last executing test programs:

4m37.503010595s ago: executing program 2 (id=566):
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x1351c0, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x2, 0x4, 0x8})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x104000, 0x0)
ioctl$FIONREAD(r1, 0x541b, &(0x7f00000000c0))
r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f0000000100)={0x2adb, 0x5})
ioctl$BTRFS_IOC_ADD_DEV(r2, 0x5000940a, &(0x7f0000000140)={{r0}, "b75790f3338fe4f32c8a61a1512afb3518f13da1600ea0faa8473d8180a7e9e16db5b821d99c99c1e34b15a7e58435b8f8966e2f9d370faf3f4a94916d96194a7720d376b64e7d11724ebe6ba77cf8e49ec7580ae1c587b0c64e060ffe8300814d42f30b20f3389ffe24f5d0f9fb8f4e46cac5994842e9d65d9a96071deac273dd2fb88588c57c74bfa6201c6d7dc43a1a8016d3cf1691fa91373b006f4f28dfe74de99041289331aa6d4502910a05ca2cf00daff1c85087152fdf15e1b248a80fb89a41fafb565e5e4f05a7a51113dd34381104ab10027c08883a4d8b6d978b61881d382f793dbb589fe83719eafdc73611178587b4d92120d691b96e7b9cef79e5f5c3068789d8f91dda0879cbd3f88bcd57fcff952e2312bb295b14627a17e9fb9a608311ab5c0b3768f4dc13d08ab9f4a759a43e2abae329720092e67fbddafd20a324ac6cd9033e8518e107b7b1a62128fe26d9fcdc187a1c8499331f27c93cd578223eb811396189ef0747f859320c53be694d9a0d593f168a7f6345d6c32c1dbc6489b3f040214495dcc09a360092b7ad7ce6de19a3991e9b7d0cb9a0243d2cb990270be9843d1bc0d54b18a361a603a6c0b2c8308452c3dccde3c248557cd6a8e4d32fde1684a02d5ac093e4688692211c7c5edfa2a15b7463f176627115ceb3183a83c2f57b18425ccdb85eae57e5decef939ebdfaaf8e4947e692416a4f7cdb37b6af47633e1abb50d3274337545cc8140304c6a321bcac3c80eb876d46f1953703759491c5bc266cebbc26bd12586adb5b660a3bc2560f52f8ccf1aabc9b352e502ba707dc2229e3c3f6f791b18712d6240631c603fd7b36d7d6f0937155b8e0acd28667a1b6dae9468381907de3586c238605976e20a96f129660eeb2d2d5a030f7e586ee7fc0eb41c3d6d315bbaf37339f23bd5b2b12bf60b1157d4096dfbf9f750676105c61875f058687d480e7f18d7d1388a4c1a44d5cc66e655b12499f951c7547a23bcd85d3209121b151eebceaa8c78ac8bbd181c337113200b1be698f01d86c3bdc8f1282b91e388e99dcaa93515fa307b879185ac9fac98e82606622be45924ac89ef994896142353e896040380245548c35dfdb5422dcdb73fc8d79e8e9b70dac0dcd7a542f088d81a2a55ec40e18369e630fe591d4a89095500ea700eff8bf43e4af2f7c3e0313150672b0622900236319d3b2bb9546ede1ff8b63b3a80f668b9a38765083c603315f1bc2ddfe390d530d028ac5233b4676147311e4498c16bbf1e677ce35ab645d16b84bdf2a7cb6f7ae28d71f63b8dd58066604d3c30c0ed94b9e3a7b1337fd33046f7d510cb83e69ef9379db9943df56a4c37291133c17a54613c2fff7239141b713406ab076a04a2201d33f53630d779a89ebfebadbc42687eb2533404cbce8802c4b294b7a55e3ad4abc950ce0f427ac4d593ba5215f150d3aa280e45af3ea8d9cf92af361c017a6db2e19d12ebcc38bcc5e21904c582a384f1e21dc8bfeed3bc26b7412ff6e53eb252391758bf3bf055ad18e2bcfac6c6b4e85c08742f67d84f39d64fb8f87088bcb4170d67d8ffe4ccd21f7c5672aeec3fd0af5f2e993b5f5f2802a66d9bc12c82b140dcddab798785291677fb3f523cff8bea1823593a1416fd92c201bd2260efaa36968e236997b66e3f2e706aee0eb722fdeb1253fe02e2a7c4699c7098a1013652b1e948db613a13203c8ae7f19433626fb7c172737b2d8598838716cc10468ba23eeb9f676e1e80b25e1aee6612573d5ba02692eacbece290fac1606e6d5e8ac3aa080d38ca81fa1519f5bc6b76b0c50332cd171dc1929ca7cb459f3035269f100e64f7d4d8a12a96e72959d9dad79fbbf4b9280ab70667525bc690839bbfb863f63ed4dad46cad433d04ecbfd766dee41ca0415c059a8bc312133781584c618708a05c566d3b7a1d307465815f22044b2b31bbc095e9cf5344d29f360ceaf412dc2ce5d90336fdb69e16475c9d0327f43164b5c6a3dd726af7fb6526823a59a835a12dae3bff870b924df5fb6c53e66d16c8bf74d1c2bd91cf31a79b8c49e2db5159f072f7b81ee14460052a3b29673f8e111c5dcd1d68f204cc6018c1bce0b5a36b28d3bbad4cc93045f3d5ea77c26efcf43071d2f3dc73592a896949a0c934962dfc12512c391ec1bbaff42750063cf62adb3d7fc2570ae19cdc5b65ae4e7f976fc3816af9bcaddb8dbff49172559f82487812460ca8d69e522efcfaf80b95f22490a1b355c553001808f9014d13ec67c10d5cdd991e41fbe363279482302fb32be2bb21db2e451627058755027470cdb8df052f3ccd2a544c76e0ef1104a25d17fdf37d5bcce958095542bafdcc12db9c1bb99629ed3fe594fb860ff03d3f4df09fa61c51f55526f1c12cda6a96621d650806fd75d5d7c48abe7db8216af4d4efc7a441a4e23ae742df93da5cf9420aeb944fd21fbbc44fe02231aced69441c3a8aa4e3f734dfee441f9c174ca7f8d9fca63deab8400ecbed6754c594ae59fd205ec82841320ae4c31897206c9db446ea2cfef5f8f0a3bb325351f65da2b7253f063d7893e39395c88e708fc81d05400ae33eaff0913f35f159d03b1d15948a21afe731c7bf06f08cb940543853abbc840f5b8e95e6c014608676588b11bdf575f9d7ddd7af3737b84fd9d8598662fcca49a44ebe83f98ab6573baef41283d4c48cb8a75ad3b554ae2651b88fcdf85b8522b5fae4ad27afe88cf0027360c251af77f025436d2b43d254d3edeed459df8e4da540a71508685e731a783bf29f037abb76417893054c2a0c1ea0bd6c962590af5d8d11f8260c8678eb7ecf6fd66ef0c59886cfd659db973dbf35d4e29ba8d2012e8155612cdb536aa1d671f5dc9a07abe13c71c4d25cc0e9d4a8ac01c521bc95308be5d2023b8b5fa4e10248ef0e365d23b714da3403c05d8f7b5e9d31c8429dd35be086e760f5e04f2d6f7dc17168dd9eecfbbac18529c74348fd8b1288bb9382da0d3a18317af502e01d6cead9b8976087c8b3a87bc454adc65ec708e8d1b2799a35e190d41314b48726d81ed2bf4cb49d0a6b5e8749aae9ad039395cb4dd7d2c44f30710782aa2149c324bf1dec27d50ac037ad3fb7e18d3e1560c8845f0b548a4384680fa6fae8551d1d8885c14a6e816fec2b306ee6c81cecabc058e280ebb30fa2e752c20afb30a460caae23832db95afa503061c933e94ae24a7289a95bc1740ebceed71d4db072132f8b48781d8077ab881d9d7f450c6dd31342a30da8561149895c1a3ea2f513a0d6b4e861d6d56e1fb9451b1e3901da4452daa3862f4272d9291525f2097ce4a2ba6b53e680ca8fc0742c7f91f89cd46856bd17a5c7572d0a85afed7d8cd8f6568832e783bbc30d171edc4a12156f7ed2b3d505b68c58786c6fdbcf154a0b6916ed47ee0f2b0c7dc977586283a37ca52c1828b5fefba42e4aa14fe119e607c3971eb67b340899835621fec0c2fe599d6ee1442c48b56af1804c0ec62d39194fd3553d7e37e92b397bbc215e80d242dc801a52ce65982d056877e288a994bd2f708085e49b274586c5f6957914c28afd9cbb4fd0d97d116682aa39bc51cca64a0d34f9e979ce9e2ea0528e43aa0a3b85ccf2bed8eeb9c5967f13e691b7f780ff0cd68dfd194f21e91795b36839de5f61aac6676346efe7cd952b40be069c0970b0b342a03b0dff19ccb4c053e528dd5f804a8c6c8268d62cbb9cc79621686991b1035d68f9e1391bff664599c12538dabb7745c8170fa1950f53aa3ceef318b76de0e932286da033ac6f2f385e90a8a99bdf2fe4c16a0b9365296c39b2b013f9669d810554ebf75ff0cfca162561e393d520d94afe0f15d49c889bf4c3a31cc5884799db8cd07e1e99fc106274f498e157bc27f0f7d11e0dca50cf351308f91bfa52d99e8203a29963f0c08d71569851c43bce5cb75f7775f8cc79409a5d85afbdbaa877a5e33d4914c2611b4a8fe106129193043d03122397aff9892c0028590d51b408476f28b1c1af81cc5ad4e42cc065b90de9cc5fc3d16958be646982bf2b58e9ea91ff49e21dc58d0af1f0e7ebba233debfbfd810ed5bb8bdea1969bf18e0b93058a03e081b4d93947db2ed63da5f3a66b1150f382a45b81833bb739d8b16f60a79eed7dc04f556ec876efce5d09488470616be0795cc2952241db754a63073315658cf9cc0791a9fe314e857c4f24b427cdab1801e49fbc48a3fd573a1c08085d05c11d2cf379d2ad0a3222ee785d4d4f68e548ea8d74cb26ad7f5eafce9faa361b044ee78423b253d990ae25342208d8992732ec3ab3d1da73791a306f7bb7036451e3cd96f78d3c3ef3faf49002e6f02d0fd5be9623888f5564dfb55c500fcaed693d8ddfb80e7a5b6edca873601f1aa074759129a4372a60180354ad454a54352e5324ba67e26c80ef671e7b7b28c368a266cb8c5681dfd6983af51fb30cb7ba992b226064fe36e8dd1b67e44ce481bf4f9960959b6bf03f5c2ee31333f1c0ba323a0a1758c4ba619a18e39f18d3a79686ba12ec901375657f607e114ce8bf7d6085ac2e1d167b4b1f3af595f074b57e3bb8b468cf28ca679ae0367fad8dae0807c718672a397e6edbd812b261d0206ca6572d809db5c0a123e990cf628f76bd0818f55abdad29b65529fa8efe846ca12797b410f05c6504ed8914c2b5285cc4908622bb05caf63c560cef5049c5b5127a26805532ec50e05bb9833c2add73c0ab2d6ebaa685fc84ed4537718440079b0c7607ddafee21825489d6fa4dfea21d430dd982ea31a981f969c8907ba101b4aca44cf134a77cc9069e25d823f2cea6a6ec7b8dee72cc6fb89f4d87b3b84abbccbdc3d15aed2a36103629b899552bf1e8015b0f1668c5c52389ee48cd40da8d1af60b7370162823e45a443b890364a6df68d7d87a9a05654d6b1aa14e37e3bcff6f5a67bafbb712e611c90128f5feb95ebd6d8ea21704f93dd7852a26189efefc896c74e8ae7435a7b4898213086e0dea67a782ee662bb06f81f3d953d3f1e29d8275b7f0dfee052ca08c01c113eaf89af39f45baef8db38969d93977dcf608dd926ac2784d6df4939128f759a6cb772fa71af927dff782024932e0897a45580896bbe385cd327ce39c14d71bbb5b0beaf3fa2a9003c7b13079bef9022698c94f2f488c53c4a4239b29d943477e0653987a3b447e70e670c4fa2f27bf131fde7c65829e167ec7304e6dfc9d977da5b3f8599d7ce0d4489912b8aa89d8b3f59f66792aff4741c9dec877373492227609e03fb17256dc97178b03d5c0644c6b070dabf52e5a59709da0428bceae06f17de821cfbe66f0e4942d4df516e5aab44e52be5208f99256612820ebb81ce6d2d13806a1c538a3100f4e8a53a155ba9ff5c7fd54379563ccaa10ed933fc1125152674ab193ce6b2a0e4021357d76779225b14f5c6f6d85562893c0e986c625e5fdd0f5f995fbf6bc48cca6448ac7791371cf5c27b7afe8811b6c9219956f00374e71fdf07890af8388a5de2b125b885c82a39f04eb86f507b43b453c73215fea294f72eb4d574a01fb2f8b7a2209fc91807a18d06d31cf50412947365a0532d3cb0beb1f29241203b47685de80dd9e19b12900374d6b02569d23e9b3f7887ad139ad3ffc1530f1c3c2489107b2d694d723ad2d30e51ad2a69db6b0dcf9b332f312f38838e3a026c8283deeca3e86f8c1bd3bacf32aab9126f5cb57068e6c109b9c4fadce6971bf5779ea1668b9f9f773edc7447a12db61"})
ioctl$BTRFS_IOC_SNAP_DESTROY(r1, 0x5000940f, &(0x7f0000001140)={{r2}, "9fd5ced29ac919162b8fe276a5cf50c1c1b26b8e867d111f0a225e727530f0e21fdefe87727e94ff19eb109f6424e1873c69e243702b63fd562857933687fdd976df151eda99f09c5f6b6c6860e2d5d1e6b5e1587fb5b02832e0ed264580f77543e4bedb14a9911e157fb34f1868c7bbb935649bc43f948c5882d3c8d473c1279412f84d2852528b5b27c0d44b8bdc62c7cea5f6568ee7518a5dfa3b38aa04a5242ac85032b38717e1e2b61d20432168f5cc50d9d5145feb21d54f31dce76f9ee871af5500436a98e6d89b0cd3106f7776274f6267571696398c61bc2cabb917d828d3fef42a39ad75e0de4262b002167aad16ab3a9d20f1214bfadc7000542c79b7d0ee737952f73f522a2810c06e2a53ce2f2743386a5ca1f93de86823b7719180185b731aab5f1521070827c383af3527d791ddd3a6b4ebd208f672365de82901a286537f79ee50f77e11322b4efa2dae7479ea85aade309f2d7fb9b3491f8279844c828ef5d15eaf5664b96b3247d2b35243313c3d52089c45d8351638bcb44f305a570d0b3bd0e24a4ddc46421e4e4cc1e1ce43bee5a4f097c00c99fcda523f5f557adf34c57d9db88298bb4ea3a90fb1be58e7efcd53540416084992945442239adad044eb6543de4cc25d62886e56a37ea6426cb2cf40decee09e1c5a969f4b61651ccd9c75ba6900d5ded4ba4f2594d555924e22616c6859139b5d41128fdd086ffce5b2f9d4218eb393ae825d5ed1a394112f03d338065d1b22b4f663366e56ef6b765826e08035a9265e6364bb2ca98268e50365a38d18a3c413307e9e9896e957bdbd1ca4cbff6a5ffda1623bdd044d48e90cb52d9c3773b189eecffb800f43049bd56d1216d34e0a740bd1ed080aca94ad00f4bc22cc95aa4e5125d13ac5c2c53c573e183baafc169d75269792a086bb0a6264287581d4d91fb9fd646a9c7abee01e511159f8a2e16be28f3397df0b2a0767a56ac4fe038f31928868eac667ea06044c06a41c7ecf044cc9b8dee8da6f5c9c6e390cb3c08384f69b67a3cbd0f8cdc8da8f152959bc00e3293c96a1f04c6e58f970f5a2aada84f9e41775c689dda92f04178a899c3503520d6369b21dcee706874805fd76233197f40cb4d2e6ffa916dc6f45d96e8b992a1db299d6ad0602b0e4889cade1633e378c38ba20d4bb165be344e6efc8a5db8edd9449d3340a48df0817803b00bf8c7659322a517da040295fe056acf8e1dbddbcff23c348ae603dcfabfa7ef7067b058cea497b2576f3c321fcc5498f18598379fc621898697a2729460fade05afec777c91de620ffaa5b59e23aa8ad23d34d6772de5521249c10be7f9013abec01ed5c13801a6d00fc6616fcce7d6a35d60345dbac1c02a53c0ea191dfda32b78cb99cf91335f5e6ab2d7eb886e8f903a2d3425c48710f8fde72b9724f21c355965323899211802511ebf5b2f28e5df97d2e0896d5ceae78aafc84082d92d22fc9589531fd448261ba4d4a6594c85ad8ab9fed978b5a1453b27957ba3d26778be530ca6913fef37aa3776a4e88728bb61d8d5c200d10b222dd77c84c9dfa8a25e7ee1dbb9cb9cf1abc41b429a534cfaf41e9d52bd6bf62ada31362653d72cfadd83f142b55122fbf06871d50e1a3a5556ae0c1b894cce30b795867ae14690ea349d72212934c6f562696ccf445790ddefb610355cd6a2f0a0c5f89f61aad5a3712a349e7822259bdfa0a23d452df1d20f8d2db641e4bae1b01f02339c86427b987fcd480a06ee23efc7b27dc3cdcf1d02db3502e9a99f100481055f43a5bc219bc9f38adf9c230f0ad3084126af2032e382687ba689d3b888cb755bab1f61d8e8b0696f35c3db8b47df7032925ac62d67c92107319d8b4dffe28865719544cdfcf460691625b53e21b8d086ce396e2786e0e6c610a044a62d39de760f1334d10af02a5d2e796ed5c52e28e52d53a2f8d78f551876eb988b621438aba271c57004635f689fdbcbf0cc37f83a83eacfd68d8f6f1ad010319316feb10bafdc207e38df7187cd96887f9665d9d4d9ddd0fe931276b6ce5c856b7362fae4d304639995555942da64a0a6f336b3fdfa3138e3514cea26cabcbd0bafbcab51d5249e6992684bd24e043c2a1de22ede882587d813d00f9379838d85c6625c1368a1c36f097a57c6e15ba999b5ca2f38f9de87f9567241216021be7cc016baf142616de041b943a08d4d69e38efa3b424371b2cf492d1e143105fe3f5c31e89e3035764ef8f188c23a90fbe5f0d7de10c401257eeb311a34f0272eb3255d4ff588da6ec79cc9297fe728b295c4dc94fdaee4f2dca3eb8997ba1960f9859d6eabce5a86af9e50d264fcbf11b42036ba91f8282f503a034cc81e4120f71851a3ac0ceb637e299a35f05abf57ebca9d93a982d89782471ea18268c8c8b65712eaa3a472803f7d74fe30825b4e212f9ea595382fff57a832a806aed09f7ae8396d17d5172c0677428f9f87fda8ad741191a96c1f89f507ae73c51f0c34e3cfa45d1025291fcc6585f128d83078efff3331a07b097fa32519bfa4ad844c5a5fbe5980e3df71f9139b00b95385bd9e2d6244002f44336d7d7f7f9585483f29f2812dc7d885fd5b3f1675181b1f29edf70eafbc5bff42792a2e04726bc9b0f067063711b68022c148eebbf9c1133629962d9e76a4a90d525a0534c009bae14b514a38301d00cdeb8d0d4abf6b9594b8d905c000f69487fe68bf681402780d1196a8ac3c273cf61c44aa7c52edd37f42bfe8d871d57b12ea6f006046a09f657515a91392ccc7a99282716bc00bd7ae8dd470081807477b67bec28d751c2ad6b035684a48070d9ff3caf79b47d26ac15bb2e063e0f294edb995d66d6fbfc990cfac351d41858c8db2c47936415b978bdb49997936edf617a2eeec4ccf755d9bfc42ea1804a4de9315087e5c9a094e3b4f8113bc53c21cc2d3460dc1db7600815d4ac8c41934bdadc5c5b941bd99c1625d1c116fa5fd506e012b3ea9ee9ba8a4f0504312186e2f5e4bf371f4e5de155366ca863f30f03e8989338a102c1b8f900630511ed0e802995f1b9db5c21d639e60358c8c8bb1dfd01708ab217bb559c4f0eab193f0367cd370fff17192b4fe5e0de964b9703d5cbbe14d6edf6c8a1c9694900fee614c4442bfb38880577f63253a51aa96b287bf945d7e0c0925e96cd1341b432bc6728de709b891377a343ddef6f6fffa3270265dca0707bfb998f361d9bd668c70cc56131753cbd6b81f17a56b5d3fdea01a1d1ed4c1660b9f1a144dd2fe344d2da97e258527ed1cdf1ac37ecb9af88f502494363b47a074fb6aa8c92378fe2b816aee233a15d5ad59c91ebe057edc722038beb2a564498e50c9dea531f1693184cf0d2cc3971c67722f0488942381f38d11edd28365b316927a2a6fb325141713006237ad14344363b1c91dbd7884513e251b7006ce8b334b0a5c8d90f153446511af2b0f2d7db33c9aef47bbff9a7defff88f5fdaef473ed6c65fec50420867ff0601df4c00958a08fb0362cb22e86830a59969cb4f8588a1260ae868489dab3c345ab216ac8bb74bb7e15aa39eb44125afa8c5fb920b539f2314f75af932c117f6642a264736aad9d084611c295d861fbdf407217b4127747848cbb0460d2ab77c3bf91563d360776b8a22242f64c446514d5e447a55238f9f173b423d530866dc497f132e2f857662bf48c13ecdf1e2658a7b91083356d1359de5a3a9c2df7bcb661772e9a9ad9e845a9fecb7aa02f8ae6a00bbfd3dbdcdfbb00db8e4b96986bb4f2daf1b24d2fe0b569f0d6d167d93fc3358daad61fb964432658863c9d85fbc2e145b00048cd0c7ca999b2510941b57fb0463dd76c4ee54fdf980f11a2dc0f5dd4f96fa3ea41f2cfdcb95b435176be89e9418ee02564202fb6767dd10f6e9593b8b23a6aba75fdb0c0e41311059c83a35cb3cc8c4470ce707f006bcdeb8a9f3e7b7c513ac36a38503f38da6903696e3b57901143efe4ba23ace621a0f724a63e8ef40aa80b81da7ccede659b235a6b0c113dad6f531f6447fcbd656ebcbed25c1e8e858f2f8666d8f86aa41e17b0bccb9e9f08e2ac815ad7f5a1e2905dab74396ffb84e73b5474b8b53b8a193c3814cb9b32ed3a39a4fe362898231898499da06bd7e8cca2f6905e769bc40d9bbb2c91f04a8b76bda7c8b9d8d2eef262d2c7630d5b53582fd8c822489534f85cd634be78559f4e51029ba1ae9b02e3e5d84ed2434752a5598b536dd40319f2aec4b9d1d13aac8636546c6282f1dd626661d8f626fd85c243d73d3ddd2efacf1f347a05aa773d6da5c4c27b41b2476776273baea28a317fc8ef50163c6e9ad9bddb13852c1a60c5182fd02715435960d903c98c30279969e46fa4f0506f04a833f18e4cdb43ec53321de288f34368304ef690063d7c0658d40e9d89e226a8a98117b95ebbd7bf3ac921c7b64e97fdd03f8726ff6e031263803999a0f9c847bb02497ac4bb87bf976e82e8f173b9ac5cb4a3fbc46ce1702331a06da0687b9e7f6d0d6e6394b38d3b05ace81402aa610483f98fc493232d73de13c3cd35fccfce10892b7f2c2dde98b54332a67c732152e0199ca625a6f02a28495845907a05a30360befeedf31b3e7229465449524ea09b0a79acacd2fce9b62719c66359d3454b96351e73c1d3957bb81a5386636b98551af76b4b6a87763ab2416c14f41340a93b96fbe4e0619dceae3f3fae3b703db5bd38e87e9bbe5b071aefacd07086bad7978db2cdbf07cede149f6b66ce401406c99536ff15bea6c92fceb36d16647dccd299fcb9f9f85ad9a28f0c8a4df48434104624cb0d0272a4f17206ff28f10149adb27e9f7f46f2484a6d46871b793eefb88809b8b62fbb2948ffa7dfd954dfb71fb01d020a50d332a5f85a5dcdea4b2e3f597cf21a42acc17c75e07eb6b878b540b51e539c05da0538fbc97f189d1d6994c28b7aa11509ed29fbf7e2068c6d8af4e527e912d139cf168f80edc3829dfc91112ac6c6bfce351287ccf01d5fea6bc7ac69f72849aa917ed0f2a9524c361813094269d719f37e43da62e8cb5bb87e99c97fb0eaa8d888c653eff717d80928e80dda334785bb29221c0332c83e1ef26f9f0a232b11f4af737d62aebde2ed2cb08da4a053715ba60b427c9a619d6f4880df3fbe3c83646b8b9b0075a47dda9508714c86eb79c14a39b8bb7b1527a26f47a5724f3bd22a927528974a5899da051329e29638e93b61fd3abda59bb3ad206df5634da50951d90bc1f2fb3819a3d64725ed89086324e1d02fea8106776b62d79e1554a1550bde9922c4787c96f80fec402311660f9613aed9e591b6d39f66e4598e132a38738cd62b7fb18e63411186c94219693612ea2cb6e7fc7c32ef9b5af4a5ee4401c56b2d269a675111e3e3eb8c4f8d14ac17ce654c06ef79106ccf43822560386fdf46b0fa56d61a1e3bc20b4fff16b104c121e11bf46a0ccadb69e7e6ebcd5e8607e46f8655658168c9297c1c4bdd2014d81bc949e0cc71f32e8351cf017683e8fd03c06ed8dff609f27a4fec1a9a35a2be16ace7b00498f517062bf4562ce889486f796956f6fb52dd6f9830241e0d86e93582120907c103617182c5f7a1adf7c74ff158a18be5afba76c5a4f4790c4bd271a7cf3f095fb5e6766043efe781634cc760ecaa38759aab8ba90c59225713fa0d409011fd797de095b25adfa2686857d070e550f10ae5c347feee023432e551bc8c8dfb59166e1a50c193cb5c6a3c78b8d28714b5d6c7612"})
ioctl$KVM_HAS_DEVICE_ATTR_vm(r0, 0x4018aee3, &(0x7f0000002180)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000002140)={0x1, 0x9}})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f00000021c0)={0x0, ""/256, 0x0, <r3=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f00000023c0)={r3, 0x0, "caab76c8b02adb28d1cbb1a6c2c7672b57bd480d5d6037426daa646ecbbe33308a80b418c9428d890876740ee2357942bbe788c33bfad05431e3b847a9ceed7dc921e0f140637adb2a3a26a8b7cac2f251a553d0e92534f3ff2365cb2f4c0b6eabe2021ff37764b22f9adc2926df3132944e83b45f55320fc60a76e1cb834d3772a4afef7bccadb5142ad76701c57bf5027f9f3312b4b94f471b66f25e7da6a874372f3cfa4f1088b93ca451b3e8aecb4a816214d523bb74d94be6d8e7f793372ca346186bf2cd3cf8f1e58d8bd082b2d422a48bd1a2c88153ccf6c54b58601f817d9b364cc2b45eb3902502aafb071f30bfd6e4b0fe226fef8df2324b26a6ab", "009f94c92480ac500aea96e75faec46126120f0e1b44287e8310693d784a95fc01d156328104ea90b92f39b6c5365675ec3b20461386fce184b350971b2678073cc32d65e1a04301c907ef6fb92b80bf5e60fc38623ba8811f0e0d23d97fe33c1594a7f8354081dff9693b132aa193181e100adfa342ffd6e317b3de92d1bcf3827609f88d3ba775455ccbcddd89e3076f35de9b354a9b216dfd71343122d9792235539492bedb748812eefab7df8b505c9b7469f0042e3bbadbcca709c7f1edbd631db37f32016662cbd78d8e95940a4a56696ae470c567f3582e58db5d8ddd345163c83ac0f3a1ffc76a2ff8fd8bd9c1e447e83be330973357ba0cb57c653fc5c5d44250c50b55ba1200b70d8db046ac3d555b6cec0c3a797c35f453d6c0b3aea47e111e2978468e5d657b3a16bddf8d9fcf10616d19f633a4e1307f2dd56f92dc07879b3856900b127826bf96ba837a6f544ce48edfbf18e9a36f3965a24870883b250a2eed4f43e675397a96c8f19a76cbe965e0a4efaab89d6c9eab55ace2619d93e819b60eb91890f6997959802e7c465e2971f3ee1e134a4996fe69d448d2afb9c5707144d938bf6386d676a96348694694b623a6a3d41e5da69ae1ab43d30026988ae15762990dfe3c574ba64d12962c7a8aa8e231e6190f003345838517031f7f0e472c69b9d4235a5afdc0efe90bb3105626e5ff7d6e13a42f2dc7d311f4cfa17787824b1c06855737de7915e880481b9cabe33db2a637e4b0d3c8b19f0b91545ed199c549fee8c8757a4c85516dff65eb1f3e92e7be84fdb8b1f42c4f542dc3f1921ba02fac01603f03b92090fe7776282b89db32b92430f829ba220f3879cd91dfe9a9aed0031dfdc7c85b7f97576a32ac705fad24ed841093c9c2f1a84dee4f705d1ee46e62a3f52042e702a7b11ae4fb3bc109afac1c128196435be227ff6d73bdf60e82037417bec735450a12f46df19052e75b98e369128c3d0a409f8615961d10dfe848ff3ab300bb4eb3a3689861c56e15779fcff94bcd1c570b24672100ed3ffcb3f698e33bb4b863b238691b30b529daed054634d31ff5427d9d72ebcaaff8ee7825f330808962487ae5d4d0b3425e17c40f4c49249cdd329cff7a1c020eaf143f34cd78bb1d1e1a09ef0219c5c4f1f3a1d9465652ae9de819a8c0588c1f05fc16b681889173d873378f10f489c6735a3b617dc57ec87ff4d24f3c827ee69bdce9c6b1e03ed6f7786ba565d9cb5866dea223d9deb1766dda91b680e2793bcec5295e0441ef206892010aba0745a4020014ee8f7864b21eef8942e97174064d3a306e42d695fc0698a8c7b6de2c8ba6997dbc69165f2e50716a1540e1bd3577c721d62fac5bac0208f4a57f2b0540d6ad4c86f355e6956159e19bbd1fa61bdeff0b11192979794a62b535955b101f0089454af501b88386681d77a8da5f09eee93e74dbbddd36685f89125395926e84164c1ec0d5dbc45d636f1370b62815db6b16016798ef72af735e168a22ff34f4c8243f6812fc4034223989fd4a462f7dc517fc3443164298a99c2afee73e8c9d7410bae6ae506584cd43d9079876d4e27ae092995c3f93b1ff3deeece765bc984114cd7784a8ef75020abf03367390a264c76b99532a36c7dbdaf6a1a0200b228d492617b5351c6fbdbfc4fb4c23e5d3ae01752d923285431d66006b15fa5038075f60676b91b80c3f11755895c8d63a779c9bb930dfbbaee7c8d447ed521de29bb5a5e6c2751d9dab55e2f5f0892424450fef7c1497ce97080afc7fb85a68248dac28249ac0bdd52d89b4a20818062d838dba61b3c8eec8917a11e59a6ab2f0498122ddee4a1a41a8ff1027e9b3a24d6c5f4b5873d597121006d7acd17c962b530be6fab2650bc9ba97c6388a103f30a8bfbc23a3c6b5a4e65aa3a42dff70096bcb5e3008630c8516460e16c896367b159a03ea6738b3aeffb218a9badad5eca7892ddbbdf81cc54effb70aeef615d1d776e14632a2c70a7ff20cd8c9fb6584443e0dc2eb02c81fe1839a4f2ebf26083944cbafa9290e90a64cd0b9851296400f107e3bab5bb179166ca382eafb962c22cd1141a541883077e5764f24ee2eb5dd9b75796aa74c95409d49b7c12821e20bfab9e7d6e2deaf9fb510ea3a958c2439339e68e1c6b6be214bf46df4bfa8a254fceeffb997c7557df43f92cf93bfa0ab3ff7d1c0e2195f33a6bbf3a2cfe17a1220b0ce399a4c23354e7f3b2c2a8a509af352a03f0837f0f4acc3f753ec5a9637652410732bb06d7eef2c2249a911c976f2b4bddb274d1dc15e037d0437ee5948dfa61c0d3ecb6c0e289aa4a8371a4dc7345ad9c62b95161d1222cfd1d0b54102a8f1c5ca30a78f246589da0a22ebddf517dff44273d7e94408ef561ef9792a9c407250d92d9a71bb0b81828dba5d9a18f32b7aff0faddbd3805368305af51120a2a9da7a3f0db1b704588be8a693d740f04596ea95b78b3a36e8adc3b590937c4934c9a3a16e286f373fe9d7cc4baf2c31116f1cf2529b6f63b15c0d20693a25ae60319a6609d32422b7096744f8af02b5635a9071a30666f34dd55ba6ce373c46f928b07c91012807eea846c0b17d30b70673435638f77918436fc5504fd05f896f66380ea040faf02c7c52bb11e7425f89bfd03001ddf73392353a50d7945631536786c9efdf98d3439de8b62838db6abd94662880746b1e4f83584b8487ac138cceaf5d3da61cf5bff44b68fb094ce8a2a32bd6f96227eb9e14eb4953939db13a83bbf717bd44e7ad1d568e03e5f6fb717ab4e5b3b0b7ca224a18c43673341cde92b3b2bdac8dec2a0e4205469c9a4d7e67d396045bb06e0f4781fd776b4e22367738b1a0367d470fb2a9283ad4d1890b1fcb6cc050ab0a866da9fed584f3f8e1ba982a83f9e83f1d366fa460784ba4e90c8c4ce0203fc7a5a104fe701a7d13f6099b19a21aebdc4372c3895babd2b2c064cffd11d19e71bfafd168a3bc77e99fdc552206d7ad89027e0551748803fef1502deeccc28bef5e203bfa5e66e4315e425697857ed236c562c9faf082d44e02144a9f28228553c7e66cca303a588b38f72fb34cb6c3ea5a7caee29c1e7affb4ccd7e64e3252e0ec12e0a5ff336e70f815cfdb437851540de7bdfc12ca86516e15aa0814d91b4865b25545e84bc59c187fb97f51c1d8526fca813311fda78ff6a5be48c9dbbfb0bbfbdef84649448b1349977a2629c13949196a6cdb6d822d1678ea0f9be43e6d9e2eab2253d61544dae44d65dd7b5c2c8c14270798ed781e73e0ca460657793ba84d9164b5811bf57e644b9afd972498528e4898d5b10bc3a9e09f52a5dc51d48a0627541cd7f4067b63053e258108de5b967c1c17d0ee8859bccfa7bd763b5ee6109e6e8c9a3764308cb637c1f1e443f8c66433aa601b488befb4fa9eec72200c210897312dc9ce76b390dba0502a74fb0ea61e4760f25eff7c4d67abc6ce065a1fcdfeb3fca8e966ecda772649227e5c3fcdf28d4292f730c946d0b93aabe4894838959169fbd9b9f5df9ae7acac5fe64d687d7dc3b683317fa73af4bde028d6c71606babe11345da502fceee5d07ea40764da019332e72f3e1f91dd4e145f4e3562bd00791ebcb0d17002cddfccec8bf5bdae0849d286be8eca001595467e77a5d85e7acd0a56b1269387f29343a34aeb52d80150cf995c52fb50f5ae0633e0d48cc00324d3413ae1923f8923246086332e6129ee61002646d0c58ed18c8f4b059451a00ac9cf43f2e652a1a5b5589556b4ffe7d73e2170bdd8975701b889e5fdc4d54e287312512708561589c8b593cfaa644304e0893246b1a2ac3fc2e924cc764adabe4a913a559e543f5850d1845f704286b6fa993a93daa739b238809f97392b587173f13a8661cc4f8c7171475242291766b7fdee049508bc6d007445531799b8d54fee7a6032f4f0b7a83aa584aab22535bdc500348b512e41c6bd9085ac640e70032bfdff1a63092fa222470b31758886cb8dd25bda84dbe927329ee13aa5facee5ea05780e1cc2eee7b548f8d9ea5b215c00fc6f6e5c63b244ff9f29e4992146dce2e3f4cd2279b7e7504c4a40682d8552eaba25f12d24c890c28e325681383e323be474acad41eafe18a3730c2d3f19293cb00d38eda91ae15da626ba6a8002ccbd86bb57d62e7b9a0b182d95998659eb1cf2f07aad33665e53bbba24c73b380a5ced3784d724b51d1e80a0e98d1ac947a44d0afd5cca7bb636e123cdfddcbe1b2a25f0cb9b981ef5314604cbe48b74b9fee0ee81ffb8c1ad7d924fea7457e1342eb17fdf3559e7e2fb82ec715ffaab334e6bc8c8ddbabfbe025a72825daecd1e24b1dbabb19a50c023fc5e773aa6a06733f443d0d39db5132c6a80a0c2df835f8483b1f5c23188480e7f075fb768b0511669adb202d9a217bd7c5fff93a96d56b9a6ff6b5d423330e8060404e52c542d0b210285aa708e163685af0840e14c4202bb2a28be0df0b41cb74ce15ecb0ac5f1caae75c243876875be7cd187fa4970db6244952b80edbd2b49f9febcba509c290f810b4d8434af7ae0a4ee98be5a9b26fe852f03d057c6e586ea1c4db69d3831a3bdfc12a8b045692315f28a98e4998a97345d9e0180d34c8c9622b5d41be08ce8fd88229d51a8da2e0bd9190cff860b26e84496898177404d3db32d78376b667562218c751cd106c8f8374c1d453c6ea3091d07360a904362cbb50914a96658b78c82e564d3d15fbb3689d0ab1992a2ba560f1f600f265a7fada9b82897814e8818bab22f31fc8d6197a1178cb89fcc779ba1a2ba81ddbc42271124c9673257ed31509a9f09f1c16eb3681256307f2a0b3b658fd912b05e41b62590c6acd9145e96af03a8342252fdf2f1db2db1f4ca69d9cb37b02a3db16e97672da9564a6c4bd1a0f8ddc5ec5d552d9220029633801edca385046c84fbc4200c1b1e1044554befb254cb61195517dc6c548ce8d91da54f6b3dfca6c9e9dc304331a3c1204998cf2106b8e3de7a724701a3b7a1d866473fd4b69e375dc008c3a55f72f81b79fca09677fce7d433fb7105ef658394599df93a4642933a52a6b185521564ea8a78a065e882ed4172662fc892c82fd38b4983281a0359041863861a1544651872903c55c8e10d8cb9aa6921009a5cc532cd684e139a122d7e7ad3f69bc2bf060a943f795c627884382fc584bff1e78be43399e3ebea5f2cee1fe6ed0eb2be64746ddb0f0344ed3f1adee279041426315cc65358e18cf043a25a5ca95a8b7ec85d781cdba4dac8e8b9106d2b109aff0ff06bb62fe32c0eaef3615913bf7430a25482a38713131ba20aabcc61ee686013008074aebf447f7ed1a2f93b375f51d9a3cc1a12aec5651c8766adb83d7b139c838d2efba2f4"})
openat$kvm(0xffffffffffffff9c, &(0x7f00000033c0), 0x264041, 0x0)
read$FUSE(r0, &(0x7f0000003400)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_OPEN(0xffffffffffffffff, &(0x7f0000005440)={0x20, 0xfffffffffffffffe, r4, {0x0, 0x4}}, 0x20)
ioctl$BTRFS_IOC_SYNC(r1, 0x9408, 0x0)
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000005480), 0x2, 0x0)
ioctl$BLKPG(r5, 0x1269, &(0x7f0000005580)={0x3, 0x0, 0x98, &(0x7f00000054c0)={0x5, 0x10001, 0x14}})
read$snapshot(r0, &(0x7f00000055c0)=""/96, 0x60)
ioctl$UI_END_FF_ERASE(r0, 0x400c55cb, &(0x7f0000005640)={0x9, 0xd, 0x80})
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000005680)={0x8, 0x0, [{0x80000001, 0x8, 0x7fffffff, 0x5, 0x5}, {0xc0000001, 0x4, 0x1b28, 0x5, 0x6}, {0x0, 0x7f, 0x101, 0x6, 0x80}, {0xb, 0x2, 0xfffffff8, 0x4}, {0x40000001, 0x6, 0x7, 0x2, 0x6}, {0xb, 0xffffdd54, 0x1000, 0x4, 0x9}, {0x2, 0x7, 0x8, 0x0, 0x6805272a}, {0x4, 0x9, 0x7, 0x8, 0x808}]})
ioctl$BLKSECTGET(r0, 0x1267, &(0x7f0000005780))
r6 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x618)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000057c0)=0xe)
prctl$PR_MCE_KILL_GET(0x22)
ioctl$TIOCGLCKTRMIOS(r6, 0x5456, &(0x7f0000005800)={0x8, 0x0, 0x5f, 0x0, 0x11, "774d65df58c73ad4714fcc9e3bc5ee10034737"})
r7 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000005840), 0x1, 0x0)
ioctl$KVM_CAP_HYPERV_VP_INDEX(r7, 0x4068aea3, &(0x7f0000005880))
r8 = openat$uhid(0xffffffffffffff9c, &(0x7f0000005900), 0x2, 0x0)
ioctl$FS_IOC_GETFSSYSFSPATH(r8, 0x80811501, &(0x7f0000005940)={0x80})
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r0, 0x3312, 0x8a11)
ioctl$KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000005a00)={0x8, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]})

4m37.415850377s ago: executing program 2 (id=568):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/cpuinfo\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000180)={0x2020}, 0x2020)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x100, 0x400000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000580)={@fd={0x66642a85, 0x0, r0}, @fda={0x66646185, 0x3fffffffffffffff, 0x0, 0x15}, @ptr={0x70742a85, 0xfffffffc, 0x0, 0x0, 0x40001, 0x1}}, &(0x7f00000004c0)={0x0, 0x18, 0x38}}, 0x1000}], 0x0, 0x0, 0x0})
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000180)=ANY=[])

4m37.408706057s ago: executing program 2 (id=569):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa00, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x4b301, 0x0)
r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0xfffffffa)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r2, 0x0)
ioctl$ASHMEM_SET_NAME(r2, 0x8008770b, 0x0)
write(r1, &(0x7f0000000080)="9035d1a1facb75526d", 0x9)
close(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000)
syz_clone3(&(0x7f0000001280)={0x0, 0x0, 0x0, 0x0, {0x2}, 0x0, 0x0, 0x0, 0x0, 0xfe88}, 0x58)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa00, 0x0) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x4b301, 0x0) (async)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (async)
ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0xfffffffa) (async)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r2, 0x0) (async)
ioctl$ASHMEM_SET_NAME(r2, 0x8008770b, 0x0) (async)
write(r1, &(0x7f0000000080)="9035d1a1facb75526d", 0x9) (async)
close(r1) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000) (async)
syz_clone3(&(0x7f0000001280)={0x0, 0x0, 0x0, 0x0, {0x2}, 0x0, 0x0, 0x0, 0x0, 0xfe88}, 0x58) (async)

4m37.323858818s ago: executing program 2 (id=571):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x42000, 0x0)
ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f00000002c0)={0xfc, "e14f69474682e90ccd23545fcc1ab213d516779be54a6b6de35b7fff1b6bdf7c0262648fd67b4e604c03d6678cc9d2e7be26f5d717f36a8ff3d0111e57460d991172fe05aea28cd4def881d48b1822119ed32b2e6d257ac3a38b38290f1b60d0ed20c0d087048333d2aadf09d9f86c921320295e5f009311ac0d5578d675214d745389f1ee1ffef7156a7555d9a13cce79dc66109a68d17e0c767d4f2c308632e0a6ffec66dd49aa30f16776acfce29f5cd35f294d89234ff6ca7e27686459cae89a3d3db392ee2a38aeb8402fd2b512b823370abb9750d42173eaac573963a9b027f9034e07190dcae5bde6e63ec4ecdb25ecb8766d63a0ed27504c9b5b6464ac64d4ed07b4a2b7ab93248c0217b6765deddd8a2c15bfad6bdd5de2d00745d962904c55570caaf0151ac3574c8e89e6275fcb8681fae983f52ce9254d9407f9c0f2370433f47fbd703338e2f9917ba85284ca971642904d68776a10650669bd62cdaf84422d507399ade74da754971bd510825a36162d466f632caec0737ea621170d4220bfe282dcc9913e17b169afc651ed5082ad3dec125596960efed1406b24ab9f0bd5fed431f234590bc23ca2ac48d7e921967e2f3c2358a681c2197723b5b6a1736edd5e56d3e4efd3471c4528f38c98cc6cfc0e01d62daa0db8c6eea0ed534418ecfa33891bebd227475291cfda93a11f26ce528a2043296d085ac2"})
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x8800, 0x0)
read(r1, &(0x7f0000000080)=""/93, 0xffffff6c)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4f00c2)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000cc0)={{0x3, 0x3, 0x1, 0x1, 0x9}})
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
ioctl$PPPIOCGIDLE64(r3, 0x8010743f, &(0x7f0000000100))

4m37.152014921s ago: executing program 2 (id=573):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)=0x10) (async)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x2, 0x0)

4m37.095879641s ago: executing program 2 (id=574):
r0 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x0, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x11)
ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000280)={0x1, 0x2, 0x7f, 0x0, 0x6, "3d11ad18fa0ce2c290d7631fd6f18c0e4f93d3"})
ioctl$BINDER_CTL_ADD(r0, 0x541b, 0x0)

4m21.988065355s ago: executing program 32 (id=574):
r0 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x0, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x11)
ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000280)={0x1, 0x2, 0x7f, 0x0, 0x6, "3d11ad18fa0ce2c290d7631fd6f18c0e4f93d3"})
ioctl$BINDER_CTL_ADD(r0, 0x541b, 0x0)

3m41.907337156s ago: executing program 3 (id=1302):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x4030582b, &(0x7f0000000000)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x28011, r2, 0xaae46000)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f0000000600)={0x22000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000580)=[r3], 0x1}, 0x58)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40082, 0x0)
r4 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r4, 0x7df)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f00000001c0)={@flat=@binder={0x73622a85, 0x2}, @fda={0x66646185, 0x9, 0x0, 0x11}, @ptr={0x70742a85, 0x0, &(0x7f0000000240)=""/10, 0xa}}, &(0x7f0000000280)={0x0, 0x18, 0x38}}, 0x1000}], 0x0, 0x0, &(0x7f00000002c0)})
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) (async)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) (async)
ioctl$SIOCSIFHWADDR(r1, 0x4030582b, &(0x7f0000000000)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) (async)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x28011, r2, 0xaae46000) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone3(&(0x7f0000000600)={0x22000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000580)=[r3], 0x1}, 0x58) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40082, 0x0) (async)
openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) (async)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r4, 0x7df) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f00000001c0)={@flat=@binder={0x73622a85, 0x2}, @fda={0x66646185, 0x9, 0x0, 0x11}, @ptr={0x70742a85, 0x0, &(0x7f0000000240)=""/10, 0xa}}, &(0x7f0000000280)={0x0, 0x18, 0x38}}, 0x1000}], 0x0, 0x0, &(0x7f00000002c0)}) (async)

3m41.869882306s ago: executing program 3 (id=1303):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000008c0), 0x40000, 0x0)
ioctl$TIOCCONS(r1, 0x541d) (async)
ioctl$TIOCCONS(r1, 0x541d)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)
ioctl$ASHMEM_SET_NAME(r0, 0x40087708, &(0x7f0000000ac0)='\x00\x00\x03\x06\x00\x00\x00\x05\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v\x0e\x1d\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c7\xa7\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9f\xf0:\xfd$\xad\xbb\x9a|c\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\xfd\xba|\xa3\xd9\xb2].]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f\b\x00\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16\x03\x00\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7P\xfb\xfc\xfa\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau4\x84x\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~~\x84\\\xe4\x00\x03\xb6\ny\x8cP\xbcQ\x98wZ]\x9f\x16l\xd7\'\x06\xc9O{tSh\x8cWiD:\x1fDaqb\xc7\xf7+K:\xde\xa8U\xbcPw\xa4\xe5\x12\xea\xa2c\xdfX:\xf6')
ioctl$ASHMEM_SET_NAME(r0, 0x40087707, &(0x7f0000000000)='\x00\x00\x03\v\x00\x00\x00\x01\x00x\x92\x12\xbc\x00\x00\xbb\x0642\x9c\x1a\xd1\xcbx\xb0\xd6\x1e\x10gQ\xca\x0e;\xf7\'\x8c\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\x00\x89\xc2\'\xdfn\x05\x00\x00\x00-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \xac\xc4K\x03\xfa\x13Vz\xbf\xe3c\x8d \x0f\xb1\xe9\xf2oci(\xcb\x82\x05\xfe[H\xaf\x01\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafd%\xf1\xdbjE\x01\xd1sD5hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\x851Y9OB\xdeB\xe1\x02-&\"1hS\x92\xe4$-\x02\x00\xe4\x8e\"\x85\xc9x\xef\x81E.r\x89\xe5\x00\x9e\x97\x96\xb8j\x81\xf0\xdca\xfb\xa6\xff\xff\xff\xff\x00\x00\x00\x00d\xf0\xf1j\x11\x12\xc0\xbb\xfdq~#\xf7\xa8\"$,\xf4\x84|\x89o\x00<\xa6-\xb0\xd3\x80\xbe\xcf\a\x00\xfc\xa6\xb1\x05\x94\x84l\xbfA\xeb\xd8\t\x00\x00\x00CvNhx461\x04N<\xedV\xcet\xaa~\xf3j\x94\xec\x92\x86uY\xf6\xb5\t?,~\xa67\\\xb9\xc9K\xf8\x9d\x96\xc0\xb5\xc7wF\x99\x12\x97T\x90.\x9c\xe3\x9a\xf1\xb9\x9c\x13\xbc\x19\xde/\xaahB\t\x97\a03\xcd\xb3\xc8\xd5l\x14!\xf9Xg2\x1d\xeeB\xccT\x0e\xd8\xef\xc8\xe9\xb4\xf3l\xc3\xf2\x998\xc8\xc2|2\xee\xb4W\x99f.\xeb\xe9\x05\xcbkz3+\xdd\xe1*8\x95\xe7Q\xdfmI\xe5\x1e\xe4\x87\xc9\x8f\xa7\xe0\xd9v\xf6\x01\x9d\x8f`,\x1a8\x81I\x86l\x8f2\r\xba\xc1\x02\xd6Z%\xa7Ks\x8bUolS\x05\xbe\x97VGe\x94\xa6\xa3\xab\xdb\r\x17\xff[\xb1\x00\xff\x7f\x00'/468) (async)
ioctl$ASHMEM_SET_NAME(r0, 0x40087707, &(0x7f0000000000)='\x00\x00\x03\v\x00\x00\x00\x01\x00x\x92\x12\xbc\x00\x00\xbb\x0642\x9c\x1a\xd1\xcbx\xb0\xd6\x1e\x10gQ\xca\x0e;\xf7\'\x8c\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\x00\x89\xc2\'\xdfn\x05\x00\x00\x00-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \xac\xc4K\x03\xfa\x13Vz\xbf\xe3c\x8d \x0f\xb1\xe9\xf2oci(\xcb\x82\x05\xfe[H\xaf\x01\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafd%\xf1\xdbjE\x01\xd1sD5hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\x851Y9OB\xdeB\xe1\x02-&\"1hS\x92\xe4$-\x02\x00\xe4\x8e\"\x85\xc9x\xef\x81E.r\x89\xe5\x00\x9e\x97\x96\xb8j\x81\xf0\xdca\xfb\xa6\xff\xff\xff\xff\x00\x00\x00\x00d\xf0\xf1j\x11\x12\xc0\xbb\xfdq~#\xf7\xa8\"$,\xf4\x84|\x89o\x00<\xa6-\xb0\xd3\x80\xbe\xcf\a\x00\xfc\xa6\xb1\x05\x94\x84l\xbfA\xeb\xd8\t\x00\x00\x00CvNhx461\x04N<\xedV\xcet\xaa~\xf3j\x94\xec\x92\x86uY\xf6\xb5\t?,~\xa67\\\xb9\xc9K\xf8\x9d\x96\xc0\xb5\xc7wF\x99\x12\x97T\x90.\x9c\xe3\x9a\xf1\xb9\x9c\x13\xbc\x19\xde/\xaahB\t\x97\a03\xcd\xb3\xc8\xd5l\x14!\xf9Xg2\x1d\xeeB\xccT\x0e\xd8\xef\xc8\xe9\xb4\xf3l\xc3\xf2\x998\xc8\xc2|2\xee\xb4W\x99f.\xeb\xe9\x05\xcbkz3+\xdd\xe1*8\x95\xe7Q\xdfmI\xe5\x1e\xe4\x87\xc9\x8f\xa7\xe0\xd9v\xf6\x01\x9d\x8f`,\x1a8\x81I\x86l\x8f2\r\xba\xc1\x02\xd6Z%\xa7Ks\x8bUolS\x05\xbe\x97VGe\x94\xa6\xa3\xab\xdb\r\x17\xff[\xb1\x00\xff\x7f\x00'/468)

3m41.857594246s ago: executing program 3 (id=1304):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x4)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_UIE_ON(r3, 0x7003)
ioctl$RTC_SET_TIME(r3, 0x4024700a, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x17, 0x9, 0x4f})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r5 = mmap$binder(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, r4, 0x400000000)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000140)={0x10, 0x0, &(0x7f0000000040)=[@enter_looper, @free_buffer={0x40086303, r5}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x48, 0x0, &(0x7f0000000400)=[@decrefs, @dead_binder_done, @register_looper, @enter_looper, @free_buffer={0x40086303, r5}, @request_death={0x400c630e, 0x3}, @increfs={0x40046304, 0x3}, @acquire={0x40046305, 0x1}], 0xfc, 0x0, &(0x7f0000000580)="ec749d63f3e973ee38ddecd10e423a7cb3aa5d15d24d6eddb9dd29ddf5f711039968a01109f84d5c2ed10d407fe5fc545b6e42d79524049519909f2b8ac533f64b370d969f9d6997f7658f8eee6f03908088ad20dfb5b8d6c457ef1cd3d23a40d8551a0952e58c01aac8ed8f1d4cebb8e56c4475ed144f617457d2b4dfbe98830b07e70909997e5770ea13b5c7618eeb10ccb5ef605ddbd80eac84d13855e77e8eb20f5dc06a36ef328747957760e6459378cee518f4c97ec65217309824625169f73dc413607c2c60ebb3c71e8343e6b7522d03c9a823b52d142e7c6d3353d6d6366e941cff9ff383d1864a4fc28a85411a6e93e82cc4b1beb3c7e4"})
r6 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x400, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1, 0x22052, r6, 0xfffff000)
mmap(&(0x7f00004b6000/0x1000)=nil, 0x1000, 0x3, 0x13, r0, 0x5f183000)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSBRKP(r7, 0x5425, 0x2000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x800, 0x0)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r10 = openat$cgroup_ro(r9, &(0x7f0000000080)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$TCSETS(r8, 0x5402, &(0x7f00000003c0)={0x3, 0x1, 0x20, 0x10000, 0x3, "b70a46dbb702050446d191e04d36d9c142f4cd"})
mmap$binder(&(0x7f00000a0000)=nil, 0x0, 0x1, 0x11, r1, 0xfffffffffffff723)
r11 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000340)='./binderfs2/binder1\x00', 0x800, 0x0)
ioctl$TCSETSF(r10, 0x5404, &(0x7f00000004c0)={0x4, 0x5, 0x7, 0x303c00, 0x5, "675a15cedb1cd7762fbe3700253049e095937a"})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x54, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat=@binder={0x73622a85, 0x1, 0x2}, @fd={0x66642a85, 0x0, r11}, @ptr={0x70742a85, 0x2, &(0x7f0000000240)=""/13, 0xd, 0x0, 0x31}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}, @release={0x40046306, 0x3}], 0x5a, 0x0, &(0x7f00000002c0)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f612948409bc69ce5464f37"})
ioctl$BTRFS_IOC_LOGICAL_INO(r11, 0xc0389424, &(0x7f0000000040)={0x1, 0x50, '\x00', 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})

3m41.775408018s ago: executing program 3 (id=1306):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
r1 = syz_clone(0x20000, &(0x7f0000000240)="fef050", 0x3, &(0x7f0000000280), &(0x7f0000000480), &(0x7f00000004c0)="8eb5244cac0d392490e0d24380386bf841eb6c3c3713ad6689d5fe3ac8adb46413fde26b7e6270aca29122") (async)
r2 = getpid() (async)
read$FUSE(0xffffffffffffffff, &(0x7f0000000500)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020) (async)
r4 = syz_clone(0x61020000, &(0x7f0000002540)="3b7df35313be076a60a018ecc9ce1615fb4395689eaff9469c1e7cb5dc31c2af7ed2eb357ca0ea73bd9578647c5138ab48f2b541eb7aebb6bd6c96fb875c2af48556da6d6065afd4093ccce4e49c38e951af8e6e7bf6432ab2251cc8942d239ae9035b70fdc05c76c68166c52d77359deb7f5639c29477f33e33d468058d49170bf2b497c520634b4977cfe332dc11", 0x8f, &(0x7f0000002600), &(0x7f0000002640), &(0x7f0000002680)="944ea42d8a744628459d4509975becc8ba3f90585dfa2ac018be0237469bad7981bc1a0425d2c2e3e3dacbd74287fed8b8f489317ab5ac1571c3183f43080287d521c5532bef8311bf69601512c0c013396b2517d5c5762107b8e30cdcb8d1397e41703ea838020fd8810154fcd96c463a20889151f8819ff8e734059c0af2dc334bd2c46e558bf86c6bf306584dd3744265e5c7f470db78ea6356752947a5c4d619434eb43a4c249df8b8e714b3b946269a9ab9978365ab0bbd5fc5c69148444a891d5f70b8d31decdebc95d81bc04f0d5865065b782f71c79cb12740b5cfba29caffe96a3cb8bdf51b0d32d82175beddd64d1efcaa07c8c5fe6fe1adb6abae7e974f6e8f0adb48186f0c5a48440516985982203ed8b4b17506d156d00fda43143ed5f5f30bfa082ee371a0933131afa413c262dc6f6e8c74d03b6fd6fcc4f2a7d0b6ef53fbc19cd1ef4738d345e14df08831d67f1c7de8e7b3ef6c3c60e91355dcc3bf54d8d7ff502cb35a56c4d4d4386f91666937ed265b858f3a788db93f8abb58f48a92e3eddb30fbe26b25dff116fcf8872881536e63eace64b2fadff5cfb1d63bd71dab3db2c06865f2761f4a0d276e9b7852c10c1cdcc8a83eb8cedc9033da10041e98bad6544ee09756cdc6379d9cdb66db187435d8a88babee1703e476f71500a1154eee7d79e2e9f034a2a55e469fd4defa4e3559975f6b846a67731ec1c809b267735fc185cb0ba23b0189ecf8b41e64141814fc54a8933196b5a407d47863688bd9cd3d9bfe7a6bf8de9f853b95516ad27c6ef310e8d6311cb005ded657d9d0ada160ddd5c9b8ee07b7a73e96d6539f45386cb5222349f12f759b94b5bb4ac644c2862cbc87c72929a352e53421b97e98efbd5264faf5033d56915273b6392c1ad101275cd2c17666723314ecd2a937a855b0f36f3eea6dadb412dc502476ac9213d7c300e025730e1960f4c8ab014d3eb2f595cc441ec4af9e8b7e6517d37a619a8e1d30c581aafe09fc19c52b0985bd91a20b5aebeb8a3201110a610a31f2d384df28de00d97e635968c93eeb85db19ffb144f3a22a8eb50abbe9adfbd920039846ee40ac1224ca90010dd7584b6e5d7331be874c5d54e7858aa64b696df18100f7d1912dc45380a40d0a0e30f192da53767e65dcb44a2522a89e6fa6d20927c7977c26e80a4beffa8653fcd201e198739fcfbe837f649d864ff6ac25e02ee85da878106a684f07c8cf1eb4f394ff77bac857838d96a26d3ee227da282cb487c7d32ef3f82c26b3e26954b45025a7b88fa13d9633ce86690d43e90340ce6ad37a45f82c4284ccbb9d3d43b2cf41f49579c6c62f3d400e8663f524b31c83d94d8fdfa9ef2308f299e70d1ce5cf4ec1a1bd1f1d58a9533be989c4540d50beed7398c19eedc611ca7b49fd0a918a8b8460366fad8d91fbb974320b3f0515083118cbbf19aae61949d9c3322a84254d9b2d1f750e967f64e1005bc4dc1edc77e42934c8809f1ea22b1a1e232681b2448665b7d99f5d3d1bdc57651a041f0fd206e0c8d1ef614ecde8eccb81ef3e4385cc585d212fdc916d74b26318481b06856955f835259bc926bb65267248abcb8af547fd59fd21a39cfe04acd0a396185c1fd845f86456fdf88f800cc31ebc2b92fe30f6bae317c92a49d7b9c040ab8e21d348196c77064e22d53d104cdac056e013a34030671b7534b3415732f3fffd9686b61ca6834ef76669b1d9492a456d9b1bc80ae144a4e42746482a3981d31efb6992a3e47bf0191fb9ae1d9db127b7876742248c30ddd834be7f8d254d2f08371d9838fa708eb20409d2d426d3ea076347e30e618c5ec8aac8e76441974258a0af35bc3da6d4182962ebfd748a0727623476cc40226b8aa8d42c2c298431b3a5170b45e0b8a036bc7f36c02f58f0a5ebec05920cc4928cdd82f3a8b42eea186489659e4b62dbeeb63705b470f0a16775e2dd86b6bd71f91d0d40efccbeb119bd0bf63eceeb2ae5f71da312b6ded488aa36734fc45d400b471eb129ab32c48f35bac6c873e1cc211419435d0cbd13ad6fb947e8e92afb86b2bf5c8d07f9ffa085c8704cb840d284c43b7c1075e6e693fc0e407f742910e599d3a793012452722123e29c39d43cd00bda29b27eeed1f8c5b4f834e07aafbea089c7f207a0f2f5225be2881cb87361a4ef5bbdd1d71d70fccc975efe2aadcfc08b6dc7f9daf06ee0b0d6c3b750af66bb43b0f58126679019426d54da954f275413ecb05282dac615d5cd386a2ee97d55241d2a37ba0fbc38054e7af36d4a9cef30b241ff356ef8d604b8c5abb7aaabd5b64525d3385438b391a9daade2e140d0b692ca908fcc184b9e17a50755db1324382c63164e71f69f23c3cfde2b2846c24e82bd17d5eda68e8bff443e26ab0df333e93319e9764a5b8d18e7f84f733996c77c5ca627c39817c4b27c0d85f4224118e5cfd5b3c48a96ccc5ca49d9e46e83c9e74cb40cff43b3d55338e3ca2609741ae06bb1be4fe57052199d80509e6619e293eaf32a7df2cc0ece65ace7c9d194dd9a13ccc7f7d208c59b12f0382ea715e6468db0d0d5b4f7b2e83ee14d2213397265b6f13e478c89a9bbb8075b35d7ad036eea76554463f9ace552d0caaf6fe1023189617939622e58fa5a6847071d3bd4b1437767c247dad03e49ea811f4fa6c205d815e93dd240ba121951097f5573bd1b87bd1591f4e8e94de68081fa0ba3bbb4075498b72e4dc26b57c873df84e8516555e84701160daa68a3887f62e4c5f80eb216087bd992941d0b08d0b28890e6dc9e610402dad3c12b6449d43d29719b7ced4c478e387bf44b68397f7e122f8208b18d87cc82958c0b94b673bfdb8c26dc9e2b8894a97a2624189523d66e2726448b9d764d85a0371b8c7f4c72b3805d40a0a706d7ecac13f6b790a86d7c90f06ba10dcc687d9b79115452c2bdf3e391f7bb749763d1c237315c67f232bbe7e00666da44b069af6c45f48c442b40b1d7b5edd9474e0a18f2e0c5cd7f884ff8a9f43829546e5cbd10e01713dca9ab0c9792821b95d7bf13722e3c749851dfdb1389feb206571e82167dc96901703a9924b39dae24a5aa36563d277ccfa94f1e8f6b06892f5fcc041bfad586b1f035a8067b9d0ff804391c5c255c10d21b5215773a0de7840151dd4a59c9c2b37b883fd60bafd7b53cb56c7c9bd9462b140de003650d7d1960dad6939a53be1593a24b5be61efffe7d6ba5585be9bfdeb981290fe4f474192f2335796a623e4131c9a111595d7514c1a813b81e14dbf286087bfdb9e6c76a9feeb15e90043c84caae9575bf4055d156fe4a60445b2e363140bdcadeabc773da17a6167014278efba6d6c74cb8242a2921bcc80ac5442bab452245c1a917563a1a18e6578dad97511d2d92bdc000212777215922d04f4183be9253254253f049cf72fcb0108a96ab8a5240ca7b3cfa93e1c73dce85259ed81e3e070f29f2f3879f561ca80ef22b3f8a514f18cd80c3918d24ff75631d8dcf2c0a5a4af304d23fde095aa510de3022c1141a5050f72556410bef63aad24209ef465a5dc8c468aa259fb9631c5a4136b7c9940ab9a53448ad9c41eb63c69e997bf4b0b1cf6601158a160efce46822c37f7a37c1fafceff2c2b753857333f1cac1af7eafbb6177ee946a3f1c68e8191bf7a3f7ea052e56a21be3fdc7ca83bb97fa309d274dc72153ec8a55f4faceed11bd66996909345b1d543dca2e0638fdfd22cd1a52ea2e71b0ca58d7558a12b7de2ba262e568b0ef43e72e0e9ee8351a13e10e9834ca8d689fc2f133ad75920c356650890e9ad9b7c20c06a3591802bc51936a58a6a5bfed63424e0d325bc950df8af5f4f5e87140fd9f9137e1768e7b7a373346884222ef1f4f9d0416883fc739dbc39cdd6589db925350389719a82f10fdd59e1803564e43d95889b9cdab437da214f9f70bec6a12e17bdce1dfec03905547349b94e904004cc897177115b7d342826f4dc1c76a3a31e73b6a0db78474d8f7b445a97ffe40cf0c101c4727af7a0997bb2d86709e2d5a1105186394fd27fbfb0904671f8f3079ae7e5085df165ee25616bb274c448df944e63eb4d9886f3bcc4b8edd22647e53cea82d6d4769c79f332778c8fef01ac38277ec317c99bf59285b49add34fddf445be12db6c00c8a957cdd8899be367e923358edbacc44df2312e35d60eb3ce682277b880a6fe63285ab710cad0e90e200b59d37786759602cfb69d0c3eab5b1585e9c58f0ddf98a7caf0078863496641a8bfd566cac285cb2ee9de3056d2aa044f004921af54b9623d9f1955fde9300b17270ede6c8461bbaa2322eafe740969fd24ebd40a2b8ee2a55f021b587a91254c3efa35fee4e3dd9ccc6351940748448c8c4c483dd94588f347043cced63f4cbf70bbef8a309fc064f583f1ee1bc4cc14742273a4cab5f09006c2aa9b673ccdbb99e117237991529307e5212861cfa30741caa7d69c07e9738e458bcc142636a6531b615f112b761de3e2da3fec8484029fe0d44a9891625113617803756bc1f20d88969604faf9467e1ba0abefcff13e182f5dc9be81b48c9a376a322b080b33517df17ea4203043ada13f3c80b367f760e3e62e65a03864b51f4dfb8293892424d1fba921c0a640ffbb94f0030c577555356773ff29d6553d83b7e718deb1a7a8184bdd01e723bae344d942612c7f184983d82f4b0e56b09f0c942bfc139ba1de9a794f8463c2282da1240a78c92f2962c739fc37c0a7797932ec2d265a997d23a6f4774ed61b260c4a5b8b11af98d6793e673207d2b3b95c01705b01fc40a9f6530e773420fc242b9aacaf9cb40565d30af7cff7bb14c2e1c8ad8b6393b6df714e822b4b75ff9db837c5890de43346c39b4210d91bc3314a6953796c47968a1a0274d272948d6b557b800734ef193f439268acf4e7501001a568e538e814d87dcd08e538f94eff1a775aceb17fd6b461bfc55b45435458bb759f2f564336dee392607fedbec994ae63f29dd976d84737ff3efb72ca17741889567858ec308d0431e12cc0f25a048a13916bb68101286029bf49402a41dbcbae15c2518237d8ecc0094dc64dde0d4dab4b4086129985676da758e72c2eb32fb6056d71b971effec891fc8203ef9157aa88bfd82aaa9ac645564930b113ba40614844bb1cc7bfe557abeb94c37dd7dc4600e4656bf96494ca5d3a0516c55c2647f32641c100435f0809dbb3d458e025335cb4d4a81f432bb98c5b71d46946a2f4059bc95aa4a401b22573b0997fb9b53c586e3d395c0aac8da73e886224932e0017e84402aab3215ab6e23e467a58f523cec9b5dcef55a325a4a5ed216cdc45a5446ff4e7252acfc31ed786bc60383a96b58cb4db46d6bfb8ddf8115010ddf6266668089b69e6d0ce9543f66c10968fb9344647492b48bc62fa9fad747ef53cf445bd73c2b552a651a7636a716def7c0aea9576b87998bcd2ee6feefeb2932c9ba7cdd31037bd566217c9198e6c2d6ec4a70879c92fc724663b912558582c140f91a19d8ad253b311225730546cf7ff19a4aa713b351142bd87f6f9ea731ce37172fcf8000dd8ff0e19e29dc73ff3fd4a516bf070eb620a9905409c5a4dd1131261820f6e2543ea2031db318cfb7591fd80174b61301de269e52d456353dbba2597596a7de2525dbb04db5f8587502edaafb39c49677ebd1829ad9d52095c20a3af315d6bbc61a42550ef1becbf24130a2e5254282de9c512d4f7f24aedaaa18e0f22d34a6560d8338b4f8c9ebb6558772e") (async)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/cgroup.procs/file0\x00', 0x42, 0x0)
r5 = openat$cgroup(0xffffffffffffffff, &(0x7f00000036c0)='syz0\x00', 0x200002, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) (async)
ioctl$KVM_SET_PIT(r7, 0x4068aea3, &(0x7f0000000080)={[{0x80, 0x0, 0x0, 0x0, 0x80}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}]})
syz_clone3(&(0x7f0000003700)={0x80100800, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), {0x37}, &(0x7f0000000140)=""/240, 0xf0, &(0x7f0000000380)=""/214, &(0x7f0000003680)=[r1, r2, r3, r4], 0x4, {r5}}, 0x58)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x18, 0x0, &(0x7f0000000040)=[@enter_looper, @acquire_done={0x40106309, 0x3}], 0x5a, 0x0, &(0x7f0000003780)="8a3e4b14485bef8901593175bfe04ac0baae7c5651ec6005649a0600975d2a1c52dc2eb8936110000000000000848684f4120d0700af025780d0819e642ae6cc84fec79002d8167fe3494aac7fd28e23c066793738f2fe6defcb"})

3m41.6638098s ago: executing program 3 (id=1310):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x654000, 0x3a)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12)
mkdirat$cgroup(r2, &(0x7f00000000c0)='syz1\x00', 0x1ff)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xc0011022, 0x0, 0x800000000038f}]})
write$cgroup_pid(r3, &(0x7f0000000080), 0x12)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x78, 0x0, &(0x7f0000000100)=[@release={0x40046306, 0x3}, @clear_death={0x400c630f, 0x1}, @transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000180)={@flat=@binder={0x73622a85, 0x1, 0x2}, @fda={0x66646185, 0x3, 0x0, 0x3d}, @flat=@weak_handle={0x77682a85, 0x1000, 0x2}}, &(0x7f0000000280)={0x0, 0x18, 0x38}}, 0x10}, @increfs_done={0x40106308, 0x1}], 0x5a, 0x0, &(0x7f0000000000)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac25dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f612948409bc69ce5464f37"})

3m41.596896451s ago: executing program 3 (id=1313):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETCARRIER(r1, 0x400454e2, &(0x7f0000000000))
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000100)=[@acquire={0x40046305, 0x1}, @register_looper], 0x51, 0x0, &(0x7f0000000340)="a89aff67520a7335b849b4f88a6db06e45e3f5e648a65b8003975be8a982d5135e161a783d3d01fddcbd838bac308358a7e349f333e620505e4cf1982c991b516a9e26b6bb537c85f5ad467697f0d78b9a"})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})

3m26.407458706s ago: executing program 33 (id=1313):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETCARRIER(r1, 0x400454e2, &(0x7f0000000000))
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000100)=[@acquire={0x40046305, 0x1}, @register_looper], 0x51, 0x0, &(0x7f0000000340)="a89aff67520a7335b849b4f88a6db06e45e3f5e648a65b8003975be8a982d5135e161a783d3d01fddcbd838bac308358a7e349f333e620505e4cf1982c991b516a9e26b6bb537c85f5ad467697f0d78b9a"})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})

2m25.511609898s ago: executing program 5 (id=2469):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs2/binder0\x00', 0x802, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xed)
r1 = openat$ptp0(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PTP_PIN_GETFUNC2(r1, 0xc0603d0f, &(0x7f0000000040)={'\x00', 0x0, 0x1})

2m25.507583038s ago: executing program 5 (id=2470):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000980), 0x0, 0x0)
ioctl$SIOCGSKNS(r0, 0x894c, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000640), 0x400, 0x0)
ioctl$BLKSSZGET(r2, 0x1268, &(0x7f0000000680))
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000580)={@ptr={0x70742a85, 0x0, &(0x7f00000001c0)=""/75, 0x4b, 0x0, 0x32}, @fda={0x66646185, 0x7, 0x0, 0x16}, @fda={0x66646185, 0x5, 0x0, 0x34}}, &(0x7f00000004c0)={0x0, 0x28, 0x48}}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_GET_EXTENDED_ERROR(r1, 0xc00c6211, &(0x7f0000000000))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/binder1\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2200, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_XCRS(r7, 0x4188aea7, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000000000000700000000000020810000000000000058"])
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000e00), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0xa7)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000500)={0xa0, 0x0, &(0x7f0000000600)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x41, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000300)={@fd={0x66642a85, 0x0, r4}, @ptr={0x70742a85, 0x0, &(0x7f0000000280)=""/101, 0x65, 0x2, 0x1a}, @fd={0x66642a85, 0x0, r8}}, &(0x7f0000000540)={0x0, 0x18, 0x40}}}, @increfs_done={0x40106308, 0x2}, @register_looper, @reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000400)={@fd={0x66642a85, 0x0, r1}, @fda={0x66646185, 0x1, 0x1, 0x30}, @ptr={0x70742a85, 0x1, &(0x7f0000000380)=""/92, 0x5c, 0x1, 0x7}}, &(0x7f0000000480)={0x0, 0x18, 0x38}}}], 0xa9, 0x0, &(0x7f00000006c0)="832eaea6078aeb1da92c9c8cc545388578baed8b58356a9d5709ef73c69f083b978ac513b74d021cb50f9c183af311fefde96b6ebf1687cb1ca42729c606a65d6ac1b15aeb2f19b728fc31086373598dadf162a48d6b849ec3a2e96f1445043c4a5aecc2de8c2faaab6acec3f9dc14f2ec00b2bdd33f3839e3f5baf4ce8e61ea9236c42cc25c9cd8e59850bc49ab21c5a6ae2231e78aa37f32cc2864083b8051e1d89e2ef927ff58c1"})

2m25.324221251s ago: executing program 5 (id=2471):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PPPIOCGFLAGS1(0xffffffffffffffff, 0x8004745a, 0x0)
syz_clone3(0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_PIT2(r2, 0x8010aebb, &(0x7f0000000280)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x40}], 0x5}) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000}) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (async)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x11, r3, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0) (async)
syz_clone(0x40810000, &(0x7f0000000240)="c665265dc1daac8d29e77e0f18ca4b338832a798c12d8a1eb59fddfc59db18900acb7e47d441e3bd5582390e03c59030189d2a9e242d03e23b2385ac04a06500110c05462d4e942acda8fdee1aa6fe85bf2b3596e53d6721fbe855f7528b1466efda80f90da8dacbf03bac7e531b3e06206771a1d03e42f01c2794667fc7fc20681b0e2f5f5a94ec2252bde3b7356f68a231e84b37a529b93996c5c2fb2736fa366ddd1efef971aff6f10d681a63ad070998d7c279ef482c996fa3c503aaa7463021facab6", 0xc5, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000340)="2caba98b82669148cb3c6008e91c2a4344160f0f8d1c95de145cb2c93e341d8f6ccb1940027b69abcde983410457a16b21b2e777d1e830f4728e872d60126551ab85a9de6998e10b625135b0dc474cdf0bfb58b06569e4a7f4147a483c9ba61cbfc3fd28ca60bce1243f14aaba51815e016c4c3029a6147d7f26bc44db733fdde5de315f345bf80080f7bd95b80248a194bb82e29c6bc47417fe04b23faf7003d740d1350009393efe32861cc3e1fb45a948d8272a1bb0cb8cf18609b28052112a6ceeef9b2480b3ad2a9071bb4df23c9103a910d8d4b209832cae412c6ec55b3bba2774d1438213a91d04117d949f177a58d74fb105d9d4") (async)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0}) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/binder1\x00', 0x2, 0x0)

2m25.235726933s ago: executing program 5 (id=2472):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f00000005c0)={0x2020}, 0x2020)
read$FUSE(r1, &(0x7f0000002600)={0x2020}, 0x2020)
write$uinput_user_dev(r1, &(0x7f00000000c0)={'syz0\x00', {0x4, 0x1000, 0x5, 0xd}, 0x20, [0xffffffff, 0x80000000, 0x7, 0x5, 0xfffffffd, 0x4, 0xe, 0x3, 0x7, 0x2, 0x7fffffff, 0xed, 0x2, 0x7, 0xa154, 0x7c20000, 0x3, 0x0, 0x3, 0xfffffff6, 0xc656, 0x8, 0x7, 0x8d6c, 0x2, 0xffff, 0x80, 0x50, 0x3ff, 0x8, 0x3, 0x2, 0x1, 0x1, 0x0, 0x3, 0x9, 0x9, 0xc1, 0x9, 0x3ff, 0x420, 0x8, 0xfffffff9, 0x4, 0x1, 0x6, 0x101, 0x5e, 0x1ff, 0x4, 0x6, 0x4, 0x5, 0xff, 0x9, 0x982, 0xa, 0x1b5c, 0x1, 0x54a, 0x9, 0x80000001, 0xffff], [0x8, 0xc, 0x2, 0x5, 0x9, 0x5, 0x1, 0xfffffffe, 0x4, 0x81, 0x7f, 0x5, 0x0, 0x1, 0xf, 0x2, 0xb, 0xc, 0x7, 0x0, 0x1, 0x4, 0x7, 0xfffffff9, 0x400, 0x8, 0x7fffffff, 0x1, 0x3fe2, 0x9, 0x4, 0x741, 0x10, 0x4, 0x10000, 0x125, 0x58, 0x0, 0x7fff, 0x2, 0x9de, 0x4, 0x7, 0x131a, 0x9, 0x8, 0x7fff, 0x10001, 0x6857, 0xa36, 0x5, 0x9, 0x71329a82, 0x5, 0xe25, 0x3, 0x0, 0x2, 0x4ff, 0x9, 0xbd, 0x7dcb, 0x3, 0x8001], [0x9, 0x7, 0x24, 0x9, 0x1ff, 0xb, 0x10001, 0x9, 0xb4, 0xfd, 0x2, 0x1, 0x3, 0x65, 0x18be0, 0x0, 0x40007, 0x6, 0xd8f, 0x5, 0xe02, 0xf7, 0x8, 0x2d, 0x8, 0x6dde, 0x3ff, 0x4, 0x7, 0x5, 0x8, 0x80000001, 0x7, 0x8001, 0xfffff205, 0x7f, 0x9, 0x8, 0x7, 0x8, 0x1, 0x0, 0x9, 0xc, 0x3, 0x80000000, 0x8, 0x7, 0x44, 0x5, 0xa, 0xf, 0x3, 0x8000000, 0x81, 0x8, 0x9, 0x9, 0x4, 0x5ff, 0x7, 0x23, 0x7, 0x1], [0x9, 0x7fffffff, 0x0, 0x10001, 0x101, 0x1, 0x101, 0xc, 0x94, 0x8, 0x8, 0x6, 0x5ef6, 0x3, 0x6, 0x5, 0x9, 0x9, 0x1, 0xffffffff, 0x8, 0x4, 0x2, 0x7f23, 0xa, 0x1, 0x8, 0x38, 0xe, 0x8, 0x0, 0x5, 0xa, 0xffffffff, 0x5, 0x7, 0x4, 0x5, 0x4, 0x6, 0xe4, 0x7, 0xfffffffb, 0x13fc, 0x40, 0x8001, 0x8, 0xb, 0xfffffff9, 0x0, 0x5, 0x4, 0xd723, 0x800, 0xfff, 0x0, 0x2, 0x1, 0x46, 0x7, 0x2, 0x3, 0x7, 0x1]}, 0x45c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x45809000)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0x8008770b, 0x2)
ioctl$BLKRESETZONE(r2, 0x40101283, &(0x7f0000000540)={0x9, 0x6})
read(r0, &(0x7f0000000040)=""/106, 0x6a)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) (async)
read$FUSE(r1, &(0x7f00000005c0)={0x2020}, 0x2020) (async)
read$FUSE(r1, &(0x7f0000002600)={0x2020}, 0x2020) (async)
write$uinput_user_dev(r1, &(0x7f00000000c0)={'syz0\x00', {0x4, 0x1000, 0x5, 0xd}, 0x20, [0xffffffff, 0x80000000, 0x7, 0x5, 0xfffffffd, 0x4, 0xe, 0x3, 0x7, 0x2, 0x7fffffff, 0xed, 0x2, 0x7, 0xa154, 0x7c20000, 0x3, 0x0, 0x3, 0xfffffff6, 0xc656, 0x8, 0x7, 0x8d6c, 0x2, 0xffff, 0x80, 0x50, 0x3ff, 0x8, 0x3, 0x2, 0x1, 0x1, 0x0, 0x3, 0x9, 0x9, 0xc1, 0x9, 0x3ff, 0x420, 0x8, 0xfffffff9, 0x4, 0x1, 0x6, 0x101, 0x5e, 0x1ff, 0x4, 0x6, 0x4, 0x5, 0xff, 0x9, 0x982, 0xa, 0x1b5c, 0x1, 0x54a, 0x9, 0x80000001, 0xffff], [0x8, 0xc, 0x2, 0x5, 0x9, 0x5, 0x1, 0xfffffffe, 0x4, 0x81, 0x7f, 0x5, 0x0, 0x1, 0xf, 0x2, 0xb, 0xc, 0x7, 0x0, 0x1, 0x4, 0x7, 0xfffffff9, 0x400, 0x8, 0x7fffffff, 0x1, 0x3fe2, 0x9, 0x4, 0x741, 0x10, 0x4, 0x10000, 0x125, 0x58, 0x0, 0x7fff, 0x2, 0x9de, 0x4, 0x7, 0x131a, 0x9, 0x8, 0x7fff, 0x10001, 0x6857, 0xa36, 0x5, 0x9, 0x71329a82, 0x5, 0xe25, 0x3, 0x0, 0x2, 0x4ff, 0x9, 0xbd, 0x7dcb, 0x3, 0x8001], [0x9, 0x7, 0x24, 0x9, 0x1ff, 0xb, 0x10001, 0x9, 0xb4, 0xfd, 0x2, 0x1, 0x3, 0x65, 0x18be0, 0x0, 0x40007, 0x6, 0xd8f, 0x5, 0xe02, 0xf7, 0x8, 0x2d, 0x8, 0x6dde, 0x3ff, 0x4, 0x7, 0x5, 0x8, 0x80000001, 0x7, 0x8001, 0xfffff205, 0x7f, 0x9, 0x8, 0x7, 0x8, 0x1, 0x0, 0x9, 0xc, 0x3, 0x80000000, 0x8, 0x7, 0x44, 0x5, 0xa, 0xf, 0x3, 0x8000000, 0x81, 0x8, 0x9, 0x9, 0x4, 0x5ff, 0x7, 0x23, 0x7, 0x1], [0x9, 0x7fffffff, 0x0, 0x10001, 0x101, 0x1, 0x101, 0xc, 0x94, 0x8, 0x8, 0x6, 0x5ef6, 0x3, 0x6, 0x5, 0x9, 0x9, 0x1, 0xffffffff, 0x8, 0x4, 0x2, 0x7f23, 0xa, 0x1, 0x8, 0x38, 0xe, 0x8, 0x0, 0x5, 0xa, 0xffffffff, 0x5, 0x7, 0x4, 0x5, 0x4, 0x6, 0xe4, 0x7, 0xfffffffb, 0x13fc, 0x40, 0x8001, 0x8, 0xb, 0xfffffff9, 0x0, 0x5, 0x4, 0xd723, 0x800, 0xfff, 0x0, 0x2, 0x1, 0x46, 0x7, 0x2, 0x3, 0x7, 0x1]}, 0x45c) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x45809000) (async)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r2, 0x8008770b, 0x2) (async)
ioctl$BLKRESETZONE(r2, 0x40101283, &(0x7f0000000540)={0x9, 0x6}) (async)
read(r0, &(0x7f0000000040)=""/106, 0x6a) (async)

2m25.234842353s ago: executing program 5 (id=2473):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r0, &(0x7f00000000c0)='notify_on_release\x00', 0x2, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r2, 0x545c, 0x200000000000000)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000001c0))
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r3, &(0x7f0000000840)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x10, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x2, 0x0, 0x3], [0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x3, 0x0, 0x4, 0x0, 0xffeffffe, 0x0, 0x5], [0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5b2bb47c], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x239]}, 0x45c)
ioctl$UI_DEV_CREATE(r3, 0x5501)
write$uinput_user_dev(r3, &(0x7f0000001440)={'syz1\x00', {0x4, 0x6, 0x7ff, 0x7ff}, 0x21, [0x0, 0x7, 0x9f, 0x3, 0x7fffffff, 0x0, 0xa5e, 0x4, 0x9, 0x3, 0x401, 0x10000, 0x0, 0x7, 0x80000001, 0x821d, 0x8c, 0x9, 0x2, 0x2, 0x2, 0xb8f, 0x0, 0x89, 0x5, 0xffffffff, 0xfff, 0x800, 0x42d2, 0x4, 0x3, 0x7, 0x5, 0x80000000, 0x2, 0x2, 0x6, 0x6, 0xa, 0x400, 0x3, 0x0, 0x2, 0x0, 0x0, 0x8, 0x1, 0x7, 0xdfae, 0x7e6, 0x5, 0xfffffc01, 0x0, 0xa, 0x40, 0x5, 0xc4710000, 0x5, 0x4000000b, 0x6, 0x8, 0x17d4bd08, 0x80000000, 0x2], [0x7, 0x6, 0x1, 0x5, 0x0, 0x4, 0x3, 0x5, 0xb20, 0x4, 0x40, 0x4, 0x3, 0xffff0001, 0x4, 0xb, 0x4, 0x4, 0x1, 0x5, 0x5, 0x4, 0x8007, 0x8000, 0xfff, 0x1000, 0x6, 0x5, 0xf9, 0x10001, 0x8, 0x9b, 0x2, 0x2, 0x4, 0x7245, 0xfffffff1, 0x80000000, 0x9, 0xd21, 0x8, 0x4, 0xffff, 0x3ff, 0x68e4, 0x7, 0x3, 0x7, 0x581, 0x3, 0x3, 0xc, 0xfff, 0x2, 0x200, 0x7, 0x800, 0x7, 0xffffffff, 0x119b, 0x9, 0x10, 0x4, 0x4], [0x0, 0x1ffff, 0x1, 0x80000000, 0x5, 0x7, 0x5, 0x1, 0x6, 0x5, 0x800, 0x8, 0x7a2d, 0x1650c5fd, 0x2ab, 0x3, 0x800, 0x717, 0x1, 0x5, 0x7, 0x7, 0x4f, 0x1, 0x4e1, 0x8, 0x87, 0x5, 0x8, 0x6e, 0x10, 0x3, 0xa02a, 0x6, 0x91d3, 0x7, 0x6, 0x9, 0x9e9, 0x5, 0x6, 0x7fff, 0xb, 0x8003, 0x1, 0x6, 0x8, 0x4f42, 0x6, 0xa2a, 0x4, 0x1, 0x10000, 0x6, 0xfffffff9, 0xffffffa0, 0x3, 0xa, 0x5f, 0xfffffe42, 0x9, 0x3ff, 0x10001, 0x2], [0xfff, 0x117, 0x200, 0x6, 0x800, 0x2, 0x1ed, 0x200, 0x6, 0x3ff, 0xffffffff, 0x8, 0x0, 0xffffea38, 0x2, 0x8, 0xfffff13b, 0x0, 0x43, 0x4068, 0xc51, 0x6, 0x9, 0x4, 0xfffffff7, 0x3, 0x8, 0x10a2a7e, 0x4, 0x3, 0xc0000000, 0x80000000, 0x80000000, 0x400, 0x7, 0x7, 0x1, 0x0, 0x0, 0x1ff, 0x2, 0x6a, 0x10, 0x8, 0x0, 0xb, 0x3, 0xfffffe01, 0x4, 0x4, 0x8, 0x0, 0x10000, 0x3, 0x400, 0x1, 0x7, 0x800, 0x6, 0x675, 0x100, 0xc, 0x6, 0x20005]}, 0x45c)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f0000000480)=""/86, 0x0, 0x10000})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_CREATE_DEVICE(r5, 0xc018aec0, &(0x7f0000000040)={0x26e8})
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af10, &(0x7f0000000540))
syz_clone3(&(0x7f0000000b40)={0x2000000, &(0x7f0000000880)=<r6=>0xffffffffffffffff, 0x0, 0x0, {0x2e}, 0x0, 0x0, 0x0, 0x0}, 0x58)
write(r6, &(0x7f0000000600)="71ca3575f78e4181e2f3c337bcb54aa2b7895ee84b3ae48436d218c9bb401f19ce7f76bd95afd050a1c7af0413f58a26a522e3", 0x33)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r7, &(0x7f0000000040)='cgroup.kill\x00', 0x275a, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r9, 0x40086602, &(0x7f0000000280)=0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)

2m25.019503256s ago: executing program 5 (id=2474):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x4061}, {0x6}]})
syz_clone(0x21104000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001180)={0x2020, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa0000, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x100000})
ioctl$BLKDISCARD(r4, 0x1277, &(0x7f0000000040)=0x7d)
ioctl$TUNSETGROUP(r1, 0x400454ce, r3)
r6 = openat$cgroup_procs(r2, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f00000000c0), 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x45809000)

2m9.947671819s ago: executing program 34 (id=2474):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x4061}, {0x6}]})
syz_clone(0x21104000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001180)={0x2020, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa0000, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x100000})
ioctl$BLKDISCARD(r4, 0x1277, &(0x7f0000000040)=0x7d)
ioctl$TUNSETGROUP(r1, 0x400454ce, r3)
r6 = openat$cgroup_procs(r2, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f00000000c0), 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x45809000)

1m22.605785452s ago: executing program 1 (id=3240):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000200)=[@acquire, @enter_looper], 0x53, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)

1m22.411935385s ago: executing program 1 (id=3242):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0) (async)
ioctl$PPPIOCSNPMODE(0xffffffffffffffff, 0x4008744b, &(0x7f0000000080)={0x80fd})
r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000001380), 0x101100, 0x0)
write$cgroup_int(r2, &(0x7f0000000040)=0x1, 0x12) (async, rerun: 64)
syz_clone3(&(0x7f00000013c0)={0x240040480, 0x0, 0x0, 0x0, {0x25}, 0x0, 0x0, 0x0, 0x0, 0x0, {r2}}, 0x58) (rerun: 64)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000007a80), 0x101000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) (async)
r6 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000001380), 0x101100, 0x0)
read$FUSE(r6, 0x0, 0x0) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f00000003c0)={0x1, 0x0, [{0x583, 0x0, 0xa908}]}) (async)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r1, 0x0)

1m21.231381993s ago: executing program 1 (id=3250):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000040), 0xfdef)
syz_clone3(&(0x7f0000000b40)={0x2000000, &(0x7f0000000880)=<r2=>0xffffffffffffffff, 0x0, 0x0, {0x2e}, 0x0, 0x0, 0x0, 0x0}, 0x58)
write(r2, 0x0, 0x87)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x22052, r3, 0x2000)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)={0x3, 0x0, [{0x827, 0x0, 0x6}, {0xa42}, {0x394, 0x0, 0x9}]})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0) (async)
write$cgroup_int(r1, &(0x7f0000000040), 0xfdef) (async)
syz_clone3(&(0x7f0000000b40)={0x2000000, &(0x7f0000000880), 0x0, 0x0, {0x2e}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async)
write(r2, 0x0, 0x87) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x22052, r3, 0x2000) (async)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)={0x3, 0x0, [{0x827, 0x0, 0x6}, {0xa42}, {0x394, 0x0, 0x9}]}) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) (async)

1m21.062347556s ago: executing program 1 (id=3253):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x68800, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000005080000024d564b"])
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x82000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x200)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r3, 0x4068aea3, &(0x7f0000000080)={0xbe, 0x0, 0x1})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x20400, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r8, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000001000000000000000000000000000000001b0300ff"])
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008b04"])
ioctl$KVM_SET_BOOT_CPU_ID(r5, 0xae78, 0x0)
r9 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0)
ioctl$BLKSECTGET(r9, 0x1267, &(0x7f0000000140))
ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000040))
r10 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r12 = openat$cgroup_procs(r11, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r13 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r13, 0xc018620c, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000004c0), 0x0, 0x0, 0x0})
write$cgroup_pid(r12, &(0x7f00000001c0), 0x12)
r14 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
openat$cgroup_freezer_state(r11, &(0x7f0000000200), 0x2, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r14, 0x4068aea3, &(0x7f0000000140)={0xbe, 0x0, 0x1})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$BLKRRPART(r0, 0x125f, 0x0)

1m20.75892877s ago: executing program 1 (id=3256):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000000c0)={{0x1, 0x0, 0x0, 0x3970b8090d64f40c}})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000480)={0x4, &(0x7f00000004c0)=[{0x2d, 0x0, 0x2}, {}, {}, {0x6}]})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wake_lock', 0x141a82, 0x13)
write(r3, &(0x7f0000001600)="d93f", 0x2)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x102, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x28b, 0x0, 0x1a}]})
ioctl$TUNSETSNDBUF(r4, 0x400454d4, &(0x7f00000003c0)=0x3)
syz_clone(0x80001000, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNGETDEVNETNS(r2, 0xff05, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r8, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000400)={0x98, 0x0, &(0x7f00000004c0)=[@increfs, @reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000240)={@fda={0x66646185, 0x4, 0xfffffffffffffffe, 0x31}, @flat=@weak_handle={0x77682a85, 0x101, 0x1}, @fd}, &(0x7f0000000100)={0x0, 0x20, 0x38}}}, @transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000440)={@fd, @fd, @fd={0x66642a85, 0x0, r0}}, &(0x7f00000002c0)={0x0, 0x18, 0x30}}, 0x400}], 0x0, 0x0, 0x0})

1m20.684800522s ago: executing program 1 (id=3257):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x161000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/pids.max\x00', 0xc8442, 0x80)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xffff1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_GET_PIT(r3, 0xc048ae65, &(0x7f0000000140))
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)
r6 = syz_clone(0x22822400, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000280)={0x0, 0x3, 0x0, 0x1000, &(0x7f00003fb000/0x1000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r9, 0x4138ae84, &(0x7f0000000100)={{}, {0x0, 0x0, 0x9}, {0xeeee8000, 0x0, 0xa, 0xfd}, {0x1}, {0xdddd1000, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2, 0xb}, {0x0, 0x0, 0x0, 0x0, 0x3e, 0x26, 0x0, 0x0, 0x0, 0xfd}, {0x0, 0x4}, {}, {}, 0xddf8ffdb, 0x0, 0x0, 0x0, 0xb, 0x0, 0x8080000, [0xffffffffffffffff, 0x0, 0x8]})
ioctl$KVM_TRANSLATE(r9, 0xc018ae85, &(0x7f0000000040))
read(r0, &(0x7f0000000040)=""/106, 0x6a)
r10 = getpid()
r11 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
read(r11, &(0x7f0000000080)=""/1, 0x1)
write$cgroup_pid(r11, &(0x7f00000000c0)=r10, 0x12)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000540)={'\x00', 0x8, 0x8, 0x67, 0x8000000000000001, 0x7fffffffffffffff, <r12=>r6})
read$FUSE(r1, &(0x7f0000001180)={0x2020, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}, 0x2020)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000680)={0x6, 0x0, [{0x8ff, 0x0, 0xb}, {0x804, 0x0, 0x8}, {0xad8, 0x0, 0xffffffffffffff65}, {0x59d}, {0x9f8, 0x0, 0x4}, {0x889, 0x0, 0x10000}]})
syz_clone3(&(0x7f0000000600)={0x210002000, &(0x7f0000000240), &(0x7f00000002c0), &(0x7f0000000300), {0x10}, &(0x7f0000000380)=""/233, 0xe9, &(0x7f0000000480)=""/144, &(0x7f00000005c0)=[r6, r10, r6, r6, r6, r6, r6, r12, r13], 0x9, {r1}}, 0x58)

1m5.437341527s ago: executing program 35 (id=3257):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x161000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/pids.max\x00', 0xc8442, 0x80)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xffff1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_GET_PIT(r3, 0xc048ae65, &(0x7f0000000140))
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)
r6 = syz_clone(0x22822400, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000280)={0x0, 0x3, 0x0, 0x1000, &(0x7f00003fb000/0x1000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r9, 0x4138ae84, &(0x7f0000000100)={{}, {0x0, 0x0, 0x9}, {0xeeee8000, 0x0, 0xa, 0xfd}, {0x1}, {0xdddd1000, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2, 0xb}, {0x0, 0x0, 0x0, 0x0, 0x3e, 0x26, 0x0, 0x0, 0x0, 0xfd}, {0x0, 0x4}, {}, {}, 0xddf8ffdb, 0x0, 0x0, 0x0, 0xb, 0x0, 0x8080000, [0xffffffffffffffff, 0x0, 0x8]})
ioctl$KVM_TRANSLATE(r9, 0xc018ae85, &(0x7f0000000040))
read(r0, &(0x7f0000000040)=""/106, 0x6a)
r10 = getpid()
r11 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
read(r11, &(0x7f0000000080)=""/1, 0x1)
write$cgroup_pid(r11, &(0x7f00000000c0)=r10, 0x12)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000540)={'\x00', 0x8, 0x8, 0x67, 0x8000000000000001, 0x7fffffffffffffff, <r12=>r6})
read$FUSE(r1, &(0x7f0000001180)={0x2020, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}, 0x2020)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000680)={0x6, 0x0, [{0x8ff, 0x0, 0xb}, {0x804, 0x0, 0x8}, {0xad8, 0x0, 0xffffffffffffff65}, {0x59d}, {0x9f8, 0x0, 0x4}, {0x889, 0x0, 0x10000}]})
syz_clone3(&(0x7f0000000600)={0x210002000, &(0x7f0000000240), &(0x7f00000002c0), &(0x7f0000000300), {0x10}, &(0x7f0000000380)=""/233, 0xe9, &(0x7f0000000480)=""/144, &(0x7f00000005c0)=[r6, r10, r6, r6, r6, r6, r6, r12, r13], 0x9, {r1}}, 0x58)

2.629898029s ago: executing program 4 (id=4185):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, r4, 0x300000b, 0x11, r2, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)={0x4, 0x0, [{0x6, 0x4, 0x8000, 0xc7da, 0x9}, {0x40000000, 0x8, 0x4772, 0x8, 0x4}, {0x0, 0xa, 0x3ff, 0xc0000000, 0x5}, {0x80000000, 0x6, 0x3, 0x9, 0x3}]})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)=@arm64={0x4, 0x4, 0x6, '\x00', 0x1})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom1\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000540)={0x8, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313, 0x400}], 0x0, 0x1000000, 0x0})

2.512342211s ago: executing program 0 (id=4187):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0x3b, 0x0, 0x3}]})
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
write(r0, &(0x7f0000000180)="da8f5e", 0x3)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xcd, 0x0, 0xfffffffffffffffe}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x84}, {0x6}]})
ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)=0x93f)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000000000024"])
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"])
r4 = openat$kvm(0xffffff9c, 0x0, 0x800, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8d], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

2.386741773s ago: executing program 4 (id=4188):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x0, 0x3})
ioctl$FIOCLEX(0xffffffffffffffff, 0x5451)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x1015, 0x2})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000300)={0x73622a85, 0x100, 0x1})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/custom0\x00', 0x2, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1080, 0x200000000000})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x50, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70"})
syz_clone(0x803480, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1181})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000140)={0x8, 0x0, &(0x7f0000000040)=[@acquire], 0x0, 0x0, 0x0})
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/cgroups\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000004800)={0x2020}, 0x2020)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x100000000000000, &(0x7f00000001c0)="d6"})
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write(r7, 0x0, 0x0)
prctl$PR_SET_VMA(0x2a, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000e00)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000000e2ff9502"])
ioctl$FIDEDUPERANGE(r3, 0xc0189436, &(0x7f0000000180)=ANY=[@ANYBLOB="021094a6ef00000700"/24])
r11 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r12 = mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r11, 0x0)
ioctl$BINDER_WRITE_READ(r11, 0xc0306201, &(0x7f0000000000)={0xc, 0x0, &(0x7f0000000340)=[@free_buffer={0x40086303, r12}], 0x0, 0x0, 0x0})

1.996281629s ago: executing program 7 (id=4191):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_pressure(r0, &(0x7f0000000080)='io.pressure\x00', 0x2, 0x0)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r1, 0x0)

1.864056421s ago: executing program 7 (id=4192):
r0 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000000)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) (async)
r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000240), 0x282300, 0x0)
ioctl$BTRFS_IOC_QGROUP_CREATE(r1, 0x4010942a, &(0x7f0000000280)={0x1, 0x1}) (async)
r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000002c0), 0x80000, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(r2, 0x40086607, &(0x7f0000000300)=0x6)
read$FUSE(r2, &(0x7f0000000340)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000002380)={0x50, 0x0, r3, {0x7, 0x2b, 0x1, 0x404000, 0x101, 0x4, 0x3, 0x30000000, 0x0, 0x0, 0xe72bffe066e7c66d, 0xe44}}, 0x50) (async)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000002400)={0x8, {"8a74d646f94d1a4469920aa6d5e10de39c0d9db8a0cee25e9dca00a1c6553b2a0e341a29123ef22e39bb2b01e01fe7a619f1325c46d20e985dd35a2a6d3477645e115a075c2a61f80b8ddb8631c9a564ba20e0f780c1322669078728dc360af8650febc7e1e6d130ff513239b80f6d2a33cb3171202808bed9b7df3251452a8ea60ca3a1976c892581250bfead6482373621dc30cc517a7cbea813c653c56d45e30faf1af8b63969d529ac501edfe564be6080ee70b4755fa93f385d8c9d5a08db34255abad2052228a5a68062071ccdcfbb6e1ebbe56917262de1db69f6ced6204819c492f92797230979842473da69f2af46986f6617f9af053009128a05554ed2d1f9b4dd414d938fe81ec7df59b05d429502f73074e54e30017aa75f86e65219eed5122ad77b901e0858f0394f1ec80d6d025e25bdb5e67dbfaf32dce38fcda4320b7a41620886daa6994ce78bc9209f62aa4e50dc762ad8f01bad82dfb697a4d5bc2e655f0f9c5892f79d71ce85217be766c59191c99f4fce9e19bb5776f79872da501f17600e53d9f170b0ebd4e6e83a2607d1e0641288269da2eb754e9f45d2d92d7415a91c951e6f5eda94bd46da18bf7622e72d581b0ed8a7d642128539339e2afcbb289a7718c9a9d59dd7f7c295f65b636756220b6f00797b12a0acd8b20d64b977a6564b6b5e155a8cba72e8764967b468880aa37c4a4e7c097dc03201396b19291a4b1318494905688d6a7bda18a065306208dc126e9a5ef3ede22004a74ed3c50d4cdc99c47a3309752e312f53bc6046a673e70d96d8749f74ef4fbb141c5de0e1d0675ebc023038458f97453fc744d2705805eee8d37311153ef7e65bf869954508347fc5fdba657bc3345d768a10c3fdda9cf9594dd89bddb93ca5f9a5b7bfcb84cb50aebd0061716729f4b9ad5fb77533697e4725e81449e640f0975168c9ecf2ee0e5767474f2f6f7f3d539b609b7fb0a4bdfba569d2f9cd31a1faa54753e67e8a54c6e8150175ddb7ab54c632ba94e07aa96a0ed36443e49a632c63e488e87c2d091d64fbb349c288097f5fde36354e6a11bf2382a06fca21036f00a11d3eb2b6f49a2a34e0c7dd412171eee078d3598370a4e7a40e43c190d694eaa6885808af5d7575b62bc3a9513fc08cb8eaeb3b2eb802bb49092abd48f5c24de3f869b0ed6b310ab3dd912435e82b7a335790e701717047078686176091f91c099266004023b5c82c236e58d3f9dd8c6d4fe3750aae262584a1b895b20a6fa0628b541be2f4e9929cf763eb273e041f636ca648447a838ba0902f1599346efa0f683e4fd902cb2eb0b135e948ea3fe72ddff3c5e20abbda47fde6d4453c6bb8fa7037d7429b5a6c74eef475b498668b3711f3364d296d813f8bf80e5092fc73de93c9e8ba6b1a1bfaa74a2c1fc16bfd44499b70a2cbab09d949528f946236f3758852cb6dd9709ab740e749e3e07a92e8ce7659c08e9b716c46660111df4c6da909134a724c197a857c0506568732f752fdaa6378afd6f08857d89b5b5fa37a045e4136a78ccd5d48047b1334915d77b66c020d2d38b9ad13309ec4256f5344a34ea2a4ff4abb75af94f102f279325f4d6b9a4212aebd13bb1a068f5c7a47b0517b9cc00fcf29592ef9d0e9c506c6d0e709ff3b2979cd5e3210e6b3a63c5b6100453d0ea6007db4c4e51fc65bd9fbb3cd80c0443ec2d63e3fc6ef2dcfa3e2a87c73e82844a808763fc2c11b31bbc77b7cf84ad4d19be9330751a7301aad3e1e4a0295be87fbe66ee3b0f22202093f5b2b54c6326701910230438d8a1db612d4c7303c897ffa33f35809b9d2cce8fe978ef538f788687fd96db10d18ebdd86c2e6cf4d01ae8677b172e1231dac65a67f283ee98df4dd5beddec960a06a83ea167f3b79d76c9614d1a3d11961a5dabe82b03aadab4766b050feb7cf9d16a392ff95f41eb801c762ed8edb0edfe6975d33bd77a72515a3315f83f35681d98664d8e7a57449a08724743e7ec357ce1d07ff9b3cb6ca78128b726358b618df8854aac950b9eca75a83813cc4341b9bd2b78eb8902c3e7f1747843a4afd805855f6054533800168f38a0362ae1fc327ad304ff860e9f2d76bcd8c18f7587425a05c2907d0142dc9bb2e852a6b3cce6f1fcda18bf04bd9380a8787fe12c68c5671044fc369a49f35323042b4662cd6755c9e3fb3bbf51f933bd47af13fddfe0e37a1f807c6cd7b93e3d4f3c76227c1b15268bdd3d9059a2a1b08b73d6bef73b0a8d98412f227a3f80ef8559529f58061d6812e601aab1ca3189fee1bf660aec3dbce340a03051a85b7016790e501b27e91367acd0c4edf479d39ce34f4dc1fbf3205073cd0c119722e1eb7db89faad080b7eb6d59209ecf87678accb161a1fb671970b5edd725d574670d377df6bebaa3dff0b17cc5ee725610896b2da895a8bee165bdc5b352b893a8df7192b4deff98ab44370df7693b02506461d683d7c3e6f5d82ca9421f8c200c4fb85e8e11d7bec714332060c3da697196196101ee30bca80cde6c9fef2d9b6bf4b6d1dd922665224d1d084aee2620b706f08a493fc7a57051bb39be33ac79bb2133db25a0ebad6b31df1529a9e177c17dc456f92426fef70b3c068978d961189eb68308df27cef0404d9d8248ea48a10289923b4133673aa485e9ca42b16d60bf8f8d4c82d96c1735c2943fa8e8205916f199dfeec8f04531c4a1b0dfc66bf4eabb05812888566b12e46265db5f6cd1cfd803c296531f222fef14f6a76830d481c7ee577bffa75f447460b89bac407966e8b467c828e3c3c94ff36855fae874f9672c1ba6ff2e822d4d284804acfbb9a11ea70ad27765d639ce9e528161bd49a45c5e1c00b99456ff9be805e9a0b4e7328543c00c1a5cf973a93ecf3b49729185625cb2cbab5c259395e13077e0a213af9966a9e31775c576a05508516d5ed0ed31e2867bba9aaa7fd7b9c8ebba59528ca0b952780af16ffbbee0580645946024248823e02613c91fca30c42d0971e9888fd2fbce464803ec86e7d785ac1d5ccc48ec6f9296fd5b35e0454bb3766ea50fc38d6d3d76437ba7b23f6bf8d7257f959d1405eb03ef8c226f54fb638186e768b16a0cbc2315eebc4206dc956c3ef23b12676bc8a3bb22083199d6b0d8e22fb6312df933b9bc8a9fe4a4b250f72c56f27548cf8fb13c5b709a04e15cdfce856848b4ee07aa2f7f05fa4939ef279ee72769ae51db633f514392ef2d1218d9481665ce001767d3051cdd731deb5e07b22ea07bf28abfea5daae07f2d31816a0c0ca30ae25b7a8cc1d3694943e91b997185425e45a97bc2ca0c8497ce4353cdb332c3b5ba4a52a072c72919c9551bb6a91aeb2edb3a26c215931c1fa4227fb73a79852666649cce20a78c5a2ff1c86566905a6d651223688520e4c1c5fda653145d56822c2738075f067f9e78f83d318fe8daf93e58dad1754abcdbd95d60a89333ec86482ce9fafab838f8cdc4d49a159debba39348b23562c49c45fc6ee0d418bcd4db89f3fee6fb7f1fbdc982e3991bf338db0c2afd0e25d34145d9a814033588c4527888ff67e10125ae4a7b8c4b9307dc9dd766e153253685024895c095ebf2b2c34a4ea855f306899868552ed5b0ff4bd49ffbec717897d960eca2bd77e9ad318442b6e83a3adae48c5182a06537338beb1e17a0caa1efba15de0e4c54a803c5d20bd1f520c889ad7293ff09d621f90efc673dea9900ebf3f037a09f2f92e5ebb3ae5972035ced1db5afda5113c9cd637f201b0b251c698bcd21093dc150ff704408c87f8ef2585fd13334c8740563fdd0dd6b1e28726b0388a23419fbe30a23d71394a3add342b14e22ef1d0ccb7bc10766e40a31ac4f8fd15d746be229560d7887f7c9f1fdd141159fbd43ad98a682ce04f8c8b144ffd4dbf52f6c349653c90bb37061b88948ca01d34cff0d5c06c92302b780c28dd651dbe762e903d7aaa8a76008c4cc1846a44f580c84e34712686f4d8601c9d80ca4f4a5f7772939c2dedf103bc39670c3e3fe705e682c9e3d392a7f567b9f44da28fa594e6af6e9c2816c66c00f912a4582590857fcbfca43e8e2893ec60959f67c7f9321938a3d7dd90f72e56e3c67d81dd1a5171bc21a99a5135fadfe4db263dff1cec57a12defa7c8937c9e8285cb0fdc95edba1561676e3cbdbc5f41f573cd444066f10fba141bea17508724b9a030899d95e9eaaaa95f7d67a80b6fddf943df3751d62c5a51ee2275032c615a971f28eede3cbd4e8d02d5f9bbe801c004aeea1f005ef888201c94542856db8183ee7635fc9486ac246e6ae986188b664570660d8ddd5324c256a4bf1a2672c461d632e28310443e2934e3bf0123e2791b48ba0bd39e09c9f1cedf2624b6cfc49f8c96d768991921d719eeb090d4ae96ab208bda684629db46390b2b27fbd5da16a897275e69afdfec66059d2471434c7af48cbeec8ede8b27c0633313194ba10e28ee5d4c2f6448a8951790a5f57e6d440390973638e056f4b1de8ca47e8382896f031736e2bb14569e69ba1d894891817c6dbd8ab2f4a5adb49ef9dd1e6bda904ae6843104632f5af3d25df60a273368df44039798e31909549a62fec8312eafc4aedcdc6302c93089e03435c58e27e343f13982ba51cd4591436281a4d73745f1c21d5b87af4eb7fd1a6b160ade0241cc68a9878c42b75e51dfa433c0e5bf915a5284ff5eaa1ae0e2cd030fcd3137bd6eec0a293132e9af00bd533ba033bf9d3ca2b5d01e7794322eaf1ea2bfdb1fc1ed4bf9ce3bd27e6e67d515b6bc6d43234b3dc09a692bfa37d86936933414b33f24570d55fe971a8a66dc06197142c7b6bfea1d773ac34fa1aeb54b932fb6cc6b4d734dc4cec3007696862b5cef5c7a9b73fa967db8f2d43a9759d3e45e62c1350914a7fdd651573c7d64c5cb069becf9a70ce33d56bf98d43bed22d63db40b325844289d79b83afcebfb00b4d9c094b545e9957553ba8ca36a8a8532e3a3675c9ee18b247d80e260f92d5cd2c85b4937bfe9eef3982bb92b724effc1c3aa4af49a32290e6b41b35aa2147af23ab48e42db69fe837236ec16cbc977af939edf037091b45b1bb8fbf91357d03f6117c846d65dca46e68fcfec74fa694b3d60386e774ba314c8a697b0c682c7758e416efe3823388e54e806dcc9516b2e4212b2b39948bbadfd9dfe40ec97835d15f886897206ea1d9a2cb04f6e25ed39fbfa5e1060bbcdab8104b51e70c4e9f252f456590214ebd6dde09a1a554726fffb85f7ab275e62eca784390d35b271cfca387969cc306301adb63dbd420a99470e5306d17665f9720bd1d769376ef04c11deb23420b5804801c260d0148c90f6234714a855dd2fce65baaf3e81e72ef3b6662cc65fa6186def91d780cab33ad61b69dcb5957d74a1f83dc96dba6c2c0e2d9e3a95eb1e733d718a9cb72d000a75197e2d5d86def187768b3040b13ec84fe0b23ea3b24d6e176de4e985d9479d95cd990b1c481fd08498a3c5512fe77c1e2264a63a2084973ab4076e94db3198d24390933b66d1aab4d11c3668bc7d852c0401b40d161e381a48087ed11dff97409e4da5e5757c302b5073cbc10cc1518d6dbb878ac3269bdc131536e3cd9f7799dd72b63394fbe317b95c5f01ef6b0dd36d3ea942e8e7e8cc0891cc11766c55b5e47d67adc0d99661a8c830a49958141a99d609c6cb83dd24355b73862e72f22002ee49ffa77e7a4f0b0238f7663fd98042ade288a2ec5ad8c149e5369855db8d66879b35db07a3eecf36ce44f5907e3", 0x1000}}, 0x1006) (async)
ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0xc0286687, &(0x7f0000003480)={0x1, 0x7ff, 0x3b, &(0x7f0000003440)=""/59}) (async)
ioctl$FIONCLEX(r2, 0x5450) (async)
ioctl$SNAPSHOT_PLATFORM_SUPPORT(r2, 0x330f, 0x8000000000000000) (async)
ioctl$BTRFS_IOC_GET_FEATURES(0xffffffffffffffff, 0x80189439, &(0x7f00000034c0))
ioctl$BTRFS_IOC_GET_FEATURES(r1, 0x80189439, &(0x7f0000003500)) (async)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000003540), 0x8c40, 0x0)
r5 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000003580), 0x2, 0x0)
write$selinux_load(r5, &(0x7f00000035c0)={0xf97cff8c, 0x8, 'SE Linux', "52cebcd230222241d18cae31524aeca7953c343f19238ee3f086856948c334fb316ab105040bb760c8eeda619fed6663b5472bad60d66950505db3c70fe56cd7a380fc03928534a994fe61ff2328b9485e66a06d2b8a"}, 0x66) (async)
ioctl$SNDRV_TIMER_IOCTL_CREATE(r2, 0xc02054a5, &(0x7f0000003640)={0xdf, <r6=>r4, 'id1\x00'})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000036c0)={0x1fe, 0x0, 0x2000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000003700), 0x110000)
ioctl$SNDRV_TIMER_IOCTL_PVERSION(r7, 0x80045400, &(0x7f0000003740))
close_range(r5, r5, 0x0) (async)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r7, 0x6612)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000003780)={[{0x6, 0x9, 0x3, 0x40, 0x4, 0x0, 0x0, 0x7f, 0x7, 0x1, 0x7, 0x94, 0x1fecc901}, {0x4, 0x800, 0x8, 0x3, 0x57, 0x9, 0x6, 0xb, 0xf8, 0xfa, 0x3, 0x1, 0x7fff}, {0xc1, 0x4, 0xec, 0x8, 0x10, 0x7, 0x0, 0xa, 0xf9, 0xd, 0x2, 0x4, 0x5}], 0x4}) (async)
ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(0xffffffffffffffff, 0x4008af23, &(0x7f0000003800)={0x0, 0x1})
ioctl$KVM_SET_PIT(r6, 0x8048ae66, &(0x7f0000003840)={[{0x7, 0x6, 0x5, 0x81, 0xd, 0x18, 0x9, 0x40, 0x7, 0x6b, 0x7e, 0xd, 0x7}, {0x57, 0x3ff, 0xb, 0x7, 0x2, 0x9, 0x9, 0x34, 0x9, 0x2, 0x5, 0x2, 0x81}, {0x9, 0x8b, 0x1, 0xc, 0x0, 0x32, 0x3, 0x0, 0x0, 0xff, 0x7, 0x6, 0x6}], 0x2}) (async)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r2, 0x4068aea3, &(0x7f00000038c0)={0xa8, 0x0, 0x1}) (async)
ioctl$FICLONE(r2, 0x40049409, r4) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) (async)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r6)

1.762009093s ago: executing program 7 (id=4194):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x3002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000000b2000040"])
ioctl$KVM_SMI(r2, 0xaeb7)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNSETNOCSUM(r6, 0x400454c8, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000006600), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r7, 0x5453, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000700)={0x10, 0x0, &(0x7f0000000540)=[@request_death={0x400c630e, 0x1}], 0x0, 0x0, 0x0})

1.696077774s ago: executing program 6 (id=4195):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0xb0, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac1"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000001c0)={{}, 'syz1\x00'})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x5f)
ioctl$UI_DEV_SETUP(r1, 0x5501, 0x0)
ioctl$UI_SET_PHYS(r1, 0x4008556c, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000002a40), 0x200, 0x0)
ioctl$BLKREPORTZONE(r4, 0xc0101282, &(0x7f0000002a80)={0x10001})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_int(r5, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000140)=ANY=[@ANYBLOB='1-0'], 0x31)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000}) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0xb0, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac1"}) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (async)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000001c0)={{}, 'syz1\x00'}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x5f) (async)
ioctl$UI_DEV_SETUP(r1, 0x5501, 0x0) (async)
ioctl$UI_SET_PHYS(r1, 0x4008556c, 0x0) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000002a40), 0x200, 0x0) (async)
ioctl$BLKREPORTZONE(r4, 0xc0101282, &(0x7f0000002a80)={0x10001}) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
openat$cgroup_int(r5, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0) (async)
write$cgroup_subtree(r6, &(0x7f0000000140)=ANY=[@ANYBLOB='1-0'], 0x31) (async)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) (async)

1.407967859s ago: executing program 0 (id=4196):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe)
close(r0)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001080)='/sys/power/sync_on_suspend', 0x2, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000002c80)={0x30}, 0x30)
ioctl$ASHMEM_SET_NAME(r0, 0x41007701, &(0x7f0000000000)='/dev/ashmem\x00')

1.401904889s ago: executing program 4 (id=4197):
ioctl$KDGETLED(0xffffffffffffffff, 0x4b31, &(0x7f0000000000)) (async)
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x1000, 0x0)
ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000080)=""/10) (async)
ioctl$TIOCGPKT(r0, 0x80045438, &(0x7f00000000c0)) (async)
ioctl$TCGETS2(r0, 0x802c542a, &(0x7f0000000100))
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000140), 0x40400, 0x0)
ioctl$PIO_FONTRESET(r1, 0x4b6d, 0x0) (async)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000180))
ioctl$F2FS_IOC_SEC_TRIM_FILE(r1, 0x4018f514, &(0x7f00000001c0)={0x2, 0x6, 0x2}) (async)
ioctl$TIOCMBIC(r1, 0x5417, &(0x7f0000000200)=0xc6)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r1, 0x68) (async)
r2 = openat$cgroup_int(r1, &(0x7f0000000240)='blkio.throttle.write_bps_device\x00', 0x2, 0x0)
write$cgroup_int(r2, &(0x7f0000000280)=0x7, 0x12) (async)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000002c0)={'veth1_to_hsr\x00', 0x600})
ioctl$FIOCLEX(r1, 0x5451)
read$FUSE(r1, &(0x7f0000000300)={0x2020, 0x0, <r3=>0x0}, 0x2020)
read$FUSE(r1, &(0x7f0000002340)={0x2020, 0x0, <r4=>0x0, <r5=>0x0}, 0x2020)
read$FUSE(r1, &(0x7f0000004380)={0x2020, 0x0, 0x0, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_ATTR(r1, &(0x7f00000063c0)={0x78, 0xffffffffffffffda, r3, {0x9, 0xf3, 0x0, {0x1, 0x81, 0x0, 0x1, 0x7f, 0x3ff, 0x6, 0xffff3863, 0x0, 0x1000, 0xfffffffc, r5, r6, 0xfff, 0xd}}}, 0x78)
write$selinux_access(r1, &(0x7f0000006440)={'system_u:object_r:devicekit_exec_t:s0', 0x20, '/usr/sbin/cups-browsed', 0x20, 0x80000000}, 0x52) (async)
ioctl$PPPIOCSMRU1(r1, 0x40047452, &(0x7f00000064c0)=0x8)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000006500), 0x40000, 0x0)
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f0000006540)={0x2})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000006800)={0x8c, 0x0, &(0x7f0000006680)=[@acquire_done={0x40106309, 0x3}, @transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x60, 0x18, &(0x7f00000065c0)={@fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000006580)=""/59, 0x3b, 0x2, 0x31}, @fda={0x66646185, 0x3, 0x1, 0x9}}, &(0x7f0000006640)={0x0, 0x18, 0x40}}, 0x1000}, @clear_death, @decrefs={0x40046307, 0x1}, @request_death={0x400c630e, 0x2}, @exit_looper], 0xb2, 0x0, &(0x7f0000006740)="d1d2537abf6da1977079f517eeabf07749d8e512d7cdd66505f61650f08966c61c0ad59dfa8eae2f70820d9e794b0c54663c323bdf7ef2ac50da8904de4da79bfee957cba46870abe70a5114203c1be9da3d330d913d8bdee6d7696ee1b85090c4155e04e1b8c1fe60c091ee3558c86fc936753d850c7aa4695fdcb0394bb1491639d990883e9454cf14c06854a71e80edee836558ddc9e9788a25d6bf778fcf9eec8ee191fa3aa33e2b38bc58aa1594d116"}) (async)
ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000006840)) (async)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000006880)={[0xd2, 0x4, 0x3, 0x0, 0x2, 0x0, 0xfd7b, 0x1ff, 0x0, 0x0, 0xa09, 0xffff, 0x7ff, 0x80, 0x8, 0x5], 0xdddd1000, 0x84})
ioctl$TIOCGPTPEER(r1, 0x5441, 0x4)
read$FUSE(r1, &(0x7f0000006940)={0x2020, 0x0, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000008980)={0xa0, 0xffffffffffffffda, r4, {{0x0, 0x3, 0x5, 0x400, 0x80, 0x0, {0x2, 0x4, 0x6, 0x6, 0x6, 0x74b, 0x9, 0x9, 0x125, 0x4000, 0x1, r7, r6, 0xc, 0xc}}, {0x0, 0x1d}}}, 0xa0) (async)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000008a40)={0x30, 0x5, 0x0, {0x0, 0x2, 0xd1c, 0x42}}, 0x30)

1.401167289s ago: executing program 6 (id=4198):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_GET_PIT(r3, 0xc048ae65, &(0x7f0000000500))
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000007401"]) (async)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', &(0x7f0000000140), 0x4a81, &(0x7f0000000180)=ANY=[@ANYBLOB="6d61783d30303030303030303030303030303030303030303030302c0002b440e8b0f8a5ceb803b4effbb5ef9fb05f7fffc9c26376206c59ce0e66509469358a27d1a4a22babd18a3f068c490e0699815d6504dd43a5a6ca7085ac196e4db99af1959ecb21af950e356c366cc69c64ca98805617f21c149e371f2e3c1d1a84aa1b75fe200228ccd3f5e228a15e322a2aa843b34c138b20db7dc036fb33c996f3043b68207d4b71cd19793f08f863e049c702feadaa3f8c4724d6c2f490aebb149259566c2d520a3942f1af27180d9311eff2662ae48f5e41ea818099cb02b5c0dbc6ed979dd15e50fe588c28dd50e1686c7e10a1fe3c975fae16816b6e42b272b1826c789ead5579fd76a8b66f3d1e3d9791b02398e24cf29ba8a217de6689856196b50ce182a04feae8047d639ef69c6380e1d92ad064f2ce2e31c38681f1e1a8d25074e09b2037eb3c77ddfcd8946653f7d142d82ee01e0665947b6f0685"])

1.372718249s ago: executing program 0 (id=4199):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4, 0x0, &(0x7f0000000440)=[@increfs], 0x1e, 0x0, 0x0})
mmap(&(0x7f0000196000/0x1000)=nil, 0x1000, 0x0, 0x840000000000a132, 0xffffffffffffffff, 0x0)
read(0xffffffffffffffff, 0x0, 0x5b)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
mmap(&(0x7f00007d4000/0xd000)=nil, 0xd000, 0x2000006, 0x13, 0xffffffffffffffff, 0x25fea000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_INTERRUPT(r3, 0x4068aea3, &(0x7f0000000040))
r4 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00', 0xa5ecada067997d3, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, 0x11, r4, 0x8ae9b000)
ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, 0x0)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r4, 0x0)

1.248006211s ago: executing program 7 (id=4200):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x100)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f00000001c0)=ANY=[@ANYBLOB='nXI'])

1.247532191s ago: executing program 4 (id=4201):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
read$FUSE(r0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
mmap(&(0x7f0000196000/0x1000)=nil, 0x1000, 0x0, 0x840000000000a132, 0xffffffffffffffff, 0x0)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000215000/0x1000)=nil, 0x1000, 0x0, 0x6011, r2, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0xd1383000)
ioctl$FS_IOC_RESVSP(r1, 0x40305829, &(0x7f0000000240)={0x1100, 0x1, 0x80000008, 0x10003})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000000), 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
syz_clone3(&(0x7f00000000c0)={0x200000400, 0x0, 0x0, 0x0, {0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, {r4}}, 0x58)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x4020aeb2, &(0x7f0000000080)={0x0, 0x0, @ioapic={0x100010000, 0x1, 0x0, 0x0, 0x0, [{0x6, 0x7, 0x8, '\x00', 0xab}, {0x2, 0x0, 0x2, '\x00', 0x3}, {0x60, 0x6, 0x8, '\x00', 0x3}, {0x6, 0xc3, 0x3, '\x00', 0xf1}, {0xc, 0xc, 0xa, '\x00', 0x43}, {0x4, 0x79, 0xc5, '\x00', 0x6}, {0x90, 0x5, 0x9, '\x00', 0xfe}, {0x1, 0x0, 0x6, '\x00', 0xfc}, {0x1, 0x4, 0x9, '\x00', 0x33}, {0x1, 0xf, 0x57, '\x00', 0x9}, {0x5, 0x4, 0x1, '\x00', 0x6}, {0x81, 0x6, 0x6, '\x00', 0x9f}, {0x7, 0x3, 0x8, '\x00', 0xff}, {0x6, 0x6, 0xe, '\x00', 0x2}, {0x7, 0x0, 0x3, '\x00', 0x50}, {0xd, 0x2, 0xd, '\x00', 0x3}, {0x8, 0x80, 0x80, '\x00', 0xb}, {0x3, 0x89, 0x1, '\x00', 0xe}, {0x78, 0x1, 0x2, '\x00', 0x7}, {0x3, 0x3, 0xc1, '\x00', 0x2}, {0x5, 0x26, 0x5, '\x00', 0x9}, {0x7, 0x9, 0xe2, '\x00', 0x6}, {0xf9, 0xd, 0x81, '\x00', 0x81}, {0xfd, 0x3, 0x80, '\x00', 0x6}]}})
r5 = openat$binfmt_register(0xffffff9c, &(0x7f00000002c0), 0x1, 0x0)
write$binfmt_register(r5, &(0x7f00000001c0)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x4000000000000c1, 0x3a, '\x00', 0x3a, ']\xff\xff\xff\x7f^{', 0x3a, './file0'}, 0x2f)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60303, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140))
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000910000400eca"])
r7 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r9, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x1, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8d], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

1.178186862s ago: executing program 6 (id=4202):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/255, 0xff, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x31}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x52, 0x0, &(0x7f00000002c0)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f612948"})

1.138091273s ago: executing program 0 (id=4203):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) (async)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000080)={0x2, &(0x7f0000000180)=[{0x28, 0x4, 0x0, 0xfffff008}, {0x6}]})
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x80049367, &(0x7f0000000000)) (async)
mount$binderfs(0x0, &(0x7f0000000580)='./binderfs\x00', 0x0, 0x4009024, &(0x7f0000000040)={[{@stats}]})

1.007962415s ago: executing program 7 (id=4204):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0x3b, 0x0, 0x3}]})
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
write(r0, &(0x7f0000000180)="da8f5e", 0x3)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xcd, 0x0, 0xfffffffffffffffe}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x84}, {0x6}]})
ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)=0x93f)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000000000024"])
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"])
r4 = openat$kvm(0xffffff9c, 0x0, 0x800, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8d], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

1.006968275s ago: executing program 6 (id=4205):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x572, 0x0, 0x1}]})
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$UI_SET_LEDBIT(r3, 0x40045569, 0xa)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x11)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000100)={{0x0, 0xdaa9}, 'syz0\x00'})
ioctl$UI_DEV_CREATE(r3, 0x5501)
ioctl$UI_DEV_DESTROY(r3, 0x5502)
r4 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$ASHMEM_SET_NAME(r4, 0x41007701, &(0x7f0000000000)='#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a')

948.121176ms ago: executing program 0 (id=4206):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000000e2ff9502"]) (async)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYBLOB="01000000000000009602000000000000010000000000000032fa2d54e643eda383ca70536f36855b82f69872203e92c736a591b52d003344a4c8965414dbdc9150409df6d9d8f614c1888189ef5e3b50447bebff4798a71e40d30ee9fd69d604545525d0e97f07d18578391315f075caec108870e904bd8a4cdbd1332420584f29c7e1076f4f5baccb832186a56c12e356491140055ccfc9b6"])
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) (async)
r12 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f00000002c0)=@arm64_sve={0x60800000001505cc, &(0x7f0000000240)=0x3ff})
ioctl$KVM_SET_REGS(r11, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x1, 0x203, 0x0, 0x6, 0x0, 0x5, 0x5], 0xeeee0000, 0x280241}) (async)
ioctl$KVM_INTERRUPT(r11, 0x4004ae86, &(0x7f0000000040)=0x5)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
prctl$PR_MCE_KILL(0x23, 0x0, 0x2) (async)
ioctl$KVM_SET_LAPIC(r11, 0x4400ae8f, &(0x7f0000000540)={"88a2d945c9f43f5214fa3e86540289f2ee7cc397768f422ba0a6b2d696d319fa4f88e97b7230fab298358f47d06120491df6869fde572bfe3dc89144f50dc47ede393a448567a272e08aa1d9a4e7c121247a7a923a1e98fc564a24837b15c49b4908f54a512739dcaf4cafad5bbb0b6a9c3ed8f936fa3f73b1c841a76bce80096ae809e6d6c9e8c12fb1cce260e0600f0d994ccb6487f17040c89e672202081791c56c0cd28f4c2d3b5d1662798011dc00f63124e1c46f9a2c32d528412fd1d766b7395a9ccdf861dfb81cde9d8e38970b04c6460dbbce710623befb80e52e39e3a11c1fdc8ffe91083a94cc7cd147f94d6512bd3e59662977d68f8c4bcfa7e62efe6745b92f426ac03425499e35fd2facc6c359975d126b83b1ff8faf91391873d0c1bfbb252f22ddf599179d4a769dd6a3f5df83c5adfccb183800eb633b714efa0239991d3eae93d1b2bfc484094e68bf694ab5d1aaec3ba462edfbc125b848c6afc0b6c5565897fbc2f3f61c404ce4dece4f8a71bee5fc5e097a88daba7397ae086336cd97593af729b119355609b4ae845bafd99d40a31a13b25b06a4d57b7d4e406bffe33ba9b710d227e7d954b5b53bf492238d7eeb29a82d52d1b4b502442a17f9354bf386d2697404504bb331f9ed4fb9258648397cb35c31102d0b72d8edbcc9a698d8379166ac545d32c4f0339978f8add8f95c00afc4b81aab827efed522970c554bf8c010084468f3cbac70992fb5fc16b4c48218796287d03b7d23904f22edbc89708db4394e74e09e43df8a5890937f0505b6b9c6b174b30c6352d29121ebb116d1055092e2923151e90c1b40810ad0c751c9a4e6d7dba091f14105323ff423bfe67a2bb7ef85b414350b5d264ff9f1f6ff49d158c60f178fd4cd5a407f8423561b8ca6d9dba823d7691e4ee7ba61cbd522cb3c1fbfddb43542eff209c2514c7dcb44f3b79a1d28c950f60f885f04fc3986ce3a8be8ec83225cabff8d1cccff3dca9bd704e85d3c51f4db3d611238a9fdbbc779d442855ab69c3adfc319a1e6b5fa065f133d911f3ba4bfa45244ba16d9a0d5f989af5c75c38a5c406b0844da145773622844caf7ac78af22b7e707a7827dcee85237163f5982e6cb35fcad5ef56ce161b6089a1edc40436a9d0bf05fc2ad2f88341e7cadc34060fe67e88f24883f9a833698f96d0171751011ea881528ed61919b618a785f505051d56fc47491fc7613421cd40b4c58b49a9d905160a670e609db48289d27e5f6ca194b7e1bcfec98616ea23caded32caaddd052d81ef6f538d913c161a71d26b58e804f8105ea6d48b00a3c92c1cf5ac3aa7db6d3d88222d31ef79bfd5709000b6c64eb55d933449c131a8283867012afa8affdab1fc9bd3155fdea2d0d3fffd3e742ea992e3f4e579920a998e0f6420968e9db6e28acf0db9ba1ae2679b"})
ioctl$ASHMEM_SET_NAME(r0, 0x41007701, &(0x7f0000000000)=')}%!:\xb9+\x00')
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0) (async)
ioctl$ASHMEM_PURGE_ALL_CACHES(r0, 0x770a, 0x0)

834.038097ms ago: executing program 4 (id=4207):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280), 0x0, 0x0, 0x0})
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0xfffffffe)
ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000000)=')}%!:\xb9+\x00')
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r1, 0x0)
ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000040)='/dev/ashmem\x00')

631.818921ms ago: executing program 6 (id=4208):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x100000001)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x6e100000)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400})
close_range(r1, r1, 0x0)
mmap(&(0x7f0000700000/0x2000)=nil, 0x2000, 0x0, 0xc0010, r0, 0xaa020000)
ioctl$ASHMEM_SET_NAME(r0, 0x40087708, &(0x7f00000007c0)='\x00\x00\x03\x06\x00\x00\x00\x05\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9f\xf0:\xfd$\xad\xbb\x9a|c\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84x\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~~\x84\\\xe4\x00')
ioctl$ASHMEM_SET_NAME(r0, 0x40087707, &(0x7f0000000300)='\x00\x00\x00\v\x00\x00\x00\x01\x00x\x92\x12\xbc\x00\x00\xbb\x0642\x9c\x1a\xd1\xcbx\xb0\xd6\x1e\x10gQ\xca\x0e;\xf7\'\x8c\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn\x05\x00\x00\x00-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \xac\xc4K\x03\xfa\x13Vz\xbf\xe3c\x8d \x0f\xb1\xe9\xf2oci(\xcb\x82\x05\xfe[H\xaf\x01\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafd%\xf1\xdbjE\x01\xd1sD5hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\x851Y9OB\xdeB\xe1\x02-&\"1hS\x92\xe4$-\x02\x00\xe4\x8e\"\x85\xc9x\xef\x81E.r\x89\xe5\x00\x9e\x97\x96\xb8j\x81\xf0\xdca\xfb\xa6\xff\xff\xff\xff\x00\x00\x00\x00d\xf0\xf1j\x11\x12\xc0\xbb\xfdq~#\xf7\xa8\"$,\xf4\x84|\x89o\x00<\xa6-\xb0\xd3\x80\xbe\xcf\a\x00\xfc\xa6\xb1\x05\x94\x84l\xbfA\xeb\xd8\t\x00\x00\x00CvNhx461\x04N<\xedV\xcet\xaa~\xf3j\x94\xec\x92\x86uY\xf6\xb5\t?,~\xa67\\\xb9\xc9K\xf8\x9d\x96\xc0\xb5\xc7wF\x99\x12\x97T\x90.\x9c\xe3\x9a\xf1\xb9\x9c\x13\xbc\x19\xde/\xaahB\t\x97\a03\xcd\xb3\xc8\xd5l\x14!\xf9Xg2\x1d\xeeB\xccT\x0e\xd8\xef\xc8\xe9\xb4\xf3l\xc3\xf2\x998\xc8\xc2|2\xee\xb4W\x99f.\xeb\xe9\x05\xcbkz3+\xdd\xe1*8\x95@0t0\xad\xe3#\xd7\x19\xe7Q\xdfmI\xe5\x1e\xe4\x87\xc9\x8f\xa7\xe0\xd9v\xf6\x01\x9d\x8f`,\x1a8\x81I\x86l\x8f2\r:\xc1\x02\xd6Z%\xa7Ks\x8bUolS\x05\xbe\x97\x1fGe\x94\xa6\xa3\xab\xdb\r\x17\xff[\xb1\x00\xff\x7f\x00\x00\x00\x00')

620.532811ms ago: executing program 4 (id=4209):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000004c0)={0x4, 0x0, &(0x7f0000000500)=[@enter_looper={0x40086303}], 0x0, 0x1000000000000, 0x0})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000000)={0xc, 0x0, &(0x7f0000000340)=[@free_buffer={0x40086303, r4}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x80, 0x0, &(0x7f0000000180)=[@request_death={0x400c630e, 0x6}, @free_buffer={0x40086303, r4}, @increfs_done={0x40106308, 0x2}, @request_death={0x400c630e, 0x2}, @increfs_done={0x40106308, 0x1}, @register_looper, @increfs={0x40046304, 0x3}, @clear_death={0x400c630f, 0x2}, @enter_looper, @dead_binder_done], 0xb3, 0x0, &(0x7f0000000300)="0dce16ba3cc07cc9bc4b99b23bc978d5a75df0b7e3fe7e9ef7b70a60f7c033a8b262f7a036c9be4ac1cbf6811298b63aefff1db116591469fa8d59b8bc32c1b6d34c6f2d9b72c2b3f80983b41f9dafa2a0c8896a3f07734a42cda7e518fbcae14dbaeb741a7e6a72f8d2ec50b4b0cd67d08c63df139127ff52cbfd3dc5c6d34ec4f87a403a3120e2e694c214262f200971a2e1698294292926f52c01c0af85a63350505490940b0a6a4f013aeeec18e35f68d7"})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
close_range(r5, 0xffffffffffffffff, 0x4)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r7 = mmap$binder(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, r6, 0x400000000)
r8 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r8, 0x40045564, 0x12)
ioctl$UI_DEV_SETUP(r8, 0x405c5503, &(0x7f0000000280)={{0xfffe, 0x60}, 'syz0\x00', 0x19})
ioctl$UI_DEV_CREATE(r8, 0x5501)
write$uinput_user_dev(r8, &(0x7f0000000e80)={'syz0\x00', {0x3f, 0x9, 0x8, 0xe}, 0x200012, [0x3, 0x8, 0x76f, 0x3, 0x8001, 0x5, 0x63e, 0xfffffffd, 0x3, 0xc, 0x9, 0x1, 0x3, 0x9, 0x9, 0xb0c, 0x8, 0xa3d0, 0x7, 0x7b, 0x5, 0xbc2f, 0x4, 0x80000001, 0xfffffffe, 0x3, 0xa, 0xf, 0x8, 0xd2f1, 0x7, 0xffffffff, 0x3, 0xe, 0x3, 0x0, 0x1ff, 0x47f2, 0x80000000, 0x4, 0x0, 0x7, 0x5, 0x29e, 0x2, 0x2, 0x9, 0xdf26, 0x1, 0x40, 0x4, 0x8, 0x80, 0x3, 0x9, 0x1a, 0x3, 0x5, 0x5, 0x9, 0x8000, 0x80000000, 0xcd, 0xfff], [0x6, 0x227, 0x9, 0x7, 0x8, 0x5, 0x81, 0x45, 0xc322, 0x6000, 0x7, 0x2, 0xf0, 0x1, 0x90000, 0x798, 0x7ff, 0x7, 0xa, 0xb, 0x9e, 0xd1a, 0x0, 0x1, 0x2, 0xa, 0x0, 0x5, 0x2, 0x101, 0xfff, 0xfff, 0x1, 0x401, 0x5, 0x0, 0x1000, 0x5, 0x10, 0x4, 0x7fffffff, 0x3ea1, 0xfffffffa, 0x2, 0xfffffff9, 0x1, 0x6, 0x400, 0x2243ccfc, 0x8455, 0x0, 0xb, 0xffffffa8, 0xdc9b, 0x0, 0x4, 0xff, 0x5, 0x1, 0x4, 0x2, 0xd5c, 0x6, 0x6], [0x1, 0x7fff, 0x1, 0x6b, 0x9, 0x3, 0x8, 0x80000000, 0x2, 0x5, 0x6, 0x0, 0x4, 0x40, 0x7, 0x2, 0x6, 0x8, 0xe2, 0x80000001, 0x7fffffff, 0x8, 0x401, 0x4, 0xc7, 0x4, 0x2, 0x6, 0x2, 0x648, 0x1, 0x10001, 0x4f68, 0x5, 0x40, 0x1, 0xc, 0x3, 0xffff, 0x7, 0x9, 0x1, 0xc0c, 0xcd, 0x9, 0x2, 0x401, 0x0, 0xd, 0x9, 0x0, 0x10, 0x7ff, 0x0, 0x7, 0x8a, 0x5, 0x2, 0x3, 0x2, 0x5, 0x0, 0x3, 0x3], [0xc51, 0x2, 0x8, 0x1, 0x9, 0x3, 0x7fff, 0x10000, 0x1, 0x6, 0x200, 0x7, 0x5, 0x0, 0x9, 0x8, 0x3, 0x10, 0x6, 0xd2, 0x8, 0x1ff, 0x400, 0x4, 0xb, 0x9, 0xfbd, 0x9, 0x0, 0x2, 0x1, 0xed, 0x6, 0x2, 0x5, 0xfff, 0xe79, 0x20c, 0xe0, 0x2, 0x3ff, 0xfffffffe, 0x9, 0xa, 0x100, 0x9, 0x3ff, 0x8e6, 0x3, 0x200, 0x9, 0x2, 0x3, 0x0, 0xb7, 0xc, 0x0, 0x9, 0x4, 0x4, 0x3, 0xcd87, 0x8001, 0x9]}, 0x45c)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x10, 0x0, &(0x7f0000000040)=[@enter_looper, @free_buffer={0x40086303, r7}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x1c, 0x0, &(0x7f0000000000)=[@register_looper, @dead_binder_done, @free_buffer={0x40086303, r7}], 0x65, 0x0, &(0x7f0000000080)="c68fb9b2a944387cdd824bf3bc66b00855860526b805afcdee2fa4d314683de73ad85ca63b3be5127f38770eb8c1efb05573b54d7c8034b73107146e818d612246b8b2468d9599a76f7b8b0880ef3a593889daac9597990f3b6690eed4098b4eb073f08002"})

358.079695ms ago: executing program 0 (id=4210):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r1, &(0x7f0000000e80)=ANY=[@ANYRESDEC], 0xfffffe57)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x4030582b, &(0x7f0000002b80)={'geneve1\x00', @local})
syz_clone(0x401000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305829, &(0x7f0000000240)={0x1100, 0x0, 0x4, 0x7fffffffffffffff})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x6, 0x8000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000200))
ioctl$ASHMEM_SET_NAME(r0, 0x41007701, &(0x7f0000000000)='y<\t\xc9\xdbWpT\x855\x83\xa12W\xb9\xf1\xa8Jq\x9d\xd3$\xb6F\x82\xa6\x9d\xf7\x0f\xe4\xffp\xad\x02\x00\x00\a\x00(\f\x94Obt\a\x00\x00\x00\x00yu\x80\x1b\xf2]\xef\x8b')
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
write$cgroup_devices(r1, &(0x7f0000000e80)=ANY=[@ANYRESDEC], 0xfffffe57) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) (async)
ioctl$SIOCSIFHWADDR(r2, 0x4030582b, &(0x7f0000002b80)={'geneve1\x00', @local}) (async)
syz_clone(0x401000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) (async)
ioctl$FS_IOC_RESVSP(r5, 0x40305829, &(0x7f0000000240)={0x1100, 0x0, 0x4, 0x7fffffffffffffff}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x6, 0x8000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000200)) (async)
ioctl$ASHMEM_SET_NAME(r0, 0x41007701, &(0x7f0000000000)='y<\t\xc9\xdbWpT\x855\x83\xa12W\xb9\xf1\xa8Jq\x9d\xd3$\xb6F\x82\xa6\x9d\xf7\x0f\xe4\xffp\xad\x02\x00\x00\a\x00(\f\x94Obt\a\x00\x00\x00\x00yu\x80\x1b\xf2]\xef\x8b') (async)

130.648198ms ago: executing program 6 (id=4211):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
close(r2)
write$cgroup_subtree(r2, 0x0, 0x9)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$int_in(r3, 0x5421, 0x0)
write$uinput_user_dev(r2, &(0x7f0000000100)={'syz1\x00', {0x1, 0x5, 0x10, 0x7ff}, 0x30, [0x7fffffff, 0x5, 0x40, 0x0, 0x6, 0xe5, 0x236a, 0x84, 0x8000, 0x6, 0x8001, 0x10, 0x9, 0x101, 0xecfd, 0x7, 0xe03, 0x7, 0x9, 0x0, 0x7, 0xd, 0x2, 0x3, 0x5, 0x5, 0x2, 0x4, 0x10000, 0x1, 0x5b5b, 0x76e, 0x5, 0x1, 0x8, 0x6, 0x2, 0x7, 0x2, 0x2db8, 0x5, 0x400, 0x3, 0x5, 0x10000, 0x5, 0xff, 0x6, 0xe9b, 0xfffffff9, 0xfbea, 0xc8, 0x6, 0x10001, 0x6, 0xfffffffd, 0x81, 0x8, 0x6, 0x17f, 0x2, 0x7, 0x1, 0x9], [0x8, 0x0, 0x0, 0xb3d00, 0x9, 0x2, 0xc1, 0x6, 0x40, 0x8001, 0x8001, 0x9, 0x2, 0x33, 0x205, 0x4, 0x0, 0xc845, 0x4, 0x800, 0x6, 0x63b, 0x7f, 0x5, 0x9, 0xdf, 0x7fffffff, 0x7, 0x0, 0x4, 0x0, 0x3, 0x7, 0x10001, 0xf23, 0xb6, 0x97d2, 0x0, 0x3, 0x2d, 0x6, 0x9, 0x2, 0x3, 0xf, 0x9, 0x6, 0x401, 0x57, 0x70, 0x7fff, 0x4, 0x4b, 0x101, 0x0, 0x3, 0x6, 0xfffffffa, 0xb8, 0x6, 0xfffffff8, 0x10, 0x1, 0x10000], [0xfffffff8, 0xc, 0x29, 0x9, 0x7699d0ca, 0x8003, 0xfffffff8, 0xf4fc, 0x5, 0x5, 0x80000005, 0xc8, 0x5, 0x5, 0x4, 0x8001, 0x7ff, 0x81, 0x3, 0x6, 0x4, 0x6, 0x7, 0xf9f, 0x7fffffff, 0xffffffff, 0x7, 0x9, 0x7, 0x40, 0x7342, 0x5f, 0x1, 0xfe00, 0xfffffffc, 0x200, 0x6, 0xaee, 0xa8b0, 0x2, 0x0, 0x7fff, 0xaee, 0xec20, 0x1ff, 0x5, 0x1, 0x40, 0xd07, 0x5, 0x8f3, 0x401, 0x7, 0x6, 0x4, 0xdb00, 0x0, 0xfffffff7, 0x3ff, 0x7, 0xa0, 0x401, 0x8001, 0x16f], [0x1, 0x6d0, 0x9, 0x6, 0x3, 0xec, 0x10001, 0x4, 0x4, 0x1, 0x7, 0xe, 0x2, 0x4, 0x8001, 0x6, 0x2, 0x7, 0x717, 0x1bd, 0x712a, 0x8, 0x5, 0x0, 0xd008, 0x8000, 0x9fc, 0xfffffffd, 0xffff54da, 0x3, 0x8001, 0x0, 0x9, 0x1, 0xfff, 0x72a6, 0x8, 0x7e7b, 0x5, 0x4b, 0x4, 0x8, 0x8, 0xd0, 0x5, 0x7, 0x1, 0x4, 0x3, 0x2, 0x7ff, 0x2, 0x713ab7c7, 0x7, 0x9, 0xf5d, 0x1, 0x8, 0x8000, 0x3, 0x6, 0x9, 0xefc, 0xf7d]}, 0x45c)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x2046)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0xc2, 0x0, 0xffffffffffff6253}]})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x488000, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r12, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0xc0000080, 0x0, 0x400}]})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000000021090000000000e4ee00000000000000f80a0000000009de00"/40])
ioctl$KVM_SMI(r9, 0xaeb7)
ioctl$KVM_SET_GUEST_DEBUG(r9, 0x4048ae9b, &(0x7f00000001c0)={0x70003, 0x0, [0x7, 0x9b, 0x40000ffffffff, 0x20000009, 0x9, 0x6, 0x3000000002, 0xd]})
r13 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_VM_COPY_ENC_CONTEXT_FROM(r13, 0x4068aea3, &(0x7f0000000580)={0xc5, 0x0, r8})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom1\x00', 0x802, 0x0)

0s ago: executing program 7 (id=4212):
ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000000)=<r0=>0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000040)=r0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/attr/sockcreate\x00', 0x2, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r1, 0xf504, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(r1, 0x82307201, &(0x7f00000000c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
write$rfkill(r2, &(0x7f0000000340)={0x101, 0x8, 0x0, 0x1, 0x1}, 0x8)
ioctl$TIOCSCTTY(r2, 0x540e, 0xe5c3)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x7)
ioctl$BTRFS_IOC_SCRUB(r2, 0xc400941b, &(0x7f0000000380)={0x0, 0x7, 0x3b1caf5f, 0x1})
ioctl$NS_GET_USERNS(r2, 0xb701, 0x0)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000780), 0x250903, 0x0)
ioctl$F2FS_IOC_COMPRESS_FILE(0xffffffffffffffff, 0xf518, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000007c0)='/sys/power/resume_offset', 0x40, 0x20)
write$rfkill(r2, &(0x7f0000000800)={0xd90, 0x9, 0x0, 0x0, 0x1}, 0x8)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000840), 0x2, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000880)={0x30, 0x5, 0x0, {0x0, 0x0, 0x3, 0xa96}}, 0x30)
ioctl$RTC_EPOCH_READ(r2, 0x8008700d, &(0x7f00000008c0))
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r2, 0x40049366, &(0x7f0000000900)=0xa4cc834f642939d8)
ioctl$NS_GET_USERNS(r3, 0xb701, 0x0)
ioctl$NS_GET_USERNS(0xffffffffffffffff, 0xb701, 0x0)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r2, 0x8008f511, &(0x7f0000000940))
ioctl$FUSE_DEV_IOC_CLONE(r2, 0x8004e500, &(0x7f0000000980)=r4)
ioctl$VHOST_VDPA_GET_AS_NUM(r2, 0x8004af7a, &(0x7f00000009c0))
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000a00), 0x200000, 0x0)
close(r5)
r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000a40), 0x100, 0x0)
close(r6)
r7 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000a80), 0x0, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r7, 0x4008ae48, &(0x7f0000000ac0)=0x8080000)

kernel console output (not intermixed with test programs):

LY { source: EINVAL } my_pid:538
[  265.905075][T10879] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  265.935618][T10879] rust_binder: Write failure EINVAL in pid:1259
[  265.969099][T10883] rust_binder: Write failure EFAULT in pid:1713
[  266.270461][T10894] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  266.296160][T10894] rust_binder: Error while translating object.
[  266.315660][T10896] binder: Unknown parameter 'dont_hash'
[  266.323309][T10894] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  266.337587][T10894] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:546
[  266.691153][T10909] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  266.741789][T10909] rust_binder: Read failure Err(EFAULT) in pid:549
[  266.917533][T10919] rust_binder: Write failure EINVAL in pid:1274
[  267.295074][T10930] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1279
[  267.703103][   T36] kauditd_printk_skb: 2048 callbacks suppressed
[  267.703169][   T36] audit: type=1400 audit(1750359235.060:11574): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  267.744999][   T36] audit: type=1400 audit(1750359235.070:11575): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  267.769066][   T36] audit: type=1400 audit(1750359235.070:11576): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  267.793301][   T36] audit: type=1400 audit(1750359235.070:11577): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  267.817469][   T36] audit: type=1400 audit(1750359235.070:11578): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  267.818666][ T7913] audit: audit_backlog=65 > audit_backlog_limit=64
[  267.842156][   T36] audit: type=1400 audit(1750359235.070:11579): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  267.871493][   T36] audit: type=1400 audit(1750359235.070:11580): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  267.897036][   T36] audit: type=1400 audit(1750359235.070:11581): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  267.903187][ T7913] audit: audit_lost=57 audit_rate_limit=0 audit_backlog_limit=64
[  268.055480][  T304] bridge_slave_1: left allmulticast mode
[  268.061185][  T304] bridge_slave_1: left promiscuous mode
[  268.073254][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.091367][  T304] bridge_slave_0: left allmulticast mode
[  268.097196][  T304] bridge_slave_0: left promiscuous mode
[  268.106570][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.169618][T10936] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  268.170108][T10936] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1282
[  268.248310][T10938] KVM: debugfs: duplicate directory 10938-4
[  268.365824][  T304] veth1_macvtap: left promiscuous mode
[  268.371518][  T304] veth0_vlan: left promiscuous mode
[  268.514984][T10934] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.522213][T10934] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.533975][T10934] bridge_slave_0: entered allmulticast mode
[  268.562131][T10934] bridge_slave_0: entered promiscuous mode
[  268.575529][T10934] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.584002][T10946] rust_binder: validate_parent_fixup: fixup_min_offset=22, parent_offset=14
[  268.584026][T10946] rust_binder: Error while translating object.
[  268.595823][T10946] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  268.601880][T10934] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.602049][T10946] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:561
[  268.622676][T10934] bridge_slave_1: entered allmulticast mode
[  268.646372][T10934] bridge_slave_1: entered promiscuous mode
[  268.892392][T10934] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.899522][T10934] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.906750][T10953] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  268.906775][T10953] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:568
[  268.916255][T10934] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.932431][T10934] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.071742][T10955] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  269.097475][T10955] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  269.099397][T10955] rust_binder: Error in use_page_slow: ESRCH
[  269.109405][T10955] rust_binder: use_range failure ESRCH
[  269.116606][T10955] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  269.122154][T10955] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  269.133998][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.163158][T10955] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1285
[  269.172937][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.212942][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.220099][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.249032][  T309] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.256155][  T309] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.300043][T10964] SELinux: failed to load policy
[  269.333814][T10969] SELinux: security_context_str_to_sid () failed with errno=-22
[  269.411046][T10971] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  269.441351][T10971] rust_binder: Error while translating object.
[  269.456304][T10934] veth0_vlan: entered promiscuous mode
[  269.463403][T10971] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  269.467991][T10971] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1292
[  269.541612][T10973] rust_binder: Write failure EFAULT in pid:579
[  269.596607][T10934] veth1_macvtap: entered promiscuous mode
[  269.745211][T10983] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  269.825074][T10987] rust_binder: got new transaction with bad transaction stack
[  269.831549][T10987] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1299
[  269.871686][T10989] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  270.004757][T10996] binder: Unknown parameter '8_$�m�e�w�sx�Kmax'
[  270.271100][T11005] rust_binder: Write failure EINVAL in pid:594
[  270.272302][T11005] rust_binder: Write failure EINVAL in pid:594
[  270.288855][T11005] rust_binder: Write failure EINVAL in pid:594
[  270.390304][T11013] binder: Bad value for 'stats'
[  270.533664][T11018] kvm: kvm [11017]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010006) = 0xaf
[  270.749119][T11023] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  270.749158][T11023] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:603
[  271.088120][T11037] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  271.220279][T11037] rust_binder: Write failure EINVAL in pid:1309
[  271.555530][T11053] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:30
[  271.557965][T11052] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:30
[  271.563286][T11055] rust_binder: Write failure EFAULT in pid:612
[  271.639428][T11052] rust_binder: Error while translating object.
[  271.663223][T11052] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  271.692055][T11052] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:30
[  271.800068][T11063] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:614
[  271.866301][T11067] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:33
[  271.895364][T11068] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[  272.016251][T11073] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  272.028245][T11071] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  272.036602][T11073] rust_binder: Write failure EINVAL in pid:617
[  272.036684][T11071] rust_binder: Write failure EINVAL in pid:617
[  272.134756][T11079] input: syz0 as /devices/virtual/input/input188
[  272.244655][T11079] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  272.244684][T11079] rust_binder: Error while translating object.
[  272.283146][T11079] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  272.283965][T11081] rust_binder: inc_ref_done called when no active inc_refs
[  272.290232][T11079] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:40
[  272.645588][T11086] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  272.683173][T11086] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:43
[  272.713100][   T36] kauditd_printk_skb: 3304 callbacks suppressed
[  272.713120][   T36] audit: type=1400 audit(1750359240.070:14885): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  272.778320][   T36] audit: type=1400 audit(1750359240.070:14886): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  272.801724][   T36] audit: type=1400 audit(1750359240.080:14887): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  272.834049][   T36] audit: type=1400 audit(1750359240.080:14888): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  272.866028][ T7913] audit: audit_backlog=65 > audit_backlog_limit=64
[  272.872568][ T7913] audit: audit_lost=58 audit_rate_limit=0 audit_backlog_limit=64
[  272.908231][T11091] audit: audit_backlog=65 > audit_backlog_limit=64
[  272.914983][   T36] audit: type=1400 audit(1750359240.080:14889): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  272.923130][ T7913] audit: backlog limit exceeded
[  272.945372][T11091] audit: audit_lost=59 audit_rate_limit=0 audit_backlog_limit=64
[  272.983567][T11094] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  272.983599][T11094] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:625
[  272.993018][T11094] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  273.003157][T11094] rust_binder: Read failure Err(EFAULT) in pid:625
[  273.155727][T11098] input: syz0 as /devices/virtual/input/input189
[  273.272342][T11104] input: syz1 as /devices/virtual/input/input190
[  273.333725][T11104] rust_binder: Write failure EINVAL in pid:48
[  273.467398][T11110] input input191: cannot allocate more than FF_MAX_EFFECTS effects
[  273.519686][T11110] rust_binder: Error while translating object.
[  273.519726][T11110] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  273.538983][T11110] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:632
[  273.583563][T11113] binder: Bad value for 'stats'
[  273.916012][T11128] rust_binder: Write failure EFAULT in pid:639
[  273.989161][T11131] rust_binder: Error while translating object.
[  274.003260][T11131] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  274.009486][T11131] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:58
[  274.051441][T11133] rust_binder: Write failure EINVAL in pid:641
[  274.307283][T11139] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  274.333214][T11140] rust_binder: Error while translating object.
[  274.353630][T11140] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  274.360934][T11140] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:643
[  274.675989][T11159] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  274.677008][T11160] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:648
[  275.035747][T11169] SELinux:  policydb magic number 0x8 does not match expected magic number 0xf97cff8c
[  275.058193][T11169] SELinux: failed to load policy
[  275.139245][T11176] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  275.144610][T11176] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  275.151099][T11176] rust_binder: Error while translating object.
[  275.173201][T11176] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  275.189207][T11176] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1349
[  275.652237][T11194] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  275.652285][T11194] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:79
[  275.910501][T11204] rust_binder: Write failure EINVAL in pid:87
[  276.147663][T11215] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  276.512697][T11230] binder: Bad value for 'stats'
[  276.544660][T11235] binder: Unknown parameter 'non'
[  276.623247][T11239] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  276.815283][T11246] rust_binder: Write failure EFAULT in pid:101
[  276.929947][T11251] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  277.032300][T11251] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  277.254577][T11262] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  277.254616][T11262] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:671
[  277.730004][   T36] kauditd_printk_skb: 3413 callbacks suppressed
[  277.730025][   T36] audit: type=1400 audit(1750359245.090:18299): avc:  denied  { read open } for  pid=11276 comm="syz.6.3389" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  277.806044][   T36] audit: type=1400 audit(1750359245.140:18300): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  277.843155][T11277] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  277.876246][   T36] audit: type=1400 audit(1750359245.140:18301): avc:  denied  { ioctl } for  pid=11276 comm="syz.6.3389" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  277.934489][ T7913] audit: audit_backlog=65 > audit_backlog_limit=64
[  277.941049][ T7913] audit: audit_lost=61 audit_rate_limit=0 audit_backlog_limit=64
[  277.948969][   T36] audit: type=1400 audit(1750359245.140:18302): avc:  denied  { setattr } for  pid=7913 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  277.973369][T11279] audit: audit_backlog=65 > audit_backlog_limit=64
[  277.980278][ T7913] audit: backlog limit exceeded
[  277.996575][ T7913] audit: audit_backlog=65 > audit_backlog_limit=64
[  277.998290][T11279] audit: audit_lost=62 audit_rate_limit=0 audit_backlog_limit=64
[  278.033218][T11279] rust_binder: Error in use_page_slow: ESRCH
[  278.033247][T11279] rust_binder: use_range failure ESRCH
[  278.039318][T11279] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  278.082398][T11279] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  278.110073][T11279] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:112
[  278.309015][T11286] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1385
[  278.329828][T11288] rust_binder: inc_ref_done called when no active inc_refs
[  278.352347][T11288] input: syz1 as /devices/virtual/input/input193
[  278.369559][T11289] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  278.395916][T11289] binder: Unknown parameter 'non'
[  278.403150][T11291] binder: Unknown parameter 'm!_?000000000000B
[  278.403150][T11291] r&0000000'
[  278.481325][T11293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  278.482110][T11294] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  278.494105][T11293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  279.227910][T11319] binder: Unknown parameter 'dont_hash'
[  280.091460][T11338] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  280.093891][T11338] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 0
[  280.122148][T11338] rust_binder: Write failure EINVAL in pid:1393
[  280.376466][T11348] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  280.382864][T11348] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:708
[  280.497463][   T13] bridge_slave_1: left allmulticast mode
[  280.507344][T11355] rust_binder: Write failure EINVAL in pid:142
[  280.523106][   T13] bridge_slave_1: left promiscuous mode
[  280.543211][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.561432][   T13] bridge_slave_0: left allmulticast mode
[  280.569931][   T13] bridge_slave_0: left promiscuous mode
[  280.575664][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.664090][T11364] rust_binder: Error while translating object.
[  280.664135][T11364] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  280.670399][T11364] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:149
[  280.805837][   T13] veth1_macvtap: left promiscuous mode
[  280.820419][   T13] veth0_vlan: left promiscuous mode
[  280.867501][T11369] rust_binder: Write failure EFAULT in pid:151
[  280.964438][T11346] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.983098][T11346] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.990298][T11346] bridge_slave_0: entered allmulticast mode
[  281.003563][T11346] bridge_slave_0: entered promiscuous mode
[  281.011413][T11346] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.019697][T11346] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.027533][T11346] bridge_slave_1: entered allmulticast mode
[  281.035409][T11346] bridge_slave_1: entered promiscuous mode
[  281.195697][T11346] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.202820][T11346] bridge0: port 2(bridge_slave_1) entered forwarding state
[  281.210153][T11346] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.217258][T11346] bridge0: port 1(bridge_slave_0) entered forwarding state
[  281.304520][T11387] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1400
[  281.306936][T11387] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  281.333414][T11387] binder: Unknown parameter 'coyBLV�"i5������ntext'
[  281.347445][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.354895][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.381114][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.388264][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  281.404524][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.411660][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  281.472145][T11392] binder: Unknown parameter 'dnQpnt_hash'
[  281.497677][T11394] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  281.498398][T11394] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  281.563474][T11399] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  281.608322][T11346] veth0_vlan: entered promiscuous mode
[  281.700184][T11399] rust_binder: Error in use_page_slow: ESRCH
[  281.700210][T11399] rust_binder: use_range failure ESRCH
[  281.724201][T11399] rust_binder: Failed to allocate buffer. len:4120, is_oneway:false
[  281.729726][T11399] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  281.750772][T11346] veth1_macvtap: entered promiscuous mode
[  281.769900][T11401] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 18446744073709551585)
[  281.769927][T11401] rust_binder: Error while translating object.
[  281.782146][T11399] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1403
[  281.788634][T11401] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  281.812904][T11401] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:165
[  282.350655][T11430] binder: Unknown parameter '/dev/kvm'
[  282.433706][T11437] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  282.664102][T11449] rust_binder: Error while translating object.
[  282.664166][T11449] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  282.682348][T11449] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:10
[  282.742957][   T36] kauditd_printk_skb: 1949 callbacks suppressed
[  282.742979][   T36] audit: type=1400 audit(1750359250.100:20225): avc:  denied  { read write } for  pid=11346 comm="syz-executor" name="loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  282.778652][T11454] binder: Bad value for 'max'
[  282.814039][   T36] audit: type=1400 audit(1750359250.100:20226): avc:  denied  { read write open } for  pid=11346 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  282.820175][T11456] SELinux:  truncated policydb string identifier
[  282.863140][   T36] audit: type=1400 audit(1750359250.100:20227): avc:  denied  { ioctl } for  pid=11346 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  282.863920][T11456] SELinux: failed to load policy
[  282.906520][   T36] audit: type=1400 audit(1750359250.110:20228): avc:  denied  { read } for  pid=11453 comm="syz.6.3442" name="binder0" dev="binder" ino=81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  282.929546][   T36] audit: type=1400 audit(1750359250.110:20229): avc:  denied  { read open } for  pid=11453 comm="syz.6.3442" path="/dev/binderfs/binder0" dev="binder" ino=81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  282.983125][   T36] audit: type=1400 audit(1750359250.110:20230): avc:  denied  { ioctl } for  pid=11453 comm="syz.6.3442" path="/dev/binderfs/binder0" dev="binder" ino=81 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  283.053188][   T36] audit: type=1400 audit(1750359250.120:20231): avc:  denied  { set_context_mgr } for  pid=11453 comm="syz.6.3442" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  283.066293][T11461] rust_binder: Failed copying remainder into alloc: EFAULT
[  283.082476][T11461] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[  283.114692][T11461] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  283.133118][   T36] audit: type=1400 audit(1750359250.120:20232): avc:  denied  { read } for  pid=11453 comm="syz.6.3442" name="binder0" dev="binder" ino=81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  283.154447][T11461] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:15
[  283.233734][   T36] audit: type=1400 audit(1750359250.120:20233): avc:  denied  { read open } for  pid=11453 comm="syz.6.3442" path="/dev/binderfs/binder0" dev="binder" ino=81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  283.257170][T11474] audit: audit_backlog=65 > audit_backlog_limit=64
[  283.291194][T11474] rust_binder: Write failure EFAULT in pid:188
[  283.601697][T11492] binder: Bad value for 'defcontext'
[  283.619663][T11493] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  283.708419][T11495] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  283.782246][T11499] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 89)
[  283.782275][T11499] rust_binder: Error while translating object.
[  283.811271][T11499] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  283.825307][T11498] rust_binder: Error while translating object.
[  283.832175][T11499] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:756
[  283.847508][T11498] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  283.868783][T11502] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1422
[  283.880001][T11498] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:23
[  283.959801][T11510] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  284.089502][T11516] block device autoloading is deprecated and will be removed.
[  284.141035][T11516] syz.0.3463: attempt to access beyond end of device
[  284.141035][T11516] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  284.212751][T11516] rust_binder: Write failure EINVAL in pid:1424
[  284.462369][T11531] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  284.833627][T11540] binder: Bad value for 'max'
[  284.846284][T11541] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  285.044871][T11553] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  285.210249][T11558] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:35
[  285.365437][T11569] binder: Bad value for 'stats'
[  285.394879][T11564] binder: Bad value for 'stats'
[  285.404726][T11562] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  286.141763][T11591] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  286.234034][T11592] rust_binder: Error while translating object.
[  286.250846][T11592] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  286.266279][T11592] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:38
[  286.518479][T11599] rust_binder: Error while translating object.
[  286.583188][T11599] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  286.604882][T11599] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:42
[  287.422907][T11627] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:220
[  287.568296][T11634] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  287.592661][T11631] binder: Unknown parameter 'coyBLV�"i5������ntext'
[  287.605167][T11634] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:49
[  287.769737][   T36] kauditd_printk_skb: 673 callbacks suppressed
[  287.769758][   T36] audit: type=1400 audit(1750359255.130:20863): avc:  denied  { read write } for  pid=8894 comm="syz-executor" name="loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  287.866503][   T36] audit: type=1400 audit(1750359255.180:20864): avc:  denied  { read write open } for  pid=8894 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  287.914613][T11647] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  287.936894][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  287.946887][T11647] SELinux: failed to load policy
[  287.951906][   T36] audit: type=1400 audit(1750359255.180:20865): avc:  denied  { ioctl } for  pid=8894 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  287.980118][T11647] rust_binder: Error in use_page_slow: ESRCH
[  287.980141][T11647] rust_binder: use_range failure ESRCH
[  287.989687][T11638] binder: Unknown parameter 'defcontext01777777777777777777777'
[  287.994609][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.012885][T11647] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  288.012910][T11647] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  288.027593][T11647] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:805
[  288.037989][   T36] audit: type=1400 audit(1750359255.200:20866): avc:  denied  { read write } for  pid=11643 comm="syz.7.3500" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  288.052644][T11654] input: syz1 as /devices/virtual/input/input199
[  288.087571][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.108942][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.118912][   T36] audit: type=1400 audit(1750359255.200:20867): avc:  denied  { read write open } for  pid=11643 comm="syz.7.3500" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  288.149878][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.181297][   T36] audit: type=1400 audit(1750359255.200:20868): avc:  denied  { ioctl } for  pid=11643 comm="syz.7.3500" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  288.210563][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.242282][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.256870][   T36] audit: type=1400 audit(1750359255.210:20869): avc:  denied  { read } for  pid=11637 comm="syz.4.3499" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  288.281127][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.324108][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.341622][   T36] audit: type=1400 audit(1750359255.210:20870): avc:  denied  { read open } for  pid=11637 comm="syz.4.3499" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  288.384103][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.400725][T11658] binder: Bad value for 'stats'
[  288.407128][T11660] audit: audit_backlog=65 > audit_backlog_limit=64
[  288.408454][T11664] audit: audit_backlog=65 > audit_backlog_limit=64
[  288.414891][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.457340][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.484739][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.509108][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.530663][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.542298][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.570470][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.592627][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.604046][T11671] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  288.615447][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.629452][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.640909][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.652792][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.664859][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.676506][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.706847][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.730638][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.745293][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.757039][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  288.770843][T11673] rust_binder: Write failure EINVAL in pid:1468
[  288.770910][T11651] binder: Unknown parameter '�y <�x��v�B�4��Gu%��y�9��l|�i|�!��"�Ak:�;9�$�B�ic~�v'
[  289.084012][T11675] rust_binder: Failed to allocate buffer. len:136, is_oneway:true
[  289.251661][T11707] input: syz0 as /devices/virtual/input/input200
[  289.289040][T11707] binder: Bad value for 'max'
[  289.300445][T11707] SELinux: security_context_str_to_sid () failed with errno=-22
[  289.425657][T11713] rust_binder: Read failure Err(EAGAIN) in pid:240
[  289.447379][T11712] rust_binder: Error while translating object.
[  289.463150][T11712] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  289.490438][T11712] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:68
[  289.570648][T11724] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  289.584907][T11724] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  289.651691][T11722] rust_binder: Write failure EINVAL in pid:244
[  289.692378][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.736983][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.753356][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.760793][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.779035][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.792703][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.805649][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x4
[  289.820814][T11738] binder: Unknown parameter 'cojtex�'
[  289.824145][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.826561][T11733] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  289.836418][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.844367][T11733] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1473
[  289.853130][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.863102][T11733] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1473
[  289.877576][T11733] input: syz0 as /devices/virtual/input/input201
[  289.895162][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.902589][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x2
[  289.925291][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.932934][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.941606][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.949907][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.959736][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.967979][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.976374][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.984535][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  289.994770][T11744] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  289.994767][T11745] rust_binder: Failed to allocate buffer. len:40, is_oneway:true
[  290.004049][T11744] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  290.011802][T11744] rust_binder: Error while translating object.
[  290.022388][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.037573][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.043209][T11744] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  290.045768][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.048308][T11744] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:249
[  290.060127][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.081316][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.089596][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.098139][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.106463][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.114717][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.122212][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.130945][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.139067][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.147027][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.155543][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.162964][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.172410][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.181942][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.190234][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.198649][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.206804][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.214980][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.222413][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.230983][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.239140][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.253379][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.261973][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.270701][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.279131][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.287766][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.296435][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.304787][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.312357][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.326704][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.334596][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.342177][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.349652][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.357298][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.364785][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.372363][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.379862][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.387489][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.396489][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.404057][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x6
[  290.411469][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x3
[  290.418946][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.426565][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.434645][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.442091][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.462321][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.469796][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.477263][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.485166][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.501138][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.508612][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.516274][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.524317][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.531726][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.540263][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.548291][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.563202][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.570635][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.578757][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.587321][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.595213][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.602597][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.611454][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.619403][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.627496][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.635462][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.642880][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.651195][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.664097][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.672500][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.680245][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.687675][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.700509][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.708829][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.716352][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.723817][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.732377][T11759] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  290.732398][T11759] rust_binder: Error while translating object.
[  290.742999][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.757832][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.767035][T11759] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  290.767065][T11759] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1478
[  290.769384][T11760] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  290.777502][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.803641][T11760] rust_binder: Error while translating object.
[  290.803671][T11760] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  290.803694][T11760] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1478
[  290.824213][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.842507][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.849982][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.857672][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.869721][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.877215][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.885118][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.892541][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.914689][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.922213][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.938317][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.952067][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.973911][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.982525][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  290.996620][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.004219][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.011644][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.024327][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.040050][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.054242][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.063774][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.071218][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.075904][T11782] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1485
[  291.100550][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.128882][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.136368][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.152523][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.161638][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.170068][T11790] kvm: kvm [11788]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x187) = 0xfff
[  291.176786][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.193469][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.213744][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.221232][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.228920][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.238018][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.250591][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.251593][T11795] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  291.258089][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.263407][T11795] rust_binder: Error in use_page_slow: ESRCH
[  291.265123][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.273421][T11795] rust_binder: use_range failure ESRCH
[  291.285408][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.286636][T11795] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  291.290911][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.299722][T11795] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  291.316912][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.328527][T11795] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:273
[  291.333747][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.356989][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.364473][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.371893][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.379378][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.387480][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.395025][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.402457][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.410133][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.417614][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.425696][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.433763][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.441183][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.449637][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.459326][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.467359][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.476056][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.484073][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.493135][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.500567][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.513119][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.520550][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.520822][T11805] kvm: apic: phys broadcast and lowest prio
[  291.529561][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.541928][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.550774][T11806] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  291.553896][T11806] rust_binder: Error while translating object.
[  291.560324][T11806] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  291.566602][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.583541][T11806] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:280
[  291.589442][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.606318][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.613815][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.621271][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.629031][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.642295][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.647170][T11809] random: crng reseeded on system resumption
[  291.650807][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.665139][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.672607][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.680955][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.689104][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.691729][T11810] binder: Binderfs stats mode cannot be changed during a remount
[  291.700842][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.714424][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.722774][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.730374][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.737893][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.747492][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.755134][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.762544][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.770014][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.778283][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.787045][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.794491][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.801873][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.809323][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.816756][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.824471][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.832822][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.840294][   T31] hid-generic 01FF:0004:0400.0012: unknown main item tag 0x0
[  291.874410][   T31] hid-generic 01FF:0004:0400.0012: hidraw0: <UNKNOWN> HID v0.05 Device [syz0] on syz1
[  291.891397][T11816] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  291.892926][T11811] Restarting kernel threads ... 
[  291.909671][T11817] rust_binder: Write failure EINVAL in pid:854
[  291.929159][T11811] done.
[  291.934720][T11812] rust_binder: Error while translating object.
[  291.938143][T11812] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  291.951514][T11812] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:282
[  292.118627][T11831] input: syz1 as /devices/virtual/input/input203
[  292.134281][T11827] rust_binder: Error while translating object.
[  292.134317][T11827] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  292.142227][T11827] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:860
[  292.143393][T11833] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  292.180445][T11833] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  292.205835][T11833] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:1500
[  292.225015][T11831] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  292.254049][T11831] rust_binder: Error while translating object.
[  292.260573][T11831] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  292.294897][T11831] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:287
[  292.465099][T11846] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1222729745 (39127351840 ns) > initial count (25964891200 ns). Using initial count to start timer.
[  292.502759][T11846] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  292.502787][T11846] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:81
[  292.610790][T11853] rust_binder: Write failure EINVAL in pid:291
[  292.775120][   T36] kauditd_printk_skb: 811 callbacks suppressed
[  292.775141][   T36] audit: type=1400 audit(1750359260.140:21675): avc:  denied  { read } for  pid=11862 comm="syz.7.3568" path="/dev/udmabuf" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  292.860570][T11863] audit: audit_backlog=65 > audit_backlog_limit=64
[  292.861747][T11860] audit: audit_backlog=65 > audit_backlog_limit=64
[  292.867259][   T36] audit: type=1400 audit(1750359260.180:21676): avc:  denied  { write } for  pid=11862 comm="syz.7.3568" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  292.876935][T11864] audit: audit_backlog=65 > audit_backlog_limit=64
[  292.905310][T11863] audit: audit_lost=90 audit_rate_limit=0 audit_backlog_limit=64
[  292.913962][T11863] audit: backlog limit exceeded
[  292.918867][   T36] audit: type=1400 audit(1750359260.180:21677): avc:  denied  { write open } for  pid=11862 comm="syz.7.3568" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  292.944218][T11860] audit: audit_lost=91 audit_rate_limit=0 audit_backlog_limit=64
[  292.963388][T11863] audit: audit_backlog=65 > audit_backlog_limit=64
[  293.151020][T11871] fido_id[11871]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  293.462368][T11885] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  293.462397][T11885] rust_binder: Error while translating object.
[  293.483471][T11885] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  293.506333][T11885] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:89
[  293.671405][T11899] rust_binder: Write failure EFAULT in pid:879
[  293.734142][T11900] input: syz0 as /devices/virtual/input/input205
[  294.107911][T11919] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:306
[  294.397642][T11927] SELinux:  unknown common r
[  294.443217][T11927] SELinux: failed to load policy
[  294.576172][T11942] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  294.579072][T11927] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[  294.621571][T11927] rust_binder: Write failure EINVAL in pid:100
[  294.731926][T11951] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  294.750770][T11951] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  294.757367][T11951] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:314
[  294.933384][T11955] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1525
[  294.992736][T11955] rust_binder: Write failure EINVAL in pid:1525
[  295.025932][T11960] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  295.085920][T11960] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  295.104589][T11960] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  295.136179][T11960] rust_binder: Write failure EINVAL in pid:316
[  295.143449][T11960] rust_binder: Write failure EFAULT in pid:316
[  295.271692][T11968] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  295.358130][T11972] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1527
[  295.397149][T11973] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:319
[  295.434893][T11958] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  295.489493][T11965] binder: Unknown parameter '��e�R����:��^�F���V)o��
[  295.489493][T11965] ��@�BY�vc��0��'
[  295.514915][T11978] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[  295.518504][T11980] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  295.584867][T11978] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  295.584891][T11978] rust_binder: Error while translating object.
[  295.623120][T11978] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  295.623161][T11978] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:111
[  295.747357][T11986] input input207: cannot allocate more than FF_MAX_EFFECTS effects
[  295.828225][T11986] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  295.835888][T11986] rust_binder: Error while translating object.
[  295.855287][T11986] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  295.863225][T11995] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 18446744073709551585)
[  295.878864][T11986] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:326
[  295.903150][T11995] rust_binder: Error while translating object.
[  295.922165][T11995] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  295.930452][T11995] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:912
[  296.159012][T12007] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:119
[  296.200366][T12010] rust_binder: Got transaction with invalid offset.
[  296.200413][T12010] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  296.227587][T12010] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1531
[  296.321035][T12012] rust_binder: Write failure EFAULT in pid:122
[  296.445006][T12016] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  296.445042][T12016] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:124
[  296.516090][T12018] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  296.668130][T12024] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  296.886413][T12029] SELinux: security_context_str_to_sid () failed with errno=-22
[  297.858883][   T36] kauditd_printk_skb: 1183 callbacks suppressed
[  297.858904][   T36] audit: type=1400 audit(1750359265.220:22844): avc:  denied  { read write } for  pid=6353 comm="syz-executor" name="loop0" dev="devtmpfs" ino=593 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  297.913152][   T36] audit: type=1400 audit(1750359265.220:22845): avc:  denied  { read write open } for  pid=6353 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=593 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  297.979736][   T36] audit: type=1400 audit(1750359265.220:22846): avc:  denied  { ioctl } for  pid=6353 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=593 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  298.023147][   T36] audit: type=1400 audit(1750359265.230:22847): avc:  denied  { read } for  pid=12056 comm="syz.0.3627" name="binder0" dev="binder" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  298.067227][   T36] audit: type=1400 audit(1750359265.250:22848): avc:  denied  { read open } for  pid=12056 comm="syz.0.3627" path="/dev/binderfs/binder0" dev="binder" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  298.102692][T12062] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  298.111426][T12062] rust_binder: Write failure EINVAL in pid:921
[  298.131584][T12065] audit: audit_backlog=65 > audit_backlog_limit=64
[  298.137616][   T36] audit: type=1400 audit(1750359265.260:22849): avc:  denied  { ioctl } for  pid=12056 comm="syz.0.3627" path="/dev/binderfs/binder0" dev="binder" ino=84 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  298.164483][T11346] audit: audit_backlog=65 > audit_backlog_limit=64
[  298.178418][T12065] audit: audit_lost=98 audit_rate_limit=0 audit_backlog_limit=64
[  298.190332][   T36] audit: type=1400 audit(1750359265.260:22850): avc:  denied  { set_context_mgr } for  pid=12056 comm="syz.0.3627" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  298.294567][T12069] random: crng reseeded on system resumption
[  298.450789][T12071] rust_binder: Got transaction with invalid offset.
[  298.450838][T12071] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  298.464734][T12071] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:134
[  298.500674][T12076] kvm: Disabled LAPIC found during irq injection
[  298.518578][T12079] SELinux: security_context_str_to_sid () failed with errno=-22
[  298.598165][T12081] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  298.639035][T12083] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  298.706210][T12086] rust_binder: Error in use_page_slow: ESRCH
[  298.712772][T12086] rust_binder: use_range failure ESRCH
[  298.730033][T12086] rust_binder: Failed to allocate buffer. len:4096, is_oneway:false
[  298.754122][T12086] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  298.773131][T12086] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:357
[  298.784735][T12091] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:357
[  299.202301][T12110] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1560
[  299.235408][T12110] rust_binder: Error while translating object.
[  299.257164][T12110] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  299.263455][T12110] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1560
[  299.325098][T12114] binder: Unknown parameter 'coyBLV�"i5������ntext'
[  299.500928][T12117] rust_binder: Error while translating object.
[  299.500965][T12117] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  299.515346][T12117] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:942
[  299.547728][T12119] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  299.627128][T12120] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:361
[  299.910612][T12129] SELinux: failed to load policy
[  300.113462][T12141] kvm: kvm [12140]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x3032
[  300.163739][T12141] rust_binder: Write failure EFAULT in pid:952
[  300.460594][T12151] geneve1: tun_chr_ioctl cmd 1074025672
[  300.478193][T12151] geneve1: ignored: set checksum enabled
[  300.518442][T12157] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  300.624430][T12160] rust_binder: Write failure EINVAL in pid:1576
[  300.640545][T12153] rust_binder: Failed to allocate buffer. len:128, is_oneway:true
[  300.682153][T12153] rust_binder: Failed to allocate buffer. len:128, is_oneway:true
[  300.721864][T12164] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  300.983530][T12175] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  301.007764][T12175] rust_binder: Error while translating object.
[  301.033127][T12175] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  301.039376][T12175] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1583
[  301.144740][T12184] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1585
[  301.631494][T12211] rust_binder: Error while translating object.
[  301.655905][T12211] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  301.668705][T12211] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:973
[  301.680552][T12208] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:150
[  301.691833][T12213] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:973
[  301.717495][T12211] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:973
[  301.765351][T12214] rust_binder: Write failure EINVAL in pid:150
[  301.989083][T12221] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:981
[  301.995366][T12221] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  302.005032][T12221] rust_binder: Read failure Err(EFAULT) in pid:981
[  302.054260][T12223] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  302.112147][T12225] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  302.133145][T12225] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:983
[  302.148781][T12225] binder: Unknown parameter 'contextfs/binder0'
[  302.282079][T12233] binder: Unknown parameter 'defcontext01777777777777777777777'
[  302.526397][T12246] random: crng reseeded on system resumption
[  302.881059][   T36] kauditd_printk_skb: 1047 callbacks suppressed
[  302.881080][   T36] audit: type=1400 audit(1750359270.240:23895): avc:  denied  { read } for  pid=12259 comm="syz.4.3692" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  302.922655][T12260] binder: Unknown parameter 'nXI'
[  302.924301][   T36] audit: type=1400 audit(1750359270.270:23896): avc:  denied  { read open } for  pid=12259 comm="syz.4.3692" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  302.977215][   T36] audit: type=1400 audit(1750359270.280:23897): avc:  denied  { ioctl } for  pid=12259 comm="syz.4.3692" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae03 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  303.030684][   T36] audit: type=1400 audit(1750359270.280:23898): avc:  denied  { read write } for  pid=12257 comm="syz.7.3691" name="vhost-vsock" dev="devtmpfs" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  303.096029][T12263] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  303.100217][T12263] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  303.103116][   T36] audit: type=1400 audit(1750359270.280:23899): avc:  denied  { read write open } for  pid=12257 comm="syz.7.3691" path="/dev/vhost-vsock" dev="devtmpfs" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  303.114939][T12265] input: syz1 as /devices/virtual/input/input209
[  303.166102][T12266] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  303.213230][   T36] audit: type=1400 audit(1750359270.280:23900): avc:  denied  { mounton } for  pid=12259 comm="syz.4.3692" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  303.246456][   T36] audit: type=1400 audit(1750359270.290:23901): avc:  denied  { ioctl } for  pid=12257 comm="syz.7.3691" path="/dev/vhost-vsock" dev="devtmpfs" ino=200 ioctlcmd=0xaf70 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  303.269979][T12265] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:159
[  303.277607][T12265] rust_binder: Error while translating object.
[  303.300001][ T6353] audit: audit_backlog=65 > audit_backlog_limit=64
[  303.308368][T12269] audit: audit_backlog=65 > audit_backlog_limit=64
[  303.321587][T12265] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  303.321623][T12265] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:159
[  303.336502][   T94] audit: audit_backlog=65 > audit_backlog_limit=64
[  303.898901][T12296] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  303.969332][T12299] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:167
[  304.029282][T12306] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  304.053091][T12306] rust_binder: Error while translating object.
[  304.078562][T12306] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  304.096519][T12306] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:167
[  304.168289][T12311] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[  304.258733][T12313] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  304.607470][T12326] rust_binder: Write failure EINVAL in pid:1010
[  304.665867][T12328] rust_binder: Error while translating object.
[  304.689096][T12328] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  304.704454][T12328] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:423
[  304.784649][T12331] rust_binder: Write failure EINVAL in pid:1012
[  305.185850][T12352] rust_binder: Write failure EINVAL in pid:1017
[  305.217883][T12352] rust_binder: Error while translating object.
[  305.242065][T12352] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  305.249161][T12352] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1017
[  305.607881][T12371] binder: Unknown parameter 'nXI'
[  305.997609][T12388] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  306.045152][T12385] syz.4.3734: attempt to access beyond end of device
[  306.045152][T12385] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  306.098860][T12392] SELinux:  truncated policydb string identifier
[  306.106544][T12392] SELinux: failed to load policy
[  306.403131][T12406] input: syz1 as /devices/virtual/input/input213
[  306.677351][T12414] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  306.691540][T12414] rust_binder: Write failure EINVAL in pid:1628
[  306.774128][T12418] rust_binder: Error while translating object.
[  306.789199][T12418] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  306.806617][T12418] rust_binder: Failure BR_FAILED_REPLY { source: EPERM } during reply - delivering BR_FAILED_REPLY to sender.
[  306.817040][T12424] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  306.830544][T12418] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:447
[  306.859202][T12429] binder: Unknown parameter 'smackfsroot'
[  307.045462][T12439] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  307.045489][T12439] rust_binder: Failure in copy_transaction_data: BR_DEAD_REPLY
[  307.063199][T12439] rust_binder: Failure BR_DEAD_REPLY during reply - delivering BR_FAILED_REPLY to sender.
[  307.264580][T12451] random: crng reseeded on system resumption
[  307.280749][T12444] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  307.280776][T12444] rust_binder: Error while translating object.
[  307.304447][T12444] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  307.310686][T12444] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:213
[  307.511106][T12463] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 255)
[  307.534283][T12463] rust_binder: Error while translating object.
[  307.563193][T12463] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  307.578790][T12465] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  307.595158][T12463] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1041
[  307.596640][T12467] binder: Bad value for 'defcontext'
[  307.615661][T12465] rust_binder: Error while translating object.
[  307.616206][T12465] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  307.622614][T12465] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1641
[  307.789011][T12475] rust_binder: inc_ref_done called when no active inc_refs
[  307.799549][T12472] cgroup: fork rejected by pids controller in 
[  307.828888][T12475] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1043
[  307.843418][T12472] /syz7
[  307.883101][   T36] kauditd_printk_skb: 987 callbacks suppressed
[  307.883120][   T36] audit: type=1400 audit(1750359275.240:24880): avc:  denied  { read write open } for  pid=6353 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=593 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  307.941904][T12561] binder: Unknown parameter ''
[  307.961489][   T36] audit: type=1400 audit(1750359275.240:24881): avc:  denied  { ioctl } for  pid=6353 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=593 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  307.983925][T12528] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  308.031803][T12528] SELinux: failed to load policy
[  308.053107][   T36] audit: type=1400 audit(1750359275.290:24882): avc:  denied  { read } for  pid=12522 comm="syz.4.3764" name="binder0" dev="binder" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  308.111427][T12591] rust_binder: Write failure EINVAL in pid:1651
[  308.119220][   T36] audit: type=1400 audit(1750359275.290:24883): avc:  denied  { read open } for  pid=12522 comm="syz.4.3764" path="/dev/binderfs/binder0" dev="binder" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  308.215185][   T36] audit: type=1400 audit(1750359275.300:24884): avc:  denied  { map } for  pid=12522 comm="syz.4.3764" path="/dev/binderfs/binder0" dev="binder" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  308.283774][   T36] audit: type=1400 audit(1750359275.300:24885): avc:  denied  { read } for  pid=12522 comm="syz.4.3764" path="/dev/binderfs/binder0" dev="binder" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  308.314419][   T36] audit: type=1400 audit(1750359275.300:24886): avc:  denied  { ioctl } for  pid=12522 comm="syz.4.3764" path="/dev/binderfs/binder0" dev="binder" ino=87 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  308.363735][T12598] audit: audit_backlog=65 > audit_backlog_limit=64
[  308.366482][T12600] audit: audit_backlog=65 > audit_backlog_limit=64
[  308.370279][T12598] audit: audit_lost=104 audit_rate_limit=0 audit_backlog_limit=64
[  308.385217][T12598] input: syz1 as /devices/virtual/input/input214
[  308.491590][   T13] bridge_slave_1: left allmulticast mode
[  308.497683][   T13] bridge_slave_1: left promiscuous mode
[  308.507851][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.550242][   T13] bridge_slave_0: left allmulticast mode
[  308.561057][   T13] bridge_slave_0: left promiscuous mode
[  308.579855][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.721745][T12607] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  308.721772][T12607] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  308.734569][T12607] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:1054
[  308.749271][   T13] veth1_macvtap: left promiscuous mode
[  308.764169][   T13] veth0_vlan: left promiscuous mode
[  308.894546][T12604] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.901712][T12604] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.910506][T12604] bridge_slave_0: entered allmulticast mode
[  308.917381][T12604] bridge_slave_0: entered promiscuous mode
[  308.924822][T12604] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.931905][T12604] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.938992][T12604] bridge_slave_1: entered allmulticast mode
[  308.945432][T12604] bridge_slave_1: entered promiscuous mode
[  309.033323][T12604] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.040393][T12604] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.047718][T12604] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.054786][T12604] bridge0: port 1(bridge_slave_0) entered forwarding state
[  309.107272][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.115522][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.132518][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.139604][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  309.150016][  T309] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.157130][  T309] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.235489][T12604] veth0_vlan: entered promiscuous mode
[  309.271141][T12604] veth1_macvtap: entered promiscuous mode
[  309.453876][T12619] rust_binder: Write failure EFAULT in pid:2
[  309.599976][T12623] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:4
[  309.844345][T12638] input: syz1 as /devices/virtual/input/input217
[  309.887991][T12643] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  309.932972][T12649] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  310.006691][T12646] rust_binder: Error in use_page_slow: ESRCH
[  310.006717][T12646] rust_binder: use_range failure ESRCH
[  310.036243][T12650] rust_binder: Error in use_page_slow: ESRCH
[  310.059828][T12650] rust_binder: use_range failure ESRCH
[  310.083676][T12646] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  310.103282][T12646] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  310.133035][T12650] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  310.161342][T12653] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  310.182957][T12646] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:10
[  310.192641][T12653] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:472
[  310.204175][T12650] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  310.253166][T12650] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:10
[  310.452094][T12669] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  310.479243][T12672] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  310.585381][T12669] rust_binder: Write failure EINVAL in pid:14
[  310.592355][T12680] kvm: kvm [12678]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x7c3000000000a1a9
[  310.609546][T12679] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  310.631057][T12681] input: syz1 as /devices/virtual/input/input219
[  310.662596][T12681] rust_binder: Write failure EINVAL in pid:1067
[  310.907393][T12690] binder: Unknown parameter 'nXI'
[  310.929725][T12689] rust_binder: Write failure EFAULT in pid:481
[  311.118065][T12699] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  311.207231][T12707] rust_binder: Failed to allocate buffer. len:184, is_oneway:false
[  311.612973][T12727] pim6reg0: tun_chr_ioctl cmd 1074025677
[  311.626734][T12727] pim6reg0: linktype set to 769
[  311.637508][T12727] binder: Unknown parameter 'defcontext01777777777777777777777'
[  311.736528][T12731] kvm: user requested TSC rate below hardware speed
[  311.823971][T12736] binder: Bad value for 'max'
[  311.912756][T12738] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 28)
[  311.912783][T12738] rust_binder: Error while translating object.
[  311.939230][T12738] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  311.947597][T12741] binder: Unknown parameter 'coyBLV�"i5������ntext'
[  311.964063][T12738] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:27
[  312.159809][T12755] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1079
[  312.369751][T12767] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1086
[  312.395463][T12767] rust_binder: Error while translating object.
[  312.406041][T12767] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  312.423156][T12767] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1086
[  312.536319][T12771] binder: Unknown parameter 'non'
[  312.594457][T12774] binder: Unknown parameter 'non'
[  312.671996][T12778] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1090
[  312.775078][T12780] input: syz1 as /devices/virtual/input/input220
[  312.893168][   T36] kauditd_printk_skb: 871 callbacks suppressed
[  312.893188][   T36] audit: type=1400 audit(1750359280.260:25743): avc:  denied  { mounton } for  pid=12790 comm="syz.0.3830" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  312.951018][   T36] audit: type=1400 audit(1750359280.260:25744): avc:  denied  { read write } for  pid=10934 comm="syz-executor" name="loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  313.013109][   T36] audit: type=1400 audit(1750359280.260:25745): avc:  denied  { read write open } for  pid=10934 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  313.090500][   T36] audit: type=1400 audit(1750359280.260:25746): avc:  denied  { ioctl } for  pid=10934 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  313.161643][   T36] audit: type=1400 audit(1750359280.290:25747): avc:  denied  { mount } for  pid=12790 comm="syz.0.3830" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  313.185094][   T36] audit: type=1400 audit(1750359280.290:25748): avc:  denied  { mounton } for  pid=12790 comm="syz.0.3830" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  313.268423][   T36] audit: type=1400 audit(1750359280.290:25749): avc:  denied  { mount } for  pid=12790 comm="syz.0.3830" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  313.324350][T12807] binder: Unknown parameter 'non'
[  313.330951][T12804] audit: audit_backlog=65 > audit_backlog_limit=64
[  313.331742][T12805] audit: audit_backlog=65 > audit_backlog_limit=64
[  313.343149][T12804] audit: audit_lost=110 audit_rate_limit=0 audit_backlog_limit=64
[  313.401017][T12809] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  313.514431][T12817] binder: Unknown parameter ''
[  313.643775][T12809] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[  313.691831][T12809] rust_binder: Write failure EINVAL in pid:39
[  314.031605][T12836] binder: Unknown parameter '00000000000000000003'
[  314.845316][T12875] binder: Bad value for 'max'
[  315.120419][T12884] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  315.243705][T12888] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  315.285493][T12888] rust_binder: Error while translating object.
[  315.288805][T12893] binder: Bad value for 'stats'
[  315.317180][T12888] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  315.317224][T12888] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1122
[  315.454768][T12898] binder: Unknown parameter 'nXI'
[  315.509318][T12897] syzkaller0: tun_chr_ioctl cmd 2147767506
[  316.356730][T12934] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  316.423915][T12934] kvm: apic: phys broadcast and lowest prio
[  316.479439][T12946] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1136
[  316.657720][T12948] random: crng reseeded on system resumption
[  316.944443][  T304] bridge_slave_1: left allmulticast mode
[  316.961005][  T304] bridge_slave_1: left promiscuous mode
[  316.979293][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.001537][  T304] bridge_slave_0: left allmulticast mode
[  317.016017][  T304] bridge_slave_0: left promiscuous mode
[  317.030522][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.202268][T12964] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:72
[  317.273761][  T304] veth1_macvtap: left promiscuous mode
[  317.297340][  T304] veth0_vlan: left promiscuous mode
[  317.605099][T12963] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.612185][T12963] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.619451][T12963] bridge_slave_0: entered allmulticast mode
[  317.625941][T12963] bridge_slave_0: entered promiscuous mode
[  317.642157][T12963] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.649311][T12963] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.657090][T12963] bridge_slave_1: entered allmulticast mode
[  317.663552][T12963] bridge_slave_1: entered promiscuous mode
[  317.911566][   T36] kauditd_printk_skb: 705 callbacks suppressed
[  317.911584][   T36] audit: type=1400 audit(1750359285.270:26452): avc:  denied  { read } for  pid=12983 comm="syz.7.3895" name="binder0" dev="binder" ino=34 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  317.941642][T12963] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.948773][T12963] bridge0: port 2(bridge_slave_1) entered forwarding state
[  317.956144][T12963] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.963313][T12963] bridge0: port 1(bridge_slave_0) entered forwarding state
[  317.964966][T12986] binder: Unknown parameter 'fsed_u'
[  317.972451][   T36] audit: type=1400 audit(1750359285.270:26453): avc:  denied  { read open } for  pid=12983 comm="syz.7.3895" path="/dev/binderfs/binder0" dev="binder" ino=34 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  318.025080][   T36] audit: type=1400 audit(1750359285.330:26454): avc:  denied  { mounton } for  pid=12985 comm="syz.6.3896" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  318.079901][   T36] audit: type=1400 audit(1750359285.330:26455): avc:  denied  { write } for  pid=12983 comm="syz.7.3895" name="ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  318.101188][T12984] rust_binder: Write failure EINVAL in pid:75
[  318.125380][T12988] audit: audit_backlog=65 > audit_backlog_limit=64
[  318.128002][T12963] audit: audit_backlog=65 > audit_backlog_limit=64
[  318.131500][T12988] audit: audit_lost=112 audit_rate_limit=0 audit_backlog_limit=64
[  318.148302][   T36] audit: type=1400 audit(1750359285.330:26456): avc:  denied  { write open } for  pid=12983 comm="syz.7.3895" path="/dev/ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  318.177657][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.181413][T12990] audit: audit_backlog=65 > audit_backlog_limit=64
[  318.191586][T12963] audit: audit_lost=113 audit_rate_limit=0 audit_backlog_limit=64
[  318.209156][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.249502][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.256624][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.267450][T12993] random: crng reseeded on system resumption
[  318.270079][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.280585][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.416748][T12993] rust_binder: Write failure EINVAL in pid:1149
[  318.531467][T12963] veth0_vlan: entered promiscuous mode
[  318.657294][T12963] veth1_macvtap: entered promiscuous mode
[  318.863851][T13013] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:81
[  319.009454][T13020] rust_binder: Write failure EINVAL in pid:2
[  319.397587][T13033] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:9
[  319.666840][T13040] binder: Bad value for 'context'
[  319.761730][T13044] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:85
[  319.763169][T13043] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  319.959792][T13048] rust_binder: Write failure EFAULT in pid:16
[  321.196332][T13094] kvm_intel: kvm [13093]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x3
[  321.235931][T13094] binder: Unknown parameter 'pcr'
[  321.276546][T13101] input: syz1 as /devices/virtual/input/input223
[  321.470579][T13105] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  321.470614][T13105] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:112
[  321.909553][T13122] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:117
[  321.941321][T13122] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  321.973132][T13122] rust_binder: Read failure Err(EFAULT) in pid:117
[  322.199189][T13133] rust_binder: Failed to allocate buffer. len:65376, is_oneway:true
[  322.228173][T13133] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  322.259463][T13133] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:119
[  322.658978][T13154] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  322.705197][T13154] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  322.715591][T13154] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  322.739060][T13154] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  322.784954][T13154] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  322.865774][T13154] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  322.909189][T13154] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  322.949451][   T36] kauditd_printk_skb: 961 callbacks suppressed
[  322.949471][   T36] audit: type=1400 audit(1750359290.310:27297): avc:  denied  { remount } for  pid=13149 comm="syz.0.3945" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  322.949745][T13154] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  322.982333][   T36] audit: type=1400 audit(1750359290.340:27298): avc:  denied  { read write } for  pid=12604 comm="syz-executor" name="loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  323.083097][   T36] audit: type=1400 audit(1750359290.340:27299): avc:  denied  { read write open } for  pid=12604 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  323.104906][T13173] kvm: kvm [13168]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x4000000000000001
[  323.133298][T13154] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  323.155200][T13173] input: syz1 as /devices/virtual/input/input224
[  323.161795][   T36] audit: type=1400 audit(1750359290.340:27300): avc:  denied  { ioctl } for  pid=12604 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  323.224248][T13154] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  323.242217][   T36] audit: type=1400 audit(1750359290.390:27301): avc:  denied  { read write } for  pid=12963 comm="syz-executor" name="loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  323.292585][T13177] rust_binder: validate_parent_fixup: fixup_min_offset=29, parent_offset=27
[  323.292613][T13177] rust_binder: Error while translating object.
[  323.293672][T13154] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  323.321893][T13177] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  323.321932][T13177] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:136
[  323.343089][   T36] audit: type=1400 audit(1750359290.390:27302): avc:  denied  { read write open } for  pid=12963 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  323.404320][T13154] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  323.416376][T13154] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  323.453110][   T36] audit: type=1400 audit(1750359290.390:27303): avc:  denied  { ioctl } for  pid=12963 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  323.494618][T13184] audit: audit_backlog=65 > audit_backlog_limit=64
[  323.509180][ T6353] audit: audit_backlog=65 > audit_backlog_limit=64
[  323.516972][T13185] audit: audit_backlog=65 > audit_backlog_limit=64
[  323.575717][T13189] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  323.768309][T13199] random: crng reseeded on system resumption
[  324.007509][T13205] binder: Unknown parameter 'dont_hash'
[  324.030545][T13214] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  324.030582][T13214] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:42
[  324.063411][T13207] SELinux: security_context_str_to_sid (sy�) failed with errno=-22
[  324.267590][T13220] binder: Bad value for 'max'
[  324.379681][T13227] input: syz1 as /devices/virtual/input/input225
[  325.227402][T13268] SELinux: security_context_str_to_sid (system_u�Gй�:��) failed with errno=-22
[  325.262107][T13273] rust_binder: Write failure EFAULT in pid:163
[  325.296472][T13269] binder: Unknown parameter 'fscontext?}'
[  325.889276][T13298] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  325.889305][T13298] rust_binder: Error while translating object.
[  325.918920][T13298] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  325.932686][T13298] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:171
[  326.171718][T13317] rust_binder: Error while translating object.
[  326.193217][T13317] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  326.199994][T13317] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:53
[  326.254942][T13322] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  326.703016][T13344] input: syz0 as /devices/virtual/input/input229
[  326.816771][T13351] binder: Bad value for 'max'
[  326.863158][T13345] rust_binder: Write failure EINVAL in pid:61
[  326.863592][T13345] rust_binder: Write failure EFAULT in pid:61
[  326.873533][T13351] binder: Unknown parameter 'smackfshat'
[  327.172548][T13367] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  327.189885][T13361] SELinux: ebitmap: truncated map
[  327.198229][T13361] SELinux: failed to load policy
[  327.216834][T13370] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[  327.252249][T13370] rust_binder: Write failure EINVAL in pid:186
[  327.540032][T13387] rust_binder: Write failure EFAULT in pid:190
[  327.909868][T13399] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  327.950396][T13399] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  327.967141][   T36] kauditd_printk_skb: 841 callbacks suppressed
[  327.967169][   T36] audit: type=1400 audit(1750359295.330:28136): avc:  denied  { ioctl } for  pid=13398 comm="syz.7.4022" path="/dev/binderfs/binder0" dev="binder" ino=34 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  327.967186][T13399] rust_binder: Write failure EINVAL in pid:195
[  328.067321][   T36] audit: type=1400 audit(1750359295.430:28137): avc:  denied  { read write } for  pid=12604 comm="syz-executor" name="loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  328.119130][   T36] audit: type=1400 audit(1750359295.430:28138): avc:  denied  { read write open } for  pid=12604 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  328.137517][T13401] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  328.172899][   T36] audit: type=1400 audit(1750359295.430:28139): avc:  denied  { ioctl } for  pid=12604 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  328.200264][   T36] audit: type=1400 audit(1750359295.500:28140): avc:  denied  { remount } for  pid=13400 comm="syz.7.4023" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  328.238599][   T36] audit: type=1400 audit(1750359295.600:28141): avc:  denied  { read write } for  pid=12604 comm="syz-executor" name="loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  328.264779][   T36] audit: type=1400 audit(1750359295.600:28142): avc:  denied  { read write open } for  pid=12604 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  328.325114][T13405] binder: Unknown parameter 'dont_hash'
[  328.333157][   T36] audit: type=1400 audit(1750359295.610:28143): avc:  denied  { ioctl } for  pid=12604 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  328.447728][   T36] audit: type=1400 audit(1750359295.690:28144): avc:  denied  { mounton } for  pid=13402 comm="syz.7.4024" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  328.508650][T13413] rust_binder: Failed copying remainder into alloc: EFAULT
[  328.508677][T13413] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[  328.543187][T13413] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  328.551626][   T36] audit: type=1400 audit(1750359295.760:28145): avc:  denied  { read write } for  pid=6353 comm="syz-executor" name="loop0" dev="devtmpfs" ino=593 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  328.586322][T13413] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:70
[  328.609458][T13416] binder: Bad value for 'max'
[  328.777675][T13424] input: syz0 as /devices/virtual/input/input231
[  328.804130][T13424] binder: Bad value for 'defcontext'
[  328.805220][T13422] rust_binder: Write failure EFAULT in pid:73
[  328.843482][T13422] rust_binder: Write failure EFAULT in pid:73
[  328.959481][T13435] rust_binder: Error while translating object.
[  328.977032][T13435] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  329.023172][T13435] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:210
[  329.169652][T13443] input: syz1 as /devices/virtual/input/input232
[  329.697967][T13461] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  329.698002][T13461] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:79
[  329.848105][T13468] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  329.897863][T13468] SELinux: failed to load policy
[  330.004338][T13468] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  330.057157][T13468] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:214
[  330.266426][T13486] input: syz0 as /devices/virtual/input/input234
[  330.600487][T13494] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:86
[  330.655479][  T309] bridge_slave_1: left allmulticast mode
[  330.693097][  T309] bridge_slave_1: left promiscuous mode
[  330.701182][T13496] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  330.701215][T13496] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:222
[  330.711019][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.743780][  T309] bridge_slave_0: left allmulticast mode
[  330.749460][  T309] bridge_slave_0: left promiscuous mode
[  330.763197][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.005380][  T309] veth1_macvtap: left promiscuous mode
[  331.011097][  T309] veth0_vlan: left promiscuous mode
[  331.207556][T13489] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.233148][T13489] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.249667][T13489] bridge_slave_0: entered allmulticast mode
[  331.263638][T13517] SELinux: security_context_str_to_sid () failed with errno=-22
[  331.272478][T13489] bridge_slave_0: entered promiscuous mode
[  331.298518][T13489] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.301998][T13522] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  331.313086][T13489] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.347056][T13489] bridge_slave_1: entered allmulticast mode
[  331.371110][T13489] bridge_slave_1: entered promiscuous mode
[  331.447106][T13530] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1288
[  331.455945][T13530] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  331.467679][T13519] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:96
[  331.748210][T13541] binder: Unknown parameter 'max0x0000000000000004'
[  331.773421][T13539] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  331.787651][T13536] SELinux: failed to load policy
[  331.808786][T13539] rust_binder: Write failure EINVAL in pid:235
[  331.839631][T13538] SELinux: failed to load policy
[  331.882295][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.889410][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  331.928828][  T309] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.935945][  T309] bridge0: port 2(bridge_slave_1) entered forwarding state
[  332.145306][T13554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  332.145375][T13553] rust_binder: 13547 RLIMIT_NICE not set
[  332.174679][T13489] veth0_vlan: entered promiscuous mode
[  332.256267][T13489] veth1_macvtap: entered promiscuous mode
[  332.757166][T13574] rust_binder: Write failure EINVAL in pid:6
[  332.822432][T13577] binder: Unknown parameter '����'
[  332.877980][T13577] binder: Unknown parameter '����'
[  332.986453][   T36] kauditd_printk_skb: 898 callbacks suppressed
[  332.986473][   T36] audit: type=1400 audit(1750359300.350:29044): avc:  denied  { ioctl } for  pid=13579 comm="syz.7.4082" path="/dev/ppp" dev="devtmpfs" ino=86 ioctlcmd=0x7435 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  333.109678][   T36] audit: type=1400 audit(1750359300.350:29045): avc:  denied  { ioctl } for  pid=13579 comm="syz.7.4082" path="/dev/ppp" dev="devtmpfs" ino=86 ioctlcmd=0x9412 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  333.185363][   T36] audit: type=1400 audit(1750359300.460:29046): avc:  denied  { read write } for  pid=8894 comm="syz-executor" name="loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  333.258459][   T36] audit: type=1400 audit(1750359300.460:29047): avc:  denied  { read write open } for  pid=8894 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  333.285546][T13591] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 23)
[  333.285571][T13591] rust_binder: Error while translating object.
[  333.316385][T13591] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  333.339429][T13591] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:11
[  333.343447][T13587] rust_binder: Write failure EFAULT in pid:1301
[  333.361387][   T36] audit: type=1400 audit(1750359300.460:29048): avc:  denied  { ioctl } for  pid=8894 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  333.384498][T13593] binder: Unknown parameter 'smackfshat'
[  333.393817][   T36] audit: type=1400 audit(1750359300.460:29049): avc:  denied  { read write } for  pid=12604 comm="syz-executor" name="loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  333.434917][T13587] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  333.442268][   T36] audit: type=1400 audit(1750359300.460:29050): avc:  denied  { read write open } for  pid=12604 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  333.443111][T13587] rust_binder: Write failure EINVAL in pid:1301
[  333.468423][   T36] audit: type=1400 audit(1750359300.460:29051): avc:  denied  { ioctl } for  pid=12604 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  333.480151][T13590] rust_binder: Write failure EFAULT in pid:253
[  333.502851][   T36] audit: type=1400 audit(1750359300.470:29052): avc:  denied  { read } for  pid=13584 comm="syz.0.4084" name="binder0" dev="binder" ino=72 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  333.534554][   T36] audit: type=1400 audit(1750359300.470:29053): avc:  denied  { read open } for  pid=13584 comm="syz.0.4084" path="/dev/binderfs/binder0" dev="binder" ino=72 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  333.639061][T13602] random: crng reseeded on system resumption
[  333.744029][T13602] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:115
[  333.873358][ T4096] hid-generic 0000:0000:0000.0013: item fetching failed at offset 0/1
[  333.902116][ T4096] hid-generic 0000:0000:0000.0013: probe with driver hid-generic failed with error -22
[  333.947709][T13612] rust_binder: Error while translating object.
[  333.947742][T13612] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  333.963149][T13612] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:119
[  334.130786][T13619] input: syz1 as /devices/virtual/input/input236
[  334.215673][T13619] rust_binder: Write failure EFAULT in pid:122
[  334.258042][T13626] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:17
[  334.387023][T13633] rust_binder: Write failure EINVAL in pid:262
[  334.409086][T13632] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  334.425431][T13632] rust_binder: Write failure EINVAL in pid:262
[  334.748557][T13642] binder: Unknown parameter 'co䒧I�7��ntext'
[  335.122886][T13656] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:273
[  335.509334][T13669] rust_binder: Failed to allocate buffer. len:40, is_oneway:true
[  335.745514][T13677] rust_binder: Write failure EINVAL in pid:30
[  336.018593][T13690] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  336.075637][T13686] rust_binder: Write failure EINVAL in pid:1327
[  336.232568][T13695] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  336.333174][T13699] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:135
[  336.550987][T13710] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  336.651511][T13712] rust_binder: Write failure EINVAL in pid:137
[  336.686923][T13716] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  336.915765][T13730] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:145
[  337.066250][T13736] rust_binder: Failed to allocate buffer. len:40, is_oneway:true
[  337.216212][  T309] bridge_slave_1: left allmulticast mode
[  337.229726][  T309] bridge_slave_1: left promiscuous mode
[  337.235462][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.243358][  T309] bridge_slave_0: left allmulticast mode
[  337.249011][  T309] bridge_slave_0: left promiscuous mode
[  337.255546][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.418038][  T309] veth1_macvtap: left promiscuous mode
[  337.432858][  T309] veth0_vlan: left promiscuous mode
[  337.478943][T13740] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.486043][T13740] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.493252][T13740] bridge_slave_0: entered allmulticast mode
[  337.499900][T13740] bridge_slave_0: entered promiscuous mode
[  337.508599][T13740] bridge0: port 2(bridge_slave_1) entered blocking state
[  337.518418][T13740] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.525772][T13740] bridge_slave_1: entered allmulticast mode
[  337.533699][T13740] bridge_slave_1: entered promiscuous mode
[  337.634706][T13740] bridge0: port 2(bridge_slave_1) entered blocking state
[  337.641886][T13740] bridge0: port 2(bridge_slave_1) entered forwarding state
[  337.649241][T13740] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.656326][T13740] bridge0: port 1(bridge_slave_0) entered forwarding state
[  337.709618][T13749] rust_binder: Write failure EINVAL in pid:1342
[  337.755521][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.770152][T13751] binder: Unknown parameter 'dont_hash'
[  337.804779][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.832548][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.839676][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  337.887118][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  337.894219][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  337.994379][   T36] kauditd_printk_skb: 770 callbacks suppressed
[  337.994396][   T36] audit: type=1400 audit(1750359305.360:29824): avc:  denied  { sys_module } for  pid=13740 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  338.023092][   T36] audit: type=1400 audit(1750359305.360:29825): avc:  denied  { sys_module } for  pid=13740 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  338.056564][T13758] input: syz0 as /devices/virtual/input/input241
[  338.069282][   T36] audit: type=1400 audit(1750359305.360:29826): avc:  denied  { sys_module } for  pid=13740 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  338.095576][   T36] audit: type=1400 audit(1750359305.360:29827): avc:  denied  { sys_module } for  pid=13740 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  338.122112][T13740] veth0_vlan: entered promiscuous mode
[  338.143079][   T36] audit: type=1400 audit(1750359305.360:29828): avc:  denied  { sys_module } for  pid=13740 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  338.175503][   T36] audit: type=1400 audit(1750359305.360:29829): avc:  denied  { sys_module } for  pid=13740 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  338.197799][   T36] audit: type=1400 audit(1750359305.360:29830): avc:  denied  { sys_module } for  pid=13740 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  338.240033][   T36] audit: type=1400 audit(1750359305.360:29831): avc:  denied  { sys_module } for  pid=13740 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  338.281247][T13740] veth1_macvtap: entered promiscuous mode
[  338.281979][   T36] audit: type=1400 audit(1750359305.360:29832): avc:  denied  { sys_module } for  pid=13740 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  338.319951][   T36] audit: type=1400 audit(1750359305.360:29833): avc:  denied  { sys_module } for  pid=13740 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  338.452556][T13764] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  338.453461][T13764] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  338.459939][T13764] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:1351
[  338.745595][T13770] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  338.771424][T13770] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  338.781127][T13770] rust_binder: Error in use_page_slow: ESRCH
[  338.788717][T13770] rust_binder: use_range failure ESRCH
[  338.796306][T13770] rust_binder: Failed to allocate buffer. len:4240, is_oneway:false
[  338.801879][T13770] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  338.814813][T13770] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1353
[  338.827078][T13770] rust_binder: Error while translating object.
[  338.837328][T13770] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  338.844389][T13770] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1353
[  338.929800][T13782] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  338.939913][T13782] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:4
[  338.966581][T13784] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  339.013229][T13786] rust_binder: Error while translating object.
[  339.023170][T13786] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  339.029468][T13786] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1355
[  339.215625][T13788] rust_binder: Error while translating object.
[  339.231731][T13788] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  339.242502][T13788] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:295
[  339.265899][T13788] rust_binder: Write failure EFAULT in pid:295
[  339.285676][T13788] input: syz0 as /devices/virtual/input/input242
[  339.330947][T13790] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  339.539305][T13797] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  339.587986][T13799] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  339.786505][T13815] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  339.847636][T13819] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  339.863122][T13819] rust_binder: Error while translating object.
[  339.874793][T13819] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  339.880984][T13819] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:7
[  339.893549][T13815] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  339.940549][T13821] SELinux: security_context_str_to_sid (system_u�Gй�:��) failed with errno=-22
[  340.221590][T13826] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  340.222626][T13825] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  340.225068][T13826] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:171
[  340.273756][T13826] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  340.295003][T13826] rust_binder: Read failure Err(EFAULT) in pid:171
[  340.516598][T13834] rust_binder: Write failure EFAULT in pid:1382
[  340.537664][T13838] rust_binder: Write failure EINVAL in pid:302
[  340.558959][T13838] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:302
[  340.936226][T13849] input: syz0 as /devices/virtual/input/input243
[  341.019176][T13849] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  341.019203][T13849] rust_binder: Error while translating object.
[  341.047024][T13849] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  341.070709][T13849] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:19
[  341.148777][T13853] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[  341.168227][T13853] rust_binder: Error while translating object.
[  341.179714][T13853] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  341.186156][T13853] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:174
[  341.321153][T13858] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1391
[  341.646830][T13873] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  341.677202][T13873] rust_binder: Write failure EINVAL in pid:310
[  341.840555][T13880] SELinux: security_context_str_to_sid (渃x���6&O��FH_����BRax����6) failed with errno=-22
[  342.057896][T13885] input: syz0 as /devices/virtual/input/input245
[  342.107846][T13885] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  342.107875][T13885] rust_binder: Error while translating object.
[  342.143198][T13885] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  342.149430][T13885] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:315
[  342.295730][T13887] rust_binder: Write failure EFAULT in pid:1401
[  342.554171][T13900] SELinux: security_context_str_to_sid (sytem_u�Gй�:��w�݁�S%�^���
сe���Am.-��lb\{����XɌ��~���
�s��$��)�.�
���퇅caĊ�l��4)) failed with errno=-22
[  342.554321][T13895] SELinux: security_context_str_to_sid (sytem_u�Gй�:��w�݁�S%�^���
сe���Am.-��lb\{����XɌ��~���
�s��$��)�.�
���퇅caĊ�l��4)) failed with errno=-22
[  342.619898][T13904] input: syz0 as /devices/virtual/input/input246
[  343.022832][   T36] kauditd_printk_skb: 869 callbacks suppressed
[  343.022851][   T36] audit: type=1400 audit(1750359310.380:30703): avc:  denied  { read write } for  pid=12963 comm="syz-executor" name="loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  343.063637][T13917] rust_binder: Write failure EINVAL in pid:1411
[  343.110105][   T36] audit: type=1400 audit(1750359310.430:30704): avc:  denied  { ioctl } for  pid=13916 comm="syz.6.4186" path="/dev/binderfs/binder0" dev="binder" ino=96 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  343.132860][T13924] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  343.148005][   T36] audit: type=1400 audit(1750359310.430:30705): avc:  denied  { read write open } for  pid=12963 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  343.177475][T13924] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  343.215078][   T36] audit: type=1400 audit(1750359310.430:30706): avc:  denied  { ioctl } for  pid=12963 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  343.310711][   T36] audit: type=1400 audit(1750359310.450:30707): avc:  denied  { read } for  pid=13920 comm="syz.0.4187" name="binder0" dev="binder" ino=72 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  343.344170][T13931] binder: Unknown parameter 'contextfs/binder0'
[  343.359195][   T36] audit: type=1400 audit(1750359310.450:30708): avc:  denied  { read open } for  pid=13920 comm="syz.0.4187" path="/dev/binderfs/binder0" dev="binder" ino=72 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  343.386162][T13931] audit: audit_backlog=65 > audit_backlog_limit=64
[  343.392732][T13931] audit: audit_lost=158 audit_rate_limit=0 audit_backlog_limit=64
[  343.401905][T13931] audit: backlog limit exceeded
[  343.409838][   T36] audit: type=1400 audit(1750359310.460:30709): avc:  denied  { read } for  pid=13920 comm="syz.0.4187" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  343.462141][T13931] rust_binder: Error while translating object.
[  343.462174][T13931] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  343.469945][T13931] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1417
[  343.874260][T13945] rust_binder: Write failure EINVAL in pid:332
[  343.887952][T13949] input: syz1 as /devices/virtual/input/input247
[  343.933440][T13949] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  344.135760][T13957] rust_binder: Write failure EFAULT in pid:34
[  344.265083][T13965] binder: Unknown parameter 'nXI'
[  344.341992][T13968] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  344.342020][T13968] rust_binder: Error while translating object.
[  344.373012][T13968] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  344.379289][T13968] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1432
[  344.563721][T13977] input: syz0 as /devices/virtual/input/input248
[  345.103744][   T46] bridge_slave_1: left allmulticast mode
[  345.109507][   T46] bridge_slave_1: left promiscuous mode
[  345.116520][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  345.129995][   T46] bridge_slave_0: left allmulticast mode
[  345.143155][   T46] bridge_slave_0: left promiscuous mode
[  345.148869][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  345.350812][   T46] veth1_macvtap: left promiscuous mode
[  345.358650][   T46] veth0_vlan: left promiscuous mode
[  345.399081][T13999] ------------[ cut here ]------------
[  345.404660][T13999] WARNING: CPU: 0 PID: 13999 at mm/page_alloc.c:5157 __alloc_pages_noprof+0xe4/0x6c0
[  345.414236][T13999] Modules linked in:
[  345.418187][T13999] CPU: 0 UID: 0 PID: 13999 Comm: syz.6.4211 Not tainted 6.12.23-syzkaller-gf9fbc66f8444 #0 b8de21ba31122219d6c6778e419c74a11adc861d
[  345.431821][T13999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  345.442136][T13999] RIP: 0010:__alloc_pages_noprof+0xe4/0x6c0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  345.448145][T13999] Code: 0f 1f 44 00 00 41 83 fd 0b 72 28 b8 00 20 00 00 23 44 24 40 75 1d 80 3d a4 78 ee 05 00 0f 85 c4 00 00 00 c6 05 97 78 ee 05 01 <0f> 0b 31 c0 e9 b6 00 00 00 41 83 fd 0a 0f 87 aa 00 00 00 44 89 6c
[  345.468140][T13999] RSP: 0018:ffffc9000d17f5a0 EFLAGS: 00010246
[  345.474330][T13999] RAX: 0000000000000000 RBX: 1ffff92001a2feb8 RCX: 0000000000000000
[  345.482345][T13999] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d17f648
[  345.490631][T13999] RBP: ffffc9000d17f6c8 R08: ffffc9000d17f647 R09: 0000000000000000
[  345.498694][T13999] R10: ffffc9000d17f630 R11: fffff52001a2fec9 R12: ffffc9000d17f5e0
[  345.506797][T13999] R13: 0000000000000016 R14: dffffc0000000000 R15: 0000000000000000
[  345.514937][T13999] FS:  00007f016ff0f6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  345.523984][T13999] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  345.530650][T13999] CR2: 0000200000002000 CR3: 0000000122de8000 CR4: 00000000003526b0
[  345.538825][T13999] DR0: 0000000000000007 DR1: 000000000000009b DR2: 00040000ffffffff
[  345.547413][T13999] DR3: 0000000000000009 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  345.555468][T13999] Call Trace:
[  345.558787][T13999]  <TASK>
[  345.561740][T13999]  ? do_syscall_64+0x58/0xf0
[  345.566432][T13999]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  345.572193][T13999]  ? hashtab_init+0xdb/0x1f0
[  345.576874][T13999]  ___kmalloc_large_node+0x9c/0x1d0
[  345.582483][T13999]  ? hashtab_init+0xdb/0x1f0
[  345.587170][T13999]  __kmalloc_large_node_noprof+0x1e/0xe0
[  345.592856][T13999]  ? hashtab_init+0xdb/0x1f0
[  345.597505][T13999]  __kmalloc_noprof+0x26d/0x450
[  345.602390][T13999]  hashtab_init+0xdb/0x1f0
[  345.606860][T13999]  ? common_read+0x16d/0x480
[  345.611481][T13999]  symtab_init+0x44/0x70
[  345.615789][T13999]  common_read+0x1de/0x480
[  345.620231][T13999]  ? __cfi_common_read+0x10/0x10
[  345.625233][T13999]  ? hashtab_init+0x105/0x1f0
[  345.629961][T13999]  policydb_read+0xaa8/0x28c0
[  345.634720][T13999]  ? kasan_save_alloc_info+0x40/0x50
[  345.640173][T13999]  ? __cfi_policydb_read+0x10/0x10
[  345.645350][T13999]  ? security_load_policy+0x128/0x12f0
[  345.650850][T13999]  security_load_policy+0x162/0x12f0
[  345.656185][T13999]  ? irqentry_exit+0x4a/0x60
[  345.660814][T13999]  ? exc_page_fault+0x66/0xc0
[  345.665538][T13999]  ? asm_exc_page_fault+0x2b/0x30
[  345.670610][T13999]  ? __cfi_security_load_policy+0x10/0x10
[  345.676382][T13999]  ? rep_movs_alternative+0x4a/0xa0
[  345.681630][T13999]  sel_write_load+0x298/0x5e0
[  345.686421][T13999]  ? __cfi_sel_write_load+0x10/0x10
[  345.691666][T13999]  ? bpf_lsm_file_permission+0xd/0x20
[  345.697108][T13999]  ? __cfi_sel_write_load+0x10/0x10
[  345.702355][T13999]  vfs_write+0x3c0/0xe80
[  345.706686][T13999]  ? __cfi_vfs_write+0x10/0x10
[  345.711498][T13999]  ? __kasan_check_write+0x18/0x20
[  345.716790][T13999]  ? mutex_lock+0x92/0x1c0
[  345.721241][T13999]  ? __cfi_mutex_lock+0x10/0x10
[  345.726183][T13999]  ? __fget_files+0x2c5/0x340
[  345.730920][T13999]  ksys_write+0x141/0x250
[  345.735356][T13999]  ? xfd_validate_state+0x68/0x150
[  345.740528][T13999]  ? __cfi_ksys_write+0x10/0x10
[  345.745479][T13999]  ? __kasan_check_write+0x18/0x20
[  345.745640][T14002] kvm: kvm [13998]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc2) = 0xffffffffffff6253
[  345.750616][T13999]  ? fpregs_restore_userregs+0x11d/0x260
[  345.766159][T13999]  __x64_sys_write+0x7f/0x90
[  345.770791][T13999]  x64_sys_call+0x271c/0x2ee0
[  345.775582][T13999]  do_syscall_64+0x58/0xf0
[  345.780050][T13999]  ? clear_bhb_loop+0x35/0x90
[  345.784807][T13999]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  345.790736][T13999] RIP: 0033:0x7f016f18e929
[  345.795198][T13999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.814888][T13999] RSP: 002b:00007f016ff0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  345.823398][T13999] RAX: ffffffffffffffda RBX: 00007f016f3b5fa0 RCX: 00007f016f18e929
[  345.831406][T13999] RDX: 0000000000002046 RSI: 0000200000000000 RDI: 0000000000000003
[  345.839461][T13999] RBP: 00007f016f210b39 R08: 0000000000000000 R09: 0000000000000000
[  345.847498][T13999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  345.855606][T13999] R13: 0000000000000000 R14: 00007f016f3b5fa0 R15: 00007ffdcb4ad208
[  345.863684][T13999]  </TASK>
[  345.866726][T13999] ---[ end trace 0000000000000000 ]---
[  345.883239][T13999] SELinux: failed to load policy
[  345.970226][T13992] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg0": -EINTR
[  347.065021][   T46] bridge_slave_1: left allmulticast mode
[  347.079690][   T46] bridge_slave_1: left promiscuous mode
[  347.085428][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.093240][   T46] bridge_slave_0: left allmulticast mode
[  347.098881][   T46] bridge_slave_0: left promiscuous mode
[  347.104525][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.112318][   T46] bridge_slave_1: left allmulticast mode
[  347.118082][   T46] bridge_slave_1: left promiscuous mode
[  347.124102][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.131581][   T46] bridge_slave_0: left allmulticast mode
[  347.137324][   T46] bridge_slave_0: left promiscuous mode
[  347.142940][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.150902][   T46] bridge_slave_1: left allmulticast mode
[  347.156712][   T46] bridge_slave_1: left promiscuous mode
[  347.162392][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.170200][   T46] bridge_slave_0: left allmulticast mode
[  347.175982][   T46] bridge_slave_0: left promiscuous mode
[  347.181601][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.985215][   T46] veth1_macvtap: left promiscuous mode
[  347.990760][   T46] veth0_vlan: left promiscuous mode
[  347.996370][   T46] veth1_macvtap: left promiscuous mode
[  348.001882][   T46] veth0_vlan: left promiscuous mode
[  348.008355][   T46] veth1_macvtap: left promiscuous mode
[  348.013919][   T46] veth0_vlan: left promiscuous mode