last executing test programs: 143.401791ms ago: executing program 2 (id=3): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_MPATH(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, r1, 0x1, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040}, 0x40814) mprotect(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x8) r2 = fsmount(0xffffffffffffffff, 0x0, 0x81) ioctl$UFFDIO_POISON(r2, 0xc020aa08, &(0x7f0000000180)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000b40)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000240)={0x88c, r1, 0x800, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0xcfbc, 0x72}}}}, [@NL80211_ATTR_TID_CONFIG={0x40, 0x11d, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x82}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x65}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x9e}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0x78, 0x11d, 0x0, 0x1, [{0x58, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x2b}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x4c}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x3c}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x1b}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}]}]}, @NL80211_ATTR_TID_CONFIG={0x290, 0x11d, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xf8}]}, {0x48, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x6}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x59}]}, {0x184, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x16c, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x6c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0xc, 0x2, [{0x5, 0xa}, {0x6, 0x9}, {0x4}, {0x2, 0x5}, {0x2, 0x5}, {0x7, 0x7}, {0x0, 0x6}, {0x1, 0x5}]}, @NL80211_TXRATE_HT={0x48, 0x2, [{0x5, 0x1}, {0x3, 0x8}, {0x7, 0x1}, {0x5}, {0x1, 0x9}, {0x5, 0x2}, {0x5, 0x8}, {0x6, 0x6}, {0x2, 0x7}, {0x6, 0x4}, {0x5, 0x1}, {0x4, 0x1}, {0x1, 0x5}, {0x1, 0x7}, {0x1, 0x6}, {0x0, 0x1}, {0x7, 0x6}, {0x2}, {0x1, 0x9}, {0x1, 0xa}, {}, {0x5, 0x5}, {0x1, 0x4}, {0x3, 0x8}, {0x2, 0x1}, {0x0, 0x1}, {0x3, 0x6}, {0x5, 0x6}, {0x2, 0x8}, {0x5, 0x4}, {0x1, 0x4}, {0x0, 0x3}, {0x1, 0x1}, {0x1, 0x2}, {0x7, 0x7}, {0x2, 0x4}, {0x2, 0x1}, {0x3, 0x6}, {0x2, 0x2}, {0x0, 0x3}, {0x7, 0x7}, {0x2, 0x5}, {0x5, 0x1}, {0x1, 0x2}, {0x5, 0x1}, {0x6, 0x6}, {0x0, 0x7}, {0x7, 0xa}, {0x5, 0x9}, {0x3, 0xa}, {0x0, 0x6}, {0x1, 0xa}, {0x2, 0x9}, {0x0, 0x7}, {0x4, 0x1}, {0x0, 0x2}, {0x6, 0x9}, {0x2, 0x9}, {0x5, 0x9}, {0x0, 0x2}, {0x7, 0x9}, {0x1, 0x4}, {0x1, 0x7}, {0x7, 0x7}, {0x6, 0x1}, {0x0, 0x9}, {0x6, 0x7}, {0x5, 0x1}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x200, 0x3, 0x5, 0x8, 0x0, 0xe, 0x0, 0x4]}}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x80, 0xab, 0x4, 0x3ff, 0x7, 0x9b, 0x1ff]}}]}, @NL80211_BAND_6GHZ={0xdc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x30, 0x24, 0x4, 0x24, 0x6, 0x0, 0x9, 0x36, 0x60, 0x2d, 0x60, 0x1b, 0x36, 0x6c, 0x24, 0x1, 0x30, 0x9, 0x24, 0x18, 0x3, 0x3, 0x5, 0x4f, 0x6c, 0x5, 0x36]}, @NL80211_TXRATE_HT={0x4e, 0x2, [{0x5, 0x3}, {0x5, 0x5}, {0x7, 0x8}, {0x6, 0x2}, {0x5, 0x8}, {0x5, 0x2}, {0x0, 0x8}, {0x4, 0x9}, {0x2, 0x3}, {0x0, 0x7}, {0x5, 0x7}, {0x1, 0xa}, {0x1, 0x4}, {0x1, 0xa}, {0x3, 0x2}, {0x4, 0xa}, {0x1, 0x6}, {0x1, 0x3}, {0x0, 0x9}, {0x3, 0xa}, {0x1, 0x7}, {0x3, 0x9}, {0x0, 0x2}, {0x5, 0x6}, {0x3, 0x7}, {0x1, 0xa}, {0x7, 0x5}, {0x4, 0x6}, {0x1, 0xa}, {0x1}, {0x4, 0x5}, {0x2, 0x5}, {0x2, 0x1}, {0x1, 0x3}, {0x1, 0x9}, {0x1, 0x4}, {0x2, 0x8}, {0x2, 0x9}, {0x1, 0xa}, {0x2, 0x8}, {0x4, 0x9}, {0x5, 0x6}, {0x2}, {0x0, 0xa}, {0x1, 0x4}, {0x1, 0x5}, {0x2, 0x7}, {0x2, 0x3}, {0x0, 0x8}, {0x3, 0x5}, {0x5}, {0x3, 0x7}, {0x1, 0x2}, {0x2, 0x1}, {0x4, 0x9}, {0x1, 0x5}, {0x1, 0xa}, {0x7, 0x8}, {0x0, 0x3}, {}, {0x1}, {0x6, 0x5}, {0x2, 0x8}, {0x1, 0x2}, {0x7, 0x5}, {0x0, 0x3}, {0x4, 0x6}, {0x2, 0x7}, {0x2, 0xa}, {0x4, 0xa}, {0x6, 0xa}, {0x7, 0x7}, {0x1, 0xa}, {0x1, 0x9}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x2, 0xf, 0xc, 0x4, 0xc3, 0x4]}}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x24, 0xb, 0x12, 0x1, 0x18, 0x1, 0x4, 0xc, 0x12, 0x1b, 0x6c, 0x16, 0xc, 0x24, 0x12, 0x30, 0x60, 0x16, 0x1b, 0x1, 0x36, 0xb, 0x18, 0x6c, 0x2, 0x16, 0x48, 0x12, 0x4]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x60, 0x6c, 0x18, 0x16]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xfffffffffffffff7}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x32}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x6b7}]}, {0x40, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x5c}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x35}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x18}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x54}]}, {0x30, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xd00}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x1e}]}]}, @NL80211_ATTR_TID_CONFIG={0xbc, 0x11d, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x9c}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}]}, {0x48, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x7f}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x400}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd4}]}]}, @NL80211_ATTR_TID_CONFIG={0x3a4, 0x11d, 0x0, 0x1, [{0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x88}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x2}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xf}]}, {0x164, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x124, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x70, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x3f, 0x2, [{0x3, 0x3}, {0x1, 0x1}, {0x5}, {0x1}, {0x0, 0x2}, {0x0, 0x1}, {0x1, 0x2}, {0x7, 0x6}, {0x2, 0x6}, {0x7, 0x5}, {0x4, 0x1}, {0x5, 0x7}, {0x4, 0x6}, {0x2, 0x6}, {0x3}, {0x1, 0x3}, {0x6}, {0x1, 0x8}, {0x6, 0x7}, {0x3, 0x6}, {0x7, 0xa}, {0x0, 0x4}, {0x0, 0x3}, {0x2, 0x6}, {0x7, 0x8}, {0x7, 0x6}, {0x4}, {0x3, 0x7}, {0x1, 0xa}, {0x5, 0x2}, {0x3, 0x4}, {0x0, 0x2}, {0x5, 0x2}, {0x2, 0x9}, {0x0, 0x8}, {0x4, 0x4}, {0x1, 0x6}, {0x1, 0x4}, {0x1}, {0x1, 0x8}, {0x1}, {0x2, 0x5}, {0x3, 0x2}, {0x0, 0x1}, {0x4, 0x5}, {}, {0x4, 0x9}, {0x6, 0xa}, {0x0, 0x4}, {0x3, 0x8}, {0x3, 0x1}, {0x0, 0x8}, {0x0, 0x1}, {0x3}, {0x5, 0x4}, {0x0, 0x3}, {0x1, 0x1}, {0x4, 0x8}, {0x1, 0x9}]}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x60, 0x60, 0x4, 0x3, 0x6c, 0x9, 0x5, 0x1, 0x30, 0x6, 0x9, 0x7184b7cf8d85158f, 0x6c, 0x5, 0x16, 0x5, 0x12, 0x4, 0x18, 0x3, 0x60, 0x16, 0xc, 0xb, 0x4, 0x2, 0x6, 0x24]}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x9, 0xc, 0x36, 0x5, 0x24, 0x12, 0x2, 0x30]}]}, @NL80211_BAND_6GHZ={0xb0, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x1b, 0x1, 0x6, 0x16, 0x4, 0x30, 0x60, 0x6, 0x13, 0x12, 0xc, 0x14, 0x3b3bc0356d0c4932, 0x18, 0x1, 0x9, 0xb, 0xb, 0x30, 0x6c, 0x3, 0x24, 0x9, 0x60, 0x48, 0x1b, 0xb, 0x12]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x80, 0x3ff, 0x7, 0x500, 0x3, 0x3, 0x5, 0x4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2000, 0xb, 0x4, 0x8000, 0x6, 0x0, 0x7, 0x6]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x28, 0x2, [{0x5, 0x2}, {0x0, 0xa}, {0x6, 0x5}, {0x0, 0x3}, {0x6, 0x6}, {0x1, 0x6}, {0x5, 0x2}, {0x0, 0x3}, {0x3, 0x6}, {0x7, 0x6}, {0x3}, {0x1, 0x9}, {0x2, 0x3}, {0x2, 0x5}, {0x2, 0x6}, {}, {0x0, 0x6}, {0x3, 0x9}, {0x2, 0x1}, {0x5, 0x6}, {0x3, 0x7}, {0x1, 0x6}, {0x2, 0x9}, {0x1, 0x5}, {0x0, 0x3}, {0x0, 0x4}, {0x1, 0xa}, {0x6, 0x15}, {0x0, 0xa}, {0x7, 0x8}, {0x7, 0xa}, {0x3}, {0x7, 0xa}, {0x6, 0x9}, {0x0, 0x8}, {0x0, 0x1}]}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x2, 0x4, 0x6, 0x1b, 0x3, 0x36, 0x9, 0x6c, 0x1b, 0x4, 0x7, 0xabf841603ab0508a, 0x48, 0x30, 0x1b, 0x60, 0x18, 0x60, 0x60, 0xb, 0x3]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x1b, 0x30]}]}]}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xd2}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x10, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x33}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x6}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x3}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x272b}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}, {0x1a8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xa2}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x190, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x10, 0x0, 0x7fff, 0x1, 0xff, 0x0, 0x2, 0x6]}}]}, @NL80211_BAND_5GHZ={0x44, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x14, 0x1, [0x2, 0x9, 0x3, 0x1b, 0x16, 0x9, 0x5, 0x1b, 0xb, 0x5, 0x30, 0x2, 0x30, 0x5a, 0x39, 0x6]}, @NL80211_TXRATE_HT={0x21, 0x2, [{0x2}, {0x7, 0x9}, {0x6, 0x9}, {0x6, 0x5}, {0x6, 0x7}, {0x7, 0x7}, {0x3, 0x3}, {0x5, 0x4}, {0x0, 0x3}, {0x1, 0x5}, {0x5, 0x4}, {0x7}, {0x3, 0x3}, {0x5}, {0x6, 0x7}, {0x4, 0x2}, {0x1, 0x9}, {0x3, 0x1}, {0x7, 0xa}, {0x1}, {0x5, 0x4}, {0x2, 0x7}, {0x5, 0x8}, {0x1, 0x6}, {0x7, 0x8}, {0x1, 0x2}, {0x7}, {0x1, 0x2}, {0x2, 0xa}]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0x58, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0x27, 0x2, [{0x6, 0x8}, {0x6, 0x1}, {0x0, 0x7}, {0x2, 0x5}, {0x6, 0x9}, {0x7, 0x3}, {0x0, 0xa}, {0x0, 0x5}, {0x3, 0x1}, {0x6, 0x5}, {0x1, 0x4}, {0x0, 0x5}, {0x2, 0x2}, {0x7, 0x2}, {0x0, 0xa}, {0x5, 0x6}, {0x5, 0x8}, {0x0, 0x1}, {0x0, 0x5}, {0x0, 0xa}, {0x1, 0x9}, {0x5, 0x8}, {0x5, 0xa}, {0x7, 0x4}, {0x4, 0x4}, {0x5, 0x5}, {0x3, 0x5}, {0x2, 0x8}, {0x4, 0xa}, {0x2, 0x2}, {0x0, 0x7}, {0x5, 0x4}, {0x3, 0x8}, {0x2, 0x3}, {0x0, 0x8}]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x4, 0x12, 0xc, 0x24, 0x1, 0x18, 0x48, 0x36, 0x3a, 0xb, 0x18, 0x18, 0xc]}]}, @NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xa5bc, 0x2, 0x5, 0x9b4d, 0x4, 0xb, 0x40, 0xff80]}}]}, @NL80211_BAND_60GHZ={0x4}, @NL80211_BAND_60GHZ={0xbc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2a, 0x2, [{0x1}, {0x2, 0x5}, {0x1, 0x6}, {0x1, 0xa}, {0x3, 0x3}, {0x6, 0x4}, {0x4, 0x4}, {0x4, 0x9}, {0x4, 0x6}, {0x7, 0x9}, {0x7, 0xa}, {0x4, 0x3}, {0x7, 0x7}, {0x2, 0x2}, {0x3, 0x4}, {0x5, 0x4}, {0x5, 0x2}, {0x6, 0x6}, {0x0, 0x1}, {0x0, 0xa}, {0x4, 0xa}, {0x1, 0x9}, {0x1, 0x3}, {0x1, 0x9}, {0x0, 0x3}, {0x1, 0x5}, {0x1}, {0x2, 0x8}, {0x6, 0x2}, {0x6, 0x2}, {0x6, 0x6}, {0x2, 0x9}, {0x0, 0x5}, {0x5, 0x8}, {0x1, 0x1}, {0x5, 0x5}, {0x5, 0xa}, {0x3, 0x2}]}, @NL80211_TXRATE_HT={0x21, 0x2, [{0x1, 0xa}, {0x7, 0x5}, {0x2, 0x9}, {0x4, 0x9}, {0x4, 0x5}, {0x7, 0x4}, {0x6, 0x6}, {0x6, 0x4}, {0x3, 0x4}, {0x3, 0x2}, {0x5, 0x8}, {0x7, 0x7}, {0x3, 0x1}, {0x7, 0x3}, {0x2, 0x7}, {0x6, 0x3}, {0x0, 0x4}, {0x6, 0x4}, {0x0, 0x8}, {0x2, 0x6}, {0x1, 0x6}, {0x4}, {0x3, 0x3}, {0x5, 0x1}, {0x6, 0x8}, {0x2}, {0x0, 0x6}, {0x1, 0x3}, {0x0, 0x1}]}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x2, 0x8}, {0x2, 0x9}, {0x7}, {0x2, 0x9}, {0x0, 0x5}, {0x6, 0x7}, {0x7, 0xa}]}, @NL80211_TXRATE_HT={0x29, 0x2, [{0x6, 0x6}, {0x1, 0x5}, {0x2, 0x8}, {0x4, 0x5}, {0x6, 0x2}, {0x3}, {0x3, 0x2}, {0x0, 0x8}, {0x6}, {0x1, 0xa}, {0x3, 0x3}, {0x6, 0x4}, {0x1, 0x9}, {0x2, 0x9}, {0x7, 0x8}, {0x4, 0x1}, {0x1}, {0x7, 0xa}, {}, {0x4, 0xa}, {0x0, 0x2}, {0x0, 0x3}, {0x3, 0x3}, {0x2, 0x5}, {0x2}, {0x7, 0x2}, {0x1}, {0x3, 0x3}, {0x2, 0x1}, {0x6}, {0x2, 0x3}, {0x3, 0x2}, {}, {0x2, 0x5}, {0x6, 0x3}, {0x2, 0x4}, {0x2, 0x8}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2040, 0x1, 0x0, 0x6, 0xc, 0x89, 0x2, 0xfe25]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8001, 0x8000, 0x5, 0x9, 0x4, 0xfffe, 0xe, 0x3]}}]}]}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xe6}]}]}, @NL80211_ATTR_TID_CONFIG={0x18, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0xa4, 0x11d, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x2}]}, {0x40, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x3}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xc3}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x78}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x2a}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}]}, {0x38, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x5d}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}]}]}, 0x88c}, 0x1, 0x0, 0x0, 0x20004041}, 0x4004) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000bc0), r0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000d80)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000c00)={0x12c, r4, 0x400, 0x70bd28, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x80000001}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x800}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1a0000}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xb}]}, @TIPC_NLA_BEARER={0xc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x661}]}, @TIPC_NLA_BEARER={0xc0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @rand_addr=0x64010100}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x4, @mcast1, 0x3}}}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff5f3d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000000}]}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}]}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xced}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}]}]}]}, 0x12c}, 0x1, 0x0, 0x0, 0x40000}, 0x4040884) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000e00)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000dc0)="b0001e12c1b09cec1df91bf7027eefdd54712948a2246b78791a1b70d8f3436b8f229f50c17b", 0x26, r0}, 0x68) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f0000000f40)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x20, 0x0, 0x8, 0x51c81dc10bd7f5c0, 0x0, 0x0, {0x0, 0x0, 0x3}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x880}, 0x4000080) close(0xffffffffffffffff) sendmsg$NL80211_CMD_LEAVE_IBSS(r2, &(0x7f0000001040)={&(0x7f0000000f80)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001000)={&(0x7f0000000fc0)={0x28, r1, 0x2, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x1, 0x3e}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x80) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000001080)) r5 = fcntl$getown(r2, 0x9) ioctl$sock_SIOCSPGRP(r2, 0x8902, &(0x7f00000010c0)=r5) recvfrom$packet(r2, &(0x7f0000001100)=""/14, 0xe, 0x100, &(0x7f0000001140)={0x11, 0x16, 0x0, 0x1, 0x80, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x44}}, 0x14) fcntl$getown(r0, 0x9) r6 = accept4$packet(r2, 0x0, &(0x7f0000001180), 0x80000) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r6, 0xd000943d, &(0x7f00000011c0)={0x8000000000000000, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x7, "baa0c8cdcce9aa"}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f00000021c0)={{0x0, 0x8, 0x4b47, 0x4, 0x4, 0x5398996f, 0x100, 0xff, 0x80, 0xe, 0x9, 0x9, 0x4, 0x5, 0x100000001}, 0x48, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r6, 0xd000943e, &(0x7f0000002280)={r7, r8, "22719397fd5e362b623b9d7f453e3142f78714b4e0e810eb4fbcc9c4a150bcca4a598b88c53df551c154a9b36388aa5d7ee70d3d801d148738a46bc4225afee3b98049173da9a008a39743d56bce6d55ae2c82087fe0b39448e60ab00e2567200faddbaaa5feb9bec17960a935a8bc3f90cb42f81216fd57813910ff8fa55461b6272fc1ec36fb1ed5e7475c4c9ab3a05c4b1507ec9567c1a8c85c76860100f3b73960a954a0cfab8043d96ed4087ef6a381cba6a4516c46950e5c480d856c55f8b31fdbc4411ec237c489e5d08e33ef0928c0b994e3aa4841f35f7b8453f8904c6c315519c29f06de95d52027f91eae133705faa7a5efd0c5ea643728f8ade2", "5a3571ae89e136ebc7e2b3dc1604179ebdc1c6c2a3713f92df97e858954b55774b0890c6ee6e3fd99c05c0af74c02ce1794612467a00287d499f5e2aa0b4023e5efd25f74e1a68dc0f811d880e6577717d82b99093862e05135f675c4d3314e125fe72d6fa9770b9f7aa096af4d9f3723b1f646615a56829f2141eb9b6d6464638d073fe4591d0b086ad67dd65b8bd966991819c22d6f9773f8d40334b9f807d0ea894e2151a72aef365b8eab603ffe96a84213e315a8974b7c88d6731e90ce02d158339dd89f4fcfd91711f1a2860c5ef8d88a14fc2e1896d4bf14f82f7c665c6df6adc2a23fb942749503da3ccf8739113621a08ba6433a45393a725949ca7e1b933a3a45e61876919b024a88cd97a5e22f2e1b522b2825c8aa29a57902527f4f19c78e8cd18442e6c7b770644cd552ffcc007462648ae5a314d9d91b9fcbe9da353d533f7a0cf59b3b929cd8c82fa921d14b3b82a06297537e3f8aa7ff80e6edcb8e5f2ce24ad4b5291a953d547c9c10e0e5e25b761345a4766d4b54d657b387914b5286a4e1c8d7bbe7b389de384c755e5fb37e9fc94d2e1ab4b96e601d4d412328a3fba19cfe30efb95e1782289fdef5c292afb2523bd18ccd8f963dfa98e683ddfffabba32a95f84ccf8fc2b04f34312dabb1799f48ca2e6d2d6415822b12689a777360a3ed607fe92abcd0ccd525b462c85f37f721a294943f4dd2ca2c831e20d9b4b94d207add28a4ba75f434c32257938b2baaa95ef85051c5babb53e9f41b51879ab9753ebbe91a38051dfbcd79ce5b9dc2d93c881650bc47275236ef29cc7e6dbfc68d55450fcb1c8bef7654392239b1d5bd8f751609c97c007dc2f04cb9e94ee15ce0b2913f9fdc21eb5d0359e5b573261044434ab26f5a94c93d252d4fccd6591fd3a1bf7db95e22edfc24abf8fb650e798bbeba55e303adc4182ec4d3315a0c60c16f069bab00d577f578da2c6106dbf2d2f4a6b48c9f65a47886fc556c19ab41ccdc783c1b2edd61ac8f3cf538468d4ad47c8183aa33e4363d56642586c8bc720a2f47f4c8a94d7c1b433c2ab7d71ad4acc163b4a312c4b1b76e73d5b46f8a272d7d314ff47f3c79726e96f146724bf4b9b9415037357878c58cf6c03022dafb83b060ea02e7d219b42c7419077f90319e3453a40896ae617be26b4c708b57155dc19bf09d8bde50736d00da5814b0ea0bc69fc76904e709fb099e63681fca5c5f1a8760928713a66ff22e581c046717158aec36a8922ea12a76dae872970779071c0abb16ac2fe7b90925a1a231513eb2f87b9889492a0cc821520f286571f404b751572ebb3346e5f979f065e1cc93c43f9e9143aa81bc65b0f739594351b0b7fc0f3bf1d11c01c5696ceeb0e22cf0e64349b380e18690e93dda9f8bdd3846128054350d886c30ab9ba617a4269209a024e3f16328c68acd4e7bd026597409058c7ac1dc353b6480bd21068566c1b5f8ba4ac0e63279d550064c86fbf225769aa1f610d009f5c7ad06baa271b9c223b5a22d8e5e186a0d2c2cb6fb8c78237d920e1d7e50e95373873055239bb88288c7e265cb3e6045fad3818dea8f0151d164e8ef3471ef091bcd2d6121fe93ca63ab477ae9365d426790540d7fdfa6cdec45d164067ebda02a6ea4452676357043f12d6cb7023e0e56c6d2c5941f61f7ee84080836a505389060f1439bb10e22f1792ab11ac33f29064732b3534f573ebd46556f2e6d6585eecfbf96bcbc8f6395f3f2ae6e8686aa4926f2a939b509f20092a5b10311a3df72b59536d5f48a46b3f4cce64748bb4c845f706ee771a0876368a6b08ef238a0bc03a77adce7025c570dbc40f75131e9b3eb7d029d2030b89e9260f655efb39426649d0b74dd793cf9e31c35a044c430231e113c317b3e2bdc430da6e6379b94855068577ed2a75cc03f05c2c091159b1ad1fb16099315dfbff609325a4a7ad9c8697a82c45cdb060b9ab6392679fa57cea8c3eda154d98f4e240c317dc118670684147d14ff6fe85c1099757c9d1d1f2c0cc9e0c5a1dd5ace158d1dfa42d09e71c3d7ad2da8c04bf3a523df714b9c1f33a9ff64bbab7b5a721bf09b53a1d6e588f8658acf67b66e5438228c17c09c06b0659aa80953b3f86ab1feadc51ab66e53424ca45b6b0648b5091e3e4a5c3bb0a79417a46f4b768e5b6b561404f27c02328dc960c4c94e344b930747f42983f5066cfad0d42038b304530cf832d86d33af1d486bc37f4d21aed1ec24774776448d543f2c874215cf5f8a47414338b0f4ebbeb428d0680d37dbf126ff0a1efe2651d3cc387dd856a0624cb9d79ef5dc8a1bc7f3019b7064dbd86a40ca188cb44039cea5f17ec68241a0bd80c709206fc204d563766f5b26fd44f0419a8f963b2593234b00099d12ed8a6a2e17d655f080a66c51fd8c7e346612b07b584c5a98db71f341b23c3f0aa1b0ec9458515044b7dc511b11634f75ef05c986d9c1a0f43e85ed05e55a763592b435ac38fad570b66564bab11e4ec3f7f9881eb5a003191d353617e0b3bd52f4dccd1154e35f84cc11a8e7a3557d6e77f7862c60e7442b825965312cb01c07fb8a910235a569bf72b4c603b78d5383deb6f7017b8eb982b66aa1c68210dd715dc44492ef362b26e90a129b15210188c9c42c608e9a0e7545545c2dabaa80ff60a082a1a5f142bfaa29f94ea92f8034adbe1e8db128d0ef906598da8031dc28f36e3960a6b9cc20daa4c6ca1adef8038c34bcf3311bcd6082e01601a4e19d86f340429737c21b2ac075fb8ac9d2a0e9d32c802cfeb8fbf10b62a1726b90a24de45c1be2d5a2c7345134ec76160f0735163c6715cac24bb81350a04ebc763cdeb40301faf4aaea080ac29a6a2ad4ca5e91a35dab18c607e4acc33f557062fb99820d8696190870918ae10ce33599740956a9f09c82a07f6eb876010da34ed0d7e083f8118012be29b48aceeff084668a6c23bd2d29f641706fe85f6e1d0b414bfe80b5a4c6964527d608b74611ed27162666e272dd3b71dbce8d11b6fa50979fe4351a4075811610b7c31dcce264e8b53b03b7caa5df8547c61724da12c9583338f0bb06c08996149eadbe049e0f7f0dc7d55a6de7fe2010ae3ee3f3416ce4b753067c0e4669ccc24c41944ee20cfed552f46741a156b0318ca43233f89239514c2fd667cbf485761cc365a31debf57e165eace5fb6267076e1feaedf4dc9158d5c3cd3e1efb321dbcf8b416ae179d2a23b4549c8a8ae60f9b3e0d9a63b7e7b7d8fbd175717eb6989b09153cd1eea751bc4288dee273915c138e22bf1f649415ba333e48ede2e5273b09812260f2b4bfddba0ad1e32106fcafa190a44a66ba094e91dfe627ff76f7e5c493108c5bcf494576af7b54c9af625d1c2097f9cf401be2f37847563cb03dfd7774b51c67cf0f876a617b27b9bc986a1cf43a7d0e6cd43fdc15ed700f8f07fc8c2adc67765d36ea3ff236858a1c4c7f307430156b70dcc21c6839941315091ac0da091452f5be7b8f66fa9844ef1216a86f4fe962fc6f75d5a61d42f4166a6b85e2db5388c6d70f6aad87809cd415dbb5adf5e4ea14e8ec5fbf439fc78331bc34da05ccfcd01d8d92c6fe49ec5bc4fdc30a59084b9e906a665b9c5e95b5b67596b8d77d14a1bae46928c02e7d7fc20b3c8b80cd743c8bbdd8355e81a9a7e281000448ce26a9aa522158f91b399b0887db584d98adc178c2efa50f8ccd3901bf4a0bbb7914c54bac9c3cf8bc2fe413bb151a037387f55156cc1cb873d56b3a4359ff66317dc8a6b5d3800af7c59b78b3fe751803ed3faf938f7be19dd5e36113290cf4cee398c907ed093fe3b18ffee05bfa37e7a8c24bc7afe4b8ccdaa1e2552686861d3c81a733b48f457505fee3962c87c459bbe2d9f395cfec8bae5596d5346551a4d22837632d904becc83bdc81805005a4bbbc0fc7ca716e1126b162c389ba3bf553e7ecce36cda731bfe83170a0282b62a1b43313f9910d5816aea8069211ec65f710f184d1b7fcf31ed7425ab7cab169b665fddabac0e4b4a3e38c9560ef996cb2f252ea6abe20b0e8b115f26bee09155f7f8f7e1f5f77f44d4747f13bf1f65525c7e52d277c3f9a62ccd44fcce47f7360dcae478e11be6762c87f2cd041fbf21ae9b1a3dfaaff2c05217ec866191edac59382e9f42c7deddcfcd6823510e61ab8ad1d599e615f1294c29312a3dd476b78ecd76ae7c3213f5aa965b3836c8693b6f207c2671b39827c3d0f0e75ce80456d48649aac0be5722543ec5b0ae1943c18cb7a345500e7963846cfa3d96ed26011b66813891b105b7bd03868ac6cc78bf1e2a63fc9f106e82d7320a337b9cfa77630b9f9367051ba56c8f2f24ab94c7e58603fb28af429524728b54075d1fb5f525696d72aeefae1098942c84d832e3a208d65588842518188c9bf323356c47381abeeb2a9ae4df8442a7d4adc71bb05f56cfd12350d99544012351afb94fa41f3b6325b78c3dad54019426af8945184152bb107604e302bd734d3bba8510f702ea69789d93e2ca8d3e7a27edcaed745747fe5a432fd37a778e574b1da72b983dc317ffd0e9dee1c4ba681dd2e6f566c20b4897397d07f51237e648add96e00e990848c3df2f8f0eedb670590ddbfffe1e140e382ab6f3bb1dadf7dad022e5817bc85f09b046aecd79a959e8b0de3db5f8eace451cc8fec1eb6ab08462e444704e4daa462482cdd19a1fc85729cdd6fc292d747e887be567a93a6f2f7a1f02f8613253c572678fd7a7de0de9a5d776dd8799c9c47776dbc32ce60ac3284327d9f630552fc9f6637832fb9d48fc7f5c285b6e6a257040e00dd075ab2d72f7d46cba2880f6a34265b002f818d72ce80af152e54b041375b6f9ac8263fa35a9fe07ea02f67bd85502e40f63ca449b41cdc2628180f23809ef0569e9ea1e6cd5c436b503fdf4f3bae184fec0d6b0a3d0d7ef5bc15e97793e3840e92fe64eb19dd2b738cf0c17855647e229a2ab34ccc9890ae84aac286ede5b84305c7ed6721cb6c581a0fdf2649894d0a7e4203cfbc63d9e3e8921fd6b0f5933901cbc0dc60839a692c045a6183df8597b412e43f0e9880b62560011615e053a0e991e4e15aa1344449db8207a6dfe1abb85957a011e5b2bb3db66b8d66a0db82e6781e75888379883efad52df87d247a3554eb73fefdf29bc9c702f20d0ee80eb539ed502bc26d25915579095d1fb36d6d377e5d6bf763ccce9db0beadc94ace8c8389ea928476d57e9cc75f31e66b072ff5aa17d53d42e955f6b8ebe39d69bbdcea60d9b6fb55f6e41342aa085f2233fe734b69017dbb993b21633029d0f319733ebd255ae12cb958e2cd76b5403786a2b9adee31321f7d2e9d66c55c5822f26fd5e5395dc39b7b18fc475569b872f7be2db5b855"}) r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000003280)='./binderfs/binder1\x00', 0x800, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r9, 0x40046207, 0x0) ioctl$SNAPSHOT_UNFREEZE(r2, 0x3302) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003300), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_P2P_DEVICE(r0, &(0x7f00000033c0)={&(0x7f00000032c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000003380)={&(0x7f0000003340)={0x20, r10, 0x0, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x8, 0x7d}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x408d4}, 0x80) r11 = syz_genetlink_get_family_id$nl802154(&(0x7f0000003440), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000003600)={&(0x7f0000003400)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000035c0)={&(0x7f0000003540)={0x5c, r11, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "20c7f3590e119560148214980173f336c48ebe1213eee9ccd49db8794a5eb3e4"}]}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 126.176612ms ago: executing program 0 (id=1): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_int(r0, 0x29, 0x0, &(0x7f0000000000)=0x2, 0x4) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x6000, 0x0) r1 = open(&(0x7f00000003c0)='./file2\x00', 0x81, 0x0) ioctl$BTRFS_IOC_DEFRAG(r1, 0x1274, 0x3) syz_usb_connect(0x0, 0x24, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000320ea508dc0501000100000000010902120001000000000904000062a506"], 0x0) ioctl$KVM_CAP_HALT_POLL(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)={0xb6, 0x0, 0xe}) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@ipv4={""/10, ""/2, @multicast1}, @in6=@ipv4={""/10, ""/2, @private}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}}}, &(0x7f00000001c0)=0xe8) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x14, r4, 0x6a98047402e98331}, 0x14}, 0x1, 0x0, 0x0, 0x841}, 0x0) r5 = geteuid() r6 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@nested_amd_vmload={0x182, 0x18}, @wr_drn={0x68, 0x20, {0x2, 0x2800}}, @nested_amd_set_intercept={0x181, 0x30, {0x2, 0x10001, 0x380000}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x2, @save_area=0x5b8, 0x7, 0x3, 0x8000000000000001}}, @wr_crn={0x67, 0x20, {0x3, 0x8968}}, @rdmsr={0x66, 0x18, {0x1b1}}], 0xd8}) ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f0000000600)={"2a06e6e759a451402fec8669e5d8d12e86c6a657b9e2b813ecb1f30465749dbdb03c807b686d7dd0a49f493e9c64c139e1c9d7d200007ec851685ce01db7d8151f9ef3fecf40f83afcb9fe20f47fc485a5e01a3389ef0d3469182b43392397bc86f84d8ce4a1c93ae7f597d99b0a4390ddf84c4bb7c0469eda9593a5b18a2a8f834e9f3a6dcc0d2482b94616873934ea737d2cacf045086810b258bb943225b6e55d5c3c3ac014080a16fb97fa169d3ba580f38d35971c2a529bb20dfe9d2750770710e48e1a160c5e9e4a1215cb331fd51089c673b29d91ec7ab41e11405dbf5a14bb14e5a3aeecdd3d2484dfd472d5f4407c220f1af3d8fdf6b986f7d7e497fafbae72e2da5551be8ffd18b6a0cf97162abbc28f2288e52e839fcfe8d12c5177157ec7e19975a92f16f9bd037efb8a74d00f33b4ff7de5e11059ff5ba0e612eeb8ee8daf8e35ffc794d9cd9da9f702dfc5b62e65c822d1cf88d22fa260d12a0a4df19e3f5de1cd3c92b0bfa312318f81e8f0295fec5b17af036771ecb47f05daa81b463f3eca476378c6157620c2d7c21197ceab531063ef890e7e5e2dfe549af6dba15c045a72f4e3b8d80cf8d289d6994cadaa97b4883c538f969f582413128ffafa02d42c38176344d938fcd58302574f67d2142b9ab246adefa4571989de139790157f9784de414f07cf4f74909f5382e2b8f9093b86c0f0d155319f70d5ffde98babf5da196692d77ed2ec52b7851821d1fb6f0396b52e12b569f45691f151ec78a747d62c8d72bb18f2c1a8dbb7cf54b4d9d798f910084119b00313f2588f8f7432a37373326c04a11164a50a395320220f84689d12f5de2ee0b2e2208c6ad10d2b70851be56f1b707748e57f0b0a4aa80f871ce7f3096153341d0e2cb02645897ddbd00b7f94203d5aded60cfb27b1c46be071cb0c058e4cd4f36e175b610660ea48e0c1deeaa02fe22b3a434b52965906939c38a2026f2fca4b558822426304f73d19b7ed32d2ba1e3e9010b5edbb2bb497206cdab08f664628c59d1a291bd34e038ad54f85c3429d9418d070abf88d51ee8a83737fce33af4065aeefc90bca2cd0213528258ebe7f36d45f0c98d1430d6e9b03c48772c15157f3d328936103735c24fd7b665f6f68abf1b7aa9db927928066add7df63df2edeb74a17791dbeefc8a57ccb58563e50dd62580a2ab07123602352decadb821f5ae454b520814dc75490418ce471483bda2444cc3883c335a9d37d55e25d98934c5066d6f788544f6a1a0e578ee9a942fcb44b2da35185714c29f1011f89da4bcc0db18bd3f2aab7cbeceb1898ef58ec45115a62ce4762f31755d94f01d4d63cf4dbdf1265369c3723676563bdfca042d333741724e861dab8b809fe54419df21e8c4aa27a51af08590d67e94c07f17273a4f6a69713d11454428376276bb62282ddc"}) mount$incfs(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file2\x00', &(0x7f0000000140), 0x1002009, &(0x7f0000000400)={[{@rlog_pages}, {@rlog_wakeup_cnt={'rlog_wakeup_cnt', 0x3d, 0x7fffffffffffffff}}], [{@dont_hash}, {@euid_eq}, {@fsuuid={'fsuuid', 0x3d, {[0x61, 0x38, 0x66, 0x36, 0x63, 0x54, 0x63, 0x36], 0x2d, [0x32, 0x38, 0x31, 0x31], 0x2d, [0x30, 0x33, 0x37, 0x62], 0x2d, [0x34, 0x32, 0x39, 0x34], 0x2d, [0x64, 0x65, 0x65, 0x36, 0x37, 0x35, 0x32, 0x34]}}}, {@dont_appraise}, {@euid_gt={'euid>', r2}}, {@euid_eq={'euid', 0x3d, r5}}]}) 77.803485ms ago: executing program 3 (id=4): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) (async) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) (async) r2 = socket$inet_tcp(0x2, 0x1, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) setsockopt$inet_int(r2, 0x0, 0x33, &(0x7f0000000040)=0x7f, 0x4) (async) ioctl$SIOCSIFHWADDR(r1, 0x89b1, &(0x7f0000000900)={'vlan0\x00', @random="ff00"}) (async) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c00000000010104000000000000000002001000240002801400018008000100e000000108000200e00000010c00028005000100000000001c0010800800014000000000d9740501000000000800"], 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000) (async) r3 = userfaultfd(0x80001) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x24}) (async) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) ioctl$UFFDIO_UNREGISTER(r3, 0x8010aa01, &(0x7f0000000380)={&(0x7f0000181000/0x1000)=nil, 0x1000}) (async) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af60, &(0x7f0000000000)) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="410000000000000000000100000000000000014100000018001704000000000000005974683a76"], 0x34}}, 0x0) (async) r6 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000000000040ac0565020000000000010902240001000010020904000305030002040921000033012205000905810300000c0907"], 0x0) (async) r7 = socket$packet(0x11, 0x2, 0x300) r8 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r8, 0x6, 0x5, &(0x7f0000000000)=0x100000001, 0x4) (async) setsockopt$packet_tx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6, 0xfffffffd}, 0x67) (async) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r7, 0x0) (async) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f0000000180), &(0x7f00000001c0)=0x4) (async) syz_usb_control_io(r6, 0x0, 0x0) (async) syz_usb_control_io(r6, &(0x7f0000002300)={0x2c, &(0x7f0000000040)={0x40, 0x23, 0x2f, {0x2f, 0x6, "25f4e4e9f494c657ebb4910a7d1e160d0e3c2199b77bb91ea647ba8c686a59370f60a1d38ebb6f07b1b1461dd1"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 33.612687ms ago: executing program 2 (id=5): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000300)={0xa, 0x3, 0x8, @loopback, 0xfffffffe}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_256={{0x303}, "41328ac34a4ad2ba", "e8582491a0c4050000000000f6542a9b6800000000000000003967d2daa45b4e", "61241765", "89b06aff130000fd"}, 0x38) sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=[@ip_tos_int={{0x14, 0x11a, 0x1, 0x8}}], 0x18}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x1a, 0x7, 0x0, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in=@multicast2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x300, 0xb400, 0x2, 0xfeffff7f00000000}, {0x0, 0x200000, 0x7, 0xfffffffffffffffd}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0x2, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, 0x104}}, 0x0) mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) r2 = memfd_secret(0x80000) mmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x1, 0x20010, r2, 0xe70a0000) readv(r2, &(0x7f0000000180)=[{&(0x7f00000001c0)=""/126, 0x7e}, {&(0x7f0000000000)=""/158, 0x9e}], 0x2) r3 = syz_open_dev$loop(&(0x7f0000000240), 0xffffffff7ffffffd, 0x160862) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000080)={r4, 0x0, {0x0, 0x0, 0x0, 0x4, 0x4000000000000ffd, 0x0, 0x0, 0x10, 0x4, "faf900000080149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d665f985881a350000ddffffff00", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a4b8aed1e831fa79a", "715237601a8ca5b07dcc141802c4dacf162e43ac61f7ad330000000000a04100", [0xfffffffffffffce8, 0xa]}}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f00000002c0)={'wg2\x00'}) lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(0x0, r5) sendmsg$nl_xfrm(r4, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f0000000400)=@getpolicy={0x88, 0x15, 0x20, 0x70bd26, 0x25dfdbfc, {{@in=@multicast2, @in=@multicast1, 0x4e24, 0x8, 0x4e20, 0x0, 0x2, 0x20, 0xa0, 0x33, 0x0, r5}, 0x6e6bb8, 0x2}, [@mark={0xc, 0x15, {0x35075b}}, @lifetime_val={0x24, 0x9, {0x3, 0x4, 0x200, 0xffffffffffffff81}}, @extra_flags={0x8, 0x18, 0x4}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000000}, 0x40800) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) 32.124887ms ago: executing program 1 (id=2): r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300), 0x40, 0x0) setresgid(0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x66) r1 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r1, 0x0) r2 = inotify_init1(0x80000) ioctl$F2FS_IOC_ABORT_ATOMIC_WRITE(r2, 0xf505, 0x0) inotify_add_watch(r2, &(0x7f0000000140)='./file0\x00', 0x2000775) r3 = dup(r2) r4 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0) ioctl$sock_inet_udp_SIOCINQ(r3, 0x541b, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), r5) sendmsg$TIPC_NL_MEDIA_SET(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x2c, r6, 0x1, 0x703d28, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x18, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000841}, 0x24004084) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f00000000c0)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000040)={r7, 0x1, r3, 0x5}) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, 0x0) 31.649627ms ago: executing program 2 (id=6): r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x12) mkdir(&(0x7f00000009c0)='./file0\x00', 0x0) mount$bind(&(0x7f0000000180)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000580)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) getdents(r1, &(0x7f0000000000)=""/104, 0x68) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x1}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000040)={0x14, 0x0, &(0x7f0000000000)=[@acquire_done={0x40106309, 0x1, 0xfc}], 0x0, 0x0, 0x0}) fcntl$setlease(r0, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) r3 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r3, 0x400, 0x0) r4 = syz_usb_connect$uac1(0x2, 0xb8, &(0x7f0000000100)=ANY=[@ANYBLOB="12010103000000106b1d01014000010203010902a600030156c0020904000000010100000a24010101bb02010211240601040507000a0008000300020005052405060f0f2406020504020002200a000a00040c24020203020250800009010d2406050203078887000a00000924030101010505"], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2000000000000046}) syz_usb_control_io(r4, 0x0, &(0x7f00000008c0)={0x84, &(0x7f0000000380)={0x20, 0xe, 0x1, '6'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r4, 0x0, &(0x7f0000001240)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB="201602000000a390"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r6 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x42, 0x120) write$cgroup_devices(r6, 0x0, 0xa) ioctl$FS_IOC_RESVSP(r5, 0x4030582b, 0x0) syz_usb_control_io(r4, 0x0, &(0x7f0000000c80)={0x84, &(0x7f0000000040)=ANY=[@ANYBLOB="400702"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = openat$uinput(0xffffffffffffff9c, &(0x7f00000002c0), 0x802, 0x0) ioctl$UI_ABS_SETUP(r7, 0x401c5504, &(0x7f0000000340)={0x400000100002f, {0x1, 0x80000001, 0x8003ff, 0x10004, 0x0, 0x1}}) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000380)=ANY=[@ANYBLOB="12010000060000402505a1a440000102030109025c0002010000000901000100020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300020000000904010000020d00000904010120ee0e", @ANYRESDEC=0x0], 0x0) 30.257177ms ago: executing program 3 (id=7): r0 = timerfd_create(0x8, 0x0) timerfd_gettime(r0, 0x0) r1 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0) write$binfmt_script(r1, &(0x7f0000000b80), 0x4) (async) write$binfmt_script(r1, &(0x7f0000000b80), 0x4) mount$9p_virtio(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x18420, &(0x7f0000000200)={'trans=virtio,', {[{@ignoreqv}], [{@smackfsdef}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@dont_measure}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@measure}]}}) memfd_secret(0x0) (async) r2 = memfd_secret(0x0) close_range(r2, 0xffffffffffffffff, 0x0) r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000040), 0x80400, 0x0) execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x100) (async) execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x100) 15.648669ms ago: executing program 3 (id=8): setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000040)={@rand_addr=0x7acf, @local}, 0xc) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt(r0, 0xff, 0x1, 0x0, &(0x7f0000000040)) (async) getsockopt(r0, 0xff, 0x1, 0x0, &(0x7f0000000040)) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x8, 0x32, 0xffffffffffffffff, 0x6931b000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x66) (async) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x66) ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/sync_on_suspend', 0x0, 0xe7) getpeername$packet(r1, 0x0, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0) (async) ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0) r3 = eventfd2(0x1, 0x1) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000001c0)={0x0, r3}) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) r5 = eventfd2(0x4, 0x80801) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x0, r5}) (async) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x0, r5}) close_range(r4, 0xffffffffffffffff, 0x0) (async) close_range(r4, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x3, 0x300) (async) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x3}, 0x1c) close(r6) r7 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r7, 0x0, 0x0) (async) bind$can_raw(r7, 0x0, 0x0) recvmmsg(r7, 0x0, 0x0, 0x22, 0x0) (async) recvmmsg(r7, 0x0, 0x0, 0x22, 0x0) openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) (async) r8 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$UHID_CREATE(r8, &(0x7f0000000100)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000040)=""/90, 0x5a, 0x3, 0x8, 0xf, 0x0, 0x7}}, 0x120) write$UHID_CREATE2(r8, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff00"/70], 0x119) (async) write$UHID_CREATE2(r8, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff00"/70], 0x119) syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000240)='./cgroup/../file0\x00', 0x128) r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_ro(r9, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0) 0s ago: executing program 1 (id=9): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x2, @remote, 0x6}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1c0, 0x4) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000001900010000000000fbdbdf250a010900100012800400f88008001e000800"], 0x38}, 0x1, 0x0, 0x0, 0x5}, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000a80)={0x2c, r1, 0x10ada85e65c25359, 0xfffffffd, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x4}]}]}]}]}, 0x2c}}, 0x20000000) sendmmsg$inet6(r0, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000540)="de69dec00fadfee7955e56a8d0ad36b637bb74bddbee4bbd994380ac92c927b0c4b9007fd817092d", 0x28}], 0x1}}], 0x1, 0x840) r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x10b701) ioctl$USBDEVFS_CLAIM_PORT(r3, 0x80045518, &(0x7f0000000040)=0x1) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x10b}) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0}) r6 = dup3(r5, r4, 0x0) r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x10000000000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x23, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000800)={@fd={0x73622a85}, @ptr={0x70742a85, 0x200, 0x0, 0x0, 0x1, 0x2f}, @fda={0x66646185, 0x9, 0x1}}, &(0x7f0000000240)={0x0, 0x18, 0x40}}, 0x400}], 0x0, 0x0, 0x0}) ioctl$USBDEVFS_CLAIM_PORT(r3, 0x80045518, &(0x7f0000000000)=0x1) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000000)={'veth1_virt_wifi\x00', 0x10000}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.79' (ED25519) to the list of known hosts. [ 18.929281][ T36] audit: type=1400 audit(1769455631.179:64): avc: denied { mounton } for pid=268 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 18.930919][ T268] cgroup: Unknown subsys name 'net' [ 18.933569][ T36] audit: type=1400 audit(1769455631.179:65): avc: denied { mount } for pid=268 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 18.938681][ T36] audit: type=1400 audit(1769455631.189:66): avc: denied { unmount } for pid=268 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 18.939091][ T268] cgroup: Unknown subsys name 'devices' [ 19.104790][ T268] cgroup: Unknown subsys name 'hugetlb' [ 19.110439][ T268] cgroup: Unknown subsys name 'rlimit' [ 19.302394][ T36] audit: type=1400 audit(1769455631.549:67): avc: denied { setattr } for pid=268 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 19.325623][ T36] audit: type=1400 audit(1769455631.549:68): avc: denied { mounton } for pid=268 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 19.350500][ T36] audit: type=1400 audit(1769455631.549:69): avc: denied { mount } for pid=268 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 19.381453][ T284] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 19.391135][ T36] audit: type=1400 audit(1769455631.649:70): avc: denied { relabelto } for pid=284 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 19.416810][ T36] audit: type=1400 audit(1769455631.649:71): avc: denied { write } for pid=284 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 19.425326][ T268] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 19.442652][ T36] audit: type=1400 audit(1769455631.669:72): avc: denied { read } for pid=268 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 19.476922][ T36] audit: type=1400 audit(1769455631.669:73): avc: denied { open } for pid=268 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 20.262358][ T291] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.269506][ T291] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.276675][ T291] bridge_slave_0: entered allmulticast mode [ 20.282979][ T291] bridge_slave_0: entered promiscuous mode [ 20.289432][ T291] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.296517][ T291] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.303672][ T291] bridge_slave_1: entered allmulticast mode [ 20.309881][ T291] bridge_slave_1: entered promiscuous mode [ 20.351437][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.358544][ T289] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.366295][ T289] bridge_slave_0: entered allmulticast mode [ 20.373112][ T289] bridge_slave_0: entered promiscuous mode [ 20.379306][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.387110][ T290] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.394340][ T290] bridge_slave_0: entered allmulticast mode [ 20.400509][ T290] bridge_slave_0: entered promiscuous mode [ 20.410131][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.417205][ T289] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.424388][ T289] bridge_slave_1: entered allmulticast mode [ 20.430705][ T289] bridge_slave_1: entered promiscuous mode [ 20.437202][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.444354][ T290] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.451411][ T290] bridge_slave_1: entered allmulticast mode [ 20.457782][ T290] bridge_slave_1: entered promiscuous mode [ 20.507133][ T292] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.514209][ T292] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.521376][ T292] bridge_slave_0: entered allmulticast mode [ 20.527717][ T292] bridge_slave_0: entered promiscuous mode [ 20.534321][ T292] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.541652][ T292] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.548944][ T292] bridge_slave_1: entered allmulticast mode [ 20.555299][ T292] bridge_slave_1: entered promiscuous mode [ 20.679155][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.686247][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.693839][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.700889][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.713624][ T291] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.720676][ T291] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.727957][ T291] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.735084][ T291] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.745271][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.752439][ T290] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.759891][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.767165][ T290] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.804128][ T292] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.811183][ T292] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.818497][ T292] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.825541][ T292] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.843801][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.851342][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.859075][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.866667][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.874348][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.881679][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.889175][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.896550][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.913705][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.920751][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.928396][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.935463][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.956516][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.963595][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.981420][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.988493][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.997113][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.004171][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.013331][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.020817][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.033310][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.040354][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.048404][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.055455][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.072484][ T289] veth0_vlan: entered promiscuous mode [ 21.110879][ T289] veth1_macvtap: entered promiscuous mode [ 21.127942][ T290] veth0_vlan: entered promiscuous mode [ 21.137109][ T291] veth0_vlan: entered promiscuous mode [ 21.151560][ T292] veth0_vlan: entered promiscuous mode [ 21.160904][ T290] veth1_macvtap: entered promiscuous mode [ 21.184751][ T292] veth1_macvtap: entered promiscuous mode [ 21.195811][ T289] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 21.213835][ T291] veth1_macvtap: entered promiscuous mode [ 21.255616][ T336] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 21.349202][ T352] overlay: ./file0 is not a directory [ 21.397350][ T362] rust_binder: validate_parent_fixup: new_min_offset=36, sg_entry.length=0 [ 21.397391][ T362] rust_binder: Error while translating object. [ 21.411343][ C1] BUG: TASK stack guard page was hit at ffffc9000b9b7eb8 (stack is ffffc9000b9b8000..ffffc9000b9c0000) [ 21.411383][ C1] Oops: stack guard page: 0000 [#1] PREEMPT SMP KASAN PTI [ 21.411414][ C1] CPU: 1 UID: 0 PID: 362 Comm: syz.1.9 Not tainted syzkaller #0 5d18be0d7d8d5053dc4a903978481071267b1302 [ 21.411439][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 21.411450][ C1] RIP: 0010:get_page_from_freelist+0x1f/0x4a20 [ 21.411485][ C1] Code: 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec a0 02 00 00 49 89 cf <89> bc 24 a0 00 00 00 65 48 8b 04 25 28 00 00 00 48 89 84 24 80 02 [ 21.411498][ C1] RSP: 0018:ffffc9000b9b7ec0 EFLAGS: 00010286 [ 21.411520][ C1] RAX: 0000000000000100 RBX: 0000000000000002 RCX: ffffc9000b9b8230 [ 21.411532][ C1] RDX: 0000000000000101 RSI: 0000000000000002 RDI: 0000000000192000 [ 21.411543][ C1] RBP: ffffc9000b9b8190 R08: ffffffff876aa0a3 R09: 1ffffffff0ed5414 [ 21.411555][ C1] R10: dffffc0000000000 R11: fffffbfff0ed5415 R12: 0000000000000680 [ 21.411567][ C1] R13: dffffc0000000000 R14: 1ffff92001737038 R15: ffffc9000b9b8230 [ 21.411581][ C1] FS: 00007f6bcb0326c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 21.411598][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.411611][ C1] CR2: ffffc9000b9b7eb8 CR3: 0000000112b4e000 CR4: 00000000003526b0 [ 21.411628][ C1] Call Trace: [ 21.411636][ C1] [ 21.411645][ C1] ? __kasan_check_read+0x15/0x20 [ 21.411668][ C1] ? static_key_count+0x45/0x70 [ 21.411686][ C1] ? gfp_to_alloc_flags_cma+0x96/0x1c0 [ 21.411708][ C1] ? __cfi_gfp_zone+0x10/0x10 [ 21.411729][ C1] ? __alloc_pages_noprof+0x35f/0x7e0 [ 21.411748][ C1] ? unwind_next_frame+0x3c1/0x750 [ 21.411767][ C1] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 21.411785][ C1] ? _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x3b2/0x2120 [ 21.411820][ C1] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 21.411840][ C1] ? _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x3b2/0x2120 [ 21.411870][ C1] ? stack_depot_save_flags+0x672/0x800 [ 21.411891][ C1] ? stack_depot_save+0x12/0x20 [ 21.411908][ C1] ? save_stack+0x133/0x240 [ 21.411932][ C1] ? free_contig_range+0x260/0x260 [ 21.411952][ C1] ? __reset_page_owner+0x450/0x450 [ 21.411984][ C1] ? post_alloc_hook+0x3b8/0x3f0 [ 21.412009][ C1] ? prep_new_page+0x1c/0x110 [ 21.412025][ C1] ? get_page_from_freelist+0x496e/0x4a20 [ 21.412043][ C1] ? __alloc_pages_noprof+0x35f/0x7e0 [ 21.412061][ C1] ? stack_depot_save_flags+0x672/0x800 [ 21.412078][ C1] ? kasan_save_track+0x4f/0x80 [ 21.412100][ C1] ? kasan_save_free_info+0x4a/0x60 [ 21.412119][ C1] ? __kasan_slab_free+0x5f/0x80 [ 21.412142][ C1] ? kfree+0x158/0x440 [ 21.412161][ C1] ? krealloc_noprof+0xfa/0x130 [ 21.412183][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0xc6/0x200 [ 21.412215][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x152c/0x22a0 [ 21.412238][ C1] ? _RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x1215/0x5110 [ 21.412275][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCskDQVOo9v79Q_16rust_binder_main10allocation10AllocationEBK_+0x26/0x1a0 [ 21.412310][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x2722/0x5500 [ 21.412335][ C1] ? _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x3b2/0x2120 [ 21.412365][ C1] ? kvm_sched_clock_read+0x15/0x30 [ 21.412383][ C1] ? sched_clock_noinstr+0xd/0x30 [ 21.412407][ C1] ? __set_page_owner+0x8e/0x600 [ 21.412431][ C1] ? __kasan_check_read+0x15/0x20 [ 21.412451][ C1] ? __zone_watermark_ok+0x134/0x630 [ 21.412469][ C1] ? __cfi___set_page_owner+0x10/0x10 [ 21.412493][ C1] ? __cfi___zone_watermark_ok+0x10/0x10 [ 21.412511][ C1] ? kasan_unpoison+0x4a/0x70 [ 21.412531][ C1] ? post_alloc_hook+0x3b8/0x3f0 [ 21.412557][ C1] ? __cfi_post_alloc_hook+0x10/0x10 [ 21.412584][ C1] ? gfp_to_alloc_flags_cma+0x1c0/0x1c0 [ 21.412606][ C1] ? _raw_spin_trylock+0xb5/0x140 [ 21.412627][ C1] ? __cfi__raw_spin_trylock+0x10/0x10 [ 21.412649][ C1] ? prep_new_page+0x1c/0x110 [ 21.412665][ C1] ? get_page_from_freelist+0x496e/0x4a20 [ 21.412689][ C1] ? __alloc_pages_noprof+0x7e0/0x7e0 [ 21.412711][ C1] ? static_key_count+0x45/0x70 [ 21.412724][ C1] ? gfp_to_alloc_flags_cma+0x96/0x1c0 [ 21.412745][ C1] ? lruvec_init+0x211/0x280 [ 21.412766][ C1] ? __alloc_pages_noprof+0x35f/0x7e0 [ 21.412780][ C1] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 21.412796][ C1] ? unwind_get_return_address+0x51/0x90 [ 21.412815][ C1] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 21.412833][ C1] ? arch_stack_walk+0x10a/0x170 [ 21.412858][ C1] ? stack_trace_save+0xaa/0x100 [ 21.412874][ C1] ? stack_depot_save_flags+0x672/0x800 [ 21.412894][ C1] ? kasan_save_track+0x4f/0x80 [ 21.412916][ C1] ? kasan_save_track+0x3e/0x80 [ 21.412938][ C1] ? kasan_save_free_info+0x4a/0x60 [ 21.412957][ C1] ? __kasan_slab_free+0x5f/0x80 [ 21.412987][ C1] ? kfree+0x158/0x440 [ 21.413005][ C1] ? krealloc_noprof+0xfa/0x130 [ 21.413026][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0xc6/0x200 [ 21.413058][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x152c/0x22a0 [ 21.413082][ C1] ? _RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x1215/0x5110 [ 21.413118][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCskDQVOo9v79Q_16rust_binder_main10allocation10AllocationEBK_+0x26/0x1a0 [ 21.413154][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x2722/0x5500 [ 21.413182][ C1] ? _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x3b2/0x2120 [ 21.413212][ C1] ? _RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_24oneway_transaction_innerEB8_+0x30d/0xc20 [ 21.413241][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x1bf7/0xa690 [ 21.413275][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x1077/0x5da0 [ 21.413300][ C1] ? __se_sys_ioctl+0x135/0x1b0 [ 21.413323][ C1] ? __x64_sys_ioctl+0x7f/0xa0 [ 21.413345][ C1] ? x64_sys_call+0x1878/0x2ee0 [ 21.413368][ C1] ? do_syscall_64+0x57/0xf0 [ 21.413389][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 21.413414][ C1] ? _RNvMs_NtNtCs1ewLyjEZ7Le_6kernel5alloc9allocatorNtB4_7Kmalloc14aligned_layout+0x9a/0x180 [ 21.413447][ C1] ? kasan_save_free_info+0x4a/0x60 [ 21.413466][ C1] ? __kasan_slab_free+0x5f/0x80 [ 21.413490][ C1] ? kfree+0x158/0x440 [ 21.413508][ C1] ? krealloc_noprof+0xfa/0x130 [ 21.413531][ C1] ? krealloc_noprof+0xfa/0x130 [ 21.413553][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0xc6/0x200 [ 21.413586][ C1] ? __cfi__RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0x10/0x10 [ 21.413619][ C1] ? __kasan_check_write+0x18/0x20 [ 21.413639][ C1] ? _raw_spin_lock+0x92/0x120 [ 21.413659][ C1] ? __cfi__RNvXsc_NtCs1ewLyjEZ7Le_6kernel3strNtB5_12RawFormatterNtNtCsb7ts3l0a5c3_4core3fmt5Write9write_str+0x10/0x10 [ 21.413687][ C1] ? __cfi__RNvXsi_NtNtNtCsb7ts3l0a5c3_4core3fmt3num3impjNtB9_7Display3fmt+0x10/0x10 [ 21.413714][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x152c/0x22a0 [ 21.413738][ C1] ? __kasan_check_write+0x18/0x20 [ 21.413758][ C1] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process10update_ref+0x10/0x10 [ 21.413781][ C1] ? prb_first_seq+0x109/0x1d0 [ 21.413808][ C1] ? __cfi_prb_first_seq+0x10/0x10 [ 21.413833][ C1] ? __kasan_check_write+0x18/0x20 [ 21.413852][ C1] ? desc_read+0x1ab/0x3e0 [ 21.413876][ C1] ? __kasan_check_read+0x15/0x20 [ 21.413896][ C1] ? this_cpu_in_panic+0x56/0x90 [ 21.413913][ C1] ? _prb_read_valid+0x9f3/0xa80 [ 21.413939][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.413959][ C1] ? prb_read_valid+0x80/0x80 [ 21.413990][ C1] ? data_alloc+0x4d0/0x7e0 [ 21.414016][ C1] ? desc_read+0x202/0x3e0 [ 21.414041][ C1] ? __kasan_check_write+0x18/0x20 [ 21.414061][ C1] ? desc_read+0x1ab/0x3e0 [ 21.414086][ C1] ? prb_first_seq+0x109/0x1d0 [ 21.414111][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ea/0x3d0 [ 21.414136][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.414157][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ea/0x3d0 [ 21.414181][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.414202][ C1] ? __cfi__RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x10/0x10 [ 21.414227][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ea/0x3d0 [ 21.414252][ C1] ? __cfi__RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x10/0x10 [ 21.414277][ C1] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 21.414299][ C1] ? __kasan_check_write+0x18/0x20 [ 21.414318][ C1] ? _raw_spin_lock+0x92/0x120 [ 21.414338][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 21.414359][ C1] ? __kasan_check_write+0x18/0x20 [ 21.414378][ C1] ? _RINvMs4_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x6cd/0xc90 [ 21.414408][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.414429][ C1] ? _RINvMs4_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x61e/0xc90 [ 21.414458][ C1] ? __cfi__RINvMs4_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB6_14AllocationView4readNtNtB8_4defs16FlatBinderObjectEB8_+0x10/0x10 [ 21.414487][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ea/0x3d0 [ 21.414512][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.414533][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x1ea/0x3d0 [ 21.414558][ C1] ? __cfi__RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page8read_raw+0x10/0x10 [ 21.414583][ C1] ? irq_work_queue+0xc2/0x160 [ 21.414603][ C1] ? __kasan_check_write+0x18/0x20 [ 21.414622][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 21.414643][ C1] ? stack_depot_save_flags+0x399/0x800 [ 21.414661][ C1] ? _RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x302/0x5110 [ 21.414698][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.414737][ C1] ? _RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x1215/0x5110 [ 21.414776][ C1] ? _RNvMso_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_14RawVacantEntrymINtNtNtB7_4list3arc7ListArcNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoKyd703a5263dcc8650_EE6insertB1r_+0xf0/0x150 [ 21.414819][ C1] ? __cfi__RNvMNtCskDQVOo9v79Q_16rust_binder_main6threadNtB2_18ScatterGatherState21validate_parent_fixup+0x10/0x10 [ 21.414851][ C1] ? __cfi__RNvXs_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB4_10AllocationNtNtNtCsb7ts3l0a5c3_4core3ops4drop4Drop4drop+0x10/0x10 [ 21.414888][ C1] ? __kasan_kmalloc+0x96/0xb0 [ 21.414911][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page9write_raw+0x1ea/0x3d0 [ 21.414938][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.414958][ C1] ? _RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page9write_raw+0x1ea/0x3d0 [ 21.414991][ C1] ? __cfi__RNvMs0_NtCs1ewLyjEZ7Le_6kernel4pageNtB5_4Page9write_raw+0x10/0x10 [ 21.415016][ C1] ? __asan_set_shadow_00+0x12/0x20 [ 21.415034][ C1] ? _RNvMs0_NtNtCs1ewLyjEZ7Le_6kernel5alloc4kvecINtB5_3VecjNtNtB7_9allocator7KmallocE4pushCskDQVOo9v79Q_16rust_binder_main+0x578/0xa30 [ 21.415067][ C1] ? krealloc_noprof+0x8d/0x130 [ 21.415090][ C1] ? put_dec_trunc8+0x229/0x380 [ 21.415111][ C1] ? put_dec+0xd7/0xf0 [ 21.415130][ C1] ? __asan_memset+0x39/0x50 [ 21.415150][ C1] ? move_right+0x8e/0xb0 [ 21.415170][ C1] ? format_decode+0x1bb/0x1610 [ 21.415189][ C1] ? vsnprintf+0x7b4/0x1ad0 [ 21.415207][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.415227][ C1] ? vsnprintf+0x19ef/0x1ad0 [ 21.415247][ C1] ? desc_read+0x202/0x3e0 [ 21.415272][ C1] ? __kasan_check_write+0x18/0x20 [ 21.415293][ C1] ? desc_read+0x1ab/0x3e0 [ 21.415320][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 21.415341][ C1] ? kernel_text_address+0xa9/0xe0 [ 21.415363][ C1] ? __kernel_text_address+0x11/0x40 [ 21.415383][ C1] ? __kasan_check_write+0x18/0x20 [ 21.415403][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 21.415425][ C1] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 21.415447][ C1] ? stack_trace_save+0xaa/0x100 [ 21.415464][ C1] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 21.415486][ C1] ? stack_depot_save_flags+0x399/0x800 [ 21.415505][ C1] ? xfd_validate_state+0x68/0x140 [ 21.415527][ C1] ? kasan_save_track+0x4f/0x80 [ 21.415549][ C1] ? kasan_save_track+0x3e/0x80 [ 21.415571][ C1] ? kasan_save_free_info+0x4a/0x60 [ 21.415589][ C1] ? __kasan_slab_free+0x5f/0x80 [ 21.415612][ C1] ? kfree+0x158/0x440 [ 21.415631][ C1] ? krealloc_noprof+0xfa/0x130 [ 21.415650][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0xc6/0x200 [ 21.415680][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main6thread18ScatterGatherStateEEB16_+0x3a3/0x660 [ 21.415718][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x26f8/0x5500 [ 21.415739][ C1] ? _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x3b2/0x2120 [ 21.415763][ C1] ? _RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_24oneway_transaction_innerEB8_+0x30d/0xc20 [ 21.415788][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x1bf7/0xa690 [ 21.415819][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x1077/0x5da0 [ 21.415839][ C1] ? __se_sys_ioctl+0x135/0x1b0 [ 21.415860][ C1] ? __x64_sys_ioctl+0x7f/0xa0 [ 21.415880][ C1] ? x64_sys_call+0x1878/0x2ee0 [ 21.415901][ C1] ? do_syscall_64+0x57/0xf0 [ 21.415920][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 21.415946][ C1] ? __kasan_slab_free+0x6a/0x80 [ 21.415971][ C1] ? kfree+0x158/0x440 [ 21.415991][ C1] ? krealloc_noprof+0xfa/0x130 [ 21.416012][ C1] ? __cfi_up+0x10/0x10 [ 21.416027][ C1] ? krealloc_noprof+0xfa/0x130 [ 21.416049][ C1] ? _RNvNtCs1ewLyjEZ7Le_6kernel5alloc20dangling_from_layout+0x11/0x20 [ 21.416079][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0xed/0x200 [ 21.416106][ C1] ? __cfi_llist_add_batch+0x10/0x10 [ 21.416128][ C1] ? __cfi__RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator4freeCskDQVOo9v79Q_16rust_binder_main+0x10/0x10 [ 21.416158][ C1] ? preempt_schedule+0xc5/0xe0 [ 21.416179][ C1] ? __cfi_preempt_schedule+0x10/0x10 [ 21.416200][ C1] ? tick_nohz_tick_stopped+0x4c/0x60 [ 21.416218][ C1] ? __irq_work_queue_local+0xc4/0x260 [ 21.416235][ C1] ? irq_work_queue+0xc2/0x160 [ 21.416253][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main6thread18ScatterGatherStateEEB16_+0x3a3/0x660 [ 21.416287][ C1] ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main6thread18ScatterGatherStateEEB16_+0x10/0x10 [ 21.416322][ C1] ? vprintk_default+0x2a/0x40 [ 21.416339][ C1] ? vprintk+0x93/0xa0 [ 21.416356][ C1] ? _printk+0xde/0x140 [ 21.416370][ C1] ? __cfi__RNvMs5_NtCskDQVOo9v79Q_16rust_binder_main10allocationNtB5_12BinderObject9read_from+0x10/0x10 [ 21.416396][ C1] ? __cfi__printk+0x10/0x10 [ 21.416412][ C1] ? __asan_memset+0x39/0x50 [ 21.416430][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCskDQVOo9v79Q_16rust_binder_main10allocation10AllocationEBK_+0x26/0x1a0 [ 21.416458][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeNtNtCskDQVOo9v79Q_16rust_binder_main10allocation13NewAllocationEBK_+0x5b/0x80 [ 21.416485][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x2722/0x5500 [ 21.416518][ C1] ? __cfi__RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread21copy_transaction_data+0x10/0x10 [ 21.416552][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 21.416571][ C1] ? kernel_text_address+0xa9/0xe0 [ 21.416591][ C1] ? __kasan_check_write+0x18/0x20 [ 21.416609][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 21.416629][ C1] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 21.416650][ C1] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 21.416669][ C1] ? stack_depot_save_flags+0x399/0x800 [ 21.416688][ C1] ? kasan_save_track+0x4f/0x80 [ 21.416707][ C1] ? kasan_save_track+0x3e/0x80 [ 21.416724][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 21.416740][ C1] ? __kasan_kmalloc+0x96/0xb0 [ 21.416758][ C1] ? __kmalloc_node_track_caller_noprof+0x251/0x4f0 [ 21.416776][ C1] ? krealloc_noprof+0x8d/0x130 [ 21.416796][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCskDQVOo9v79Q_16rust_binder_main+0xb4/0x200 [ 21.416824][ C1] ? __asan_memset+0x39/0x50 [ 21.416843][ C1] ? __asan_set_shadow_00+0x12/0x20 [ 21.416857][ C1] ? _RINvMsj_NtNtCs1ewLyjEZ7Le_6kernel4sync3arcINtB6_9UniqueArcINtNtNtCsb7ts3l0a5c3_4core3mem12maybe_uninit11MaybeUninitNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoEE13pin_init_withNtNtB11_7convert10InfallibleINtNtNtBa_4init10___internal11InitClosureNCNvMs1_B1R_B1P_3news_0B1P_B31_EEB1T_+0x3bd/0x990 [ 21.416905][ C1] ? __cfi__RINvMsj_NtNtCs1ewLyjEZ7Le_6kernel4sync3arcINtB6_9UniqueArcINtNtNtCsb7ts3l0a5c3_4core3mem12maybe_uninit11MaybeUninitNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoEE13pin_init_withNtNtB11_7convert10InfallibleINtNtNtBa_4init10___internal11InitClosureNCNvMs1_B1R_B1P_3news_0B1P_B31_EEB1T_+0x10/0x10 [ 21.416962][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 21.416990][ C1] ? __kasan_check_write+0x18/0x20 [ 21.417010][ C1] ? _raw_spin_lock+0x92/0x120 [ 21.417030][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 21.417052][ C1] ? _RNvMs5_NtCs1ewLyjEZ7Le_6kernel6bitmapNtB5_6Bitmap7set_bit+0xb2/0x250 [ 21.417076][ C1] ? __cfi__RNvMs5_NtCs1ewLyjEZ7Le_6kernel6bitmapNtB5_6Bitmap7set_bit+0x10/0x10 [ 21.417099][ C1] ? _RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main4nodeNtB5_4Node16insert_node_info+0x470/0x540 [ 21.417125][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionINtNtCs1ewLyjEZ7Le_6kernel6rbtree10RBTreeNodejmEEECskDQVOo9v79Q_16rust_binder_main+0xd8/0x1b0 [ 21.417160][ C1] ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionINtNtCs1ewLyjEZ7Le_6kernel6rbtree10RBTreeNodejmEEECskDQVOo9v79Q_16rust_binder_main+0x10/0x10 [ 21.417195][ C1] ? __kasan_check_write+0x18/0x20 [ 21.417214][ C1] ? mutex_unlock+0x90/0x240 [ 21.417238][ C1] ? __cfi_mutex_unlock+0x10/0x10 [ 21.417263][ C1] ? _RNvMso_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_14RawVacantEntrymINtNtNtB7_4list3arc7ListArcNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoKyd703a5263dcc8650_EE6insertB1r_+0x114/0x150 [ 21.417301][ C1] ? mmu_notifier_get_locked+0x241/0x2f0 [ 21.417323][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process23insert_or_update_handle+0x1290/0x1f00 [ 21.417352][ C1] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process23insert_or_update_handle+0x10/0x10 [ 21.417384][ C1] ? detach_entity_load_avg+0x7b0/0x7b0 [ 21.417411][ C1] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 21.417431][ C1] ? update_curr+0x64e/0x890 [ 21.417455][ C1] ? __cfi_min_vruntime_cb_rotate+0x10/0x10 [ 21.417481][ C1] ? __enqueue_entity+0x58a/0x630 [ 21.417507][ C1] ? _RNvMso_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_14RawVacantEntrymINtNtNtB7_4list3arc7ListArcNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoKyd703a5263dcc8650_EE6insertB1r_+0xf0/0x150 [ 21.417546][ C1] ? mmu_notifier_get_locked+0x241/0x2f0 [ 21.417569][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 21.417591][ C1] ? kernel_text_address+0xa9/0xe0 [ 21.417611][ C1] ? __kernel_text_address+0x11/0x40 [ 21.417631][ C1] ? __kasan_check_write+0x18/0x20 [ 21.417651][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 21.417674][ C1] ? mutex_unlock+0x90/0x240 [ 21.417698][ C1] ? __cfi_mutex_unlock+0x10/0x10 [ 21.417722][ C1] ? _RNvMso_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_14RawVacantEntrymINtNtNtB7_4list3arc7ListArcNtNtCskDQVOo9v79Q_16rust_binder_main7process11NodeRefInfoKyd703a5263dcc8650_EE6insertB1r_+0x114/0x150 [ 21.417761][ C1] ? mmu_notifier_get_locked+0x241/0x2f0 [ 21.417783][ C1] ? kasan_save_track+0x4f/0x80 [ 21.417804][ C1] ? kasan_save_track+0x3e/0x80 [ 21.417827][ C1] ? kasan_save_free_info+0x4a/0x60 [ 21.417846][ C1] ? _RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x3b2/0x2120 [ 21.417878][ C1] ? _RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_24oneway_transaction_innerEB8_+0x2c0/0xc20 [ 21.417906][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x1bf7/0xa690 [ 21.417940][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x1077/0x5da0 [ 21.417972][ C1] ? __x64_sys_ioctl+0x7f/0xa0 [ 21.417997][ C1] ? __cfi__RNvMNtCskDQVOo9v79Q_16rust_binder_main11transactionNtB2_11Transaction3new+0x10/0x10 [ 21.418031][ C1] ? __kasan_slab_free+0x6a/0x80 [ 21.418055][ C1] ? kmem_cache_free+0x1bd/0x4f0 [ 21.418077][ C1] ? __wake_up+0x169/0x190 [ 21.418101][ C1] ? audit_log_end+0x1f1/0x240 [ 21.418127][ C1] ? audit_log_end+0x1f1/0x240 [ 21.418151][ C1] ? __cfi_avc_audit_post_callback+0x10/0x10 [ 21.418172][ C1] ? common_lsm_audit+0x14fe/0x18e0 [ 21.418191][ C1] ? __cfi_avc_audit_post_callback+0x10/0x10 [ 21.418212][ C1] ? __cfi_common_lsm_audit+0x10/0x10 [ 21.418230][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 21.418252][ C1] ? call_rcu_hurry+0x30/0x30 [ 21.418277][ C1] ? avc_update_node+0x2f1/0x9c0 [ 21.418297][ C1] ? slow_avc_audit+0x19f/0x220 [ 21.418316][ C1] ? __cfi_slow_avc_audit+0x10/0x10 [ 21.418336][ C1] ? avc_has_perm_noaudit+0x2bd/0x360 [ 21.418357][ C1] ? avc_has_perm+0x1ec/0x240 [ 21.418376][ C1] ? avc_has_perm+0x211/0x240 [ 21.418396][ C1] ? __cfi__RNvNtCs1ewLyjEZ7Le_6kernel5error9to_result+0x10/0x10 [ 21.418423][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process20get_transaction_node+0x209/0x620 [ 21.418456][ C1] ? selinux_binder_transaction+0x165/0x1d0 [ 21.418478][ C1] ? bpf_lsm_binder_transaction+0xd/0x20 [ 21.418500][ C1] ? _RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_24oneway_transaction_innerEB8_+0x30d/0xc20 [ 21.418531][ C1] ? __cfi__RINvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB6_6Thread11transactionNvB2_24oneway_transaction_innerEB8_+0x10/0x10 [ 21.418564][ C1] ? __kasan_check_write+0x18/0x20 [ 21.418584][ C1] ? _raw_spin_lock+0x92/0x120 [ 21.418605][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 21.418625][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x1790/0xa690 [ 21.418659][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.418679][ C1] ? _RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x1bf7/0xa690 [ 21.418723][ C1] ? __cfi__RNvMs2_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_6Thread5write+0x10/0x10 [ 21.418783][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 21.418804][ C1] ? kernel_text_address+0xa9/0xe0 [ 21.418825][ C1] ? __kasan_check_write+0x18/0x20 [ 21.418845][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 21.418866][ C1] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 21.418889][ C1] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 21.418910][ C1] ? stack_depot_save_flags+0x399/0x800 [ 21.418930][ C1] ? kasan_save_track+0x4f/0x80 [ 21.418952][ C1] ? kasan_save_track+0x3e/0x80 [ 21.418980][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 21.418999][ C1] ? __kasan_kmalloc+0x96/0xb0 [ 21.419023][ C1] ? __kmalloc_cache_noprof+0x23c/0x470 [ 21.419044][ C1] ? __set_page_owner+0x2af/0x600 [ 21.419068][ C1] ? post_alloc_hook+0x3b8/0x3f0 [ 21.419094][ C1] ? prep_new_page+0x1c/0x110 [ 21.419109][ C1] ? get_page_from_freelist+0x496e/0x4a20 [ 21.419127][ C1] ? __alloc_pages_noprof+0x35f/0x7e0 [ 21.419144][ C1] ? alloc_slab_page+0x6b/0x1e0 [ 21.419167][ C1] ? allocate_slab+0x69/0x420 [ 21.419190][ C1] ? ___slab_alloc+0x5a2/0x8d0 [ 21.419211][ C1] ? __kmalloc_node_track_caller_noprof+0x2e6/0x4f0 [ 21.419233][ C1] ? krealloc_noprof+0x8d/0x130 [ 21.419255][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCskDQVOo9v79Q_16rust_binder_main+0xb4/0x200 [ 21.419282][ C1] ? _RNvMs3_NtCskDQVOo9v79Q_16rust_binder_main6threadNtB5_11ThreadError7try_new+0xc8/0x630 [ 21.419315][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process18get_current_thread+0x611/0x1cf0 [ 21.419350][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x483/0x5da0 [ 21.419374][ C1] ? __se_sys_ioctl+0x135/0x1b0 [ 21.419397][ C1] ? __x64_sys_ioctl+0x7f/0xa0 [ 21.419419][ C1] ? x64_sys_call+0x1878/0x2ee0 [ 21.419443][ C1] ? do_syscall_64+0x57/0xf0 [ 21.419464][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 21.419489][ C1] ? __kasan_check_write+0x18/0x20 [ 21.419510][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 21.419532][ C1] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 21.419554][ C1] ? __kmalloc_cache_noprof+0x23c/0x470 [ 21.419575][ C1] ? __set_page_owner+0x2af/0x600 [ 21.419600][ C1] ? __kasan_check_write+0x18/0x20 [ 21.419620][ C1] ? __set_page_owner+0x3fe/0x600 [ 21.419645][ C1] ? __cfi___set_page_owner+0x10/0x10 [ 21.419671][ C1] ? kasan_unpoison+0x4a/0x70 [ 21.419691][ C1] ? post_alloc_hook+0x3b8/0x3f0 [ 21.419716][ C1] ? __cfi_post_alloc_hook+0x10/0x10 [ 21.419739][ C1] ? gfp_to_alloc_flags_cma+0x1c0/0x1c0 [ 21.419760][ C1] ? _raw_spin_trylock+0xb5/0x140 [ 21.419780][ C1] ? __cfi__raw_spin_trylock+0x10/0x10 [ 21.419801][ C1] ? prep_new_page+0x1c/0x110 [ 21.419818][ C1] ? get_page_from_freelist+0x496e/0x4a20 [ 21.419840][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 21.419864][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 21.419886][ C1] ? kernel_text_address+0xa9/0xe0 [ 21.419907][ C1] ? __kernel_text_address+0x11/0x40 [ 21.419927][ C1] ? unwind_get_return_address+0x51/0x90 [ 21.419946][ C1] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 21.419969][ C1] ? arch_stack_walk+0x10a/0x170 [ 21.419996][ C1] ? stack_depot_save_flags+0x38/0x800 [ 21.420015][ C1] ? kasan_save_track+0x4f/0x80 [ 21.420036][ C1] ? kasan_save_track+0x3e/0x80 [ 21.420058][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 21.420076][ C1] ? __kasan_kmalloc+0x96/0xb0 [ 21.420099][ C1] ? __kmalloc_node_track_caller_noprof+0x251/0x4f0 [ 21.420121][ C1] ? krealloc_noprof+0x8d/0x130 [ 21.420142][ C1] ? _RNvYNtNtNtCs1ewLyjEZ7Le_6kernel5alloc9allocator7KmallocNtB6_9Allocator5allocCskDQVOo9v79Q_16rust_binder_main+0xb4/0x200 [ 21.420170][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process8get_node+0x89e/0x1820 [ 21.420197][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process14set_as_manager+0x1b8/0xa50 [ 21.420230][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x183b/0x5da0 [ 21.420255][ C1] ? __se_sys_ioctl+0x135/0x1b0 [ 21.420278][ C1] ? __x64_sys_ioctl+0x7f/0xa0 [ 21.420301][ C1] ? x64_sys_call+0x1878/0x2ee0 [ 21.420324][ C1] ? do_syscall_64+0x57/0xf0 [ 21.420345][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 21.420367][ C1] ? _RNvMs6_NtCs1ewLyjEZ7Le_6kernel4listINtB5_4ListINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapDNtBL_13DeliverToReadEL_EE12insert_innerBL_+0x43a/0x6c0 [ 21.420402][ C1] ? __cfi__RNvMs6_NtCs1ewLyjEZ7Le_6kernel4listINtB5_4ListINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapDNtBL_13DeliverToReadEL_EE12insert_innerBL_+0x10/0x10 [ 21.420437][ C1] ? _RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main4nodeNtB5_4Node28incr_refcount_allow_zero2one+0x4d4/0xe50 [ 21.420469][ C1] ? __kasan_check_write+0x18/0x20 [ 21.420489][ C1] ? _raw_spin_lock+0x92/0x120 [ 21.420510][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 21.420531][ C1] ? _raw_spin_unlock+0x45/0x60 [ 21.420552][ C1] ? _RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_12ProcessInner24new_node_ref_with_thread+0x62d/0xa50 [ 21.420584][ C1] ? __cfi__RNvMs0_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_12ProcessInner24new_node_ref_with_thread+0x10/0x10 [ 21.420617][ C1] ? krealloc_noprof+0xfa/0x130 [ 21.420639][ C1] ? _RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreeyINtNtNtB7_4sync3arc3ArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtNtB1d_4node4NodeEEE9raw_entryB1d_+0x403/0x500 [ 21.420681][ C1] ? __cfi__RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreeyINtNtNtB7_4sync3arc3ArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtNtB1d_4node4NodeEEE9raw_entryB1d_+0x10/0x10 [ 21.420720][ C1] ? __kasan_check_write+0x18/0x20 [ 21.420741][ C1] ? _raw_spin_lock+0x92/0x120 [ 21.420761][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 21.420781][ C1] ? _RNvMs1_NtCs1ewLyjEZ7Le_6kernel6rbtreeINtB5_6RBTreelINtNtNtB7_4sync3arc3ArcNtNtCskDQVOo9v79Q_16rust_binder_main6thread6ThreadEE9raw_entryB1e_+0x416/0x580 [ 21.420822][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process8get_node+0xfa9/0x1820 [ 21.420849][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.420869][ C1] ? __kasan_check_write+0x18/0x20 [ 21.420888][ C1] ? _raw_spin_lock+0x92/0x120 [ 21.420908][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 21.420928][ C1] ? _raw_spin_unlock+0x45/0x60 [ 21.420948][ C1] ? __asan_set_shadow_00+0x12/0x20 [ 21.420973][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process18get_current_thread+0x9e6/0x1cf0 [ 21.421007][ C1] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process8get_node+0x10/0x10 [ 21.421035][ C1] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 21.421068][ C1] ? ip6_pol_route+0xe88/0x1360 [ 21.421087][ C1] ? ip6_pol_route+0xe88/0x1360 [ 21.421108][ C1] ? detach_entity_load_avg+0x7b0/0x7b0 [ 21.421135][ C1] ? avc_has_perm_noaudit+0x26c/0x360 [ 21.421156][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.421176][ C1] ? avc_has_perm_noaudit+0x28a/0x360 [ 21.421196][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main4node7NodeRefEEB16_+0xf6/0x490 [ 21.421237][ C1] ? avc_has_perm+0x155/0x240 [ 21.421257][ C1] ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtB4_6option6OptionNtNtCskDQVOo9v79Q_16rust_binder_main4node7NodeRefEEB16_+0x10/0x10 [ 21.421295][ C1] ? _RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel4sync3arc3ArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtNtB1o_4node4NodeEEEB1o_+0xf9/0x1f0 [ 21.421333][ C1] ? __cfi__RINvNtCsb7ts3l0a5c3_4core3ptr13drop_in_placeINtNtNtCs1ewLyjEZ7Le_6kernel4sync3arc3ArcINtCskDQVOo9v79Q_16rust_binder_main7DTRWrapNtNtB1o_4node4NodeEEEB1o_+0x10/0x10 [ 21.421371][ C1] ? __kasan_check_write+0x18/0x20 [ 21.421392][ C1] ? _raw_spin_lock+0x92/0x120 [ 21.421412][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 21.421433][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process14set_as_manager+0x54c/0xa50 [ 21.421466][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.421486][ C1] ? _RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process14set_as_manager+0x794/0xa50 [ 21.421521][ C1] ? __cfi__RNvMs4_NtCskDQVOo9v79Q_16rust_binder_main7processNtB5_7Process14set_as_manager+0x10/0x10 [ 21.421555][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 21.421577][ C1] ? __kasan_check_write+0x18/0x20 [ 21.421591][ C1] ? _raw_spin_lock+0x92/0x120 [ 21.421607][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x1019/0x5da0 [ 21.421626][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.421641][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x1077/0x5da0 [ 21.421672][ C1] ? stack_trace_save+0xaa/0x100 [ 21.421690][ C1] ? stack_depot_save_flags+0x38/0x800 [ 21.421708][ C1] ? sched_clock_noinstr+0xd/0x30 [ 21.421733][ C1] ? kasan_save_stack+0x4d/0x60 [ 21.421759][ C1] ? kasan_save_stack+0x3e/0x60 [ 21.421780][ C1] ? __kasan_record_aux_stack+0xb2/0xd0 [ 21.421799][ C1] ? kasan_record_aux_stack_noalloc+0xf/0x20 [ 21.421818][ C1] ? __call_rcu_common+0xd7/0x720 [ 21.421842][ C1] ? call_rcu+0x14/0x20 [ 21.421866][ C1] ? __cfi__RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x10/0x10 [ 21.421889][ C1] ? _raw_spin_trylock+0xb5/0x140 [ 21.421909][ C1] ? __cfi__raw_spin_trylock+0x10/0x10 [ 21.421930][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 21.421952][ C1] ? _raw_spin_unlock+0x45/0x60 [ 21.421979][ C1] ? call_rcu_nocb+0x6d7/0xc80 [ 21.422001][ C1] ? swake_up_one_online_ipi+0x30/0x30 [ 21.422027][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 21.422048][ C1] ? kernel_text_address+0xa9/0xe0 [ 21.422068][ C1] ? __kernel_text_address+0x11/0x40 [ 21.422089][ C1] ? __kasan_check_write+0x18/0x20 [ 21.422109][ C1] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 21.422130][ C1] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 21.422153][ C1] ? stack_trace_save+0xaa/0x100 [ 21.422170][ C1] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 21.422192][ C1] ? stack_depot_save_flags+0x399/0x800 [ 21.422212][ C1] ? kasan_save_track+0x4f/0x80 [ 21.422234][ C1] ? kasan_save_track+0x3e/0x80 [ 21.422256][ C1] ? kasan_save_alloc_info+0x40/0x50 [ 21.422274][ C1] ? __kasan_kmalloc+0x96/0xb0 [ 21.422297][ C1] ? __kmalloc_node_track_caller_noprof+0x251/0x4f0 [ 21.422319][ C1] ? krealloc_noprof+0x8d/0x130 [ 21.422341][ C1] ? kvrealloc_noprof+0x59/0x120 [ 21.422362][ C1] ? _RNvCskDQVOo9v79Q_16rust_binder_main16rust_binder_mmap+0x71b/0x1560 [ 21.422387][ C1] ? mmap_region+0x1579/0x1d60 [ 21.422407][ C1] ? do_mmap+0xb85/0x13c0 [ 21.422426][ C1] ? vm_mmap_pgoff+0x36e/0x4b0 [ 21.422446][ C1] ? ksys_mmap_pgoff+0x165/0x1e0 [ 21.422466][ C1] ? __x64_sys_mmap+0x121/0x140 [ 21.422490][ C1] ? x64_sys_call+0x13bf/0x2ee0 [ 21.422513][ C1] ? do_syscall_64+0x57/0xf0 [ 21.422534][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 21.422560][ C1] ? is_bpf_text_address+0x17b/0x1a0 [ 21.422581][ C1] ? kernel_text_address+0xa9/0xe0 [ 21.422601][ C1] ? __kernel_text_address+0x11/0x40 [ 21.422620][ C1] ? unwind_get_return_address+0x51/0x90 [ 21.422639][ C1] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 21.422658][ C1] ? stack_trace_save+0xaa/0x100 [ 21.422675][ C1] ? detach_entity_load_avg+0x7b0/0x7b0 [ 21.422699][ C1] ? stack_depot_save_flags+0x38/0x800 [ 21.422714][ C1] ? cgroup_rstat_updated+0x141/0x810 [ 21.422735][ C1] ? __cfi_cgroup_rstat_updated+0x10/0x10 [ 21.422756][ C1] ? place_entity+0x4e9/0x620 [ 21.422776][ C1] ? detach_entity_load_avg+0x7b0/0x7b0 [ 21.422797][ C1] ? __cgroup_account_cputime+0xa5/0xd0 [ 21.422819][ C1] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 21.422837][ C1] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 21.422854][ C1] ? update_curr+0xdc/0x890 [ 21.422872][ C1] ? xfd_validate_state+0x68/0x140 [ 21.422889][ C1] ? save_fpregs_to_fpstate+0x196/0x220 [ 21.422903][ C1] ? __kasan_check_write+0x18/0x20 [ 21.422918][ C1] ? __switch_to+0xc4f/0x1300 [ 21.422938][ C1] ? __cfi_sched_clock_cpu+0x10/0x10 [ 21.422958][ C1] ? __cfi___switch_to+0x10/0x10 [ 21.422988][ C1] ? psi_task_switch+0xad/0xa10 [ 21.423005][ C1] ? _raw_spin_unlock+0x45/0x60 [ 21.423024][ C1] ? finish_task_switch+0x139/0x760 [ 21.423040][ C1] ? __switch_to_asm+0x3d/0x70 [ 21.423060][ C1] ? __schedule+0x1352/0x1dd0 [ 21.423084][ C1] ? __sched_text_start+0x10/0x10 [ 21.423101][ C1] ? avc_has_extended_perms+0x80b/0xe70 [ 21.423119][ C1] ? __asan_memcpy+0x5a/0x80 [ 21.423139][ C1] ? avc_has_extended_perms+0x969/0xe70 [ 21.423157][ C1] ? __cfi_preempt_schedule+0x10/0x10 [ 21.423180][ C1] ? __asan_set_shadow_00+0x12/0x20 [ 21.423197][ C1] ? do_vfs_ioctl+0x182d/0x2010 [ 21.423219][ C1] ? __ia32_compat_sys_ioctl+0x920/0x920 [ 21.423244][ C1] ? __cfi_try_to_wake_up+0x10/0x10 [ 21.423263][ C1] ? ioctl_has_perm+0x39a/0x500 [ 21.423280][ C1] ? has_cap_mac_admin+0xd0/0xd0 [ 21.423298][ C1] ? file_mmap_ok+0x147/0x1a0 [ 21.423319][ C1] ? userfaultfd_unmap_complete+0x29f/0x320 [ 21.423342][ C1] ? selinux_file_ioctl+0x732/0x1480 [ 21.423358][ C1] ? __cfi_userfaultfd_unmap_complete+0x10/0x10 [ 21.423381][ C1] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 21.423398][ C1] ? do_futex+0x37d/0x510 [ 21.423419][ C1] ? __cfi_do_futex+0x10/0x10 [ 21.423437][ C1] ? vm_mmap_pgoff+0x153/0x4b0 [ 21.423459][ C1] ? __fget_files+0x2c5/0x340 [ 21.423483][ C1] ? bpf_lsm_file_ioctl+0xd/0x20 [ 21.423499][ C1] ? security_file_ioctl+0x3e/0x110 [ 21.423525][ C1] ? __cfi__RNvCskDQVOo9v79Q_16rust_binder_main17rust_binder_ioctl+0x10/0x10 [ 21.423550][ C1] ? __se_sys_ioctl+0x135/0x1b0 [ 21.423574][ C1] ? __x64_sys_ioctl+0x7f/0xa0 [ 21.423597][ C1] ? x64_sys_call+0x1878/0x2ee0 [ 21.423620][ C1] ? do_syscall_64+0x57/0xf0 [ 21.423641][ C1] ? clear_bhb_loop+0x50/0xa0 [ 21.423661][ C1] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 21.423684][ C1] [ 21.423691][ C1] Modules linked in: [ 21.423719][ C1] ---[ end trace 0000000000000000 ]--- [ 21.423729][ C1] RIP: 0010:get_page_from_freelist+0x1f/0x4a20 [ 21.423752][ C1] Code: 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec a0 02 00 00 49 89 cf <89> bc 24 a0 00 00 00 65 48 8b 04 25 28 00 00 00 48 89 84 24 80 02 [ 21.423767][ C1] RSP: 0018:ffffc9000b9b7ec0 EFLAGS: 00010286 [ 21.423784][ C1] RAX: 0000000000000100 RBX: 0000000000000002 RCX: ffffc9000b9b8230 [ 21.423796][ C1] RDX: 0000000000000101 RSI: 0000000000000002 RDI: 0000000000192000 [ 21.423808][ C1] RBP: ffffc9000b9b8190 R08: ffffffff876aa0a3 R09: 1ffffffff0ed5414 [ 21.423821][ C1] R10: dffffc0000000000 R11: fffffbfff0ed5415 R12: 0000000000000680 [ 21.423834][ C1] R13: dffffc0000000000 R14: 1ffff92001737038 R15: ffffc9000b9b8230 [ 21.423848][ C1] FS: 00007f6bcb0326c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 21.423864][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.423877][ C1] CR2: ffffc9000b9b7eb8 CR3: 0000000112b4e000 CR4: 00000000003526b0 [ 21.423897][ C1] Kernel panic - not syncing: Fatal exception in interrupt [ 21.424303][ C1] Kernel Offset: disabled