buffer
[ 1426.716483][ T7768] binder: BINDER_SET_CONTEXT_MGR already set
[ 1426.751048][ T7768] binder: 7764:7768 ioctl 40046207 0 returned -16
[ 1426.757656][ T7765] binder: BINDER_SET_CONTEXT_MGR already set
[ 1426.767211][ T7770] binder_alloc: 7763: binder_alloc_buf, no vma
[ 1426.788234][ T7765] binder: 7763:7765 ioctl 40046207 0 returned -16
10:24:35 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7a000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:35 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
accept$packet(r1, &(0x7f0000000080), &(0x7f00000000c0)=0x14)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:35 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x500000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1426.811990][ T7774] FAULT_INJECTION: forcing a failure.
[ 1426.811990][ T7774] name failslab, interval 1, probability 0, space 0, times 0
[ 1426.824731][ T7774] CPU: 1 PID: 7774 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1426.832625][ T7774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1426.842674][ T7774] Call Trace:
[ 1426.845982][ T7774]  dump_stack+0x172/0x1f0
[ 1426.850324][ T7774]  should_fail.cold+0xa/0x15
[ 1426.854973][ T7774]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1426.860787][ T7774]  __should_failslab+0x121/0x190
[ 1426.865710][ T7774]  should_failslab+0x9/0x14
[ 1426.870198][ T7774]  kmem_cache_alloc+0x47/0x6f0
[ 1426.874960][ T7774]  ? save_stack+0xa9/0xd0
[ 1426.879287][ T7774]  ? save_stack+0x45/0xd0
[ 1426.883611][ T7774]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1426.889414][ T7774]  radix_tree_node_alloc.constprop.0+0x1eb/0x340
[ 1426.895748][ T7774]  idr_get_free+0x425/0x8d0
[ 1426.900240][ T7774]  idr_alloc_u32+0x19e/0x330
[ 1426.904839][ T7774]  ? __fprop_inc_percpu_max+0x230/0x230
[ 1426.910380][ T7774]  ? mark_held_locks+0xf0/0xf0
[ 1426.915132][ T7774]  idr_alloc_cyclic+0x132/0x270
[ 1426.919979][ T7774]  ? idr_alloc+0x150/0x150
[ 1426.924402][ T7774]  __kernfs_new_node+0x171/0x690
[ 1426.929336][ T7774]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1426.934789][ T7774]  ? __lock_acquire+0x548/0x3fb0
[ 1426.939720][ T7774]  kernfs_new_node+0x99/0x130
[ 1426.944394][ T7774]  kernfs_create_dir_ns+0x52/0x160
[ 1426.949496][ T7774]  internal_create_group+0x7f8/0xc40
[ 1426.954767][ T7774]  ? bd_set_size+0x89/0xb0
[ 1426.959188][ T7774]  ? remove_files.isra.0+0x190/0x190
[ 1426.964480][ T7774]  sysfs_create_group+0x20/0x30
[ 1426.969340][ T7774]  lo_ioctl+0x10af/0x2150
[ 1426.973653][ T7774]  ? lo_rw_aio+0x1120/0x1120
[ 1426.978322][ T7774]  blkdev_ioctl+0x6f2/0x1d10
[ 1426.982931][ T7774]  ? blkpg_ioctl+0xa90/0xa90
[ 1426.987513][ T7774]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1426.993328][ T7774]  ? ___might_sleep+0x163/0x280
[ 1426.998178][ T7774]  block_ioctl+0xee/0x130
[ 1427.002500][ T7774]  ? blkdev_fallocate+0x410/0x410
[ 1427.007506][ T7774]  do_vfs_ioctl+0xd6e/0x1390
10:24:35 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1427.012077][ T7774]  ? ioctl_preallocate+0x210/0x210
[ 1427.017177][ T7774]  ? selinux_file_mprotect+0x620/0x620
[ 1427.022614][ T7774]  ? __fget+0x381/0x550
[ 1427.026765][ T7774]  ? ksys_dup3+0x3e0/0x3e0
[ 1427.031179][ T7774]  ? do_sys_open+0x31d/0x5d0
[ 1427.035803][ T7774]  ? tomoyo_file_ioctl+0x23/0x30
[ 1427.040746][ T7774]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1427.046993][ T7774]  ? security_file_ioctl+0x93/0xc0
[ 1427.052137][ T7774]  ksys_ioctl+0xab/0xd0
[ 1427.056294][ T7774]  __x64_sys_ioctl+0x73/0xb0
[ 1427.060867][ T7774]  do_syscall_64+0x103/0x610
[ 1427.065456][ T7774]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1427.071347][ T7774] RIP: 0033:0x458a97
[ 1427.075235][ T7774] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1427.094831][ T7774] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1427.103260][ T7774] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1427.111212][ T7774] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1427.119167][ T7774] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1427.128152][ T7774] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1427.136114][ T7774] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1427.195112][ T7774] gfs2: not a GFS2 filesystem
10:24:35 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0xe00000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1427.225943][ T7785] binder: 7783:7785 got transaction with too large buffer
[ 1427.277415][ T7790] binder: BINDER_SET_CONTEXT_MGR already set
[ 1427.283843][ T7785] binder_transaction: 35 callbacks suppressed
[ 1427.283861][ T7785] binder: 7783:7785 transaction failed 29201/-22, size 64-16 line 3357
10:24:35 executing program 5 (fault-call:0 fault-nth:14):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1427.332234][ T7790] binder: 7784:7790 ioctl 40046207 0 returned -16
[ 1427.342548][ T1829] binder_release_work: 35 callbacks suppressed
[ 1427.342555][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1427.345716][ T7796] binder: 7784:7796 got transaction with too large buffer
[ 1427.365483][ T7799] binder: 7783:7799 got transaction with too large buffer
[ 1427.379993][ T7796] binder: 7784:7796 transaction failed 29201/-22, size 64-16 line 3357
[ 1427.404059][ T7799] binder: 7783:7799 transaction failed 29201/-22, size 64-16 line 3357
[ 1427.430062][ T7803] FAULT_INJECTION: forcing a failure.
[ 1427.430062][ T7803] name failslab, interval 1, probability 0, space 0, times 0
[ 1427.433812][ T8296] binder: undelivered TRANSACTION_ERROR: 29201
[ 1427.454872][ T7803] CPU: 0 PID: 7803 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1427.455883][ T7796] binder: BINDER_SET_CONTEXT_MGR already set
[ 1427.462782][ T7803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1427.462791][ T7803] Call Trace:
[ 1427.462820][ T7803]  dump_stack+0x172/0x1f0
[ 1427.462844][ T7803]  should_fail.cold+0xa/0x15
[ 1427.462866][ T7803]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1427.462889][ T7803]  ? ___might_sleep+0x163/0x280
[ 1427.462911][ T7803]  __should_failslab+0x121/0x190
[ 1427.462930][ T7803]  should_failslab+0x9/0x14
[ 1427.462947][ T7803]  kmem_cache_alloc+0x2b2/0x6f0
[ 1427.462969][ T7803]  ? find_held_lock+0x35/0x130
[ 1427.481702][ T8296] binder: undelivered TRANSACTION_ERROR: 29201
[ 1427.482280][ T7803]  ? kernfs_activate+0x192/0x1f0
[ 1427.486695][ T7796] binder: 7784:7796 ioctl 40046207 0 returned -16
[ 1427.491172][ T7803]  __kernfs_new_node+0xef/0x690
[ 1427.491192][ T7803]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1427.491209][ T7803]  ? lock_downgrade+0x880/0x880
[ 1427.491227][ T7803]  ? kasan_check_write+0x14/0x20
[ 1427.491243][ T7803]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[ 1427.491261][ T7803]  ? wait_for_completion+0x440/0x440
[ 1427.491282][ T7803]  kernfs_new_node+0x99/0x130
[ 1427.491303][ T7803]  __kernfs_create_file+0x51/0x340
[ 1427.579425][ T7803]  sysfs_add_file_mode_ns+0x222/0x560
[ 1427.584817][ T7803]  internal_create_group+0x35b/0xc40
[ 1427.590116][ T7803]  ? bd_set_size+0x89/0xb0
[ 1427.594631][ T7803]  ? remove_files.isra.0+0x190/0x190
[ 1427.599931][ T7803]  sysfs_create_group+0x20/0x30
[ 1427.604789][ T7803]  lo_ioctl+0x10af/0x2150
[ 1427.609145][ T7803]  ? lo_rw_aio+0x1120/0x1120
[ 1427.613750][ T7803]  blkdev_ioctl+0x6f2/0x1d10
[ 1427.618347][ T7803]  ? blkpg_ioctl+0xa90/0xa90
[ 1427.622947][ T7803]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1427.628777][ T7803]  ? ___might_sleep+0x163/0x280
[ 1427.633642][ T7803]  block_ioctl+0xee/0x130
[ 1427.638005][ T7803]  ? blkdev_fallocate+0x410/0x410
[ 1427.643043][ T7803]  do_vfs_ioctl+0xd6e/0x1390
[ 1427.647644][ T7803]  ? ioctl_preallocate+0x210/0x210
[ 1427.652762][ T7803]  ? selinux_file_mprotect+0x620/0x620
[ 1427.658240][ T7803]  ? __fget+0x381/0x550
[ 1427.662424][ T7803]  ? ksys_dup3+0x3e0/0x3e0
[ 1427.666847][ T7803]  ? do_sys_open+0x31d/0x5d0
[ 1427.671452][ T7803]  ? tomoyo_file_ioctl+0x23/0x30
[ 1427.676390][ T7803]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1427.682819][ T7803]  ? security_file_ioctl+0x93/0xc0
[ 1427.687947][ T7803]  ksys_ioctl+0xab/0xd0
[ 1427.692124][ T7803]  __x64_sys_ioctl+0x73/0xb0
[ 1427.696727][ T7803]  do_syscall_64+0x103/0x610
[ 1427.701329][ T7803]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1427.707228][ T7803] RIP: 0033:0x458a97
[ 1427.711140][ T7803] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
10:24:35 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x600000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:36 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0xfdfdffff}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1427.730748][ T7803] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1427.739173][ T7803] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1427.747145][ T7803] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1427.755125][ T7803] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1427.763106][ T7803] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1427.771081][ T7803] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1427.820741][ T7803] gfs2: not a GFS2 filesystem
[ 1427.841318][ T7811] binder_alloc: 7809: binder_alloc_buf, no vma
[ 1427.868262][ T7812] binder: BINDER_SET_CONTEXT_MGR already set
[ 1427.879568][ T7811] binder: 7809:7811 transaction failed 29189/-3, size 64-16 line 3148
10:24:36 executing program 5 (fault-call:0 fault-nth:15):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1427.895597][ T7812] binder: 7810:7812 ioctl 40046207 0 returned -16
[ 1427.934543][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1427.940955][ T7814] binder_alloc: 7809: binder_alloc_buf, no vma
10:24:36 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0xfffffdfd}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1427.979693][ T7814] binder: 7810:7814 transaction failed 29189/-3, size 64-16 line 3148
[ 1428.001187][ T7817] FAULT_INJECTION: forcing a failure.
[ 1428.001187][ T7817] name failslab, interval 1, probability 0, space 0, times 0
[ 1428.014222][ T7817] CPU: 0 PID: 7817 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1428.022210][ T7817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1428.023715][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
[ 1428.032262][ T7817] Call Trace:
[ 1428.032293][ T7817]  dump_stack+0x172/0x1f0
[ 1428.032317][ T7817]  should_fail.cold+0xa/0x15
[ 1428.032341][ T7817]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1428.032365][ T7817]  ? ___might_sleep+0x163/0x280
[ 1428.032390][ T7817]  __should_failslab+0x121/0x190
[ 1428.066252][ T7817]  should_failslab+0x9/0x14
[ 1428.070938][ T7817]  kmem_cache_alloc+0x2b2/0x6f0
[ 1428.075792][ T7817]  ? lock_downgrade+0x880/0x880
[ 1428.080644][ T7817]  ? kasan_check_read+0x11/0x20
[ 1428.085503][ T7817]  __kernfs_new_node+0xef/0x690
[ 1428.090417][ T7817]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1428.095881][ T7817]  ? wait_for_completion+0x440/0x440
[ 1428.101174][ T7817]  ? mutex_unlock+0xd/0x10
[ 1428.105594][ T7817]  ? kernfs_activate+0x192/0x1f0
[ 1428.110537][ T7817]  kernfs_new_node+0x99/0x130
[ 1428.115345][ T7817]  __kernfs_create_file+0x51/0x340
[ 1428.120551][ T7817]  sysfs_add_file_mode_ns+0x222/0x560
10:24:36 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x700000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1428.125928][ T7817]  internal_create_group+0x35b/0xc40
[ 1428.131213][ T7817]  ? bd_set_size+0x89/0xb0
[ 1428.135638][ T7817]  ? remove_files.isra.0+0x190/0x190
[ 1428.140933][ T7817]  sysfs_create_group+0x20/0x30
[ 1428.145810][ T7817]  lo_ioctl+0x10af/0x2150
[ 1428.150153][ T7817]  ? lo_rw_aio+0x1120/0x1120
[ 1428.154757][ T7817]  blkdev_ioctl+0x6f2/0x1d10
[ 1428.159359][ T7817]  ? blkpg_ioctl+0xa90/0xa90
[ 1428.163944][ T7817]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1428.169746][ T7817]  ? ___might_sleep+0x163/0x280
[ 1428.174582][ T7817]  block_ioctl+0xee/0x130
[ 1428.178890][ T7817]  ? blkdev_fallocate+0x410/0x410
[ 1428.183910][ T7817]  do_vfs_ioctl+0xd6e/0x1390
[ 1428.188496][ T7817]  ? ioctl_preallocate+0x210/0x210
[ 1428.193599][ T7817]  ? selinux_file_mprotect+0x620/0x620
[ 1428.199045][ T7817]  ? __fget+0x381/0x550
[ 1428.203202][ T7817]  ? ksys_dup3+0x3e0/0x3e0
[ 1428.207632][ T7817]  ? do_sys_open+0x31d/0x5d0
[ 1428.212209][ T7817]  ? tomoyo_file_ioctl+0x23/0x30
[ 1428.217127][ T7817]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1428.223368][ T7817]  ? security_file_ioctl+0x93/0xc0
[ 1428.228477][ T7817]  ksys_ioctl+0xab/0xd0
[ 1428.232614][ T7817]  __x64_sys_ioctl+0x73/0xb0
[ 1428.237188][ T7817]  do_syscall_64+0x103/0x610
[ 1428.241775][ T7817]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1428.248173][ T7817] RIP: 0033:0x458a97
[ 1428.252064][ T7817] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1428.271798][ T7817] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1428.280298][ T7817] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1428.288247][ T7817] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1428.296195][ T7817] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1428.304164][ T7817] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1428.312250][ T7817] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
10:24:36 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000001540)=""/4096, 0x1000}], 0x1)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:36 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1428.328628][ T7817] gfs2: not a GFS2 filesystem
10:24:36 executing program 5 (fault-call:0 fault-nth:16):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1428.462459][ T7831] binder_alloc: 7822: binder_alloc_buf, no vma
[ 1428.475340][ T7834] binder: BINDER_SET_CONTEXT_MGR already set
[ 1428.496925][ T7834] binder: 7828:7834 ioctl 40046207 0 returned -16
[ 1428.511328][ T7831] binder: 7822:7831 transaction failed 29189/-3, size 64-16 line 3148
[ 1428.528314][ T7840] binder_alloc: 7822: binder_alloc_buf, no vma
[ 1428.533186][ T7837] FAULT_INJECTION: forcing a failure.
[ 1428.533186][ T7837] name failslab, interval 1, probability 0, space 0, times 0
[ 1428.539381][ T7840] binder: 7828:7840 transaction failed 29189/-3, size 64-16 line 3148
[ 1428.557856][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
[ 1428.567437][ T7837] CPU: 0 PID: 7837 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1428.575345][ T7837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1428.585434][ T7837] Call Trace:
[ 1428.588835][ T7837]  dump_stack+0x172/0x1f0
[ 1428.593174][ T7837]  should_fail.cold+0xa/0x15
[ 1428.594854][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
[ 1428.597768][ T7837]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1428.597791][ T7837]  ? ___might_sleep+0x163/0x280
[ 1428.597811][ T7837]  __should_failslab+0x121/0x190
[ 1428.597826][ T7837]  should_failslab+0x9/0x14
[ 1428.597848][ T7837]  kmem_cache_alloc+0x2b2/0x6f0
[ 1428.608026][ T7840] binder: 7828:7840 transaction failed 29201/-22, size 64-16 line 3357
[ 1428.609789][ T7837]  ? lock_downgrade+0x880/0x880
[ 1428.609807][ T7837]  ? kasan_check_read+0x11/0x20
[ 1428.609829][ T7837]  __kernfs_new_node+0xef/0x690
[ 1428.609851][ T7837]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1428.626187][ T8296] binder: undelivered TRANSACTION_ERROR: 29201
10:24:37 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x1000000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1428.628953][ T7837]  ? wait_for_completion+0x440/0x440
[ 1428.628981][ T7837]  ? mutex_unlock+0xd/0x10
[ 1428.628997][ T7837]  ? kernfs_activate+0x192/0x1f0
[ 1428.629018][ T7837]  kernfs_new_node+0x99/0x130
[ 1428.682607][ T7837]  __kernfs_create_file+0x51/0x340
[ 1428.687730][ T7837]  sysfs_add_file_mode_ns+0x222/0x560
[ 1428.693122][ T7837]  internal_create_group+0x35b/0xc40
[ 1428.698434][ T7837]  ? bd_set_size+0x89/0xb0
[ 1428.702866][ T7837]  ? remove_files.isra.0+0x190/0x190
[ 1428.708166][ T7837]  sysfs_create_group+0x20/0x30
[ 1428.713028][ T7837]  lo_ioctl+0x10af/0x2150
[ 1428.717371][ T7837]  ? lo_rw_aio+0x1120/0x1120
[ 1428.721976][ T7837]  blkdev_ioctl+0x6f2/0x1d10
[ 1428.726569][ T7837]  ? blkpg_ioctl+0xa90/0xa90
[ 1428.731167][ T7837]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1428.736988][ T7837]  ? ___might_sleep+0x163/0x280
[ 1428.741856][ T7837]  block_ioctl+0xee/0x130
[ 1428.746196][ T7837]  ? blkdev_fallocate+0x410/0x410
[ 1428.751231][ T7837]  do_vfs_ioctl+0xd6e/0x1390
[ 1428.755831][ T7837]  ? ioctl_preallocate+0x210/0x210
[ 1428.760950][ T7837]  ? selinux_file_mprotect+0x620/0x620
[ 1428.766423][ T7837]  ? __fget+0x381/0x550
[ 1428.770588][ T7837]  ? ksys_dup3+0x3e0/0x3e0
[ 1428.775006][ T7837]  ? do_sys_open+0x31d/0x5d0
[ 1428.779607][ T7837]  ? tomoyo_file_ioctl+0x23/0x30
[ 1428.784548][ T7837]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1428.790800][ T7837]  ? security_file_ioctl+0x93/0xc0
[ 1428.795918][ T7837]  ksys_ioctl+0xab/0xd0
[ 1428.800086][ T7837]  __x64_sys_ioctl+0x73/0xb0
[ 1428.804703][ T7837]  do_syscall_64+0x103/0x610
[ 1428.809300][ T7837]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1428.815196][ T7837] RIP: 0033:0x458a97
[ 1428.819091][ T7837] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1428.838741][ T7837] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1428.847179][ T7837] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1428.855156][ T7837] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
10:24:37 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x100000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1428.863133][ T7837] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1428.871115][ T7837] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1428.879102][ T7837] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1428.923647][ T7837] gfs2: not a GFS2 filesystem
[ 1428.940351][ T7847] binder_alloc: 7845: binder_alloc_buf, no vma
[ 1428.967153][ T7847] binder: 7845:7847 transaction failed 29189/-3, size 64-16 line 3148
[ 1428.979268][ T7849] binder: BINDER_SET_CONTEXT_MGR already set
[ 1428.994002][ T7849] binder: 7848:7849 ioctl 40046207 0 returned -16
[ 1429.001505][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:24:37 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x1000000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:37 executing program 5 (fault-call:0 fault-nth:17):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

10:24:37 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x200000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1429.026311][ T7852] binder: 7848:7852 transaction failed 29189/-22, size 64-16 line 2995
[ 1429.061788][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
10:24:37 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2000000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1429.120334][ T7858] FAULT_INJECTION: forcing a failure.
[ 1429.120334][ T7858] name failslab, interval 1, probability 0, space 0, times 0
[ 1429.149555][ T7861] binder_alloc: 7857: binder_alloc_buf, no vma
[ 1429.168591][ T7858] CPU: 0 PID: 7858 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1429.176495][ T7858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1429.186554][ T7858] Call Trace:
[ 1429.189861][ T7858]  dump_stack+0x172/0x1f0
[ 1429.194210][ T7858]  should_fail.cold+0xa/0x15
[ 1429.198812][ T7858]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1429.204633][ T7858]  ? ___might_sleep+0x163/0x280
[ 1429.209488][ T7858]  __should_failslab+0x121/0x190
[ 1429.214436][ T7858]  should_failslab+0x9/0x14
[ 1429.218946][ T7858]  kmem_cache_alloc+0x2b2/0x6f0
[ 1429.223844][ T7858]  ? lock_downgrade+0x880/0x880
[ 1429.228696][ T7858]  ? kasan_check_read+0x11/0x20
[ 1429.233554][ T7858]  __kernfs_new_node+0xef/0x690
[ 1429.238419][ T7858]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1429.243893][ T7858]  ? wait_for_completion+0x440/0x440
[ 1429.249194][ T7858]  ? mutex_unlock+0xd/0x10
[ 1429.253616][ T7858]  ? kernfs_activate+0x192/0x1f0
[ 1429.258558][ T7858]  kernfs_new_node+0x99/0x130
[ 1429.263245][ T7858]  __kernfs_create_file+0x51/0x340
10:24:37 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x300000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:37 executing program 4:
r0 = timerfd_create(0x3, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
ioctl$VIDIOC_G_FBUF(r1, 0x8030560a, &(0x7f0000000140)={0x16, 0x8, &(0x7f0000000100)="02ecaa4691652dd25091d98b554699b38e25bcd1a3cc1269e57f6238116e", {0x400, 0x0, 0x41416770, 0x4, 0x800, 0x3, 0xf, 0x7}})
ioctl$SCSI_IOCTL_PROBE_HOST(r1, 0x5385, &(0x7f0000000080)={0x4e, ""/78})
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x80113, r0, 0x0)
statx(r1, &(0x7f0000000180)='./file0\x00', 0x400, 0x1, &(0x7f0000001200))
pkey_free(0xffffffffffffffff)

10:24:37 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040))
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1429.268363][ T7858]  sysfs_add_file_mode_ns+0x222/0x560
[ 1429.273748][ T7858]  internal_create_group+0x35b/0xc40
[ 1429.279036][ T7858]  ? bd_set_size+0x89/0xb0
[ 1429.283471][ T7858]  ? remove_files.isra.0+0x190/0x190
[ 1429.288769][ T7858]  sysfs_create_group+0x20/0x30
[ 1429.293634][ T7858]  lo_ioctl+0x10af/0x2150
[ 1429.297996][ T7858]  ? lo_rw_aio+0x1120/0x1120
[ 1429.302596][ T7858]  blkdev_ioctl+0x6f2/0x1d10
[ 1429.307203][ T7858]  ? blkpg_ioctl+0xa90/0xa90
[ 1429.311804][ T7858]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1429.317623][ T7858]  ? ___might_sleep+0x163/0x280
[ 1429.322476][ T7858]  block_ioctl+0xee/0x130
[ 1429.326797][ T7858]  ? blkdev_fallocate+0x410/0x410
[ 1429.331826][ T7858]  do_vfs_ioctl+0xd6e/0x1390
[ 1429.336415][ T7858]  ? ioctl_preallocate+0x210/0x210
[ 1429.341519][ T7858]  ? selinux_file_mprotect+0x620/0x620
[ 1429.347138][ T7858]  ? __fget+0x381/0x550
[ 1429.351306][ T7858]  ? ksys_dup3+0x3e0/0x3e0
[ 1429.355770][ T7858]  ? do_sys_open+0x31d/0x5d0
[ 1429.360392][ T7858]  ? tomoyo_file_ioctl+0x23/0x30
[ 1429.365359][ T7858]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1429.371600][ T7858]  ? security_file_ioctl+0x93/0xc0
[ 1429.376706][ T7858]  ksys_ioctl+0xab/0xd0
[ 1429.380859][ T7858]  __x64_sys_ioctl+0x73/0xb0
[ 1429.385448][ T7858]  do_syscall_64+0x103/0x610
[ 1429.390032][ T7858]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1429.395919][ T7858] RIP: 0033:0x458a97
[ 1429.399804][ T7858] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1429.419397][ T7858] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1429.427893][ T7858] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1429.435939][ T7858] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1429.443891][ T7858] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1429.451851][ T7858] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1429.459833][ T7858] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1429.500747][ T7858] gfs2: not a GFS2 filesystem
10:24:38 executing program 5 (fault-call:0 fault-nth:18):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1429.584681][ T7876] binder_alloc: 7872: binder_alloc_buf, no vma
[ 1429.598884][ T7874] binder: BINDER_SET_CONTEXT_MGR already set
10:24:38 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x400000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:38 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
socket$alg(0x26, 0x5, 0x0)
pkey_free(0xffffffffffffffff)

[ 1429.639207][ T7874] binder: 7870:7874 ioctl 40046207 0 returned -16
[ 1429.672336][ T7883] FAULT_INJECTION: forcing a failure.
[ 1429.672336][ T7883] name failslab, interval 1, probability 0, space 0, times 0
10:24:38 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2800000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1429.703196][ T7883] CPU: 0 PID: 7883 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1429.711131][ T7883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1429.721187][ T7883] Call Trace:
[ 1429.724492][ T7883]  dump_stack+0x172/0x1f0
[ 1429.728839][ T7883]  should_fail.cold+0xa/0x15
[ 1429.733448][ T7883]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1429.739265][ T7883]  ? ___might_sleep+0x163/0x280
[ 1429.744134][ T7883]  __should_failslab+0x121/0x190
[ 1429.749084][ T7883]  should_failslab+0x9/0x14
[ 1429.753602][ T7883]  kmem_cache_alloc+0x2b2/0x6f0
[ 1429.758455][ T7883]  ? lock_downgrade+0x880/0x880
[ 1429.763310][ T7883]  ? kasan_check_read+0x11/0x20
[ 1429.768169][ T7883]  __kernfs_new_node+0xef/0x690
[ 1429.773030][ T7883]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1429.778498][ T7883]  ? wait_for_completion+0x440/0x440
[ 1429.783796][ T7883]  ? mutex_unlock+0xd/0x10
[ 1429.788222][ T7883]  ? kernfs_activate+0x192/0x1f0
[ 1429.793220][ T7883]  kernfs_new_node+0x99/0x130
[ 1429.797905][ T7883]  __kernfs_create_file+0x51/0x340
[ 1429.803027][ T7883]  sysfs_add_file_mode_ns+0x222/0x560
[ 1429.808406][ T7883]  internal_create_group+0x35b/0xc40
[ 1429.813699][ T7883]  ? bd_set_size+0x89/0xb0
[ 1429.818144][ T7883]  ? remove_files.isra.0+0x190/0x190
[ 1429.823450][ T7883]  sysfs_create_group+0x20/0x30
[ 1429.828304][ T7883]  lo_ioctl+0x10af/0x2150
[ 1429.832641][ T7883]  ? lo_rw_aio+0x1120/0x1120
[ 1429.837246][ T7883]  blkdev_ioctl+0x6f2/0x1d10
[ 1429.841843][ T7883]  ? blkpg_ioctl+0xa90/0xa90
[ 1429.846442][ T7883]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1429.852268][ T7883]  ? ___might_sleep+0x163/0x280
[ 1429.857136][ T7883]  block_ioctl+0xee/0x130
[ 1429.861468][ T7883]  ? blkdev_fallocate+0x410/0x410
[ 1429.866511][ T7883]  do_vfs_ioctl+0xd6e/0x1390
[ 1429.871087][ T7883]  ? ioctl_preallocate+0x210/0x210
[ 1429.876198][ T7883]  ? selinux_file_mprotect+0x620/0x620
[ 1429.881649][ T7883]  ? __fget+0x381/0x550
[ 1429.885801][ T7883]  ? ksys_dup3+0x3e0/0x3e0
[ 1429.890209][ T7883]  ? do_sys_open+0x31d/0x5d0
[ 1429.894807][ T7883]  ? tomoyo_file_ioctl+0x23/0x30
[ 1429.899734][ T7883]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1429.905962][ T7883]  ? security_file_ioctl+0x93/0xc0
[ 1429.911071][ T7883]  ksys_ioctl+0xab/0xd0
[ 1429.915223][ T7883]  __x64_sys_ioctl+0x73/0xb0
[ 1429.919884][ T7883]  do_syscall_64+0x103/0x610
[ 1429.924459][ T7883]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1429.930329][ T7883] RIP: 0033:0x458a97
[ 1429.934208][ T7883] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
10:24:38 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x1100000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1429.953823][ T7883] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1429.962224][ T7883] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1429.970209][ T7883] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1429.978179][ T7883] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1429.986173][ T7883] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1429.994127][ T7883] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1430.046932][ T7883] gfs2: not a GFS2 filesystem
10:24:38 executing program 5 (fault-call:0 fault-nth:19):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1430.081940][ T7895] binder_alloc: 7887: binder_alloc_buf, no vma
[ 1430.110606][ T7898] binder: BINDER_SET_CONTEXT_MGR already set
[ 1430.124526][ T7898] binder: 7889:7898 ioctl 40046207 0 returned -16
10:24:38 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x500000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1430.200885][ T7905] FAULT_INJECTION: forcing a failure.
[ 1430.200885][ T7905] name failslab, interval 1, probability 0, space 0, times 0
[ 1430.214072][ T7905] CPU: 0 PID: 7905 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1430.221981][ T7905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1430.232037][ T7905] Call Trace:
[ 1430.235343][ T7905]  dump_stack+0x172/0x1f0
[ 1430.239694][ T7905]  should_fail.cold+0xa/0x15
[ 1430.244349][ T7905]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1430.250634][ T7905]  ? ___might_sleep+0x163/0x280
[ 1430.255495][ T7905]  __should_failslab+0x121/0x190
[ 1430.260463][ T7905]  should_failslab+0x9/0x14
[ 1430.264980][ T7905]  kmem_cache_alloc+0x2b2/0x6f0
[ 1430.269837][ T7905]  ? lock_downgrade+0x880/0x880
[ 1430.274691][ T7905]  ? kasan_check_read+0x11/0x20
[ 1430.279554][ T7905]  __kernfs_new_node+0xef/0x690
[ 1430.284445][ T7905]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1430.289914][ T7905]  ? wait_for_completion+0x440/0x440
[ 1430.295217][ T7905]  ? mutex_unlock+0xd/0x10
[ 1430.299666][ T7905]  ? kernfs_activate+0x192/0x1f0
[ 1430.304612][ T7905]  kernfs_new_node+0x99/0x130
[ 1430.309302][ T7905]  __kernfs_create_file+0x51/0x340
[ 1430.314434][ T7905]  sysfs_add_file_mode_ns+0x222/0x560
[ 1430.319906][ T7905]  internal_create_group+0x35b/0xc40
[ 1430.325196][ T7905]  ? bd_set_size+0x89/0xb0
[ 1430.329657][ T7905]  ? remove_files.isra.0+0x190/0x190
[ 1430.334966][ T7905]  sysfs_create_group+0x20/0x30
[ 1430.339826][ T7905]  lo_ioctl+0x10af/0x2150
[ 1430.344166][ T7905]  ? lo_rw_aio+0x1120/0x1120
[ 1430.348764][ T7905]  blkdev_ioctl+0x6f2/0x1d10
[ 1430.353360][ T7905]  ? blkpg_ioctl+0xa90/0xa90
[ 1430.357958][ T7905]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1430.363810][ T7905]  ? ___might_sleep+0x163/0x280
[ 1430.368700][ T7905]  block_ioctl+0xee/0x130
[ 1430.373034][ T7905]  ? blkdev_fallocate+0x410/0x410
[ 1430.378066][ T7905]  do_vfs_ioctl+0xd6e/0x1390
[ 1430.382676][ T7905]  ? ioctl_preallocate+0x210/0x210
[ 1430.387792][ T7905]  ? selinux_file_mprotect+0x620/0x620
[ 1430.393255][ T7905]  ? __fget+0x381/0x550
[ 1430.397426][ T7905]  ? ksys_dup3+0x3e0/0x3e0
[ 1430.401937][ T7905]  ? do_sys_open+0x31d/0x5d0
[ 1430.406536][ T7905]  ? tomoyo_file_ioctl+0x23/0x30
[ 1430.411481][ T7905]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1430.417733][ T7905]  ? security_file_ioctl+0x93/0xc0
[ 1430.422857][ T7905]  ksys_ioctl+0xab/0xd0
[ 1430.427026][ T7905]  __x64_sys_ioctl+0x73/0xb0
[ 1430.431628][ T7905]  do_syscall_64+0x103/0x610
[ 1430.436230][ T7905]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1430.442214][ T7905] RIP: 0033:0x458a97
[ 1430.446121][ T7905] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1430.465729][ T7905] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1430.474145][ T7905] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1430.482125][ T7905] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1430.490105][ T7905] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
10:24:38 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040))
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:38 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3800000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1430.498074][ T7905] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1430.506055][ T7905] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1430.582583][ T7905] gfs2: not a GFS2 filesystem
[ 1430.602123][ T7917] binder_transaction: 4 callbacks suppressed
[ 1430.602132][ T7917] binder: 7914:7917 got transaction with too large buffer
[ 1430.622828][ T7916] binder: BINDER_SET_CONTEXT_MGR already set
[ 1430.641965][ T7916] binder: 7912:7916 ioctl 40046207 0 returned -16
[ 1430.664058][ T7916] binder: 7912:7916 got transaction with too large buffer
10:24:39 executing program 5 (fault-call:0 fault-nth:20):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

10:24:39 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x600000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1430.696266][ T7917] binder: BINDER_SET_CONTEXT_MGR already set
[ 1430.718994][ T7917] binder: 7914:7917 ioctl 40046207 0 returned -16
10:24:39 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:39 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3f00000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1430.778392][ T7924] FAULT_INJECTION: forcing a failure.
[ 1430.778392][ T7924] name failslab, interval 1, probability 0, space 0, times 0
[ 1430.794221][ T7924] CPU: 0 PID: 7924 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1430.802166][ T7924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1430.812237][ T7924] Call Trace:
[ 1430.815551][ T7924]  dump_stack+0x172/0x1f0
[ 1430.819896][ T7924]  should_fail.cold+0xa/0x15
[ 1430.824497][ T7924]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1430.830320][ T7924]  ? ___might_sleep+0x163/0x280
[ 1430.835175][ T7924]  __should_failslab+0x121/0x190
[ 1430.840122][ T7924]  should_failslab+0x9/0x14
[ 1430.844656][ T7924]  kmem_cache_alloc_trace+0x2d1/0x760
[ 1430.850049][ T7924]  kobject_uevent_env+0x2fb/0x1030
[ 1430.855174][ T7924]  kobject_uevent+0x20/0x26
[ 1430.865063][ T7924]  lo_ioctl+0x112b/0x2150
[ 1430.869409][ T7924]  ? lo_rw_aio+0x1120/0x1120
[ 1430.874012][ T7924]  blkdev_ioctl+0x6f2/0x1d10
[ 1430.878615][ T7924]  ? blkpg_ioctl+0xa90/0xa90
[ 1430.883218][ T7924]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1430.889035][ T7924]  ? ___might_sleep+0x163/0x280
[ 1430.893900][ T7924]  block_ioctl+0xee/0x130
[ 1430.898239][ T7924]  ? blkdev_fallocate+0x410/0x410
[ 1430.903266][ T7924]  do_vfs_ioctl+0xd6e/0x1390
[ 1430.907872][ T7924]  ? ioctl_preallocate+0x210/0x210
[ 1430.912993][ T7924]  ? selinux_file_mprotect+0x620/0x620
[ 1430.918456][ T7924]  ? __fget+0x381/0x550
[ 1430.922641][ T7924]  ? ksys_dup3+0x3e0/0x3e0
10:24:39 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x2000000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1430.927066][ T7924]  ? do_sys_open+0x31d/0x5d0
[ 1430.931675][ T7924]  ? tomoyo_file_ioctl+0x23/0x30
[ 1430.936616][ T7924]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1430.942862][ T7924]  ? security_file_ioctl+0x93/0xc0
[ 1430.947979][ T7924]  ksys_ioctl+0xab/0xd0
[ 1430.952148][ T7924]  __x64_sys_ioctl+0x73/0xb0
[ 1430.956749][ T7924]  do_syscall_64+0x103/0x610
[ 1430.961346][ T7924]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1430.967265][ T7924] RIP: 0033:0x458a97
[ 1430.971163][ T7924] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1430.990772][ T7924] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1430.999186][ T7924] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1431.007156][ T7924] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1431.015134][ T7924] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1431.023116][ T7924] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1431.031113][ T7924] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1431.066129][ T7924] gfs2: not a GFS2 filesystem
10:24:39 executing program 5 (fault-call:0 fault-nth:21):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1431.168902][ T7938] binder: 7934:7938 got transaction with too large buffer
[ 1431.173615][ T7939] binder: BINDER_SET_CONTEXT_MGR already set
[ 1431.183186][ T7939] binder: 7936:7939 ioctl 40046207 0 returned -16
[ 1431.201371][ T7939] binder: 7936:7939 got transaction with too large buffer
[ 1431.205128][ T7943] binder: 7934:7943 got transaction with too large buffer
[ 1431.226839][ T7939] binder: transaction release 8542 bad handle 1, ret = -22
[ 1431.239793][ T7946] FAULT_INJECTION: forcing a failure.
[ 1431.239793][ T7946] name failslab, interval 1, probability 0, space 0, times 0
[ 1431.262341][ T7946] CPU: 1 PID: 7946 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1431.270262][ T7946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1431.280342][ T7946] Call Trace:
[ 1431.283663][ T7946]  dump_stack+0x172/0x1f0
[ 1431.288049][ T7946]  should_fail.cold+0xa/0x15
[ 1431.292679][ T7946]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1431.298507][ T7946]  ? ___might_sleep+0x163/0x280
[ 1431.303376][ T7946]  __should_failslab+0x121/0x190
[ 1431.308448][ T7946]  should_failslab+0x9/0x14
[ 1431.312959][ T7946]  kmem_cache_alloc_node+0x264/0x710
[ 1431.318254][ T7946]  ? find_held_lock+0x35/0x130
[ 1431.323034][ T7946]  __alloc_skb+0xd5/0x5e0
[ 1431.327375][ T7946]  ? skb_trim+0x190/0x190
[ 1431.331725][ T7946]  ? kasan_check_read+0x11/0x20
[ 1431.336591][ T7946]  alloc_uevent_skb+0x83/0x1e2
[ 1431.341457][ T7946]  kobject_uevent_env+0xa63/0x1030
[ 1431.346592][ T7946]  kobject_uevent+0x20/0x26
[ 1431.351125][ T7946]  lo_ioctl+0x112b/0x2150
[ 1431.355559][ T7946]  ? lo_rw_aio+0x1120/0x1120
[ 1431.360165][ T7946]  blkdev_ioctl+0x6f2/0x1d10
[ 1431.364770][ T7946]  ? blkpg_ioctl+0xa90/0xa90
[ 1431.369392][ T7946]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1431.375215][ T7946]  ? ___might_sleep+0x163/0x280
[ 1431.380076][ T7946]  block_ioctl+0xee/0x130
[ 1431.384438][ T7946]  ? blkdev_fallocate+0x410/0x410
[ 1431.389476][ T7946]  do_vfs_ioctl+0xd6e/0x1390
[ 1431.394076][ T7946]  ? ioctl_preallocate+0x210/0x210
[ 1431.399207][ T7946]  ? selinux_file_mprotect+0x620/0x620
[ 1431.404682][ T7946]  ? __fget+0x381/0x550
[ 1431.408845][ T7946]  ? ksys_dup3+0x3e0/0x3e0
[ 1431.413267][ T7946]  ? do_sys_open+0x31d/0x5d0
[ 1431.417875][ T7946]  ? tomoyo_file_ioctl+0x23/0x30
[ 1431.422857][ T7946]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1431.429118][ T7946]  ? security_file_ioctl+0x93/0xc0
[ 1431.434240][ T7946]  ksys_ioctl+0xab/0xd0
[ 1431.438407][ T7946]  __x64_sys_ioctl+0x73/0xb0
[ 1431.443005][ T7946]  do_syscall_64+0x103/0x610
[ 1431.447609][ T7946]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1431.453589][ T7946] RIP: 0033:0x458a97
[ 1431.457484][ T7946] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
10:24:39 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4000000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1431.477110][ T7946] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1431.485525][ T7946] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1431.493574][ T7946] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1431.501532][ T7946] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1431.509497][ T7946] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1431.517466][ T7946] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
10:24:40 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_alloc(0x0, 0x2)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
pkey_alloc(0x0, 0x3)
pkey_alloc(0x0, 0x1)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x200)
ioctl$CAPI_GET_SERIAL(r2, 0xc0044308, &(0x7f00000000c0)=0x6)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x2}, 0x10)
ioctl$sock_FIOSETOWN(r1, 0x8901, &(0x7f0000000580)=0xffffffffffffffff)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x19b)
sendto$inet(r1, 0x0, 0x0, 0x900000020000000, &(0x7f0000000000)={0x2, 0x2, @local}, 0x10)
sendto$inet(r1, &(0x7f00000001c0)="a5fe9e7be7060850100792f46b647308d3e2a67328969288734cc698158a84b40408261762639ee5e5881d4fb471fcb9639d30513ab42a04f920d8c1fa0c6ed49b0028fda44d1e69121bd2ff68125d42c7beccab2998e3392614583dd729cd341292ded369a34c4c75e12e8e0f519531fc8f11e74b74f2e5ad24cd0ab65395a2307394f48438306edcbb2ad2261f7535abea9833df32f75d92d392390b4fef75c9923a1745b53c", 0xa7, 0x8801, 0x0, 0x0)
pkey_alloc(0x0, 0x2)
pkey_alloc(0x0, 0x2)
pkey_alloc(0x0, 0x0)
pkey_alloc(0x0, 0x2)
r3 = pkey_alloc(0x0, 0x2)
pkey_alloc(0x0, 0x3)
pkey_free(r3)
r4 = semget$private(0x0, 0x0, 0x412)
ioctl(r0, 0x100000001, &(0x7f00000012c0)="cc8b9997d7c64e08082c4c27cd3b0aa767cfb957ecd6cf06663f7200868c47296c200e98b77a6f23a7a660737d2e09f594fea30ea69caa731937eccc44aa993f6be99bb4ab3f111d60aba69b0c6d145446ee26e981b7108d957454f11f6b1996120c2d94cc4a247e7c2c4656654f6a882f0c521d8962b611f127a06865be7c8256cab9c91d4d4e386b7f2a94e288781244bed48aa4172c8aca06a8759e7544ec5a8e6162c10ce34fed1b1e560cb1f53baa3b884221af05d534ca4c8400c8b2c67c7b2b86059218fbdf89c3ce5753708cbfbb563ebc156d412099c883f20372fc39bacafe59560ab947fac446723855b2")
semctl$GETVAL(r4, 0x3, 0xc, &(0x7f0000001200)=""/168)
pkey_alloc(0x0, 0x2)

[ 1431.552247][ T7946] gfs2: not a GFS2 filesystem
10:24:40 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x700000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:40 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040))
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1431.622543][ T7955] binder: 7952:7955 got transaction with too large buffer
10:24:40 executing program 5 (fault-call:0 fault-nth:22):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1431.687065][ T7961] binder: 7952:7961 got transaction with too large buffer
[ 1431.732649][ T7965] binder: BINDER_SET_CONTEXT_MGR already set
[ 1431.743481][ T7965] binder: 7962:7965 ioctl 40046207 0 returned -16
[ 1431.752045][ T7967] FAULT_INJECTION: forcing a failure.
[ 1431.752045][ T7967] name failslab, interval 1, probability 0, space 0, times 0
[ 1431.765666][ T7965] binder: 7962:7965 got transaction with too large buffer
[ 1431.773142][ T7967] CPU: 1 PID: 7967 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1431.781042][ T7967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1431.791111][ T7967] Call Trace:
[ 1431.794441][ T7967]  dump_stack+0x172/0x1f0
[ 1431.798792][ T7967]  should_fail.cold+0xa/0x15
[ 1431.803393][ T7967]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1431.809213][ T7967]  ? ___might_sleep+0x163/0x280
[ 1431.814076][ T7967]  __should_failslab+0x121/0x190
[ 1431.819029][ T7967]  should_failslab+0x9/0x14
[ 1431.823538][ T7967]  kmem_cache_alloc_node_trace+0x270/0x720
[ 1431.829365][ T7967]  __kmalloc_node_track_caller+0x3d/0x70
[ 1431.835009][ T7967]  __kmalloc_reserve.isra.0+0x40/0xf0
[ 1431.840390][ T7967]  __alloc_skb+0x10b/0x5e0
[ 1431.844816][ T7967]  ? skb_trim+0x190/0x190
[ 1431.849162][ T7967]  ? kasan_check_read+0x11/0x20
[ 1431.854019][ T7967]  alloc_uevent_skb+0x83/0x1e2
[ 1431.858827][ T7967]  kobject_uevent_env+0xa63/0x1030
[ 1431.863958][ T7967]  kobject_uevent+0x20/0x26
[ 1431.868468][ T7967]  lo_ioctl+0x112b/0x2150
[ 1431.872811][ T7967]  ? lo_rw_aio+0x1120/0x1120
[ 1431.877414][ T7967]  blkdev_ioctl+0x6f2/0x1d10
[ 1431.882014][ T7967]  ? blkpg_ioctl+0xa90/0xa90
[ 1431.886619][ T7967]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1431.892469][ T7967]  ? ___might_sleep+0x163/0x280
[ 1431.897337][ T7967]  block_ioctl+0xee/0x130
[ 1431.901672][ T7967]  ? blkdev_fallocate+0x410/0x410
[ 1431.906698][ T7967]  do_vfs_ioctl+0xd6e/0x1390
[ 1431.911299][ T7967]  ? ioctl_preallocate+0x210/0x210
[ 1431.916413][ T7967]  ? selinux_file_mprotect+0x620/0x620
[ 1431.921869][ T7967]  ? __fget+0x381/0x550
[ 1431.926034][ T7967]  ? ksys_dup3+0x3e0/0x3e0
[ 1431.930458][ T7967]  ? do_sys_open+0x31d/0x5d0
[ 1431.935144][ T7967]  ? tomoyo_file_ioctl+0x23/0x30
[ 1431.940091][ T7967]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1431.946362][ T7967]  ? security_file_ioctl+0x93/0xc0
[ 1431.951480][ T7967]  ksys_ioctl+0xab/0xd0
[ 1431.955643][ T7967]  __x64_sys_ioctl+0x73/0xb0
[ 1431.960244][ T7967]  do_syscall_64+0x103/0x610
[ 1431.964843][ T7967]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1431.970766][ T7967] RIP: 0033:0x458a97
[ 1431.974672][ T7967] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1431.994366][ T7967] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1432.002780][ T7967] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1432.010753][ T7967] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1432.018719][ T7967] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
10:24:40 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4800000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:40 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x1000000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1432.026686][ T7967] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1432.034656][ T7967] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1432.049347][ T7965] binder: transaction release 8558 bad handle 1, ret = -22
[ 1432.072032][ T7967] gfs2: not a GFS2 filesystem
10:24:40 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x3e00000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1432.112994][ T7977] binder: 7974:7977 got transaction with too large buffer
[ 1432.132700][ T7978] binder: 7974:7978 got transaction with too large buffer
10:24:40 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4c00000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:40 executing program 5 (fault-call:0 fault-nth:23):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1432.214449][ T7984] binder_alloc: 7983: binder_alloc_buf, no vma
10:24:40 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2000000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1432.307805][ T7991] binder_transaction: 20 callbacks suppressed
[ 1432.307821][ T7991] binder: 7989:7991 transaction failed 29201/-22, size 64-16 line 3357
[ 1432.341225][ T7996] binder: 7989:7996 transaction failed 29201/-22, size 64-16 line 3357
[ 1432.349899][ T7994] FAULT_INJECTION: forcing a failure.
[ 1432.349899][ T7994] name failslab, interval 1, probability 0, space 0, times 0
[ 1432.363438][ T8296] binder_release_work: 21 callbacks suppressed
[ 1432.363445][ T8296] binder: undelivered TRANSACTION_ERROR: 29201
[ 1432.382523][ T7994] CPU: 0 PID: 7994 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1432.390441][ T7994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1432.400496][ T7994] Call Trace:
[ 1432.403804][ T7994]  dump_stack+0x172/0x1f0
[ 1432.408154][ T7994]  should_fail.cold+0xa/0x15
[ 1432.412768][ T7994]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1432.418595][ T7994]  ? ___might_sleep+0x163/0x280
[ 1432.423461][ T7994]  __should_failslab+0x121/0x190
[ 1432.428404][ T7994]  should_failslab+0x9/0x14
[ 1432.432923][ T7994]  kmem_cache_alloc+0x2b2/0x6f0
[ 1432.437813][ T7994]  ? refcount_dec_and_mutex_lock+0x90/0x90
[ 1432.443624][ T7994]  ? lock_downgrade+0x880/0x880
[ 1432.448489][ T7994]  skb_clone+0x150/0x3b0
[ 1432.452743][ T7994]  netlink_broadcast_filtered+0x870/0xb20
[ 1432.458491][ T7994]  netlink_broadcast+0x3a/0x50
[ 1432.463265][ T7994]  kobject_uevent_env+0xa94/0x1030
[ 1432.468411][ T7994]  kobject_uevent+0x20/0x26
[ 1432.472926][ T7994]  lo_ioctl+0x112b/0x2150
[ 1432.477262][ T7994]  ? lo_rw_aio+0x1120/0x1120
[ 1432.481861][ T7994]  blkdev_ioctl+0x6f2/0x1d10
[ 1432.486458][ T7994]  ? blkpg_ioctl+0xa90/0xa90
[ 1432.491054][ T7994]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1432.496889][ T7994]  ? ___might_sleep+0x163/0x280
[ 1432.501751][ T7994]  block_ioctl+0xee/0x130
[ 1432.506082][ T7994]  ? blkdev_fallocate+0x410/0x410
[ 1432.511143][ T7994]  do_vfs_ioctl+0xd6e/0x1390
[ 1432.515741][ T7994]  ? ioctl_preallocate+0x210/0x210
[ 1432.520884][ T7994]  ? selinux_file_mprotect+0x620/0x620
[ 1432.526344][ T7994]  ? __fget+0x381/0x550
[ 1432.530506][ T7994]  ? ksys_dup3+0x3e0/0x3e0
[ 1432.534921][ T7994]  ? do_sys_open+0x31d/0x5d0
[ 1432.539522][ T7994]  ? tomoyo_file_ioctl+0x23/0x30
[ 1432.544465][ T7994]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1432.550715][ T7994]  ? security_file_ioctl+0x93/0xc0
10:24:41 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:41 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x5000000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1432.555833][ T7994]  ksys_ioctl+0xab/0xd0
[ 1432.560032][ T7994]  __x64_sys_ioctl+0x73/0xb0
[ 1432.564636][ T7994]  do_syscall_64+0x103/0x610
[ 1432.569241][ T7994]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1432.575139][ T7994] RIP: 0033:0x458a97
[ 1432.579040][ T7994] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1432.598728][ T7994] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1432.607274][ T7994] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1432.615237][ T7994] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1432.623200][ T7994] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1432.631169][ T7994] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1432.639139][ T7994] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1432.653582][ T7994] gfs2: not a GFS2 filesystem
10:24:41 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000002640)='/dev/vfio/vfio\x00', 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, &(0x7f0000002680)={{0x7, 0x7, 0x0, 0x6, 'syz0\x00', 0xffffffff}, 0x1, [0xf79, 0x2, 0x8dc, 0x9, 0xfffffffffffffffe, 0x69, 0x7fb8371c, 0x9, 0xffff, 0x4, 0xfffffffffffffffc, 0x8, 0xbb, 0xffff, 0xff, 0x1000, 0x3, 0x2ba63709, 0x400, 0xffff, 0x100, 0x3cf, 0x400, 0x9, 0xfffffffffffffff7, 0x6, 0x7ff, 0xffffffffffffff01, 0xc3, 0x8, 0x3, 0xfffffffffffffffa, 0x0, 0x4, 0x5, 0x7fff, 0x0, 0x7, 0x3ff, 0x9, 0x401, 0x7, 0x4, 0x100, 0x7, 0x4, 0x7, 0x8e9e1c0, 0x10000, 0x100, 0x6, 0x6, 0x64, 0x38c, 0x1, 0x6, 0x4, 0x3, 0x9, 0x100000000, 0x7, 0x40, 0x6, 0x3ff, 0x9, 0xfffffffffffffffc, 0x3000000000000000, 0xffff, 0x3de, 0x80000000, 0xe8c, 0x1000, 0x400, 0xe0a1, 0xfffffffffffffff7, 0x4, 0xffffffffffff7fff, 0x20, 0x22d, 0x5, 0xffff, 0x10000, 0x0, 0x6, 0xfffffffffffffff9, 0xe4f8, 0xfb44, 0x400, 0x5, 0x4, 0x3, 0x80, 0x7, 0x3f, 0x9, 0x4, 0xffffffff, 0x0, 0x0, 0x2, 0xfff, 0x3, 0x2, 0x0, 0x2, 0x7, 0xfe, 0x6, 0xff, 0x1000, 0xff, 0x8, 0x4, 0x3, 0x9, 0x6, 0x6, 0x80000001, 0x8, 0x10001, 0x80000001, 0x8, 0x10000, 0x6, 0x300, 0x1, 0x80000000, 0x5], {0x0, 0x1c9c380}})
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
r2 = pkey_alloc(0x0, 0x1)
pkey_free(r2)
vmsplice(r0, &(0x7f0000002540)=[{&(0x7f0000000080)="ddf8a223521f846bb7fe7a7f6664431377178e550f731f6871b76a4f9af35419d5c4a277bc0f7d9054121b88ea1432eb8ff843b5c8652a4cb9bf5c1f7c67ca48672b16af03ee9af2bff800869f40339bf644b41a2b0c115455f46b8d8607b6f8d178331ea353782d84fbd968c2a3def04fd6fcecb8fd1d21ee6d4b4d1058af1f16c02838f874c48c5c111dac3350cef3f1e8f14b5de7c1fa5c56acda6db7b138bb8eaca8fc3764bcce362f094cba647dd9ea277a78892ea5f903d4b5b423", 0xbe}, {&(0x7f0000001200)="6aea1d1664954428a23caea5a2f6ad9083dff5d509a2f8a83c48a17d5721f5d9f60327b37595423ae6a409b12fe03ccbdaee91edfd93a37c33eae4fbe6d40a861b36107afd12f20ae4a352ea46fb67fc4bdf0b1f9d6275997b1cff0560ca46c4a76131e61491c1932f82ccf7d746012237769f1fe7e3c1473741094ecb4be2209c23a1a5b9e8763f73ae0afea09234c5ceac92685c3bb4eddc26535ba23c128cc3d04db203d3605c5e20b8b55342c1a03948ec75902a4734ea3a4c69492f261abbf70a856f788d459513acc18e86b815aabfcb479e", 0xd5}, {}, {&(0x7f0000000140)="7877fb67325cd18c0008", 0x2}, {&(0x7f0000000180)="bc0252757a25c68c027dd3917eef754a64ab83fb6b267d", 0x17}, {&(0x7f0000001540)="540f44d45224752f1b0c197206ee05763c3aa0c74b561acadd160a61722fe64e99bff257f13014bc72355fe09a081db4d7b2578dc2cd05ed4d7e4fa4252926684ff4ae0976f36a4e093a0897ca463056be529bac17c83faef0d7ea0fad2d79c70a9224307b717904dfcd5cb43bd28362b770a229fe02b4c84a50eadbb8fd5bf1409d783dee7a8f310650c103a19541539591fbd63e11c3062a0d245e6f2c68f2feb1ecc8f2b3675b8cb79eb6b42a1b18e0c1d16b4417c7adbbac096d188542b005fcf3207e5a4f7324619b35bf1e5e70c070b0bb324da2b590138bd6eee42b5ac2bae291d06701fbe84bab13f2ace677fd99115d7cc7834a885a2c73f63fc021212709ab737023cd6e27da5c755410d8af522d65c2bf70c34073bb3988c7173d6fb0ff2d235c74c6fd2de4fd535b2032ab8080edb348ddee292ae7989b29b4c6b10f16135bf8fc0f3908e3cd7d0f50a0e0d92254037ac81f032cd66e6c34304d6d22e8e0d5ba05ed5492ce98a0310d6f9c14351dd8b7b91a8237ef518e31d5ab162d05e564e5a7be7a7a3027a693ebecde3d301cba2165742cec24cb89bdcb52ce92a3eee122b516f171098c5bbb0b74119c1462626dcf6661ed82e47a5c8c4cfff45292ff749a94a592f20b8f50fbe2cfede0b468b59c58c1f0ac7e565c410016795826faa6fcacb331a6bf9bbc90bdc21ef5967fac8e55578b87be9fb57c3429006c71badbe83c00dc9ced133088ad96b15150df5eab7037b7570076304b1a5e1fcabbab58d31c84cefa744e3386e2850ec16e2e99a57f3f74294b30b02cad32b4a75305704a3064a44fad259ea688572ffe8c5ec0a3800aa52e61e16906a5b025ad747978aae32c1c9fdd5d71ab6c880eea3437ef84e2035ff441c8867fa62e8e6c264eec742c4fe1188a5aabe6ad5d6ebac7b369d2f43dca1e5550ccfc3be08d47a71024706fae3583ee12ba1389a56a3fbab620d1a5eedc80b6b9d482160736cd8fd4db72ae34bda1bdb6febe43bca21e5095b33ce5e4906dab08ea413c80482bcf2ff8e6a2a883f34e1398afd791124f9737bead26bad89015ec03ae8f6fafe7e849e6081a0df5413ce9bace5cf5fb6cb1898289a3e80a49b57256e08daa8ad2cfab2fd1d0d1d2ed161ed5a10b8a0edafc084d0d643010a4e858798d499d679f91d630958ecaeb871bf7162729464312241a88bbd28a901846ece5bfc7af60db72fc828d11a7e401a4b5f242b5f7dd8a6f34e93bea57e85528a574af1b1d883c0d91abb68110e85c479ce9b92b26af7b206e2bdb9e563679b4b30e7297bc738216c0af780cfc20979c64a16ddd1503e24b21d844739b85a3ef23420881ac8e4b1474bb0d2538bd7420e8c7431e2b3c53a6478ef5f4e6240f2fef8ca9d571c28782363c72b75f14b7143ef4d7207ab165e5f0946c138ecd4f7d0bdeeb7e69340031b9edd59e97c364ecd0f778c02c83114956184d69088fdabb987507cd51478d6b2523162f36db15d8056e38b07a8a3e3a85478793c07e50437260d5b785e334d5a204f9c195d6d03fa5e937506892fd1e3e6585ec1952a927d1744a502ab2b5ccff03c5bcae277e2b767593567901b1bad0a8f2c4c9ffe478d5010ca0d5c19836c80705c0b8515ca45b2c573429def76aa6362af5f639338df8c996ebe0ce028091b95b3f42a6e49f525a97c9c7ba00e0d6633082b12b8279056b461e02c2775bc3cbbb70903b630061cfae918f96c28203f99e11852dfe3ca7676d72ac9763a192bbba44d6feae69dbd63906432b8a3aeb0830af817d6a07e13b30b7aec158750a61031b4812bb61371f6891e8a8efb6518a92c37a18791ec1520d7ff6fa13e624c9c78227a94d91ba57b9c36f6f98231f6209fabfa4871ec247aab8f8a5596e336ce93016b3cc64dc223766cad57a6c944f2bb49926ecbc435479a6ff4f7b4705467f92e25b8e93e19fd1404c96643f4e89a6aec6f7ddf08256023de04bd15ceaa278c397b615034d760d97afafbea183d56b36d15c3ab41ee975f49cc96fce9a3bc5f4e07d552ba31ff2dc2ff2f21d094c8be5d05aecd1841122462aa22dfc626375d767b3d0386b47213dfb8d32ab45ffb51359e563087510eacc19cca4532eb97aaef9e2759b266093942128b8d2cd6e59117b50b262784d6df57ac5414aea63152dd0181acfa84f1846ba910c794d4fd49fa1ec02dea340a1151f33bd64725fb0cb81ef3861e5047039bc4aa05a7419bdada637d93d1d632c2a85f7f1ce5f9119680f76b8c613996824695d8b4a03a07f78fd6531d843c7a0a19bca06345969eec377fe12bcb4bc14a62a1198d15f53b08721bc172609e96d2287d901896365b8dc89dbd0e25fba077dc81e8656a471353842e8fa8863222e927be38561a67d96010ca19cdf9e5539de879ae8ad332028de468aa4279fee701d8fe4bff220ce083a0d4e86634617679b48db5dfda454283fd74c2ba53978e8f6fe94c3fbb34ac06e64b589be34cc4513aa10364b8a58af70e82d6f6d64bc4b746323a8498b28ad9cb75fef05bc0f1735b07aa517ae1ae6c65952921f3aee6d1b0932ecd04509c064db04ec63ae52d131ace2b5c15d107135f87f2ce0c953771dd01fec33162e5e94ac55a1b51356696f551031ddd790409ae6797e9901435116e6c2d395ab06bcc88ab8c768f7ab58894a8b8058beec2d69dbf11cd30fc13b0ba03df7bd9a26d5d8316f4dd17ec2acdd9220fd21eb6c5f778110fa932a0973ff22228cbac28da14cec0e4cd6ab9a89f867f55019b1d1313027f85ee03417fc382d03e1edf4b2b20a39d51d86c6702ebcb3f3240e7bc77ccf32ea3f08ba485547e6193847a01d18bff6ed4f781c471097a6bd3647d01e8091ca9f6aa7a7aac1e2dd19ded1874f4d8fee3d58128c57987b675541b296160e7df7a3307416de5641d7dd77087b23f24d79298afd675b2c69a93bde32d0fa1c194a3e0c6274981eeafd5036e47ad8be6b176e1b52405de8984589f1b9a1703fd9e45fb71903814ce435975a1c41ecbe10b2004827e91a890ca7f33b20e580a65db48c976aa999c178bc07eff3b76fb8ae59135302d880fbf75640986bd658d47c0f0bac6b34aaec32d484ee5cb204d56eed39d60d2d922edd5dae6c905a42059fb21de78f9e4c3b24c36e29a9829f94a92e3ab5129c49bd2649c6d44141a53ad4c650fc266f3493b696b57c877333a406ab02cd9ec3c1c51d666d70dcb9d6555aa7f075b29b4bda8b7b2b1edcc567208d33677f08fde088487cc5c711f1af2e94199364f801fd742860264862819f501bcc7d07768c7d7a9f1c34db1c5ca463c999a5cfc47650522bfe6c36917c906881ced4fd412eb9acc9fb339cc13c2a49a79886db7f0f8cd14bbceed27ce24f0cf738d46474291ab6fd5edbae083628b31762442082165635923f94c3802aa5e58162a1ef45bd7aca6d5b72c84d0329a4b02e85f31d554f9ecc164273ae9a34ec80d2b0c0bfc19e1a42420661c6ecf39ebbe86cd3d8517ea8149f30441897170b90577986df3bf7d586af44c6e896af096f9a4b0dc5d4d8555d6341836f68167d6c4314227ae91c1126d693d668f4d2aa2517a595f7a836c0e83ff327336a5a224269f4c7214d24444281cb45d0adf79747869147b31ff919b54b5eb3bbc4a4ba686a371a2b6930b9281b8434c329fe6e83060b85c1bee1c560b8557c7b39756359b6e91deb0b86e8f8e834b407affd223320387ca4ebf09c89e2da0523118ab937e5f19968d7a70739a1fea16992f1cd039a68497a52805b8ddad5e32a2c28752d40ed4287de42bfdfce1dc6947b47be30c06f0364dedc65c7be91564325c294bc1e49d8347a3de8e45508fc151ed90dd1df89cac4410e824fd99d22a3b2aa0451bc3093bcf2da8b5007db5129993d74c01cefe42f78fc6f928d9f377e574e5e6283ed4de646cfcfab9efbac5ac83c938d78f07f5624d64fe6aac5f0896cc941985fedb2c389d6141e96ac83827570fad45f5083666d894807b0ab75c77042a0c6823ca3e4fcdd1f637c20a0f460ff7981b9665e8a60fce650dd980ca7f6ce041a85d3a9488284fe2bce293235528ecf0b4a2c9bb936e612632307107a6fd08b559a9f417a857438184faaecf7d33f1fd3cb4aea9a654bd0675fe9602208e30d9981a2ded5f8cc1f78c2b6f13fce8ff10fd20fb1b8d8306dbd4b05ae4325e4c88c04bdb0321e8aa561fb5b53936d6e692d42fac9e7c14c89a5d32784df642bd145a643fdf4def70be02a88a558cb65c26796dcb3aa13286dcae5cb5c7cce7ebfd6610c35a1aa426acb0456ec3ba7fcff8ce8770aa336e49be6ee12aa468eb5bc653e38b041f43f1891ed0c8bdc7d0a852a0532c6034132eab44fdac41a998100524ee530be5d420ff84b77940b7779b23a11900177bc513b83a40090080bde6cbd95dbe047a67222bce4b400007aa1f31bbf1bca517f436d3e1ef55c9c9074d039ff114de9dd7a28932f68d8be71061811e7e25260739f2984770265b19c8ea8890ae57553ca1f74ebec94ac8920776613a407639db6bd2dd8ce3f322bb432e9a8f9f0fbbd3fc02956f2000d5e414718e9c580629c22ba14883b007e641e27a64f1fdc62a08fc8852aa3749117d1312f6caeefbe50753a85e6b60db2d28141920354d86492ecd3073ce7ab60d7c38cae80456570147e0f09285c5b9911fe3cb81ed5c0ab85e11ec9f0efeb27c9209c869cee08fdf14f778ff22f0faf3d87815c425a98efb8decd83f28fa1045e580e411c413215a8bacdd49d9782f5eb5ad5dc35285f7647468cfdd97e505a58449e6be4ad1431051df558cd82d43d6ccabc3a520972de5428946103eaa178d20d8a49308a8377ba722682d93ea530480011cd9a4d8ac64f3e9302a6a517f7c6b0150f61ef686fd650b1705184f83ba3582591ece74e50e521b5e9fc02007484ba843d33d495a932a352244d5e027a7c2ecc9db28806fbe8105bd3633228f852a43dfa72990976c8ec5f30e513039799fbdfcab00e8cc4b61d95b3489ca84d81617351651306913cc35a90534296ef85bc8c19b33df6988e9e23710483b0ef0780686afb189ea86cd26ac39c1873ca8bf4f1e22de0ecfddbe95b57b97bd4687ba34ae9f21e0e4202e14c9868beeb1ed2dc17e4a32877d4bfea2498d9f384be9de85961c4ac3202ac2ce273ebeb2897e90d0103a91d5e562645368745d90db1bb774fe63f85cf7620871348b1deafbc11530ddc9716ba41d5fd811ecd50d2b1a8c2b34bde2a4f0282a17917a6a6351f02a41dd2a43cd0b01648736e540684f9b6454b415108b1a0cf288ff407f25f9d04f98bbe3d45227e86adcce554b536c0eb8346de8495db676e873ae04a6598d994e04cc704570e5c41e7604b1d79c08db81062f36fb8712a7b744b6e8187cfd302b34b1b4a550ec3d1fdecb183544ff430cdd475df34a092bb48b3abad0502140d2e27b789d77a3e373557946710a98b9cbd245d901c9e3d72166e410ec72ea6e9bc364d3dca83a12fd5e98980131ec3e15f8b982a08998b52cff44df5358d96bcdaa177378558b7e3cbf5d262d612f2b885949df2b21a4fa59dd429b655894b383cd49141d8748855ee0a05d753e30d141f952a1eca2b62fca2d11eb65046be0b7d9ee8733ea097490f9e5396f7008e64a0100180b96ed6cd0ca040f02844f1c3727f9e4ac3e706c8648a92dea96a31aa8f42bb48c1bdddf0ac2fa524f9e67fc1fd50e02c0f5b2aa50289e085625c5e8aaaf0adb76dc6e5adf357b2cf", 0x1000}, {&(0x7f0000001300)="e5dda24fdabd08564c315d477081fb538d87f17ef0dffe40672321390f85cecc23fd6a86fde52f88a3161b16ded5fe55b84b289950924e422a97663da86aa743877b88d56b1de1555a07c9b6deb615af085d0e9b60445cc0648a663ccb1602a37f6d793e", 0x64}, {&(0x7f0000001380)="272a7640f9d1a524941724449c8fd52dc58a4e8e91ead6a19ee6a968c17ddfaff63800f58ea48bbd05ee8325c6b0501b7769a28672c4c371b5ea2c043853959eea4d213aab123a0ee3a765df6395a6404dc42b82893ebf8fe99c65a4b91fde0f951b0493e61afdd9ff691359bf231a3a078ddbac3c718e667c85b86bdad1020292da72cbfcf6f7ab8e4174482f0a7b11decc1f193087bb825f03a77d94ea871ddd", 0xa1}, {&(0x7f0000001440)="abb8540f6ba9311ef3578b5ed87edb256539cf1f004d18452fc4125d85ed330975ef4645ba4f69dbef1cd94d9e0fddf7667c76ae933605122df15fef902a8be283b668f85f54e96ff78ddc485cc9a6754a3dad891763547858f06f072dbd513be9", 0x61}, {&(0x7f00000001c0)="337053e3587376b35c6fdd", 0xb}], 0xa, 0xa)
r3 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f00000014c0)={'syz', 0x1}, &(0x7f0000002600)="07f9de1c1c210ca7420355", 0xb, 0xfffffffffffffffc)
keyctl$update(0x2, r3, 0x0, 0x0)

10:24:41 executing program 5 (fault-call:0 fault-nth:24):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1432.778370][ T8002] binder_alloc: 8000: binder_alloc_buf, no vma
[ 1432.795110][ T7999] binder: BINDER_SET_CONTEXT_MGR already set
[ 1432.822608][ T7999] binder: 7998:7999 ioctl 40046207 0 returned -16
[ 1432.829188][ T8002] binder: 8000:8002 transaction failed 29189/-3, size 64-16 line 3148
[ 1432.841014][ T8006] FAULT_INJECTION: forcing a failure.
[ 1432.841014][ T8006] name failslab, interval 1, probability 0, space 0, times 0
[ 1432.851401][ T8009] binder_alloc: 8000: binder_alloc_buf, no vma
[ 1432.861791][ T8009] binder: 7998:8009 transaction failed 29189/-3, size 64-16 line 3148
[ 1432.864131][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1432.878897][ T8011] binder: BINDER_SET_CONTEXT_MGR already set
[ 1432.887797][ T8006] CPU: 0 PID: 8006 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1432.895694][ T8006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1432.897841][ T8011] binder: 8000:8011 ioctl 40046207 0 returned -16
[ 1432.905747][ T8006] Call Trace:
[ 1432.905879][ T8006]  dump_stack+0x172/0x1f0
[ 1432.905900][ T8006]  should_fail.cold+0xa/0x15
[ 1432.905920][ T8006]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1432.924187][ T7999] binder: BINDER_SET_CONTEXT_MGR already set
[ 1432.924517][ T8006]  ? ___might_sleep+0x163/0x280
[ 1432.941121][ T8006]  __should_failslab+0x121/0x190
[ 1432.944138][ T7999] binder: 7998:7999 ioctl 40046207 0 returned -16
[ 1432.946062][ T8006]  should_failslab+0x9/0x14
[ 1432.946080][ T8006]  kmem_cache_alloc+0x2b2/0x6f0
[ 1432.946109][ T8006]  ? refcount_dec_and_mutex_lock+0x90/0x90
[ 1432.946132][ T8006]  ? lock_downgrade+0x880/0x880
[ 1432.972484][ T8006]  skb_clone+0x150/0x3b0
[ 1432.976737][ T8006]  netlink_broadcast_filtered+0x870/0xb20
[ 1432.982483][ T8006]  netlink_broadcast+0x3a/0x50
[ 1432.987256][ T8006]  kobject_uevent_env+0xa94/0x1030
[ 1432.992381][ T8006]  kobject_uevent+0x20/0x26
[ 1432.996893][ T8006]  lo_ioctl+0x112b/0x2150
[ 1433.001230][ T8006]  ? lo_rw_aio+0x1120/0x1120
[ 1433.005827][ T8006]  blkdev_ioctl+0x6f2/0x1d10
[ 1433.010425][ T8006]  ? blkpg_ioctl+0xa90/0xa90
[ 1433.015019][ T8006]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1433.020839][ T8006]  ? ___might_sleep+0x163/0x280
[ 1433.025700][ T8006]  block_ioctl+0xee/0x130
[ 1433.030028][ T8006]  ? blkdev_fallocate+0x410/0x410
[ 1433.035060][ T8006]  do_vfs_ioctl+0xd6e/0x1390
[ 1433.039668][ T8006]  ? ioctl_preallocate+0x210/0x210
[ 1433.044778][ T8006]  ? selinux_file_mprotect+0x620/0x620
[ 1433.050243][ T8006]  ? __fget+0x381/0x550
[ 1433.054406][ T8006]  ? ksys_dup3+0x3e0/0x3e0
[ 1433.058833][ T8006]  ? do_sys_open+0x31d/0x5d0
[ 1433.063436][ T8006]  ? tomoyo_file_ioctl+0x23/0x30
10:24:41 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x3f00000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

[ 1433.068379][ T8006]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1433.074630][ T8006]  ? security_file_ioctl+0x93/0xc0
[ 1433.079746][ T8006]  ksys_ioctl+0xab/0xd0
[ 1433.083919][ T8006]  __x64_sys_ioctl+0x73/0xb0
[ 1433.088518][ T8006]  do_syscall_64+0x103/0x610
[ 1433.093128][ T8006]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1433.099020][ T8006] RIP: 0033:0x458a97
[ 1433.103000][ T8006] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1433.124063][ T8006] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1433.132485][ T8006] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458a97
[ 1433.140457][ T8006] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1433.151730][ T8006] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1433.159724][ T8006] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
10:24:41 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x2800000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1433.167783][ T8006] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1433.184570][ T8009] binder: 7998:8009 transaction failed 29189/-22, size 64-16 line 2995
[ 1433.184634][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1433.210946][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
10:24:41 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6000000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1433.398663][ T8006] gfs2: not a GFS2 filesystem
[ 1433.426645][ T8014] binder: 8013:8014 transaction failed 29201/-22, size 64-16 line 3357
[ 1433.446774][ T8018] binder: BINDER_SET_CONTEXT_MGR already set
[ 1433.469411][ T8018] binder: 8015:8018 ioctl 40046207 0 returned -16
10:24:41 executing program 5 (fault-call:0 fault-nth:25):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1433.476894][ T1829] binder: undelivered TRANSACTION_ERROR: 29201
[ 1433.484776][ T8014] binder: BINDER_SET_CONTEXT_MGR already set
[ 1433.500499][ T8014] binder: 8013:8014 ioctl 40046207 0 returned -16
[ 1433.501024][ T8022] binder: 8015:8022 transaction failed 29189/-22, size 64-16 line 2995
[ 1433.522147][ T8019] binder: 8013:8019 transaction failed 29189/-22, size 64-16 line 2995
[ 1433.548145][ T8024] FAULT_INJECTION: forcing a failure.
[ 1433.548145][ T8024] name failslab, interval 1, probability 0, space 0, times 0
[ 1433.549390][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1433.566883][ T8024] CPU: 1 PID: 8024 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1433.575018][ T8024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1433.585074][ T8024] Call Trace:
[ 1433.588493][ T8024]  dump_stack+0x172/0x1f0
[ 1433.592841][ T8024]  should_fail.cold+0xa/0x15
[ 1433.597441][ T8024]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1433.603256][ T8024]  ? ___might_sleep+0x163/0x280
[ 1433.608120][ T8024]  __should_failslab+0x121/0x190
[ 1433.613064][ T8024]  should_failslab+0x9/0x14
[ 1433.617676][ T8024]  kmem_cache_alloc+0x2b2/0x6f0
[ 1433.622619][ T8024]  ? __fget+0x381/0x550
[ 1433.626816][ T8024]  getname_flags+0xd6/0x5b0
[ 1433.631327][ T8024]  do_mkdirat+0xa0/0x2a0
[ 1433.635578][ T8024]  ? __ia32_sys_mknod+0xb0/0xb0
[ 1433.640434][ T8024]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1433.645930][ T8024]  ? do_syscall_64+0x26/0x610
[ 1433.650610][ T8024]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1433.656673][ T8024]  ? do_syscall_64+0x26/0x610
[ 1433.661353][ T8024]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1433.666658][ T8024]  __x64_sys_mkdir+0x5c/0x80
[ 1433.671255][ T8024]  do_syscall_64+0x103/0x610
[ 1433.675852][ T8024]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1433.681748][ T8024] RIP: 0033:0x458047
[ 1433.685644][ T8024] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1433.705247][ T8024] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 1433.713659][ T8024] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458047
[ 1433.721631][ T8024] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 00000000200000c0
[ 1433.729603][ T8024] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1433.737675][ T8024] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
10:24:42 executing program 4:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x801, 0x0)
ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r1 = timerfd_create(0x0, 0x0)
readv(r1, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r1, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:42 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6800000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1433.745643][ T8024] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
10:24:42 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

[ 1433.774690][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1433.784645][ T8018] binder_alloc: 8015: binder_alloc_buf, no vma
[ 1433.808419][ T8029] binder: BINDER_SET_CONTEXT_MGR already set
[ 1433.815401][ T8018] binder: 8015:8018 transaction failed 29189/-3, size 64-16 line 3148
[ 1433.823798][ T8029] binder: 8027:8029 ioctl 40046207 0 returned -16
[ 1433.824262][ T8029] binder_alloc: 8015: binder_alloc_buf, no vma
[ 1433.848296][ T1829] binder: undelivered TRANSACTION_ERROR: 29189
[ 1433.860817][ T8029] binder: 8027:8029 transaction failed 29189/-3, size 64-16 line 3148
10:24:42 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3800000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1433.894151][ T8296] binder: undelivered TRANSACTION_ERROR: 29189
[ 1433.906390][ T8296] binder: undelivered TRANSACTION_ERROR: 29201
10:24:42 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6c00000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1434.020238][ T8037] binder_alloc: 8035: binder_alloc_buf, no vma
[ 1434.046906][ T8038] binder: BINDER_SET_CONTEXT_MGR already set
10:24:42 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x3f00000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1434.075740][ T8038] binder: 8036:8038 ioctl 40046207 0 returned -16
10:24:42 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7400000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:42 executing program 5 (fault-call:0 fault-nth:26):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1434.178753][ T8042] binder_alloc: 8041: binder_alloc_buf, no vma
[ 1434.292853][ T8048] FAULT_INJECTION: forcing a failure.
[ 1434.292853][ T8048] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1434.306078][ T8048] CPU: 0 PID: 8048 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1434.314075][ T8048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1434.324147][ T8048] Call Trace:
[ 1434.327454][ T8048]  dump_stack+0x172/0x1f0
[ 1434.331799][ T8048]  should_fail.cold+0xa/0x15
[ 1434.336394][ T8048]  ? lo_ioctl+0xcf/0x2150
[ 1434.340733][ T8048]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1434.346546][ T8048]  ? __lock_acquire+0x548/0x3fb0
[ 1434.351498][ T8048]  should_fail_alloc_page+0x50/0x60
[ 1434.356705][ T8048]  __alloc_pages_nodemask+0x1a1/0x7e0
[ 1434.362085][ T8048]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[ 1434.367827][ T8048]  ? find_held_lock+0x35/0x130
[ 1434.372604][ T8048]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1434.378429][ T8048]  cache_grow_begin+0x9c/0x860
[ 1434.383205][ T8048]  ? getname_flags+0xd6/0x5b0
[ 1434.387891][ T8048]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1434.394147][ T8048]  kmem_cache_alloc+0x62d/0x6f0
[ 1434.399000][ T8048]  ? __fget+0x381/0x550
[ 1434.403167][ T8048]  getname_flags+0xd6/0x5b0
[ 1434.407796][ T8048]  do_mkdirat+0xa0/0x2a0
[ 1434.412048][ T8048]  ? __ia32_sys_mknod+0xb0/0xb0
[ 1434.416906][ T8048]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1434.422364][ T8048]  ? do_syscall_64+0x26/0x610
[ 1434.422380][ T8048]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1434.422394][ T8048]  ? do_syscall_64+0x26/0x610
[ 1434.422410][ T8048]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1434.422434][ T8048]  __x64_sys_mkdir+0x5c/0x80
[ 1434.422449][ T8048]  do_syscall_64+0x103/0x610
[ 1434.422465][ T8048]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1434.422477][ T8048] RIP: 0033:0x458047
[ 1434.422497][ T8048] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1434.443158][ T8048] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
10:24:42 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4000000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:42 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x4000000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:42 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x7a00000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1434.443173][ T8048] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458047
[ 1434.443182][ T8048] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 00000000200000c0
[ 1434.443197][ T8048] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1434.458224][ T8048] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1434.458234][ T8048] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
[ 1434.468347][ T8048] gfs2: not a GFS2 filesystem
[ 1434.573573][ T8055] binder_alloc: 8053: binder_alloc_buf, no vma
[ 1434.574981][ T8058] binder: BINDER_SET_CONTEXT_MGR already set
[ 1434.588620][ T8058] binder: 8056:8058 ioctl 40046207 0 returned -16
[ 1434.611843][ T8059] binder: BINDER_SET_CONTEXT_MGR already set
10:24:43 executing program 4:
r0 = timerfd_create(0x0, 0x0)
r1 = dup(r0)
ioctl$KVM_GET_SREGS(r1, 0x8138ae83, &(0x7f0000000080))
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r1, 0xc0945662, &(0x7f0000001200)={0x2584, 0x0, [], {0x0, @reserved}})

10:24:43 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x8000000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1434.617861][ T8059] binder: 8053:8059 ioctl 40046207 0 returned -16
10:24:43 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="f7"], 0x1)

10:24:43 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4800000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:43 executing program 5 (fault-call:0 fault-nth:27):
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

10:24:43 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0xffffffff00000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1434.803965][ T8074] binder_alloc: 8072: binder_alloc_buf, no vma
[ 1434.817502][ T8075] FAULT_INJECTION: forcing a failure.
[ 1434.817502][ T8075] name failslab, interval 1, probability 0, space 0, times 0
[ 1434.862353][ T8075] CPU: 0 PID: 8075 Comm: syz-executor.5 Not tainted 5.1.0-rc4+ #64
[ 1434.870286][ T8075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1434.880344][ T8075] Call Trace:
[ 1434.883652][ T8075]  dump_stack+0x172/0x1f0
[ 1434.887995][ T8075]  should_fail.cold+0xa/0x15
[ 1434.892592][ T8075]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1434.898410][ T8075]  ? ___might_sleep+0x163/0x280
[ 1434.903460][ T8075]  __should_failslab+0x121/0x190
[ 1434.908403][ T8075]  should_failslab+0x9/0x14
[ 1434.912927][ T8075]  kmem_cache_alloc+0x2b2/0x6f0
[ 1434.917797][ T8075]  ? __d_lookup+0x433/0x760
[ 1434.922302][ T8075]  ? lookup_dcache+0x23/0x140
[ 1434.926975][ T8075]  ? d_lookup+0xf9/0x260
[ 1434.931403][ T8075]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1434.936708][ T8075]  __d_alloc+0x2e/0x8c0
[ 1434.940867][ T8075]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1434.946592][ T8075]  d_alloc+0x4d/0x2b0
[ 1434.950584][ T8075]  __lookup_hash+0xcd/0x190
[ 1434.955106][ T8075]  filename_create+0x1a7/0x4f0
[ 1434.959875][ T8075]  ? kern_path_mountpoint+0x40/0x40
[ 1434.965082][ T8075]  ? strncpy_from_user+0x2a8/0x380
[ 1434.970212][ T8075]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1434.976551][ T8075]  ? getname_flags+0x277/0x5b0
[ 1434.981424][ T8075]  do_mkdirat+0xb5/0x2a0
[ 1434.985672][ T8075]  ? __ia32_sys_mknod+0xb0/0xb0
[ 1434.990529][ T8075]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1434.995996][ T8075]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1435.002068][ T8075]  ? do_syscall_64+0x26/0x610
[ 1435.006781][ T8075]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1435.012078][ T8075]  __x64_sys_mkdir+0x5c/0x80
[ 1435.016682][ T8075]  do_syscall_64+0x103/0x610
[ 1435.021282][ T8075]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1435.027180][ T8075] RIP: 0033:0x458047
[ 1435.031078][ T8075] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1435.050778][ T8075] RSP: 002b:00007f2fdbaf5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
10:24:43 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x4c00000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1435.059192][ T8075] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000458047
[ 1435.067164][ T8075] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 00000000200000c0
[ 1435.075154][ T8075] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 1435.083130][ T8075] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 1435.091116][ T8075] R13: 00000000004c7569 R14: 00000000004dd1f8 R15: 0000000000000003
10:24:43 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x0, 0x2}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1435.167214][ T8084] binder_alloc: 8083: binder_alloc_buf, no vma
10:24:43 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x5000000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1435.227123][ T8087] ------------[ cut here ]------------
[ 1435.232612][ T8087] kernel BUG at drivers/android/binder_alloc.c:1139!
[ 1435.308032][ T8087] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 1435.312371][ T8089] binder: BINDER_SET_CONTEXT_MGR already set
[ 1435.314152][ T8087] CPU: 1 PID: 8087 Comm: syz-executor.2 Not tainted 5.1.0-rc4+ #64
[ 1435.314163][ T8087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1435.314186][ T8087] RIP: 0010:binder_alloc_do_buffer_copy+0xd6/0x510
[ 1435.314210][ T8087] Code: 02 00 0f 85 20 04 00 00 4d 8b 64 24 58 49 29 dc e8 3f 50 23 fc 4c 89 e6 4c 89 ef e8 54 51 23 fc 4d 39 e5 76 07 e8 2a 50 23 fc <0f> 0b e8 23 50 23 fc 4c 8b 75 d0 4d 29 ec 4c 89 e6 4c 89 f7 e8 31
[ 1435.322521][ T8089] binder: 8088:8089 ioctl 40046207 0 returned -16
[ 1435.328065][ T8087] RSP: 0018:ffff8880551274e0 EFLAGS: 00010212
[ 1435.328077][ T8087] RAX: 0000000000040000 RBX: 0000000020001000 RCX: ffffc9000a299000
[ 1435.328085][ T8087] RDX: 00000000000005ff RSI: ffffffff854d3ed6 RDI: 0000000000000006
[ 1435.328093][ T8087] RBP: ffff888055127560 R08: ffff88805c540640 R09: 0000000000000008
[ 1435.328111][ T8087] R10: ffffed100aa24f15 R11: ffff8880551278af R12: 0000000000000048
[ 1435.328127][ T8087] R13: 0000000000000008 R14: 0000000000000050 R15: 0000000000000000
[ 1435.401220][ T8090] binder: BINDER_SET_CONTEXT_MGR already set
[ 1435.408608][ T8087] FS:  00007f09cea8a700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[ 1435.408617][ T8087] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1435.408633][ T8087] CR2: 0000001b32223000 CR3: 000000009fc83000 CR4: 00000000001406e0
[ 1435.427816][ T8090] binder: 8088:8090 ioctl 40046207 0 returned -16
[ 1435.431478][ T8087] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1435.431487][ T8087] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1435.431492][ T8087] Call Trace:
[ 1435.431513][ T8087]  ? find_held_lock+0x35/0x130
[ 1435.431535][ T8087]  binder_alloc_copy_from_buffer+0x37/0x42
[ 1435.431555][ T8087]  binder_validate_ptr+0xcc/0x1d0
[ 1435.487236][ T8087]  ? binder_get_object+0x210/0x210
[ 1435.492350][ T8087]  ? binder_alloc_copy_user_to_buffer+0x312/0x480
[ 1435.498772][ T8087]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1435.504517][ T8087]  binder_transaction+0x3e76/0x6690
[ 1435.509821][ T8087]  ? binder_thread_read+0x3d50/0x3d50
[ 1435.515196][ T8087]  ? __lock_acquire+0x548/0x3fb0
[ 1435.520143][ T8087]  ? __might_fault+0x12b/0x1e0
[ 1435.524953][ T8087]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1435.531196][ T8087]  ? _copy_from_user+0xdd/0x150
[ 1435.536050][ T8087]  binder_thread_write+0x87e/0x2820
[ 1435.541275][ T8087]  ? binder_transaction+0x6690/0x6690
[ 1435.546649][ T8087]  ? __might_fault+0x12b/0x1e0
[ 1435.551508][ T8087]  ? lock_downgrade+0x880/0x880
[ 1435.556367][ T8087]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1435.562783][ T8087]  ? _copy_from_user+0xdd/0x150
[ 1435.567665][ T8087]  binder_ioctl+0x1033/0x183b
[ 1435.572373][ T8087]  ? binder_thread_write+0x2820/0x2820
[ 1435.577833][ T8087]  ? tomoyo_path_number_perm+0x263/0x520
[ 1435.583464][ T8087]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1435.589286][ T8087]  ? binder_thread_write+0x2820/0x2820
[ 1435.594760][ T8087]  do_vfs_ioctl+0xd6e/0x1390
[ 1435.599372][ T8087]  ? ioctl_preallocate+0x210/0x210
[ 1435.604497][ T8087]  ? selinux_file_mprotect+0x620/0x620
[ 1435.609952][ T8087]  ? __fget+0x381/0x550
[ 1435.614120][ T8087]  ? ksys_dup3+0x3e0/0x3e0
[ 1435.618557][ T8087]  ? nsecs_to_jiffies+0x30/0x30
[ 1435.623422][ T8087]  ? tomoyo_file_ioctl+0x23/0x30
[ 1435.628364][ T8087]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1435.634611][ T8087]  ? security_file_ioctl+0x93/0xc0
[ 1435.639723][ T8087]  ksys_ioctl+0xab/0xd0
[ 1435.643886][ T8087]  __x64_sys_ioctl+0x73/0xb0
[ 1435.648574][ T8087]  do_syscall_64+0x103/0x610
[ 1435.653176][ T8087]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1435.659084][ T8087] RIP: 0033:0x458c29
[ 1435.662988][ T8087] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1435.682613][ T8087] RSP: 002b:00007f09cea89c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1435.691047][ T8087] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458c29
[ 1435.699038][ T8087] RDX: 0000000020000780 RSI: 00000000c0306201 RDI: 0000000000000003
10:24:44 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x0, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x400)
write$binfmt_misc(r0, 0x0, 0x0)

[ 1435.707106][ T8087] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1435.715075][ T8087] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09cea8a6d4
[ 1435.723074][ T8087] R13: 00000000004bff5d R14: 00000000004d1fd8 R15: 00000000ffffffff
[ 1435.731059][ T8087] Modules linked in:
[ 1435.755528][ T8087] ---[ end trace e3428c424003d6f1 ]---
[ 1435.760807][ T8075] kobject: 'loop5' (000000005a2f5838): kobject_uevent_env
[ 1435.763505][ T8087] RIP: 0010:binder_alloc_do_buffer_copy+0xd6/0x510
[ 1435.771583][ T8075] kobject: 'loop5' (000000005a2f5838): fill_kobj_path: path = '/devices/virtual/block/loop5'
10:24:44 executing program 3:
r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x6)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x401f000000000000, 0x0, 0x0, 0x803e0000}}, 0xfffffefd)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='s'], 0x1)

10:24:44 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6000000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

10:24:44 executing program 4:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000001540)=""/4096, 0x1000}], 0x1000000000000086)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
pkey_free(0xffffffffffffffff)

10:24:44 executing program 5:
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1435.788855][ T8087] Code: 02 00 0f 85 20 04 00 00 4d 8b 64 24 58 49 29 dc e8 3f 50 23 fc 4c 89 e6 4c 89 ef e8 54 51 23 fc 4d 39 e5 76 07 e8 2a 50 23 fc <0f> 0b e8 23 50 23 fc 4c 8b 75 d0 4d 29 ec 4c 89 e6 4c 89 f7 e8 31
[ 1435.814672][ T8087] RSP: 0018:ffff8880551274e0 EFLAGS: 00010212
[ 1435.833468][ T8094] binder: BINDER_SET_CONTEXT_MGR already set
[ 1435.842340][ T8087] RAX: 0000000000040000 RBX: 0000000020001000 RCX: ffffc9000a299000
[ 1435.845496][ T3874] kobject: 'loop5' (000000005a2f5838): kobject_uevent_env
[ 1435.850494][ T8087] RDX: 00000000000005ff RSI: ffffffff854d3ed6 RDI: 0000000000000006
[ 1435.850503][ T8087] RBP: ffff888055127560 R08: ffff88805c540640 R09: 0000000000000008
[ 1435.850512][ T8087] R10: ffffed100aa24f15 R11: ffff8880551278af R12: 0000000000000048
[ 1435.850520][ T8087] R13: 0000000000000008 R14: 0000000000000050 R15: 0000000000000000
[ 1435.850538][ T8087] FS:  00007f09cea8a700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[ 1435.861675][ T3874] kobject: 'loop5' (000000005a2f5838): fill_kobj_path: path = '/devices/virtual/block/loop5'
[ 1435.886325][ T8094] binder: 8093:8094 ioctl 40046207 0 returned -16
[ 1435.891878][ T3874] kobject: 'loop0' (000000004a1cfb48): kobject_uevent_env
[ 1435.908238][ T8107] kobject: 'loop5' (000000005a2f5838): kobject_uevent_env
[ 1435.933723][ T8106] binder_transaction: 11 callbacks suppressed
[ 1435.933732][ T8106] binder: 8093:8106 got transaction with too large buffer
[ 1435.940784][ T3874] kobject: 'loop0' (000000004a1cfb48): fill_kobj_path: path = '/devices/virtual/block/loop0'
[ 1435.947605][ T8107] kobject: 'loop5' (000000005a2f5838): fill_kobj_path: path = '/devices/virtual/block/loop5'
[ 1435.970125][ T8087] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1435.976933][ T8087] CR2: 0000000000940004 CR3: 000000009fc83000 CR4: 00000000001406e0
[ 1435.988314][ T3874] kobject: 'loop5' (000000005a2f5838): kobject_uevent_env
[ 1435.990562][ T8106] binder: BINDER_SET_CONTEXT_MGR already set
[ 1436.004448][ T3874] kobject: 'loop5' (000000005a2f5838): fill_kobj_path: path = '/devices/virtual/block/loop5'
[ 1436.016116][ T8107] gfs2: not a GFS2 filesystem
[ 1436.026132][ T8087] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1436.026699][ T3874] kobject: 'loop1' (000000000e6b9da8): kobject_uevent_env
[ 1436.038536][ T8106] binder: 8093:8106 ioctl 40046207 0 returned -16
[ 1436.058608][ T3874] kobject: 'loop1' (000000000e6b9da8): fill_kobj_path: path = '/devices/virtual/block/loop1'
[ 1436.073368][ T8107] kobject: 'loop5' (000000005a2f5838): kobject_uevent_env
[ 1436.080551][ T3874] kobject: 'loop4' (000000004ac1eb55): kobject_uevent_env
[ 1436.080616][ T8107] kobject: 'loop5' (000000005a2f5838): fill_kobj_path: path = '/devices/virtual/block/loop5'
10:24:44 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, &(0x7f0000000580)=[@flat={0x77622a85}, @ptr={0x70742a85, 0xffffff7f, 0x0, 0x6800000000000000}], &(0x7f00000005c0)=[0x0, 0x18]}}}], 0x0, 0x0, 0x0})

[ 1436.088218][ T8087] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1436.106152][ T8114] ------------[ cut here ]------------
[ 1436.115688][ T8114] kernel BUG at drivers/android/binder_alloc.c:1139!
[ 1436.119244][ T3874] kobject: 'loop4' (000000004ac1eb55): fill_kobj_path: path = '/devices/virtual/block/loop4'
[ 1436.136064][ T8087] Kernel panic - not syncing: Fatal exception
[ 1436.142959][ T8087] Kernel Offset: disabled
[ 1436.147294][ T8087] Rebooting in 86400 seconds..