last executing test programs:

3m0.076764241s ago: executing program 3 (id=150):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x235cbadd92b1adf, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x0, 0x3})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x1015, 0x2})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000300)={0x73622a85, 0x100, 0x1})

3m0.064586512s ago: executing program 3 (id=152):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0x2, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$UHID_CREATE(r1, &(0x7f00000002c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000540)=""/32, 0x20, 0x1, 0x0, 0x0, 0xffffffff}}, 0x11c)
close(r1)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000003c0)) (async)
ioctl$TIOCGPTLCK(r0, 0x80045439, &(0x7f0000000000))

2m59.634215278s ago: executing program 3 (id=156):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001380), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000013c0)={{0x1, 0x0, 0x0, 0x0, 0x6}}) (async)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000000, 0x10, r0, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1, 0x22052, 0xffffffffffffffff, 0xfffff000)

2m59.626186038s ago: executing program 3 (id=157):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x341400, 0x0)
ioctl$BLKRRPART(r0, 0x125f, 0x0)

2m59.565945259s ago: executing program 3 (id=158):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
syz_clone(0x80001000, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000280)=0x10)
ioctl$UI_DEV_CREATE(r1, 0x5501)
r2 = ioctl$TUNGETDEVNETNS(r0, 0x80087601, 0x0)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_freeze_timeout', 0x200, 0x20)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x23)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000000000000600000004000000000f"])
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_clone(0xa31b1038eb0fe030, &(0x7f000000a340)="31cea3ad04498e0a48731b243bb3ea47986de2023bc12b4e3585729d74b30f02150a2aa6d74c38e78e681ac5d101541f18c3a6899eacf2d2ae2710ff40c6da4c8186fc34bcd661782306a08cdbb885405eb447f6e0418b29b92e933a53d4805e22ba58be356383f7b0f56facf9d80df9ca8b8a1cacb82dd313beeb483829e1c92a811f184d04faeb9d36c382cb23b81b44bf31c49afce30c5ccbdf6a3351c14bf118b8f05003fa76c11f646d65384ce51fc2c24859bba6ce3a62bef287611175c5eb096e1d7171495c5288df0f88ce6af00164e3fad59e2e35f852e41cd75b597499b72da01a0c08e382f0707c2ffaf1b893af600ba3fe81b1064369333b6affa767c12f9a1880e4b78daec2cc0d512a0267e688672a6fc2444d8124051c20056a236cbe28d09956bcaf1a8607b5c7161d2072ee0d920c078d389454a5e2db0c2c31f1ec17bb579c5a613ee01402ba6a2cb89a96f87d2cad2c879f53c2e6b035ea17b65a0473c89489c55b3018b2440af15366a7878321a2e911880c8aed8790ed9ee8ed18a849d3bd0bbbc080c0d28b5d2e946f0d534ce09cc52626847963e87e21ab67aadf11ec8789504b3d0ee1f1576bb996f1f018499f80ebc2c41ec3801faeeca76f1c0452af25df671c50b96c849c83b326091b8831e1a13e617dd1b97169ea713f21993f18f40421f17bea45fc7fc2a3a3b03a248ddf1421aece932614df913028f89abba2db011859cf37342fc0355dcb046d84dbb78f539d2c413a863e7542a65e4cfe2c03c1731f946fa2b8ea701a81a1af76fa301e6d2376b3e1155b4ee74ccf25c9d93c1a0ab09b6787f90d641ed28de4406a5194c65362968182a2354e5d4520abbe10f35dec38d0659fdf8688742047acdb06ac2d48a2cc19f11b2fc2fd19fc63cfe427b559151cfa3ef4c06bb080c30ea5be60dbd943675b290921671e35634b20639f72a80b7697a55583b58bb17f9dc83f0f90a9f155d7d199f7e24f1f83539d73004ae47e7782b68232e458648bb04b8832d932a8dad5193dca56c6e4f564c05bc36a68e29de9067664d50f75e31b0a3cac2065b0acafdff962ce006e8fa557dfa16012c687847717da08f2485d0720db28e6371c92808deb6703972ec3600b3cc904198836af58f7b0bf9ff9e62b0eb5d12b6421f8539c8e889e4f79f49493d28c78e2bc2ee1822f6856cacec0964508370bc2434ac8929d0ce5d0d9d04e74a5bb936eba24c51b9b231905ebf4e377cb621d60531f59cdca4f48ccc1a16cb1f826b2986b0e8a41c2b4857fac34836a84ab3ed27a870b08d000c8f8e91517b4879a6c080b355472e460bec280734460231e0a9f60a50c90228130cd1351d360aef0447bc0a7b0dc45619b6c157bb36b4fb80b3b38e51f0a39a44a8ca23749bc0748b29a04333804aeacd7aa13c5912ae68147e4cccb1b0b2fde0fb520616aa55b87e92f46a1041a988f54be19b82f2543a1667fd647a73263bf4924f79a0c2c00434536f188161c109e8d0cb3b6f542ad7b2a82ea41a8194269efe03838ff1f13d6c2a74e66f5d25e322c4f8a9d8173a7f33a4776e342c11360914e65896371472190dbfa787a89c8fad8ea3d5eac0503f958c0aff5aa0491ddca7851ea21e6393f82b2d0f6d8433ee4d0ea7b389c9cd0654a284b4d23e690aa0155a4760dc0848e5bd93a0180186defd355dd297f68494eedcf9e8cb7f6a832be04e32b325553800a4370c645eb16aaf65015bf2cd90ddc38e647da99cb0b085ea469784a979305122058322313caa455cb50b1dc081ce322f601605d422615cb0d0e5fe5f5ca5929525a6471708ed069c035be29aab4ec30db851e739d127bde74426c56a2268d011a8c7db4a6d0860d2d530a025986e4f659fd29654717adafa7e5945fd975ed11c7a153e6676572021877500518e30d1fd4481e7e187864c453433bcc343b7354fd45ee352d329bdf2ff56115070600cefa5a5a9b1c53d9ab6daa3f9a2d59ac6d7a0565f0cb9206ae9d69e8ce0812e1f65f4ea2b4507cc35e7df9d6b864a3a3ab239366ccdd344ade0fcb6e29484806572dd0534ee674cf163abc16f790519f2403941e2552bfad262b9d2524dcbca8f463a8521ac238aaf9c6a3fdb871e05e62c9930f3a5f76b8f281702400bf74a4f5d21c5c8090870bd9ece2ce43d1d88ca7633bf314929c3ee0676564a289eb2d2b55d341a2e5d84b8152bf0813d4f989f867f493f2be9d7c11081fd89af967f18335fab9ff9de8f4eff5d8a55b31c9bec9166436ceafd4bae5f863eddd127479214acb4f00be12793794425dd24dfdafd93be077fc8ecd99c62ef89ec3b66382155818de7d89eb4b530e5538027b87dc48752dbd19e4404a74b89aab82df644a35849716047ed846bda3df1764f88afd229f79900ba331b4fb5d9d0cac7b0bf20aa0f5f299f82cbfe760837262638fbfe999eee3b4df35da5979ac0337876b4b179e8d5c19fd3dfd0bd230a01e7c9c6b9d9e673a30e43a8a941aacdc3d3a24b0553b0cd2f40b4af2f08e1e408a4ae8c0f119b8ac0681e62c81e6ac665d9faa128e287ca8e3e8e87a6760d0aeb2905989b9e34c7b7461e9bb77b3a813891d17694f3d520b3ee80fb23b3ee12cb4d3dfaecb1d0106c25d42516c398d6baa6d5121f1ec292edb237b246bc20180d0ff0975da7e8cf265cccc20d81d890cb7fb9f57144aac6f47664e0258f0d9ad8af491e8a189f62a5a5cfe2db8aab17bc689607d36459f92043192f0f25a4df985f7cd7611d6d77d7e6af1da5e34f4e42f4706aad26bbdf7a98407f5083e996940e8ee5ff0508e2b20cb930befddc1997a68635eb944f389ff07b9e04704b946319034d9c61d047e28ab04eb9a75bbfea8315e93cbeb401c8baca798078df06440e0ddcfd4e8a2d9af28552902bbfd4789d3513fedc16d07927b51fc663dfda4f6af3fce162246a1fba2950fa50585f48b6e384ded6136663dad0be2811ab160856a7b7a32e34d8d6ab5a00134ac63e2eb2877d580e77a81964a691b3e4e08d13c82f9f9852de03ec178615b8bd126a309bb2c34caadc02fd73d174e7297269ce1b08598bf08dd9e2ee5e2600a77c874a6f1e5151d9c42f5c84250ed23914f0cad904829939a7c6e41d8eb78e956472b0cf971efc0dd26d83c90e3286ea192c6312cf7dfe6b2e2ba85761dce2401dd5d1fa36a03b8082f0bb50b17e71a4415c4140144acd4e6010d6e40522d99e1af3b2695db695e5d3409fd00f2c28f7a8c1ff7332e8132447c4cbfbc61a3f6a49a9cdf4cd3e870c9db3bd1dbe73d89852d5faa18923ad9dca521e6c755ab761340342b62fa566ca37f5f9f38a0a0e2d5a6a47128dad5eb559b664b7737a0fc2df7ee9aa91bd1b63fb64199b4a8908f53edee2cd4e869ee389380037d76ea02ebb56570e695882201d5c426aaf2c9bb5b80d9336245e61817283490c1f88f011aabafbaf819d5d612131c873d971e9feca37c4786a0b0321ea205530b94bc27b1fcfa7affb23916bdc95891bcfc573aead6182b156e4b6d4cd0000020000000000049c2d1840b2992212a20d47975befeae6751b18b0c8cae338967b339d091cbc0dc4d757f7bf17478063f01304488e6db3533f40ced3f36dbb374eedb50f6845fbb67fdde00ecf03b25d0c7b269e2900eda84ceacc338fef4fb0765e7971a4b1fa8c70e774c7fcc65a528a0a89db02f5a72c55f3cc1747122a70ba4243a159dd44fd5cfbba5c12c712613f3103e2eec9237cf7879efb958186569efddaa4b8d9a76c27d13d62b5b3f26fc5579dd28ff8fac14afb4acab68a3d067bbb997cf41500b476baf32474f7d66e19ca47aa9b37b301a76734bb923a07dd1273ecccb03ce8fa4bf5b2097aca0394fbc27d30b3082397d73f83766f7fc8ad0f3188828618de0d4584a39f82d7ca8c9bc5724546c958ef9476a431407304f0f033583ed877255abdf0000a8cfa4fcccb7a15d61e1d86d6c959e13156ee2badf2b79199bcf11e72ea4e3cccb660e174457174af1894a90e85fddc4b3ceabc19bed95d76abfed2e7eefd164cc670aaa071e4c021b301034a90cba4b3280dad4e67ace417f606a8007a1c89a1ea97a1fa8fd66b4b5a1bdcb830450eee93d7830e3749607e3c8897284a260eab99593e941512c673079ec458e55b8edb2d17d26ee5201f0f06934bb0e0f0621502ac84209075c9b6d75e5c23322419b87e3b5c9de183da0a8a0a215da3507298a6f64393279b8ce1fb8f1fb648d284a592b2da4b6c6a72abec095f31f13fc1a383cbb2335c2bcd4e4a83ac142193e625021620c69c24b593fff1c4f87121c40562724b88ca722d5709003b9dbf8e7fac84ad5f7076174c90f5ddc526c1ecfb5d0dec67377dc82b40371e73cfc9def51199cf2b321f5145d439fd20c626d6a0757d5f9cc96146354d519263fe00afb5e1300f1725d41efdecddb0c5da92987acbfab8719d616bf56275a959d75148e08d1f95dee0d844e5d38145d25c961053cdf256348f895dd7998f2a30e30306698e9ae919b4f282846b34f21b45406a137b91877a5c796efb11f4adbfa1a4bd17a9272d1d3e62e42713941c4bb91efc703c8f90ac8bcef576c8d3ad8718d5425c182a3d4ce281024045bba2eb479786454a6995129fa30a3cf2a4e6caaa2d4bfa783db0d23dfee5a8c1635b4822df24c86b1ce8844a90d3cf50cba303686fb5ed563f6a5f5dfcb73edd83e20a87837197fa7698324b32f347ff9929759c6655636adcd6997669064ab169152bb9446d6e87f9544bb6f781968cad82ecb54ccb17e0e872408cfcb9850dc476e7f75a7b4a42eb7fcbd2aff9f50c0a64979f3483c9d1ba16666444f305a253942c34259e15a6fdf11a14624ce3fe683a54684a626b80b8ae6ff368e6c4838852022fd12943200f35899ba9b2a4476c384cbc10f51d4b894ed5d2095d76e118acbe39be3e6ef240d927ad14ce3f713f70d47bfe2ddb1404029ed3d53f63b3417ac5c14ee3ede57168c151f5478547d48ffbd093265162523c0407cfb2094395e097bbaa8f510d14b1e172a3b8ac801fbf7e7a46f8ed4696797675de7aee495aecf0a6c8e25e945c830d86f989992a5c93a8436a18173aad40e3aeb5b59f3408f85b66dc27f8f7369f09e5a23654953505295d5d3a9270ae2a2ae7dbad15868e628b5de710d07a6323fb1aff2a008e1e0014a785da17cee03af041e9ec8aeae9cf9b598c3fe0d7be215de42c70433cc0d763e6032abfaf6619233975b8212dfb89007b3efad7d8d04567d1499e242625fc5012cf970a833f166b5dba97af82083212df449bb11803fadc374e0ecffc9a62840f72aecb7e981fc9ffe1fa91c0b701dd6a9c41fbdd6a48921831acc8e2dd825ed8d7a86278ce9b1db3e489b2ba49ffc53c3aa691e2e9cc987d66bac40de145824c78b238882a31f05456cacc40ac6b788d76c7256cd73305356b5533c1f6e205d5e914fa78c199658e8949cf44cd47eb3fd9af5270cfcfe086a8e39278b2c6a036b808ccf8db4af7b7e08d3808721595bf593264cbcbab0de13981daeb13d4671fd4c281f7c23df794701887a8191dc48e672286233531ec14045f6bf1beef9abdae5797c6fa7721ac51ec90a85371a2a903a1c02abb1c34cea0d84e4d4646ebc05b20d2649ace9bf89d1de3aa8e19d9f5f2fae90b57af93a9f69fc157631e6d7b2e6a5f212a43b11380b6a6a9ad8845c96fb2243c4cd5f8f9fb0b6a17dcf7d2b47bda3bfafef6304144efb23ff21ad871ae4826b77688c11ef286bbe62147e22b21cfae91daedabecba9f7f408ad7b47000000000c33e89abd7d0a2b3312c36355e150c174a09c526a601864e1e0f863fdcc27059de8", 0x103d, &(0x7f00000020c0), &(0x7f00000083c0), &(0x7f0000008280)="2963c0bc170e766bb41db397f7616da74df08853cccb344b9c6fa7bd192fb6ad61e9193c4c9187e562b11b4bcd3c7a038b2264e24b29f4d0803c3c4f8997b60b187db17775ef78ef16f6c3c28dfa83336a9e8b1c57984a5e8ba20e33cd2f7d28a8d7981f94d8743e62b9c8c5e8b917d8071fae4acb9c45d37bbd292eba9e47df3e4830b86a912b4c0b2f9e3ab7599232c663d94f281c70c9e078809a5d14f261ac9410565f071e26ff6260df6eca09ada365f3eaef1ef56465c993b41c10fc456e30d9eeb73b8a72f4572119e48873dc1d6079b958afd2c4fb906ef56dfe488c8eb939a054314f81e0b8145413e6b0cc01783b6ff080f409bfe06f8fdd23b8dc87772efec6e5")
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000080)={0x2020}, 0x2020)
read$FUSE(r6, &(0x7f0000002100)={0x2020}, 0x2020)
read$FUSE(r6, &(0x7f0000004180)={0x2020}, 0x2020)
read$FUSE(r6, &(0x7f00000061c0)={0x2020}, 0x2020)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r7, 0x40045564, 0x9)
write$uinput_user_dev(r7, &(0x7f0000000080)={'syz1\x00', {0x1b10, 0x0, 0x1, 0x2}, 0x2f, [0x2, 0x1, 0x704d, 0x1, 0x5, 0x1, 0x2, 0x7db, 0x4, 0xfffffc01, 0xfffffffb, 0x8, 0x1, 0x100, 0xfe, 0x48, 0x7, 0x5, 0x7ff, 0x8, 0x76, 0x8, 0x0, 0x81, 0x40, 0x19b1, 0x8000, 0x7, 0x7fff, 0x4000000, 0x7, 0x3, 0xe, 0x7, 0x1, 0x1, 0x5, 0xf, 0x7, 0x10001, 0x9, 0x7f, 0x8, 0x6, 0xb, 0x5, 0x6, 0x40, 0x7f, 0x9, 0x1, 0x6, 0x3, 0x2284919, 0x4, 0x5643fa73, 0xfffeffff, 0x6, 0x800, 0x2, 0x8a, 0x6, 0x1, 0x6], [0xffffffd2, 0x7fffffff, 0xffff, 0x8, 0xe62, 0x3, 0x0, 0x9, 0xc33, 0x3, 0x7, 0x800, 0x6c368000, 0x4, 0x7, 0x0, 0x10, 0x5, 0x8, 0x8001, 0x3, 0x7fff, 0x9, 0x0, 0x5, 0x4, 0x7, 0x8, 0x40, 0xc10, 0x80000001, 0x3, 0x3, 0x3, 0x7, 0x8, 0x8, 0x7, 0x4, 0x9, 0x5, 0x3, 0x2, 0x0, 0x0, 0x11e, 0xa4, 0x4, 0x5, 0xd69, 0x9, 0xf404, 0xf1, 0x3, 0x3, 0x1, 0x6, 0x6, 0x0, 0x6, 0x8, 0x6, 0x4, 0x68], [0x3, 0x1, 0x4, 0xfffffffc, 0x0, 0x7fff, 0x401, 0x9, 0x2, 0xffc, 0x7, 0x4, 0xc, 0x7, 0x6, 0xa, 0x6, 0x4, 0x5, 0x5, 0x2, 0x30000000, 0x644, 0x2, 0xfffffffd, 0x7, 0x5, 0x7f, 0x7ff, 0xd, 0x3fc, 0xf, 0x41, 0x81, 0xc99, 0x25a, 0x2, 0x0, 0x2, 0x5d9fffa, 0x3ff, 0xff, 0x1, 0x8, 0x10000, 0xe7, 0x200, 0x7af5, 0x2, 0xb, 0x0, 0xffff, 0x7, 0x6, 0x2, 0x81, 0x8, 0x2, 0x7, 0x100, 0x8, 0x0, 0x6, 0x10], [0xffffff80, 0xd5800000, 0x0, 0x4, 0x2, 0x62a, 0x3, 0x407, 0xb343, 0x4, 0x1, 0x8, 0x8000, 0x8, 0xffffff81, 0x80000000, 0x5, 0x3, 0x200, 0xfff, 0x3, 0xfffffffd, 0x3c63, 0x7, 0x6, 0xe6, 0xffffffff, 0x3, 0x2, 0x7, 0x1, 0x7, 0x7, 0x8, 0x1, 0xf, 0x9, 0x17ce, 0x0, 0x3, 0x6fe, 0xe, 0x7, 0x13a, 0x7, 0x0, 0xb757, 0x5, 0x11b, 0x996, 0x50, 0x8c1, 0x0, 0x5, 0x4, 0xf, 0x100, 0x10000400, 0x9, 0x7fff, 0x3, 0xfffffffb, 0xc, 0x2]}, 0x45c)
ioctl$UI_DEV_CREATE(r7, 0x5501)
write$uinput_user_dev(r7, &(0x7f0000000b00)={'syz0\x00', {0x9, 0x1, 0x101, 0x8}, 0x22, [0x80, 0x6, 0x56, 0x80000001, 0x1922, 0x2, 0x67a8, 0x9, 0x0, 0x2, 0x9, 0x8, 0x5e5, 0x800, 0x2, 0x9, 0x3ff, 0x20, 0xddf, 0x1, 0x1ff, 0xfffffff8, 0x1, 0x5, 0x5, 0x23, 0x5, 0xffff, 0xffff8000, 0xfffffffd, 0x3, 0x6, 0xfffffff9, 0x1, 0x4, 0x7, 0x2, 0x401, 0x94, 0x9, 0x4, 0x7, 0x3, 0x9, 0x10001, 0x3, 0x5, 0x401, 0x10001, 0x7ff, 0x40, 0xd, 0x1000, 0x5, 0x1, 0x101, 0x4, 0x80000001, 0x8, 0x8e, 0x6, 0x5, 0x3bf9, 0x91], [0xbd5, 0x9, 0x7f, 0x0, 0xfffffffc, 0x4, 0x6, 0x10001, 0x3, 0x80000001, 0x6, 0xfffffff9, 0x8, 0xe, 0xc, 0x4, 0x28f5, 0xc, 0x5, 0x38a5, 0xdaec, 0xd4, 0xfffffffb, 0x8, 0x3ff, 0x1, 0x8, 0x1, 0x200, 0x7fff, 0xfffffff9, 0x0, 0x1, 0x2f, 0x3b53, 0x8001, 0xeee, 0x9, 0x7b, 0x943, 0x8, 0xd, 0x29e, 0x1, 0x9, 0x10001, 0x3a, 0x4, 0xfffffffd, 0xf137, 0x4, 0x9, 0x9, 0x7f, 0x5, 0x9, 0x800, 0x1353, 0x35a29e2d, 0x0, 0x82b, 0x3, 0x1, 0x2], [0x0, 0x8, 0x400, 0x1, 0x9, 0xcf, 0xb, 0x10001, 0x9, 0x9, 0xfffff98d, 0x7, 0x75e2f897, 0x4, 0x6, 0x9, 0x5, 0x8001, 0x5, 0x918a, 0xdfc2, 0xffffffff, 0x5, 0xd, 0xb, 0x4, 0x10000, 0x7, 0x8, 0x2, 0x2, 0x0, 0x1, 0x5, 0xa73f, 0x6, 0x7, 0x1, 0x2, 0xffffffff, 0x9, 0x200, 0x77, 0x401, 0x0, 0x0, 0x1ff, 0x9, 0xa, 0x9, 0x52, 0x3, 0x8, 0x7, 0x80, 0xffffffff, 0x4, 0x8, 0x7, 0x7, 0x5, 0x9, 0x0, 0x1ff], [0x8, 0xfff, 0xe73, 0x1, 0x3, 0x127, 0x0, 0x8, 0x1ff, 0x7f, 0x6, 0x6, 0x7, 0x9ca, 0x9, 0x2, 0x4, 0x4, 0x8, 0xb8d, 0xbf6, 0x6, 0x5, 0x9, 0xfffffffe, 0x2, 0x2, 0x2, 0xff, 0x1, 0xcf, 0x3ff, 0x4, 0x3, 0x2, 0x369, 0x6, 0x1, 0x5, 0x1, 0xffffff3b, 0x8, 0x2, 0x8, 0xb, 0x1, 0x1, 0x0, 0x2, 0x5, 0x8, 0x7, 0x2, 0x1, 0x4, 0x7, 0x7f, 0xa4447459, 0x8, 0xf, 0x9, 0x8000c, 0x10, 0xc]}, 0x45c)
read(r2, &(0x7f0000008200)=""/119, 0x77)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

2m59.404357712s ago: executing program 3 (id=160):
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x40000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000006c0), 0x480380, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xaea2)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='cgroup.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
ioctl$BLKGETNRZONES(r2, 0x80041285, &(0x7f0000000140))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000100)=[@acquire={0x40046305, 0x1}, @register_looper], 0x51, 0x0, &(0x7f0000000340)="a89aff67520a7335b849b4f88a6db06e45e3f5e648a65b8003975be8a982d5135e161a783d3d01fddcbd838bac308358a7e349f333e620505e4cf1982c991b516a9e26b6bb537c85f5ad467697f0d78b9a"})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r4}, @fd={0x66642a85, 0x0, r4}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/uevent_helper', 0x0, 0x0)
read$rfkill(r5, &(0x7f0000000040), 0x8)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000300)={0x88, 0x0, &(0x7f0000000600)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x70, 0x18, &(0x7f00000001c0)={@ptr={0x70742a85, 0x0, &(0x7f0000000240)=""/189, 0xbd, 0x0, 0x8}, @ptr={0x70742a85, 0x1, &(0x7f0000000500)=""/248, 0xf8, 0x0, 0x6}, @fda={0x66646185, 0x0, 0x2, 0x4}}, &(0x7f0000000040)={0x0, 0x28, 0x50}}}, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000400)={@fd={0x66642a85, 0x0, r4}, @ptr={0x70742a85, 0x0, &(0x7f0000000340)=""/165, 0xa5, 0xfffffffffffffffc, 0x38}, @flat=@weak_binder={0x77622a85, 0x1000, 0x3}}, &(0x7f0000000100)={0x0, 0x18, 0x40}}}], 0x0, 0x0, 0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x1de, 0x0, 0x9}]})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/custom0\x00', 0x2, 0x0)

2m44.378450135s ago: executing program 32 (id=160):
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x40000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000006c0), 0x480380, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xaea2)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='cgroup.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
ioctl$BLKGETNRZONES(r2, 0x80041285, &(0x7f0000000140))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000100)=[@acquire={0x40046305, 0x1}, @register_looper], 0x51, 0x0, &(0x7f0000000340)="a89aff67520a7335b849b4f88a6db06e45e3f5e648a65b8003975be8a982d5135e161a783d3d01fddcbd838bac308358a7e349f333e620505e4cf1982c991b516a9e26b6bb537c85f5ad467697f0d78b9a"})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r4}, @fd={0x66642a85, 0x0, r4}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/uevent_helper', 0x0, 0x0)
read$rfkill(r5, &(0x7f0000000040), 0x8)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000300)={0x88, 0x0, &(0x7f0000000600)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x70, 0x18, &(0x7f00000001c0)={@ptr={0x70742a85, 0x0, &(0x7f0000000240)=""/189, 0xbd, 0x0, 0x8}, @ptr={0x70742a85, 0x1, &(0x7f0000000500)=""/248, 0xf8, 0x0, 0x6}, @fda={0x66646185, 0x0, 0x2, 0x4}}, &(0x7f0000000040)={0x0, 0x28, 0x50}}}, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000400)={@fd={0x66642a85, 0x0, r4}, @ptr={0x70742a85, 0x0, &(0x7f0000000340)=""/165, 0xa5, 0xfffffffffffffffc, 0x38}, @flat=@weak_binder={0x77622a85, 0x1000, 0x3}}, &(0x7f0000000100)={0x0, 0x18, 0x40}}}], 0x0, 0x0, 0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x1de, 0x0, 0x9}]})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/custom0\x00', 0x2, 0x0)

2m26.728777929s ago: executing program 1 (id=635):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/cpuinfo\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000004140)={0x2020}, 0x2020)
read$FUSE(r0, &(0x7f0000000180)={0x2020}, 0x2020)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f00000006c0)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSIG(r3, 0x40045436, 0x0)
write$cgroup_int(r2, &(0x7f0000000200), 0x12)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000000)=@x86={0x3, 0x4, 0xf, 0x0, 0xac, 0x6, 0x4, 0x9, 0x8, 0x9, 0x6, 0x7, 0x0, 0x1, 0x1, 0x4, 0x7, 0x1, 0x1, '\x00', 0x0, 0x8000000000000001})
ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f00000005c0)={{0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x10}, {0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x2000, 0x5000, 0xc, 0x0, 0x7, 0x2, 0x8, 0x0, 0x0, 0x0, 0xfe, 0xfc}, {0x3000, 0x8000000, 0x0, 0x8, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4}, {0x10000, 0x1, 0xd, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x3c, 0x0, 0x13}, {0x10000, 0x3000, 0x0, 0x0, 0x0, 0x3, 0x2}, {0x0, 0x5000, 0xe, 0xfe}, {0xeeee8000, 0x0, 0x0, 0x0, 0x0, 0x8f, 0x0, 0xa, 0x26, 0x4}, {0x80a0000}, {0xdddd1000, 0x8}, 0xddf8ffdb, 0x0, 0x0, 0x2b, 0x0, 0x3800, 0x0, [0x0, 0x0, 0x1]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000040)={[0x9, 0x1000, 0x1, 0x0, 0x40, 0x6, 0x6, 0x8, 0x8001, 0xffff, 0x5, 0x8001, 0x9, 0x3, 0x200, 0x4], 0xffff1000, 0x10000})

2m26.584439631s ago: executing program 1 (id=638):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x28482, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'pim6reg\x00', 0x112})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000340)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff024}, {0x6}]})
r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0xdc, 0x0, &(0x7f0000000400)=[@release={0x40046306, 0x2}, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000080)={@flat=@binder={0x73622a85, 0x110a, 0x3}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000040)=""/24, 0x18, 0x2, 0x20}}, &(0x7f0000000100)={0x0, 0x18, 0x30}}}, @reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000240)={@fd={0x66642a85, 0x0, r1}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000180)=""/81, 0x51, 0x0, 0x39}}, &(0x7f00000002c0)={0x0, 0x18, 0x30}}}, @release={0x40046306, 0x2}, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000340)={@fda={0x66646185, 0x3, 0x1, 0x5}, @fd={0x66642a85, 0x0, r3}, @flat=@handle={0x73682a85, 0x100a, 0x3}}, &(0x7f00000003c0)={0x0, 0x20, 0x38}}}], 0x0, 0x1000000, 0x0})

2m26.396538095s ago: executing program 1 (id=640):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4f, 0x0, &(0x7f0000000140)="6efa86ba44c4dcef07b59db7e9a27f48a6e930da91c08c993e71a416eb2235d1314cf41411de9aa874429c871656ff38656d42c237a569b22dc9923150d6eb5b381125c2173cdb022eb5d8fc7a7df7"})
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000140)={0x8000000, 0x104000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000140), 0x82084, 0x0)
ioctl$TCSETSF2(r7, 0x402c542d, &(0x7f0000000100)={0xfffffffc, 0x7, 0x2, 0x9, 0x9, "ea7174ddb80fc7000002f7ffffffffd2a2d975", 0x2, 0x4})
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000180)=0x2)
ioctl$KVM_GET_TSC_KHZ(r2, 0xaea3)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0xc0000080, 0x0, 0x400}]})
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f0000000200)=ANY=[@ANYBLOB="636f6e746578743d73792274656d5f75dd47d0b90b893a03ffdf"])

2m25.980457221s ago: executing program 1 (id=646):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x5cdf42, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r4, 0x4068aea3, &(0x7f00000004c0)={0x79, 0x0, 0x3})
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000140)=ANY=[@ANYBLOB="01000000000000000100000002000000000000000000007f00ec97630000f1ffffff", @ANYRES64=r3])
ioctl$KVM_CAP_X2APIC_API(r4, 0x4068aea3, &(0x7f0000000000)={0x81, 0x0, 0x3})
ioctl$KVM_GET_LAPIC(0xffffffffffffffff, 0x8400ae8e, &(0x7f0000000180)={"1d564548e22e33bf39d846a38e60c254a359c90b65ca6944d651b3eed40a520ad0446eb4080030e5cc154b0935cbc3ab013ea359afc0d1c90d01d830bb1f715588e3649ca9bee7dda3cee9227c1dbb1520b46fc84ab3d7f0498fc8907bc2c3d127bab755410c53fd90563e20d94dbf1f32bcda1713568594dc88cc2f309173465bab6f4de363f7ac1c3c992f083f2db3f36f8ec64cc80c7a93ca5e7ffee15095c259f32799b1a7fcfde2c33d305d2dfc11142b8acc617ed24a6d82b36cd647ae648c9bdb7cea7b80263940aeb0a6f9c5da1b4e5c9a9a559b4043be31722ee79a8e91558fc102c8a369d28026fc4a1b578cab5c2add817e29cda5a39549813fec24ffcc4df05256c0237870d73de27e8d9b3b5f9081355af1ddb959420b26c7e4585c1a51655cb69c12181df6e91ee572c18be9fe50a2b36d4a4cdd41fa11e6160f4eaf8c5f3a68d89cc70dfe44f96d240cf0f5c556d0640ec50827d2c9bbdbe8e3fb3c09d086da7a6f02cbb2b66a9f097164ece7736e275c73b0908724fb955674a4ebd5a1482bf8b79ffd99a72b27d732eb14c492bac08dc050c50a0ad67534c2c849b2cbf00b8b6c5feb6696e6e84d315c74fd31df3d2c52f4f6ffd1648d1323fbd8e9416e9dbf296db3de9f4ef1c3639717b754067fb7846c7a319394a6eb7a2982dc733f7289d5e25d510a2eab75b4e49b4637b158bef466e55ffd6c31e6dfeac829f24da35edd7b25c39aeb00621b0c3ef052d2bd8b8d698a23a5f6869dba65e25ae2804802ad2a3d52dba7b9785dd77f9e3d16c0890061cb5437280a127751698ebb78dc72b8d343689ca6c9475dd5d58b954271acbfe6901d584fda8a7b5139d7f389909ee60babb6328c0f7e41ac06a1d339cbb0cc22f0a0bd0875704de018f5e8a453f471beb9c553e8a6969418fd9b95721139f990cfb9b91881afba9688be827998635baa734127c6ec96e931909466a2e1541a35ef66285ab71007e9b1b50a85ddcd829115cf4c9184c0d0fe13eb3fc7027947f69de47013944c6ed2e5fa1b4cb39cf41e9b8270c048995a09efcfa480b9065433625c335bc36dcfa80b35f8deae55a1b7a315bc2a6942fb0a75948b711feecc5f2e929ae29a65efb7e8bbdbce53e4c5ce173ac99fbc61b808c27cf5371c88456c5caf80c342480ab36741a005b9295c8188c79f537f97bed37b470f3aa1aa175c698ce9dc93ee462a23c5deec0294242fbecd00d6dc75c6dbe1ba0c4d7b6d57404eb6dcf97168da5cfe6cfe89d6dec9e918dabfa27b36fb37de69979b119e404effb4d739ffb5e544a55dd5fe4aad00068e14b3263d8da0af5bde8fe7885d6c837c3dfc03aecf91253a611b401d5057e6e7a5d1c8632974f4d1252432e1507d13193acae2e7f864bbd4b4346bbfba19458f450f98eac638839777b4dbda74edba28a558e6f50a"})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f0000000000)=@x86={0x5, 0x5, 0x17, 0x0, 0x3, 0xf9, 0x2, 0x79, 0xff, 0x8, 0x1, 0x1, 0x0, 0x8, 0x5, 0x4, 0x72, 0x7, 0xfa, '\x00', 0x3})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1000, 0x4000, 0x1})
r9 = openat$selinux_policy(0xffffff9c, &(0x7f0000000100), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r9, 0x0)
read(r0, &(0x7f0000000040)=""/106, 0x6a)

2m25.770720474s ago: executing program 1 (id=651):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4602, 0x0)
ioctl$BLKRRPART(r0, 0x125f, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x12)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000280)={{0xfffe, 0x60}, 'syz0\x00', 0x19})
ioctl$UI_DEV_CREATE(r1, 0x5501) (async, rerun: 32)
write$uinput_user_dev(r1, &(0x7f0000000e80)={'syz0\x00', {0x3f, 0x9, 0x8, 0xe}, 0x200012, [0x3, 0x8, 0x76f, 0x3, 0x8001, 0x5, 0x63e, 0xfffffffd, 0x3, 0xc, 0x9, 0x1, 0x3, 0x9, 0x9, 0xb0c, 0x8, 0xa3d0, 0x7, 0x7b, 0x5, 0xbc2f, 0x4, 0x80000001, 0xfffffffe, 0x3, 0xa, 0xf, 0x8, 0xd2f1, 0x7, 0xffffffff, 0x3, 0xe, 0x3, 0x0, 0x1ff, 0x47f2, 0x80000000, 0x4, 0x0, 0x7, 0x5, 0x29e, 0x2, 0x2, 0x9, 0xdf26, 0x1, 0x40, 0x4, 0x8, 0x80, 0x3, 0x9, 0x1a, 0x3, 0x5, 0x5, 0x9, 0x8000, 0x80000000, 0xcd, 0xfff], [0x6, 0x227, 0x9, 0x7, 0x8, 0x5, 0x81, 0x45, 0xc322, 0x6000, 0x7, 0x2, 0xf0, 0x1, 0x90000, 0x798, 0x7ff, 0x7, 0xa, 0xb, 0x9e, 0xd1a, 0x0, 0x1, 0x2, 0xa, 0x0, 0x5, 0x2, 0x101, 0xfff, 0xfff, 0x1, 0x401, 0x5, 0x0, 0x1000, 0x5, 0x10, 0x4, 0x7fffffff, 0x3ea1, 0xfffffffa, 0x2, 0xfffffff9, 0x1, 0x6, 0x400, 0x2243ccfc, 0x8455, 0x0, 0xb, 0xffffffa8, 0xdc9b, 0x0, 0x4, 0xff, 0x5, 0x1, 0x4, 0x2, 0xd5c, 0x6, 0x6], [0x1, 0x7fff, 0x1, 0x6b, 0x9, 0x3, 0x8, 0x80000000, 0x2, 0x5, 0x6, 0x0, 0x4, 0x40, 0x7, 0x2, 0x6, 0x8, 0xe2, 0x80000001, 0x7fffffff, 0x8, 0x401, 0x4, 0xc7, 0x4, 0x2, 0x6, 0x2, 0x648, 0x1, 0x10001, 0x4f68, 0x5, 0x40, 0x1, 0xc, 0x3, 0xffff, 0x7, 0x9, 0x1, 0xc0c, 0xcd, 0x9, 0x2, 0x401, 0x0, 0xd, 0x9, 0x0, 0x10, 0x7ff, 0x0, 0x7, 0x8a, 0x5, 0x2, 0x3, 0x2, 0x5, 0x0, 0x3, 0x3], [0xc51, 0x2, 0x8, 0x1, 0x9, 0x3, 0x7fff, 0x10000, 0x1, 0x6, 0x200, 0x7, 0x5, 0x0, 0x9, 0x8, 0x3, 0x10, 0x6, 0xd2, 0x8, 0x1ff, 0x400, 0x4, 0xb, 0x9, 0xfbd, 0x9, 0x0, 0x2, 0x1, 0xed, 0x6, 0x2, 0x5, 0xfff, 0xe79, 0x20c, 0xe0, 0x2, 0x3ff, 0xfffffffe, 0x9, 0xa, 0x100, 0x9, 0x3ff, 0x8e6, 0x3, 0x200, 0x9, 0x2, 0x3, 0x0, 0xb7, 0xc, 0x0, 0x9, 0x4, 0x4, 0x3, 0xcd87, 0x8001, 0x9]}, 0x45c) (rerun: 32)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace', 0x2202, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000080)=ANY=[@ANYBLOB='-5'], 0x9) (async)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000280)=0x10)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000000eeff97000040"]) (async)
prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x10) (async)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x0) (async, rerun: 32)
ioctl$BLKFRAGET(r3, 0x1265, &(0x7f0000000000)) (rerun: 32)

2m25.40051825s ago: executing program 1 (id=657):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x10802, 0x0)
ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000040)=0x1) (async)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000080)={0xeaa, 0x7, 0x5}) (async)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000100)=0x1000000) (async)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2000000, 0x20010, r0, 0x9bc4a000) (async)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
ioctl$BLKROSET(r2, 0x125d, &(0x7f0000000180)=0x400)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_GET_NESTED_STATE(r3, 0xc080aebe, &(0x7f00000001c0)={{0x0, 0x0, 0x80}}) (async)
r4 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000002240), 0x0, 0x0)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000002280)={0xf84d69798a4c56ea})
ioctl$VHOST_SET_VRING_NUM(r1, 0x4008af10, &(0x7f00000022c0)={0x1, 0x9}) (async)
ioctl$BLKRRPART(r4, 0x125f, 0x0)
ioctl$BLKRRPART(r4, 0x125f, 0x0)
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000002300), 0x600081, 0x0)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f0000002340)={0x5, 0xb8, 0x5, 0x100000001, 0xc, 0xd1ac}) (async)
ioctl$RNDCLEARPOOL(r4, 0x5206, &(0x7f0000002380)=0x7) (async)
ioctl$BLKROGET(r5, 0x125e, &(0x7f00000023c0)) (async)
ioctl$BLKRRPART(r4, 0x125f, 0x0)
ioctl$PPPIOCSMRRU(r4, 0x4004743b, &(0x7f0000002400)=0x2) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000002440), 0x70800, 0x0) (async)
ioctl$KVM_GET_XSAVE2(r4, 0x9000aecf, &(0x7f0000ffc000/0x4000)=nil) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000002480), 0x940, 0x0) (async)
r6 = openat$cgroup_ro(r4, &(0x7f00000024c0)='net_prio.prioidx\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFLAGS(r6, 0x80086601, &(0x7f0000002500))
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000002540), 0x48800, 0x0)
ioctl$TIOCSISO7816(r7, 0xc0285443, &(0x7f0000002580)={0x8, 0x10001, 0x1, 0x4, 0x9e})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000025c0)=0x1)

2m10.385588203s ago: executing program 33 (id=657):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x10802, 0x0)
ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000040)=0x1) (async)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000080)={0xeaa, 0x7, 0x5}) (async)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000100)=0x1000000) (async)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2000000, 0x20010, r0, 0x9bc4a000) (async)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
ioctl$BLKROSET(r2, 0x125d, &(0x7f0000000180)=0x400)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_GET_NESTED_STATE(r3, 0xc080aebe, &(0x7f00000001c0)={{0x0, 0x0, 0x80}}) (async)
r4 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000002240), 0x0, 0x0)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000002280)={0xf84d69798a4c56ea})
ioctl$VHOST_SET_VRING_NUM(r1, 0x4008af10, &(0x7f00000022c0)={0x1, 0x9}) (async)
ioctl$BLKRRPART(r4, 0x125f, 0x0)
ioctl$BLKRRPART(r4, 0x125f, 0x0)
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000002300), 0x600081, 0x0)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f0000002340)={0x5, 0xb8, 0x5, 0x100000001, 0xc, 0xd1ac}) (async)
ioctl$RNDCLEARPOOL(r4, 0x5206, &(0x7f0000002380)=0x7) (async)
ioctl$BLKROGET(r5, 0x125e, &(0x7f00000023c0)) (async)
ioctl$BLKRRPART(r4, 0x125f, 0x0)
ioctl$PPPIOCSMRRU(r4, 0x4004743b, &(0x7f0000002400)=0x2) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000002440), 0x70800, 0x0) (async)
ioctl$KVM_GET_XSAVE2(r4, 0x9000aecf, &(0x7f0000ffc000/0x4000)=nil) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000002480), 0x940, 0x0) (async)
r6 = openat$cgroup_ro(r4, &(0x7f00000024c0)='net_prio.prioidx\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFLAGS(r6, 0x80086601, &(0x7f0000002500))
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000002540), 0x48800, 0x0)
ioctl$TIOCSISO7816(r7, 0xc0285443, &(0x7f0000002580)={0x8, 0x10001, 0x1, 0x4, 0x9e})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000025c0)=0x1)

1.94046076s ago: executing program 4 (id=2636):
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='.!.^.\x00')
prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='.!.^.\x00')
prctl$PR_SET_NAME(0xf, &(0x7f0000000080)='.!.^.\x00') (async)
prctl$PR_SET_NAME(0xf, &(0x7f00000000c0)='.!.^.\x00') (async)
prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='/}1\'}-\x00')
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='^\x00') (async)
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='\xf2.}#\x86\x00') (async)
close(0xffffffffffffffff) (async)
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='.!.^.\x00') (async)
r0 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/fs/binfmt_misc/syz3\x00', 0x2, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) (async)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000002c0)={0xa, &(0x7f0000000240)=[{0x8, 0x0, 0xb0}, {0x8, 0x14, 0x78, 0x1000}, {0xc, 0xab, 0xf5, 0x1}, {0x6, 0x8, 0x4, 0x7ff}, {0x9, 0x80, 0x7, 0xff}, {0xd, 0xb, 0x2, 0x6}, {0x0, 0x2b, 0x85, 0x6}, {0x5, 0x6, 0x22, 0x8000}, {0x252, 0x44, 0x40, 0x8000}, {0x6, 0xd, 0x0, 0x1}]}) (async)
r1 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0)
close(r1) (async)
write(r1, &(0x7f0000000380)="e6c33881085746f225ef88a77f3868782e9f3d0b00372fc8e528305462bf9719578cc2617ce7462cf11dcee32056ebfad33bc79ce186574f640435b17682888fd2afc5b8dc1f57474f8d91584bfeedbb4436938b850c790ae271fd0843b4aa1fb1e96dd46598d858d9a36afc5816166df1ca8e11b33ec9c2b73d9ca61e78f8ebdcfba6cb5e2b3a403cd2", 0x8a) (async)
close_range(r1, r1, 0x2) (async)
r2 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000440), 0xc0080, 0x0)
write$rfkill(r3, &(0x7f0000000480)={0x8001, 0x3, 0x1, 0x1}, 0x8)
prctl$PR_MCE_KILL(0x21, 0x0, 0x0) (async)
prctl$PR_MCE_KILL(0x21, 0x0, 0x2)
read$FUSE(r0, &(0x7f00000004c0)={0x2020}, 0x2020) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
prctl$PR_SET_NAME(0xf, &(0x7f0000002500)='.!.^.\x00') (async)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000002540)=0x8) (async)
close(r3) (async)
prctl$PR_SET_NAME(0xf, &(0x7f0000002580)='.!.^.\x00') (async)
prctl$PR_SET_NAME(0xf, &(0x7f00000025c0)='}\x00') (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000002600), 0x200, 0x0) (async)
syz_clone(0x76aad1e6c1ca76a, &(0x7f0000002640)="2ddb67b73165176faf59aeb79526676f456ffd8ac3709e0af023670bdc9144d33b528bba01bb653bf566b890bd83226da13f0e5bffbe7cad396428814c824c2aa9f542b2a4fc91ac9408f507c287a4e1c846121ee211a3ff23842e7a4c72243d519bdbf3545a7b6dc83e23f39058d1d8e08eec27976a796dc86ed89a", 0x7c, &(0x7f00000026c0), &(0x7f0000002700), &(0x7f0000002740)="59eecb837b917d85b13a942bcd295a79bc72901554a41d7e767c2e762d89ee524b289d6eb195cdf28685a057534399eb57bec6657a99f6536415a3dc139b6218f774dee264fb2ef8c9ccdc19e57ed9d9d966487277a336df1013a28d8a568f5474a35bd36bc356f48b948f061269b62b3c5c3162a5de6eacd4c90d84985a626ff38d07ed372ca6473b614676b2")

1.870867221s ago: executing program 4 (id=2638):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000001d80), 0x802, 0x0)
ioctl$UI_END_FF_ERASE(r0, 0x400c55cb, &(0x7f0000000000)={0x2, 0x0, 0x126})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000001d80), 0x802, 0x0)
ioctl$UI_SET_PROPBIT(r2, 0x4004556e, 0x1e)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
close_range(r1, r3, 0x0)
write$UHID_DESTROY(r3, &(0x7f0000000100), 0x4)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r4, 0x4068aea3, &(0x7f0000000240)={0x8f, 0x0, 0x8})
ioctl$int_out(r4, 0x2, &(0x7f00000002c0))
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000580)={@ptr={0x70742a85, 0x0, &(0x7f00000001c0)=""/75, 0x4b, 0x1, 0x35}, @fda={0x66646185, 0x40000007, 0x0, 0x16}, @ptr={0x70742a85, 0xfffffffc, 0x0, 0x0, 0x1}}, &(0x7f00000004c0)={0x0, 0x28, 0x48}}, 0x400}], 0x0, 0x0, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x410000, 0x0)

1.720497693s ago: executing program 4 (id=2640):
openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x402, 0x0)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000040), 0x2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x2)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000083c0)={{0x1, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x40800)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x1, 0x0, 0x4}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r4, 0x2000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r4, 0xc2a4a000)

1.564401625s ago: executing program 4 (id=2643):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat$cgroup(r1, &(0x7f0000000080)='syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001480)='./cgroup/syz1\x00', 0x200002, 0x0)
mkdirat$cgroup(r2, &(0x7f0000000240)='syz1\x00', 0x1ff)
r3 = openat$cgroup_ro(r2, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12)
write$cgroup_type(r3, &(0x7f00000000c0), 0x9)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x121400, 0x0)
ioctl$TCGETS(r3, 0x5401, &(0x7f0000000140))
r5 = openat$cgroup_int(r4, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0x8}, {0x6}]})
write$cgroup_subtree(r5, &(0x7f0000000800)=ANY=[@ANYBLOB='1-'], 0x31)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x22052, r0, 0xfffff000)

1.124351382s ago: executing program 0 (id=2649):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000}) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x720, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c"}) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(r2, 0x4068aea3, &(0x7f0000000240)) (async)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x4000002a, 0x0, 0x4}]}) (async)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000100)={{0x10000, 0x4000, 0x10, 0x3, 0x12, 0x3, 0x2, 0x1, 0xce, 0xfb, 0x40}, {0xd000, 0x2000, 0xc, 0x3, 0x7, 0x6, 0x4, 0x8, 0x20, 0xf, 0x0, 0x81}, {0x1000, 0x10000, 0x8, 0x10, 0x8, 0x3, 0xc, 0xf, 0x81, 0x4, 0x8, 0xa8}, {0x100000, 0xd000, 0xb, 0x9, 0x4, 0x3, 0x7, 0x4, 0x67, 0x4, 0x6, 0x8}, {0x100000, 0x5000, 0xa, 0xa5, 0x0, 0x4, 0xa, 0x3, 0x29}, {0x3000, 0x10000, 0xf, 0x5, 0x30, 0xc, 0xf, 0xc5, 0x0, 0x6b, 0x1b, 0x1}, {0xf000, 0x10000, 0xb, 0x3, 0x3, 0x3, 0x3, 0x7, 0x6, 0x2, 0x3, 0xa}, {0x2, 0x10f000, 0x10, 0x2, 0x4, 0x14, 0x2, 0x56, 0x23, 0x3, 0xf7, 0x5}, {0x100000, 0x401}, {0x4000, 0x1477}, 0x90000010, 0x0, 0x3000, 0x4002, 0x1, 0x901, 0x0, [0x7, 0x9, 0x5]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845}) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000180)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0})

1.022737424s ago: executing program 0 (id=2652):
r0 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x10) (async)
read(r0, &(0x7f0000000080)=""/181, 0xb5) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/custom0\x00', 0x802, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r1, 0xc018620c, &(0x7f0000000180)={0x3}) (async)
r2 = openat$selinux_create(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) (async)
ioctl$BTRFS_IOC_START_SYNC(r1, 0x80089418, &(0x7f0000000200)=<r3=>0x0)
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r2, 0x50009418, &(0x7f0000000240)={{r0}, r3, 0x8, @unused=[0x0, 0xf9, 0x6, 0x100000000000000], @subvolid=0x8}) (async)
write$selinux_create(r2, &(0x7f0000001240)=@access={'system_u:object_r:system_cron_spool_t:s0', 0x20, 'unconfined', 0x20, 0xdc}, 0x49) (async, rerun: 64)
ioctl$TIOCGPKT(0xffffffffffffffff, 0x80045438, &(0x7f00000012c0)) (async, rerun: 64)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r2, 0x40309410, &(0x7f0000001300)={0x2, 0x4, 0x2, 0x1, 0x3, [0xfffffffd, 0x1, 0xc, 0x6]}) (async)
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001340), 0x0, 0x0) (async)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000001380)=<r5=>0x0)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f00000013c0)={'\x00', 0x5, 0x10000, 0x1, 0x0, 0x88b5, <r6=>r5}) (async)
r7 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001440), 0x81, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r7, 0x40806685, &(0x7f0000001580)={0x1, 0x2, 0x1000, 0x17, &(0x7f0000001480)="f2cd566d670591a1ddd612ee614b0dc90e82856d49f371", 0xb2, 0x0, &(0x7f00000014c0)="79dd751c70a1ae96ffbca0fc6ee552aab5a73236a23dd83c86c9109daf14433a5fb80043033e2a817bce874d8a571451dacd11e75c61801b182667b83049eb7f3682b3f9f8da3ccf6260a671ac6bde96c6cdf58793e90e5a2697e1399b19865cde1aa5ceedc687fbb4c2eae19583fb2856e00d3cbe4376d56d3f2912ad190c6f43e69b5ec3eef5aa5eb15f41ea1fc4a2d674f4cfccc1f4883ba29d6e86f5d81b77dc7cfb429f2595cc86a7604c168c0d709f"}) (async)
r8 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000001600), 0x2, 0x0)
ioctl$BLKFINISHZONE(r8, 0x40101288, &(0x7f0000001640)={0x5, 0x7})
ioctl$KVM_GET_FPU(r8, 0x81a0ae8c, &(0x7f0000001680)) (async)
ioctl$PPPIOCGIDLE64(r8, 0x8010743f, &(0x7f0000001840)) (async)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000018c0)={0x1, &(0x7f0000001880)=[{0xd62, 0x3, 0x8, 0x2}]}) (async, rerun: 64)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000001900)={0x0, 0x3, 0x100000000, 0x8}) (async, rerun: 64)
ioctl$BTRFS_IOC_SYNC(r8, 0x9408, 0x0) (async, rerun: 64)
ioctl$BLKRRPART(r4, 0x125f, 0x0) (async, rerun: 64)
ioctl$HDIO_GETGEO(r8, 0x301, &(0x7f0000001940)) (async)
write$uinput_user_dev(r8, &(0x7f0000001980)={'syz0\x00', {0x2, 0x3a0e, 0xfff9, 0x2}, 0x1b, [0x2, 0x2, 0xd, 0x40, 0x9, 0x1c3, 0x8, 0x8, 0xffffffb7, 0x2, 0xc8, 0x5, 0x101, 0xa81, 0x2, 0x9, 0x9, 0x915, 0x3, 0x4, 0x3, 0x6, 0x6d, 0x8001, 0x1ff, 0xf, 0x1, 0x5, 0x3, 0x2, 0x7, 0x800, 0x2, 0xfffffffa, 0x82e7, 0x816, 0x5, 0x5, 0x7e, 0x6, 0x9, 0x4, 0x10000, 0x80000000, 0x5, 0x7, 0x1ff, 0x0, 0x9, 0x3, 0x3, 0x7fffffff, 0x3, 0x0, 0x8000, 0x6, 0x8, 0x81, 0x10000, 0x0, 0xffff, 0xfffffff7, 0x3, 0x8], [0x6, 0x1690, 0x10000, 0x9, 0x35d9, 0x0, 0x3, 0x7b18, 0x0, 0x9, 0x0, 0xe, 0x80000000, 0x6, 0x9, 0x7ba71bad, 0x65f, 0x3, 0x3, 0x4, 0x8, 0x1ef0, 0x7, 0x2, 0x10, 0x4, 0x200, 0x7, 0x0, 0xcc2b, 0x49ad, 0x6, 0x5, 0x101, 0x5, 0x80000001, 0x3, 0x3, 0x10001, 0x10, 0x4, 0xffffffff, 0x8, 0x3, 0x6, 0x800, 0xffffc05f, 0x4, 0x800, 0x9, 0xda9d, 0xffffffff, 0x5, 0x800000, 0x1, 0x28, 0xfffffffa, 0x100, 0x9, 0x7, 0x0, 0x6, 0x5, 0x8], [0x1, 0x7, 0xe, 0xe7d, 0xfffffff9, 0x2, 0x8001, 0x7, 0x6, 0x1, 0x178, 0x3, 0x6, 0x3, 0xffff8000, 0x7, 0x80, 0x0, 0x7f, 0x9, 0x8000, 0x7, 0x10001, 0x3c, 0x5, 0x9, 0x3, 0x7, 0x6, 0x0, 0xa, 0xe1e, 0xe, 0x0, 0x4, 0x2, 0x0, 0x7, 0x1, 0x2, 0x4, 0x7, 0xff, 0x4, 0x6, 0x2, 0x80, 0x5, 0x9, 0x8, 0x7, 0x6, 0x4, 0x2, 0x1000, 0x8, 0x5, 0x8, 0x6, 0x0, 0x381984, 0x2e1, 0x30000, 0x1], [0x5, 0x6, 0xc, 0x5, 0x3, 0xfffffffc, 0x6, 0x8, 0x81, 0x3, 0x3f9, 0x6, 0x3, 0xf70c487, 0x5, 0x0, 0x1, 0x6, 0x6, 0x3ff, 0x4, 0x6, 0x0, 0x1635, 0x9, 0x5, 0x12, 0x7, 0x9, 0x61, 0x0, 0x1ff, 0x2a, 0x2, 0xc, 0x7, 0x2, 0xe, 0x7, 0x4, 0x6, 0x9, 0x7, 0x0, 0x2, 0xfff, 0x8, 0x7, 0x2, 0x10001, 0x6, 0x1, 0x6, 0x1, 0x3, 0x8, 0xba, 0x3, 0x1000, 0x10001, 0x0, 0x5, 0x9]}, 0x45c) (async, rerun: 32)
ioctl$RTC_ALM_SET(r8, 0x40247007, &(0x7f0000001e00)={0x20, 0x36, 0x10, 0x8, 0x8, 0x4, 0x1, 0x10d, 0xffffffffffffffff}) (async, rerun: 32)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000001e40), 0x140, 0x0) (async, rerun: 64)
read$FUSE(r8, &(0x7f0000001e80)={0x2020}, 0x2020) (async, rerun: 64)
syz_clone3(&(0x7f00000041c0)={0x200000, &(0x7f0000003ec0), &(0x7f0000003f00), &(0x7f0000003f40), {0x14}, &(0x7f0000003f80)=""/166, 0xa6, &(0x7f0000004040)=""/190, &(0x7f0000004180)=[r6, r5, 0x0], 0x3, {r8}}, 0x58)

900.366475ms ago: executing program 0 (id=2653):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
ioctl$BLKBSZGET(r0, 0x80081270, &(0x7f0000000000))
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_SET_TIME(r1, 0x40247007, &(0x7f0000000040)={0x102, 0x30, 0x14, 0x1d, 0xfffbfffc, 0x0, 0x0, 0x0, 0x1})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_BEGIN_FF_ERASE(r6, 0xc00c55ca, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x103183, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r8, 0x4068aea3, &(0x7f0000000040)={0xed, 0x0, 0x1})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000240)=@x86={0x10, 0x8, 0x5, 0x0, 0x3, 0xe, 0x6, 0x7, 0x0, 0xca, 0x6, 0x1, 0x0, 0x278c, 0x8, 0x3, 0x6, 0x5, 0x10, '\x00', 0x28, 0x80000001})
ioctl$BTRFS_IOC_SNAP_CREATE(r8, 0x50009401, &(0x7f0000001180)={{r0}, "a74cc90879257588565562d77ee1a482cb8073081f7e4ca9fd0474015d81e2e58e74269eddbdd373b470c8a4c6cdddf2d9ddc8a70100f28661ea45e49951d754b2f51bd1e9f56c38af6657a8ac8700113a97f574453769c68a96ba6a99a2571c77c1facc3b2f9c33d0a46f97dedd7819f7a773102a129f74cb6d783302ab9c38370c575e029f01cef95a61dc78d3f26e53f9004e1940a725af6d4d71152eafe80fe37023bc0274a5212bf5496517a49074318a87ff17c8e24ccf7614380cd2745e4c3eeaa08d9f8ff41bf41c9f0177f7f3b06a14a84c1773027c67576790b8ada2ee9dd99f0fe914930664eb202dd5334504bb3a395fbe1229ddd366bf9b863a3d893b5a4e6927334598606c4a744cee2fe171034933ac3d4e747d0ac75da5314e7c52ee57a1ddc3bddf00a01cffc247686a8ba93ac6e4b62f3387e81b4f5856485a94e26ad434c579381d27c653ff77a6fbdf696515f6ae73faa71d6b6ea1190aa5e6c440fc5842bdcaa5def96eadab13299f42a48d0ff84c640bb48fcf352ee83b2d6a789ffa9725da0ae6c0d78d95ca8d6dbdcc2427191499091fc85204e11bbcd59a1511a7fc4099012e8fd03767a21843bd4949a6741e9ab1307f13681fc22f3b2fd311f8556f93c1b57c0255b6226627d7e5ff70127beef2cb0e8f3263117a8ccd1c0e0b6ca7668f44086e78237a170a4c4ffb3ae88d08d0f58839681626c9483ffc21d077f5a717c5b469e8e18b4391eb6f5a98ddfbccfecf6565b485c5039843826c9c44db0372f9ac592cc072cf10fd770c3fb139ef01d7e643c589c3cef57fb4b2acd27f89f0310f2cc60266869ac898d4bb64669f8dc336e12ba6c46f04598eda9e4c03d5d226fe10f06c9a7ead05438da6554732cc025fdc533b203ac77c007800c3691508d1816cc20e0bb0e32f6a6a265c816bbfa437982b408ae65f57b3395dd6806c41b5a6c9633e7910311ad27ed83193fa049ad0e7ecaf289ce47eece57d76198d318f0df82d60c6364066427385c3c3e7c7c361183b8cc27ac52976e6ce6a6cdcca6b9f01fe855d12c9a60ec334bbd9f5d7a472b7578706eb3bc64fc3a15c138252350c2dcadd48b0504756c5041c476bbc4fd287de472ec92d31790eea8cf9f0e89ed1dd5da7362f17408f99e09ec0425bd98a6406cfae0fa8b00d6020d3b89dda2205bc770b8e7f092edf72c5d5af52f0b0cc9667038ca1e0e831bf0801fdc60bd73883d05a8835734d8d3b18ecc181e09a83a3413ee8ec6c04a62050633547d3e9022223bca6abe40243e42f2ff7f0fd2421dac30a69a0934d039f30a0959e9285f7360fd13b6a4fc56ca9e7d0d12889ad2447e26ee45fd471172bc195fc39d9fd087e9200d8c8df890cfcdec9da2441c15f4326169bf4a0b8063c0aab9ecdcd879aefad051a3038924e9dffe20376fb93bea3e2194233acdeb7b6c07454da236675aa1ff9a04aa88410f538bff7c4b2d149754c8c0d83df24594e1a73b009213852283e00ae55a01231e920657becbbf72e03416f22c3fd334f9b0687044f866347028781e6b95cf8ac4748addc8993635c6dd29ed4d6be054fafeabb7dc718a519b578f2471d8d5043c99d03cdfc96713cec09965d2078f6ba297ff4f0337a8cf4af64b40ef9eae311e6d28a52361fb92dc8abe78a9b2b98b5efb7aeb9e7220d50e8dc299103692b21bf04963f2262c86722ddd4413fc4dd9f0bf6eba6a44e88be15b37cec916517ffbd8008c8c93c39d95cb9b23aa044df010dbf47dfe3f6c32e215132c67f230b232d988c165d710520c62f38eb7987ebcbab74804f452ca25c21e25c2a734e7f5c8fe8546f5875f44d6259489584c8946a8d6c514c2854c0c977d513c34de92297de12de5a77cc83518db4007b737f17f8ff548d4245585af82d899f81eb6a0bf78356df7cdbf4f91b9f8a8d6c217fabbc4da45c2f2ebf9f91264b1a4e251d15ca53cc32273a17eb2df8fca6bc744f065e2d5697f3b69b674f9a9440c5746108909bc83f364c0d04f1fb7e13c3b7aaf74431ba8b282d582475a4d3396693ca0a0b7ac56701aa98eea3b7ec69cb71ec9aeb29c0015d4bf99a4c387d660ab58d5119b8f8b76c873fd12c00539c6959960b385020b5509bb23e5bfd18605e1fa288c3303db638dd07189df12cbbd35acc26aa53cd2d2aa8e3693c2f986aa33b3ef494b37c45a8d8f251ea3f90c6bbffe565aa1e25e58d48567e72e0623210740ed590495746768ee9b403f08d71076306ef5ea28ab0ab28ff6772ff93cf31b306ceb5f8e157033ed916fedb47cbd22eca22c1b7f7aabaa0426aa43a982ad714a68fa1f40d9b20e2000815deb3589d2e497763e5c77d3b487269136bf8abfc5c8781f07f92d184aeadca6a9009b603c2a8b0a39622cc8fbdaf5407787c64cc1faf563f8cde9614bb91b5924742a81025991ab9f635432f194fb1a31baa338758c12f64882c8efdf3bc368755cedb8682ab487b98ace9ebe613338090b46295543ca7f20bda73ec6f54df0707e5a3fb89b757777bdef69e5aea58007a1bbdbf3d85eee5aee90c4f8d714b8c1904d9aa6719deff8b9e23eaf661b0669ebc7c582117e4232b26edaec98130da2b939dd2545410e25090362a6d5117d6552354f02a6e291cf72ea00e1d2d1f2da1387f49b89ed2792978309c30e03638e137713f20ae27b2a90b66032f9490ccfd822eafa0a9111d0d4659c475a3c980eaf276a68750e15575c321f408ccc4f7c86c731e7b738080440cd417dc09a6f7f42f8ba26ece9f33f9769fa884b7cbf39106e9864bcb6ba4e3e80ec5d35b22dbdd6291cd2e3a636e86285d7d46057ca9a0c266a8d75f205cba202045995a0cd01c959450e78b3ce343d8e335f8eb052effa378193f4b80d8ac9603a04594ca84da414c37c693c3d13de2e0a036488d10ece3e62fabd87018a5b047574928be84097f0e8e38b93297f7430baa29c78db1b93a26d5ee2c4f3444e176896108dc2ef38bf2bc74dc17401f07c9133285ee090210f7aebc50197cea245949f287694fc50cdbba88ac3385f66f20098f81cb75c8a7f37125865845d78f99af59ad06702e2f93a3be753a5a7454bce7ad29a6ba0d5cf9d9ac76af84df266f4af4703ec38b979d2725492878629c1012f0f307813fc002b96c9090572ba4303feaee5b068cbcdefe2cdb6c60b17f09f1c5dc70018f36ffc017a59e48350364a6f0b019e7a24bbec22f584f9fef8ba4cef263c59cdad39957f8982ed2061067a1e54df27daa637098c9968b0db743aabf32fa2611c7835172d0e14db9078011faf0e8eca9ba206a3ff0db3cf94534ae3a147faf1353e506913a8035ca44e12ef2be5c481e651cd07a12951f5b0fb7cde6dd410fe41397877b74cc54931f16a623fe8b866824c0cf3433ab36c866f674e7bb3d1383549fb743d467acbf231959176a40e769314500148809a9846cc53d63308a883204cb02e8f7ce588bebab7e2a38c5fffbdd624c2448d593a6b380358c77149de0fb0ae056c5f7c352f1933940f3262be8b8b0ff236793423a6291a75fd47bba5989ba6c7ea73df979a60b437f948f5c5bf305dc8611f8fb140b57f86c72b4a7e154166a3a36b0d894acc3a281d8995ab9cc6575072698cb2848a5b8ec58b041838494e9bb63353a6ff6c6097d1b55d60473585180ad344fd4e164fe58ff6d928c6b20c8419f1137f619657947952150cca9e735ee1c766379a3281626ddc38b47c1dd3510c6936eccf11358127aa7c5ea2560cf4e0f379e917600b7dc6c8b9b734b0bef7b0ca4c3dc78ae4ebd0f79c21d03622eeffd06fea4022fc382def8f1a1a3581bee41d83eee65e24e9e6b0db87bbef68876c40f0f7792b4bfb1af27cf020cd510097562527dcb0cca2713e16463ecd7c56802f97cbac1129cc8c2be9cf490ab2224a9c0d919c9fc41010ddaece9881c5d2af4e2986dcd63f3f1a93a4969b7eddf88fdc07cdb3b7aa2ecdcb0783279f13d8f835f293a30bcd69374e01a9a79cf1ee298b6eff6cc79e5a2dab3b6cd4062921697d095ecee00b7ce598b56653a731968254b7c85d7460aee08185535d72ae3f899efb02682bd346caa5bbd2a9f433f2d864b496a890bc9fb74cf4135ab3276ffa651a0260f9cd28a0ca0b98c6d77d29f2f5df0a51288faa7c558355693b64be056499d081026e8633dbf8d150209f3697032d14385312182df271657bd74d22d8460334ea532c92cdf7bf1cc134672fc4219a22f8d38d8bd3c368ff3c2dc0944b4ab2ab9743ff486652764b803a31a99cfafb8a0d31a290709a927ce3990c0aa2e534445df075f728b950df0b58b0455f84d6d83194c8d2cb7a83627cc0411285e90672f5b700719017a90733d5947038647b21acd6afdc9b9a0c9d34b79f28675daf0528873d9ba1e950c3f88ace13a53914a3cf7327f4b5db6e7496a16fa2a60206088ddd0b27da3b0faa94b41641aa872835cea253e0c0505158a8f144b65c65273921041f721acb553c5ca94eed934e1c097ec191aeddfe3a42de5bef77fd47f32d20a10e0f91458e5a1775cf7eaf18e40b66d8a6d7e848d8b37fc37f810e0d4ab746b9c58fe456a6ed834f38498c1f32c2561fd4543d4a565172ce2948233e0ab182f44154549d7a9daffb25816e97787a267c3fd03002744681a3293179fce54bbcf979d07fffa4bcb26547f01826d41a9282da5ca7f4311cbe63d01c96408c40038d8fd3d5386aa43fcdd0e878ab10e323c26981bfb65de7d4b02c24afd0301732c6a33bf875694597f6d9e9c464ff4ba4ec974e6940a7e955ce6d6d61cecff189fea232886a7209f364a9ff7eaddfb9b037fbc8f2d1ce3739a89d0e87ad1adb419c0b8b3ec209f8f5aadf6e31bb649400bf5e4d1d5628294275cab85aac9cdae97a4e774793548dfa1fe271cca5005091815ffe9126a8dbccb5b5591d9a1b5c274a1f617da42b72b7a3b657f5b293e347f3497ccce86a0190aaaf22ae9621a3cc1348752e48d32d38efe81c4df2486bda029ecdb9e7e2e3d904a92ae5f868098c950273ac38d3c47720e9b044a7011d9ecf0197d2f1652083ff8820461b6bce7dcf15a8546710f2411593944e20637523911953974e27a6d1f0621c332b46a827130adfd42601de121659b92fab5a4d58e55713c69af24cdea3f17cdf08b94d3c1ae3b007ca1fa3320603bcf238a6f18642d16dbd1bdceeca44872fd88520c570c0b99be0abe9020cde28d572f2cec7a1e168a7253b5f3ea094c346cbe0c08d2b4e5b00266e2a20b400996fe17f405c5e117f0452a617fb3f59b28873d2bd9e2d9cb92a3990d13d8fe2f76fd035dfe9fe7b3adfb1defcd473fc6a02bd2cfbc4e7676554381224b6aaef884270ba9f90655dc21673589bb1792857d564311f791ce81230133831fa59a8835833c9f3ded2237cfabc84fc5397f6a1e7bd8f6e57d7544ef5fe89dee87fcc39043f78edb1de421352e2aac893c06a6db6d258e1f67974f57de111ebd791f771d0a3bba57d2466f34ad2587c83814b47d3b604e70736d2c5d7137b47b4a226a419a3b3235bc016778bb438e6de17022299fd8e78ba8f0626b6a627c00cbc9b3cffdae9784487ea4269423e83bdb238f2d8a5b31a018e552d511c8e70f7257a7e97bbbb2c7579c29cc450ce578fef117dfb3eb160ca5b0054076ed4a00b6fd9593136438c7dd62965bc0bf7c81ae62cf18f0cfb0121760a066991cbc7f27f536a9bce11b0fc8445a482ba604b673c6597e2ef1d95890ab3d50"})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r9 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000240), 0x800, 0x0)
ioctl$PIO_CMAP(r9, 0x4b71, &(0x7f00000000c0)={0x0, 0x1, 0x7, 0x7, 0xc4, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0xa8, 0x0, &(0x7f0000000640)=[@clear_death={0x400c630f, 0x3}, @reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000280)={@fd={0x66642a85, 0x0, r3}, @fd={0x66642a85, 0x0, r2}, @fd={0x66642a85, 0x0, r9}}, &(0x7f0000000300)={0x0, 0x18, 0x30}}, 0x40}, @transaction={0x40406300, {0x2, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000480)={@ptr={0x70742a85, 0x1, &(0x7f0000000340)=""/163, 0xa3, 0x200000000000002, 0x14}, @fda={0x66646185, 0x5, 0x1, 0x34}, @ptr={0x70742a85, 0x1, &(0x7f0000000400)=""/99, 0x63, 0x0, 0x15}}, &(0x7f0000000500)={0x0, 0x28, 0x48}}}, @acquire={0x40046305, 0x2}], 0x0, 0x0, 0x0})

899.971316ms ago: executing program 5 (id=2654):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa0000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x2, 0x5, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2], 0x8080000, 0x1144})
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000000c0)={0x8000, 0x210000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xffff1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1, 0x22052, r0, 0xfffff000)

710.208938ms ago: executing program 4 (id=2656):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x101b82, 0x5f)
write$cgroup_int(r0, &(0x7f0000000280)=0x900000000001, 0x12)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000003c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r1, 0x40485404, &(0x7f0000000180)={{0x3}})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/rcu_expedited', 0x161b82, 0x0)
write$cgroup_int(r3, &(0x7f0000000040), 0x12)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r3, 0x80585414, &(0x7f0000000400))
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x1})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r7, 0x84009422, 0x0)
close(r6)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d3, 0xffffffffffffffff)
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000140))
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000ebffffff90000040"])
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000000000000c90900000000000001000080000000008f030000000000000c00000000400000c6c2c7d3aad0853b6da3674e15f875170000000000000001ec483d11d2ce044b8a24a1ea8702699f080c37da4812ca8ee6ff239749ad2fe0d40114814d1d"])
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r13, 0xc008ae88, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000dd010000000000009003761144162c68c263d4fc9fb2d085000000000000"])
r14 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r14, 0x4010ae67, &(0x7f0000000180)={0x1000, 0x12000, 0x1})

644.47949ms ago: executing program 2 (id=2657):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x44a200, 0x0)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000080)=0x1)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000598000/0x4000)=nil, 0x4000, 0x9, 0x28011, r1, 0xc1211000)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x8800, 0x0)
r3 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_access(r3, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x102080, 0x0)
read(r2, &(0x7f00000000c0)=""/92, 0x5c)

635.29978ms ago: executing program 0 (id=2658):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009702"])
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x1fc}]})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./cgroup/pids.max\x00', 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000340)=ANY=[@ANYBLOB='-', @ANYRESOCT], 0x6)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000003c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r8, 0x40485404, &(0x7f0000000180)={{0x3}})
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_DEV_INFO(r9, 0xd000941e, &(0x7f0000000600)={<r10=>0x0, "dc20d6abe6ab14e5ee025ff7b622735b"})
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r11 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r11, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r11, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r11, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r11, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000001740)=""/192, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(r11, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_RUNNING(r11, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r9, 0xc400941d, &(0x7f0000001600)={r10, 0x0, 0x9, 0x1})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r9, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$KVM_SET_SREGS(r7, 0x4138ae84, &(0x7f00000001c0)={{0xdddd1000, 0x8080000, 0xc, 0x4, 0x4, 0x7f, 0x0, 0x6, 0x1, 0x6, 0x4, 0x8}, {0x1, 0x8000000, 0xd, 0x4, 0x4, 0x2, 0x0, 0x9, 0x26, 0xdc, 0xe6}, {0x3000, 0x104004, 0x10, 0x7, 0x4, 0x2, 0x6, 0x5, 0x8, 0x10, 0x9, 0x49}, {0xdddd1000, 0x5000, 0xd, 0x6, 0xad, 0x46, 0x4, 0x6, 0x4, 0xfb, 0xfe, 0x80}, {0x1, 0x5000, 0x0, 0x7, 0x8, 0x0, 0x3, 0x9, 0x3, 0x6, 0x7f, 0x9}, {0x33322000, 0xeeee0000, 0xb, 0x5, 0x6, 0x9e, 0x0, 0x4, 0x3, 0x0, 0x1, 0x3}, {0x1, 0xf000, 0x10, 0x7a, 0x5d, 0x6, 0x0, 0x32, 0x5, 0x0, 0xff, 0x80}, {0xf000, 0x80a0000, 0xb, 0x0, 0xb, 0x6, 0x9, 0x5, 0x8, 0x9, 0x10, 0x4}, {0xae7ecd1f45689737, 0x400}, {0x4000, 0x6}, 0x40009, 0x0, 0xeeee0000, 0x210000, 0xc, 0x100, 0x8080000, [0x3, 0xbe, 0x2, 0x3]})
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000580)={@ptr={0x70742a85, 0x0, &(0x7f0000000040)=""/77, 0x4d, 0x0, 0x32}, @fda={0x66646185, 0x7, 0x0, 0x16}, @fd={0x66642a85, 0x0, r9}}, &(0x7f00000004c0)={0x0, 0x28, 0x48}}, 0x1000}], 0x0, 0x0, 0x0})

629.27613ms ago: executing program 2 (id=2659):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0) (async)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/wake_lock', 0x141a80, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x25, 0x0, 0x0, 0x8}, {0x6}]}) (async)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000019000048000000000000000800000000000000192c8666a8"]) (async, rerun: 64)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) (rerun: 64)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000140)={0x10020, 0x3, 0x0, 0xa1d8, 0xffffffff}) (async)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x8, 0x200], 0x10000, 0x200202}) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0xc028ae92, &(0x7f0000000100)={0x5, 0x23000000}) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000b3000041000000000000000003000000"])
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async, rerun: 32)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000040)={0x2, 0x12000, 0x1}) (rerun: 32)
write$cgroup_netprio_ifpriomap(r0, &(0x7f00000010c0)={'vlan1', 0x32, 0x39}, 0x8) (async, rerun: 64)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000000)=ANY=[@ANYRES16=r0]) (rerun: 64)
r8 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r8, 0x40087703, 0xfffffffe)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x800, 0x71)
ioctl$KVM_TRANSLATE(r7, 0xc018ae85, &(0x7f0000000200)={0xeeee8000, 0x4, 0x9, 0x89, 0x1}) (async)
ioctl$FS_IOC_FSSETXATTR(r9, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2c1)
openat$cgroup_subtree(r9, &(0x7f00000000c0), 0x2, 0x0)

505.898522ms ago: executing program 5 (id=2660):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x280b23, 0x0)

423.646583ms ago: executing program 2 (id=2661):
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB='max=0000001000000000000'])
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000080)='blkio.bfq.io_merged_recursive\x00', 0x0, 0x0)

418.628533ms ago: executing program 5 (id=2662):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.io_queued\x00', 0x0, 0x0)
ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000140)={0x3a, 0x19, 0x9, 0x3, 0x6, 0xe79, 0x0, 0xb4, 0xffffffffffffffff})
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f0000000080), 0x400, &(0x7f00000000c0)=ANY=[@ANYBLOB='non'])
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000001b40))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000015c0)=ANY=[@ANYBLOB="0100000000000000044d564b", @ANYRES64])
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0xc80, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4, 0x4000010, r5, 0x467c5000)

400.229104ms ago: executing program 2 (id=2663):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x6c00, 0x0)
ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000040)={0x5, 0x3, 0x7, 0x6, 0x6})
ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000080)) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='memory.events\x00', 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/custom1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x100a, 0x3}) (async, rerun: 32)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) (rerun: 32)
mkdirat$cgroup(r3, &(0x7f00000001c0)='syz0\x00', 0x1ff) (async)
ioctl$TCSBRKP(r1, 0x5425, 0x0)
ioctl$TIOCGPKT(r0, 0x80045438, &(0x7f0000000200)) (async, rerun: 64)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x7) (async, rerun: 64)
r4 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x6b00) (async)
close(r0) (async)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x400000, 0x0)
ioctl$TUNGETDEVNETNS(r5, 0x54e3, 0x0) (async)
ioctl$TCSETSF(r4, 0x5404, &(0x7f00000002c0)={0x7fff, 0x80000000, 0xd00000, 0xa6, 0x1b, "d45d18bb7939f706e83964739cfb5bd402a547"}) (async, rerun: 32)
r6 = ioctl$TUNGETDEVNETNS(r2, 0x54e3, 0x0) (async, rerun: 32)
r7 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x100000000)
ioctl$KDSETMODE(r7, 0x4b3a, 0x0) (async)
write$cgroup_type(r1, &(0x7f0000000300), 0x9) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) (async, rerun: 64)
r8 = mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x3) (rerun: 64)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000004c0)={0x38, 0x0, &(0x7f0000000380)=[@acquire_done, @increfs={0x40046304, 0x2}, @clear_death, @free_buffer={0x40086303, r8}], 0xf5, 0x0, &(0x7f00000003c0)="7a5d4f663e40167ea28be1009a98d780eef624bc48b61ab9fbf6a355f4bee3cc3bc47c93b17730d15713c930e3e11e229503cdd0869cb168c031ae4b97a72c0ec911e2f1aee93589f09a5a6da40f00e54311c2134dd35c7054b8b7635b5ce470462b14a89929266ddc245352bcea6f5c2cb84f85b29209eac3a8dfc96969bf8ab5a5dbf84354a4c5b93c42858a16ee85106b3b4ed21dafb029176822393036062fa340c9072d0eb77f88a06cb1cda08b125e2406dc7a2e6d855a54bbcfe024c736870dd136b12acda6bed91e017af7a45013142d41e2c44596ffe9ac734d31c2010a884eb66da0aedd5dc02e8fc684603d6748edf2"}) (async)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000006c0)={0x3, 0x0, &(0x7f0000000500)=""/139, &(0x7f00000005c0)=""/119, &(0x7f0000000640)=""/69, 0x4})
r9 = syz_clone(0x80004000, &(0x7f0000000700)="9d3b2f1a712a565ea8620285889eb68a08cfacd861882430ff86bb4387d7811ca4d3d9287c1c7957f4e1102b2ff4bf36595c418cfd0f71158addd137791d6fb43b5d1e218596478a813f12e04e443b3590691c6bdb7d8785812cdd921c398a99da5ca644e4c05fc13d286abd4db6e037c587ee1ffd20888a10b5a0b87661dce013a6a8ad578d9cc9b60b56aeaf45bd9b94a0c94b70a831b6df224dbbfdd6cca7f65b7409329ea77006004ee3e0bd33dadf6f3fc1cc64473ccd358e6dd58961a97f17ac4b9c6e1e499d9be0cfe48107d6087776282be9c62baa79", 0xda, &(0x7f0000000800), &(0x7f0000000840), &(0x7f0000000880)="a1c47e5efadc07c12da2c7c778ac0bb85b7726e9a722534f6fa000a574b636faf6381e9d2b6e62777c937c57367c51cef482970b")
write$cgroup_pid(r1, &(0x7f00000008c0)=r9, 0x12)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r10 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000900), 0x100, 0x0)
close(r6) (async)
ioctl$SNDRV_TIMER_IOCTL_START(r10, 0x54a0)

304.355115ms ago: executing program 2 (id=2664):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000002c0)={0x2, &(0x7f0000000040)=[{0x28, 0x0, 0x0, 0xfffff018}, {0x6}]})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x5)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000080)=0x9)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x7f)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"])
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af03, &(0x7f00000001c0))
r4 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000001c0)={[0x1, 0x6, 0x0, 0x4, 0x10003, 0x0, 0x400200cc4, 0x10000, 0x4, 0x0, 0x0, 0x0, 0x2, 0x1, 0x6a, 0x8d], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000400)={0x4c, 0x0, &(0x7f0000000300)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x50, 0x0, &(0x7f0000000380)="ec5879bcae4ebf1dcf85134d8b5e05505209abff506d2f73957fa39fbdbc84a722e85b7aa2dd37976eaa5b831df72f213796242fbd571621cc5d7cdf0257b01ea7a5119e8f9d6ed2b82920a14886fc0c"})

269.090895ms ago: executing program 0 (id=2665):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0xb03cdf087638818c, 0x3})
r1 = mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff)
mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x0, &(0x7f0000001e40)={[{@stats}]})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000002500)='./binderfs2/binder0\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000005000000014d564b00000000af"])
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
unlinkat$binderfs_device(0xffffffffffffff9c, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0xc, 0x0, &(0x7f0000000000)=[@free_buffer={0x40086303, r1}], 0x0, 0x0, 0x0})
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0xb03cdf087638818c, 0x3}) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (async)
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff) (async)
mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x0, &(0x7f0000001e40)={[{@stats}]}) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000002500)='./binderfs2/binder0\x00', 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000005000000014d564b00000000af"]) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) (async)
unlinkat$binderfs_device(0xffffffffffffff9c, 0x0) (async)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0xc, 0x0, &(0x7f0000000000)=[@free_buffer={0x40086303, r1}], 0x0, 0x0, 0x0}) (async)

231.514406ms ago: executing program 4 (id=2666):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000196000/0x1000)=nil, 0x1000, 0x0, 0x840000000000a132, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xbc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r4, 0x4068aea3, &(0x7f000009df00)={0x79, 0x0, 0x1})
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xaece, 0x2)
read(r5, 0x0, 0x0)
r6 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x8010, r7, 0x3000)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r7, 0xd1383000)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r9, 0x4018aee2, 0x0)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000080)={[0x2, 0x9, 0x7, 0x5, 0x2, 0x9, 0x3, 0x4, 0x6, 0x59, 0x7fffffffffffffff, 0x101, 0x7fffffff, 0x6, 0x0, 0x8e85], 0x10000, 0x10})
mmap(&(0x7f00003b3000/0x4000)=nil, 0x4000, 0x1000007, 0x13, r6, 0x0)
openat$ashmem(0xffffffffffffff9c, 0x0, 0x280, 0x0)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r6, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r7, 0xc040aed5, &(0x7f0000000040)={0xdddd0000, 0x102000})

184.430967ms ago: executing program 5 (id=2667):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000040)={0x7, 0x7, 0x80, 0x200, 0xb, "65e11e03b4d62590c007a44750ce7c6c87df4b"})
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000080)={0x6, 0x0, 0xffffb4d0, 0x5, 0x2, "0e5b632d3b4715db3e0292fb6d3627f01f56c7"})
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) (async)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000140)) (async)
prctl$PR_SET_MM_MAP(0x3a, 0xe, 0x0, 0x0) (async)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, 0x0}) (async)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000240)={0x0, 0x1, 0x0, 0x0, 0x0, 0x2000}) (async)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000002a40), 0x200, 0x0)
ioctl$BLKREPORTZONE(r2, 0xc0101282, &(0x7f0000002a80)={0x10001}) (async)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/custom1\x00', 0x800, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x0, 0x1, 0x11, r3, 0x1) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000500)=ANY=[@ANYBLOB="0100000000000000dd010000000000009003000000000000a61fe03fed9ce6fe4a79e9a26a43a2d1723c4b306f789c5aadf6dda8c92be3a835d70ab6c3a633a06ae129ed53a391f60036a67b4e78cbc078753f7c54ae723658bf6b2e46b59bd7e5c2bbc9111c2dc759e80043d985bb3b74c9444ed172288f9fc925f85f54fcdca9037cc745b47c93971bc2a347c6dfa07725d2cd10f3a4b6b38640cb1fdbfb14eb102f9a51808b254d398fee38b139a67b1fec1f"]) (async)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2/custom0\x00', 0x0, 0x0)
r8 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000001380), 0x101100, 0x0)
syz_clone3(&(0x7f00000013c0)={0x240040480, 0x0, 0x0, 0x0, {0x25}, 0x0, 0x0, 0x0, 0x0, 0x0, {r8}}, 0x58)
r9 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r9, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$FS_IOC_GETFLAGS(r2, 0x80086601, &(0x7f0000000180)) (async)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r9, 0x40345410, &(0x7f0000000cc0)={{0x3, 0x3, 0x1, 0x1, 0x9}}) (async)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r7, 0x0)
write$cgroup_int(r8, &(0x7f0000000040)=0x2, 0x12)
write(r5, &(0x7f0000000400)="5c415263508ae32ea959a917971fc02c3d199d5da1dc7a0093992b65ee94c64f45afa91b880781afff8efa025afd08fdd6259f750196b9f7c7daacbdefbed5b044a862943f09ec9336b8bb8e93d698c8b58dfb2280bd3962bcf0a4b8e277efae570f2ca98a6484b7e130372498b8d13d9099a17c1f00dcbea915781d5d5b3c71f49c573ba9f1e35df3ebc106a258fff4720d4dfbdeeb210f5bb7ee0989b064c895df969c6069eed73da300ab06736644ceb0446fd676e6e48ee9bf95afc5a10fd1332e8485fc204a1eb689af66f1fa50bcfe83699302b0e817f2b6a8", 0xdc)

111.340958ms ago: executing program 5 (id=2668):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f0000000000)={0x8, 0x0, [{0x40000001, 0xf4, 0x0, 0x987, 0x6}, {0xc0000000, 0x982, 0x2, 0x4, 0x4}, {0x2, 0xcf, 0x2, 0x0, 0x1}, {0x9, 0x9, 0x3, 0x80000000, 0x9}, {0x80000001, 0x10, 0x3, 0x5, 0x1000}, {0x4, 0x5, 0x9, 0x3ff}, {0x1, 0x0, 0x1, 0x9, 0x1}, {0x40000001, 0xbe341ec, 0x8, 0x9, 0x6}]})
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000100)={0x10201, 0x0, &(0x7f0000ffc000/0x4000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f0000000140))
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000280)={0xb6, 0x0, 0x8})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000300)={0x2020}, 0x2020)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000002340)={"fde2ba128abd1f0523bdcec4f8552d0e30f110342cb13b674dbc72083a8d6d70449e3ddd419301a668d86074d37fb2942029b67aa6133d85d05bb91b6075045ab1609c864c0079b3f7f421462fa8ae2e38586976efb320f47af8765d230b95ff6f6952a1900e676393e3ea2387c48b02357f899108cddb7130ec61313e0eb81f8cf3c1c494f67764a8ffc246ceb86159159b611bcf1a554f1ff17eb21ec470945c4bca9075eb725c1fc1e20581bb26eef1e06d195a2c6e8500166da3bf8b8f0b0ad65988d6ede3b1a56218d7bf1face909d6ee884ca66c4360252ef28cb13906ccc25bb29f679ef02125d3bc6615281323c1e8684ad65ef6e0e942d5a010f11efa0c8bf01565a5738588b3683df09f41c3729c945bb66d8e3f9d0be1c17d6f19d9c2abd629d06aad8ba5b4c212934550e4e45ccb48cf3c13093013da36f0c794813fd79d655317df2184e0770219203c3c271b1f8c76cae789a7dba52ea9c8d7c0b692cd34200014121602a4f7fce1e3bf1a6f14904536574deae1d061658a43b5a83a81d5b0ffd52c9e1ec969cf78b54f32aaf695c683abbab85b7452da0dbf398d5fbe8e40e76f4e7b7df2069fc5f74b929e7053bb9eaac9b49a37ec3bc4c26e1ae477902ac44383edce6b665eb9d990a8662c0ba6c8f29906da9b41ef1fd5cc01a89b51e16ab927990b8e77276275f1b13143fdd9962bbeccd01f3197792def88ce78eb63ee2ec72cc659049be5704fc1289989195a1f3050a3c1527c26206ea5a0093a58fac001965154e4393c44555338ae94d5d6cebc106b0825cf6f9b1f3ff75c8348f54c4855102051ff0dbe3d112f8b1dcccc5f332b551204db231e1ef63aa5dcac7beea5586cd3fa5bb7f9c8d0ebbf7f6f874ed1851e3c32646c2581fcf7b0a792eb9e2fae5fb44f13f9ab6d6c23e0941236d031e5ba7e3f6d2a2a15ebb8f6f70f797b9fdbff8a1c01094617a3034e71ae346167c5d9a1fe9b9f35609d342f7ebb1f328db3d721fb783efa42f8abec446b9cf42fe41e0c791e7e46cd516cfa23830a71f15c4ca854a34835712d1d77b6a63089aba54b2953e8bbbec1bc42a72f7036b5eda0d151db57866b0d5da128a459e9ee4534cf86e593a7ef47a84aff866ccaff81482763e0fe6630f65c2eedafa79b5be52f88de051e3f0806b005d71533c5f8f48fcdd21e4ee2935c07a74133e13ed5368a2ab131431e07cac80245f0c33f52e7e6949303a41ce790bb8b955b4a3bba8bb1392d51697590bb73a61490e91d13f4854731d077b4500adec74080e4a5f5ce438896a417a87aea45098834acf15754115dbc9860aa6652300b456cc2f703237b802d34e5d9c9fcaa70376f72c34777696ad19de07e5e4fcfb2c474b4126c1c6f83398685bcf3a27c79819d4441c8934eae88dbf2d4cd79774802c0a72ec4294cd09f83616282"})
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000002740)='/sys/power/resume', 0x820, 0x118)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000002780)={0x1, 0x0, [{0x80000008, 0x6, 0x1, 0x10040000, 0x3, 0x4, 0xfffffffa}]})
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f00000027c0)={[{0x8, 0x7, 0x0, 0x4, 0x2, 0x1c, 0x7, 0x1, 0x7, 0x9, 0x4, 0x3, 0x200}, {0x3ff, 0x3, 0xfd, 0x0, 0x0, 0x8, 0x1, 0x5, 0x8, 0x6, 0x6, 0x3b, 0x5}, {0x6, 0x800, 0x7, 0x0, 0x79, 0x63, 0x7, 0xf8, 0x2, 0x5, 0x2, 0x1, 0xf13}], 0x3})
ioctl$KVM_GET_IRQCHIP(r3, 0xc208ae62, &(0x7f0000002840))
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000002a80)=@arm64={0x2, 0x20, 0xf3, '\x00', 0x3})
ioctl$KVM_SET_LAPIC(r0, 0x4400ae8f, &(0x7f0000002ac0)={"e8c02654edfcde2273e7614c2596168a55ef03892fbd5424ec8e10553bd182c9c2f306fc1613f2e8f7284b64b8cbed88e5765abbe7bb1e746d89b1f06bd9bb0b3ba696b47be9ca376eb05fac69f131acbbe2d46fdb38446e2dc84a67787490951db4b9a0ad8e5fc1ea9452f30b173e2705b4a40f84e72332322da23c4d94bda0e5ff7c991641fcfad9c40ab51a13c87714ea5a10de2288003dfc552185a212c8ebf4fa1b6f694e91ba852a69850b09664da06c6f1ac476da01093d464a20570bd27955a42596fe8ed01e3476e7afb066776cc69d0f574a045f64ee1c17367b3059f3bf3bd966b27b5ddeb7f11bff83fa0b28305fb2d10868a00875ea9c90f1879a6f1df9154cfbcf4c3b7ea9350192e429c8c877b5199241f08ee7cbd4fd55a32a6fe4897b04eea78d89faec68db0667682f2a9fa9eb699837568c51c09d344088b9a88c5adf3aed8ece4ca6e129d9c073cfd750eb6fec7be3cd34237018ef9a4438b5f09a5bcbe9903dce4c645da3dcabd12282940f1abe0dcd04f67eb3fd4e51ca3e314049ad11893d69f31953b1242e92ca608d387ce761909e2e15a980c8b727beea12196d11766fea9f00e97ca97ac1da87353f90a392c6aaad13a96da122cc6ac8fcf1ac69c2b1a698d5999be0f7b11cf08c8f85a58591b3010d8d4be5707d6c20e590b1a165b3a608993b09c8b18a1d1f013775464f7252653ee8ed79002812ea9020101aa3c3d61513737d921442ea43bf34a956bc4ab8c388fe997f4c77086dfd45c4e4c3f037990d7ed08b6fc3ccd1ba5a1d8b96eb564be888f55bca4e69b3a551e44249f8a54ca4c4d641dbbefe09db718e60ec32dbb5e7fc3ac2819924c44dca925f63441a5ab986a3448a48c2e4adee7fb877a0930a1de72665d0b2cd399587f812e65832bdc16c3be3c4ab8525ec5fbd1a9b3b2dd5cdd55eedcbc44745495770eb97c13c072046553cab8c96992256879ad9c0d76314917e9a5d3462881595017b38e5b9b6c451d17255c6dbeeb01f23de9665eef42d923a80e0744b3231898a5f6a8f47cd14d50560d0ca8d4a426d91ef9dbad52cabac04f4bdaca58c884fc92fcc79dbd771474f3a1a6c982cae07fb1124e00920366a7f500c69e60fd9bec37a74f0c19f72386510ec121517c447492448b10d4fcf88af2a7f2fffa5386dd57b6a4edc724b6b830183fbad1c85adba844abee242dc954c70b1f9b71455d740da9b6bdb10b779e0638a4911d9dedf0c82ee4a0fef570e2acdb46fd13de89b950d41718dfbe5244f8e95fb517724fe1f306873a9f25bf5acc49c6d37e005264d4be9e7e10ffea696d2bca21533b535d353b8cbe4ad200fe19a74607c30f4ee3f17d8a70d3bc0b86d2a6c80b6f6972f530e493ddb376ac1a0223d93f71b385e31ad1b00590747deb76813abd5d86aad70ecef08be5c76959dbd"})
read$FUSE(r3, &(0x7f0000002ec0)={0x2020}, 0x2020)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x810, r3, 0x54d9d000)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000004f00)={0x1, 0x0, [{0x5, 0x5, 0x1, 0x0, @sint={0x3229, 0x9}}]})
ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4048ae9b, &(0x7f0000004f40)={0x20000, 0x0, [0x7, 0x5fd8, 0x4, 0x5, 0x2, 0x8, 0x4, 0x401]})
ioctl$KVM_SET_LAPIC(r0, 0x4400ae8f, &(0x7f0000004fc0)={"83da7f1adcffaff6c9094169280ebf4db7313788839a7613529386397dc49dc80b3869176be06762fd47953798d3269e34c4546ce23645291e74a6b6b86bb22b23e71e3ddc3ab94c7d90413a677bfa9ca3a5a564cec3b9e47bf579cce849d626dda6cc822d5bf11e30da9907ad2c10dea3ccd149491d28d7f6eb4a57c835eb6f6794c2b3b3181f4971cd952b41af2eea4052513e37e273e6b441390723b2bfa671f4532beb4d5a8bfc2abeced753f506a4321eeea01ba376673a658669ad1b65528fcd0d0c5928d751a5dd809ec8942563aa7300f0c2c2944537a7ed3e51420a6035aa34ca9aaa17350c79a2ede6f3a29c7460e53ff0aa7c5768c70c808075b3a51d521ac991267af96d819279d60a08e106db03158a1b34a4848e8c280b509ce304a2e8823aafcbea926d22a559d45442eb9cf3617db945420aca8481a8c27dad5e9209dbb3742ec5b482e8284666974f7275b3382db2de4b9dc1aaad106e5692506a41d206a3be0ac84162b4ca58d4cd73788824438ea654042e51d392da30ed846645a9c64e1cc5360322ffd571ac27d4bf2e336a0eb778c5dcdf681de698ace0748ed22ffdab45e6ef55077cb90685295d67d7c026c5386d16aed795b06b9b41efa57c55bb0726e641c30ec483318da80f83a44035f4f14401d2f7c5b614044c1b7a852657e0efb6f56bb8b830fdddacacac5d240d4a77995485cadfb42061ba4aee3e72eb52f24017a0fb3a27018df67e06b618920227ad926e4f2df16540c78a0599fac858c96ce2d6aefc0105f60b655583bfb2f7ca188f9275d5bde3a43b187885198cd8e806d93daa65c52fa547f923891c3f0c34ede07c80e5bcea72cf8c52b2e7247be88c07e9b86d5e2687c9d8eddc4919f5529102bf275193630d368be4698ca68cedea3bc725f9300ef542f0497cefef6d916cedbc8db100949345129b69edb68c47ba00435a63ba8a3e514543518b1379a1beb2d79edea397ad51ab8bc2c8df57a0d275c4dbe87453386c8b39c3a42db2f3713d0af8fa33eac6505bc29bc489a6c2876f438125b0f766558a535cf80c0c2229bd191d775fa2f130d898f9b7af0a7436682cd9bfe658537fa8ea0ae1e8528d57c6804d16a079905a048b60dfefe3a8052d3136e353540fb3c77bc75b8f0d9071592127f007623ba1402fef2ed7e70344bb7d7869775958052057683095e440b0125abd20196b4df862c2b5af97397ab58059528bed9df14ed2a2dccd1cc80076182ff5080a412a2ab25a288b150488bfb4a818fca6d54faa2aed6223d2e896b76ebd6fe777dd6d874bccfcf11db52114541602f449500709f94bc91bcb012a0865ad54c9b94cdaa8931849f44a1e42e22167a1f7b3710b26dad0cf506e345bcf234856b51862d89eb234ff12c1f2e9f6933de069a65bbf857f8e2caa7b026c9f66d76068bd5c"})
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, r4, 0x0, 0x100010, r0, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f00000053c0)={0x2, 0x0, &(0x7f0000ffd000/0x2000)=nil})
ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f0000005400))
ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, &(0x7f0000005540)={0xeeee0000, 0xdddd1000, 0x4, 0x0, 0x3ff})
write$FUSE_NOTIFY_POLL(r3, &(0x7f0000005580)={0x18, 0x1, 0x0, {0xffffffffffff77a3}}, 0x18)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000055c0)={[0x90a8, 0x6, 0x9, 0x1000, 0x5, 0x7f, 0x8, 0x4, 0x9, 0x2b, 0x8, 0x9a, 0x3, 0x1, 0x1, 0xea], 0xeeee0000, 0x10100})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

52.205049ms ago: executing program 5 (id=2669):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000480)={'\x00', 0x3, 0x8, 0x7fff, 0x10001, 0xb, <r1=>0xffffffffffffffff})
r2 = syz_clone(0x10000, &(0x7f0000000780)="ad86db8f91f99014fdef5c746d26683049b239abf6ffef2cf3e4fe3ca11478675e0de441d957a77873102eaef86262ce2b440adfdc045fa3edc0a5254aa966d61bc8c09f026206a52c161d39ddb53a78fd4924efc9f93d95b7ddd8d11f357d50ac030b69e68276e286487f4995c45b3180f5fc3c770e3c4845012d8df7", 0x7d, &(0x7f0000000800), &(0x7f0000000840), &(0x7f0000000880)="1f227187d92b24066d7071439b1f21d7a42bb7ef07da7980bb2daef623046624637465f56be71aed4fd6e2f462fbfcc4374dc99d009fadf2641f5fac19a9cad4f8483fb265223b71c11bf11df4db8a1e2eec7c405a568c982046bf3b9f97aa4203bd81ddd0be542c1bab2c8a")
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r3, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
syz_clone3(&(0x7f0000000940)={0x18080400, &(0x7f00000001c0), &(0x7f00000002c0), &(0x7f0000000300), {0x12}, &(0x7f00000003c0)=""/138, 0x8a, &(0x7f0000000680)=""/200, &(0x7f0000000900)=[r1, r2, 0x0], 0x3, {r3}}, 0x58)
r4 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0), 0xe5, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x0, 0x0)
r6 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x8002, 0x1)
ioctl$VHOST_SET_VRING_ERR(r5, 0x4008af22, &(0x7f0000000140)={0x1593588d26620172, r6})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f0000000280)=ANY=[@ANYBLOB="0100000000000000030000000500000000000000"])
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$KVM_GET_NESTED_STATE(r5, 0xc080aebe, &(0x7f0000002200)={{0x0, 0x0, 0x80}})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r10, 0x0)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f00000021c0)=ANY=[@ANYBLOB="632cf0ffffff00"/18])
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r12, 0x8010aebb)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

636.97µs ago: executing program 0 (id=2670):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r0, 0x4010e501, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
syz_clone3(&(0x7f0000000200)={0x200000400, 0x0, 0x0, 0x0, {0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x4000, 0x100000001})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mount$binderfs(&(0x7f00000021c0), &(0x7f0000002200)='./binderfs\x00', &(0x7f0000002240), 0x2800004, 0x0)

0s ago: executing program 2 (id=2671):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000080)={'syz0\x00', {0x4000}, 0xa8, [0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf8, 0x41df1fd6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc], [0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x3, 0x0, 0x5, 0x0, 0xffffffff, 0x0, 0x4000], [0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x3, 0x0, 0xfffffffd, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5], [0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x8000000, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11)
ioctl$UI_DEV_CREATE(r0, 0x5501)
write$uinput_user_dev(r0, &(0x7f0000002c00)={'syz1\x00', {0x9, 0x33, 0x1, 0x5}, 0x11, [0x9, 0x7fffffff, 0x7, 0x7, 0x6, 0x7ff, 0x0, 0x0, 0x0, 0xac8d, 0x9, 0xfffffeb4, 0xe6b5, 0x9, 0x8, 0x8, 0x1ff, 0xfffffff1, 0x7fff, 0x1, 0x0, 0xa, 0x3d, 0x7, 0x7ea79520, 0x7f, 0xb, 0x9, 0x0, 0xf, 0x0, 0x5, 0x3, 0x949, 0x2, 0x8, 0xf95f, 0x9, 0x101, 0x1000, 0x7, 0x1, 0x9, 0xd44, 0x3, 0x7f, 0x10001, 0x1ff, 0x0, 0x8, 0x6, 0x0, 0x7fff, 0x1d, 0x4, 0x8b, 0xffff0000, 0x1, 0x2, 0x7, 0x401, 0x4, 0x4, 0x7ff], [0x1, 0x6, 0x9, 0x3, 0x1, 0xffff, 0x1000, 0x9, 0x8, 0x6f, 0x4, 0x7, 0x5, 0x7fffffff, 0x8, 0x12f, 0x3, 0x1c765bd7, 0x273, 0x6, 0x9f, 0x448, 0x3, 0xb, 0x10000, 0x2, 0x5, 0x3, 0x3, 0x587, 0x100, 0x2, 0x80000000, 0x1, 0x2, 0x10000, 0x0, 0x80000001, 0x400, 0x10000000, 0x6, 0x1, 0x7fffffff, 0x9, 0x0, 0x10000, 0x7, 0x5, 0x9, 0x2c824684, 0x838, 0xb, 0x1000, 0x4, 0x68d, 0x1, 0x5d3, 0x6, 0x55, 0xfffffffc, 0x2, 0x5, 0xffffffff, 0x4], [0x4, 0x1000, 0x6, 0x8, 0x2, 0x35344016, 0x8e, 0x7, 0x200, 0xd, 0x6, 0x80000001, 0x48, 0x6, 0x80000000, 0x9, 0x1, 0x2, 0x8, 0x3, 0x19ee, 0x51ed, 0x7fff, 0x9, 0x8, 0x6, 0x8, 0x8, 0xfff, 0x9, 0x38, 0x1, 0x1, 0x3, 0xfffffef5, 0x7, 0x9, 0x3, 0x5, 0xfffffffc, 0xaec0, 0x400, 0xf39, 0xfffff8f4, 0x3, 0x4, 0x39d, 0x200, 0x0, 0x1, 0x2, 0x2, 0x6, 0x8001, 0x7fff, 0x7, 0xfffffffd, 0x2a, 0xb0d, 0x6, 0x7f, 0x200, 0x52d, 0xc], [0x3, 0x35af, 0xffff, 0x8, 0x2, 0x0, 0xffffffff, 0x61, 0x8, 0x2, 0xff, 0x6, 0x5, 0x3fffc, 0x2, 0x1, 0x3, 0x19a, 0x9, 0x9, 0x9, 0x1000, 0xff, 0x4, 0x4812, 0x10, 0x5, 0x54e4, 0x6a, 0xb, 0xfffffffd, 0x5, 0xfffffffa, 0x8, 0x1, 0x40000, 0x6, 0x6, 0xffffffff, 0x0, 0x4, 0x7, 0x9, 0x400, 0x19d28fd2, 0x9, 0x0, 0x7fffffff, 0x6, 0x6, 0x9, 0x101, 0x4, 0x2, 0x800, 0xa0, 0x8, 0x401, 0x2, 0x2, 0x8100000, 0x3, 0x5eb, 0x4c0a]}, 0x45c)
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x75a, 0x8, &(0x7f00000000c0))
read$FUSE(r1, &(0x7f0000002400)={0x2020}, 0x2020)
read$FUSE(r1, &(0x7f00000003c0)={0x2020}, 0x2020)
ioctl$BLKROSET(r1, 0x125d, &(0x7f0000000040)=0x50)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0x100, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
ioctl$TUNSETOFFLOAD(r2, 0x4004743d, 0x110c230000)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x2)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CAP_X86_NOTIFY_VMEXIT(r6, 0x4068aea3, &(0x7f0000000080)={0xdb, 0x0, 0x6})
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040))
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)={0x1, 0x0, [{0xc0010001, 0x0, 0x40}]})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r12, 0xc008ae88, &(0x7f0000000040)={0x10000000000000cf, 0x0, [{}]})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r9, 0x0)

kernel console output (not intermixed with test programs):

vc:  denied  { read write } for  pid=2535 comm="syz-executor" name="loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  135.775150][ T5984] SELinux: failed to load policy
[  135.802418][   T36] audit: type=1400 audit(1750378048.329:26616): avc:  denied  { read write open } for  pid=2535 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  135.832911][   T36] audit: type=1400 audit(1750378048.329:26617): avc:  denied  { ioctl } for  pid=2535 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  135.872468][   T36] audit: type=1400 audit(1750378048.359:26618): avc:  denied  { load_policy } for  pid=5983 comm="syz.4.1619" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  135.970100][   T36] audit: type=1400 audit(1750378048.469:26619): avc:  denied  { read } for  pid=5983 comm="syz.4.1619" name="binder0" dev="binder" ino=61 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  136.028019][   T36] audit: type=1400 audit(1750378048.469:26620): avc:  denied  { read open } for  pid=5983 comm="syz.4.1619" path="/dev/binderfs/binder0" dev="binder" ino=61 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  136.071832][   T36] audit: type=1400 audit(1750378048.479:26621): avc:  denied  { read write } for  pid=5630 comm="syz-executor" name="loop0" dev="devtmpfs" ino=488 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  136.099863][   T36] audit: type=1400 audit(1750378048.479:26622): avc:  denied  { read write open } for  pid=5630 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=488 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  136.127440][   T36] audit: type=1400 audit(1750378048.479:26623): avc:  denied  { ioctl } for  pid=5630 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=488 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  136.142792][ T5993] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  136.170535][ T5987] binder: Bad value for 'max'
[  136.224725][  T555] hid (null): invalid report_size 25464
[  136.232089][ T6000] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  136.232112][ T6000] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:253
[  136.248857][  T555] hid-generic 01FF:0004:0400.000A: invalid report_size 25464
[  136.281433][  T555] hid-generic 01FF:0004:0400.000A: item 0 2 1 7 parsing failed
[  136.289177][  T555] hid-generic 01FF:0004:0400.000A: probe with driver hid-generic failed with error -22
[  136.343596][ T6009] random: crng reseeded on system resumption
[  136.631516][ T6015] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  136.660349][ T6015] rust_binder: Write failure EINVAL in pid:1434
[  136.777076][ T6027] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  136.868569][ T6030] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:800
[  136.939428][ T6034] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  137.015293][ T6040] rust_binder: Got transaction with invalid offset.
[  137.036435][ T6040] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  137.043237][ T6040] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1436
[  137.138224][ T6046] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.301388][ T6049] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  137.307845][ T6049] rust_binder: Error in use_page_slow: EBUSY
[  137.343108][ T6049] rust_binder: use_range failure EBUSY
[  137.349130][ T6049] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  137.405473][ T6049] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  137.426789][ T6049] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  137.438208][ T6049] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:276
[  137.457770][ T6065] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.488846][ T6066] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.514961][ T6064] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.555650][ T6065] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.621897][ T6076] binder: Unknown parameter 'fscontext?}'
[  137.703531][ T6078] SELinux: security_context_str_to_sid (system_uÝGй‰:ÿß) failed with errno=-22
[  137.784870][ T6086] rust_binder: Write failure EFAULT in pid:288
[  137.861591][ T6089] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.917752][ T6093] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.949548][ T6089] rust_binder: Error while translating object.
[  137.959540][ T6089] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  137.970131][ T6089] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:290
[  138.061636][ T6096] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.097814][ T6096] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  138.110244][ T6096] rust_binder: Read failure Err(EFAULT) in pid:97
[  138.141503][ T6103] rust_binder: validate_parent_fixup: fixup_min_offset=29, parent_offset=27
[  138.158611][ T6103] rust_binder: Error while translating object.
[  138.175919][ T6103] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  138.194501][ T6103] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1459
[  138.211663][ T6107] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.233791][ T6107] rust_binder: Write failure EINVAL in pid:296
[  138.242672][ T6107] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 144, limit: 160, size: 143)
[  138.255422][ T6107] rust_binder: Error while translating object.
[  138.294984][ T6107] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  138.314628][ T6107] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:296
[  138.353631][ T6111] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.450630][ T6121] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.463032][ T6122] kvm: kvm [6119]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x882
[  138.482290][ T6123] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  138.498945][ T6123] rust_binder: Write failure EINVAL in pid:298
[  138.535736][ T6125] binder: Unknown parameter 'dont_hash'
[  138.793014][ T6145] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:302
[  138.870540][ T6149] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  138.898082][ T6149] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[  139.107581][ T6162] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:311
[  139.151196][ T6166] random: crng reseeded on system resumption
[  139.229038][ T6173] input: syz0 as /devices/virtual/input/input92
[  139.243681][ T6173] input: failed to attach handler leds to device input92, error: -6
[  139.270640][ T6173] binder: Unknown parameter '00000000000000000000003'
[  139.437147][ T6186] binder: Bad value for 'stats'
[  139.470765][ T6188] rust_binder: validate_parent_fixup: fixup_min_offset=50, parent_offset=5
[  139.470791][ T6188] rust_binder: Error while translating object.
[  139.488418][ T6188] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  139.502147][ T6188] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1487
[  139.502459][ T6190] rust_binder: Error while translating object.
[  139.591789][ T6190] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  139.597987][ T6190] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:827
[  139.599528][ T6193] tun0: tun_chr_ioctl cmd 1074025675
[  139.672439][ T6193] tun0: persist enabled
[  139.678627][ T6198] tun0: tun_chr_ioctl cmd 1074025675
[  139.710171][ T6198] tun0: persist enabled
[  139.818806][ T6208] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:830
[  139.923635][ T6214] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  139.951529][ T6214] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  140.059018][ T6220] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  140.068716][ T6221] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:834
[  140.088395][ T6220] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1497
[  140.227870][ T6228] deleting an unspecified loop device is not supported.
[  140.337985][ T6231] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:126
[  140.698584][   T36] kauditd_printk_skb: 1194 callbacks suppressed
[  140.698602][   T36] audit: type=1400 audit(1750378053.299:27818): avc:  denied  { read } for  pid=6248 comm="syz.5.1702" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  140.732932][ T6249] binfmt_misc: register: failed to install interpreter file ./cgroup
[  140.778985][   T36] audit: type=1400 audit(1750378053.329:27819): avc:  denied  { read open } for  pid=6248 comm="syz.5.1702" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  140.809082][ T6251] binder: Bad value for 'max'
[  140.821358][   T36] audit: type=1400 audit(1750378053.349:27820): avc:  denied  { read } for  pid=6248 comm="syz.5.1702" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  140.854226][ T6249] binder: Unknown parameter '00000000000000000000®œHCçYQµ–;§ñ¥‡01777777777777777777777'
[  140.883483][   T36] audit: type=1400 audit(1750378053.349:27821): avc:  denied  { read open } for  pid=6248 comm="syz.5.1702" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  140.933541][   T36] audit: type=1400 audit(1750378053.359:27822): avc:  denied  { ioctl } for  pid=6248 comm="syz.5.1702" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  140.978963][ T6262] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  140.988041][ T6262] rust_binder: Write failure EINVAL in pid:837
[  140.996119][   T36] audit: type=1400 audit(1750378053.369:27823): avc:  denied  { read write } for  pid=294 comm="syz-executor" name="loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  141.025334][ T6262] rust_binder: got new transaction with bad transaction stack
[  141.026366][ T6262] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:837
[  141.057275][   T36] audit: type=1400 audit(1750378053.369:27824): avc:  denied  { read write open } for  pid=294 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  141.095693][   T36] audit: type=1400 audit(1750378053.369:27825): avc:  denied  { ioctl } for  pid=294 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  141.125245][ T6267] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1518
[  141.143147][   T36] audit: type=1400 audit(1750378053.369:27826): avc:  denied  { ioctl } for  pid=6248 comm="syz.5.1702" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  141.190503][   T36] audit: type=1400 audit(1750378053.419:27827): avc:  denied  { mounton } for  pid=6250 comm="syz.2.1703" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  141.592500][ T6283] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22
[  141.619172][ T6285] kvm: Disabled LAPIC found during irq injection
[  141.779607][ T6297] kvm: kvm [6296]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x187) = 0xfff
[  141.812598][ T6297] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  141.815943][ T6297] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 18446744073709551585)
[  141.840119][ T6297] rust_binder: Error while translating object.
[  141.874381][ T6297] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  141.888320][ T6297] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:338
[  141.907945][ T6301] rust_binder: Error while translating object.
[  141.928108][ T6301] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  141.938414][ T6301] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:840
[  142.085096][ T6317] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  142.449919][ T6328] binder: Unknown parameter 'processor	: 0
[  142.449919][ T6328] vendor_id	: GenuineIntel
[  142.449919][ T6328] cpu family	: 6
[  142.449919][ T6328] model		: 79
[  142.449919][ T6328] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[  142.449919][ T6328] stepping	: 0
[  142.449919][ T6328] microcode	: 0xffffffff
[  142.449919][ T6328] cpu MHz		: 2200.222
[  142.449919][ T6328] cache size	: 56320 KB
[  142.449919][ T6328] physical id	: 0
[  142.449919][ T6328] siblings	: 2
[  142.449919][ T6328] core id		: 0
[  142.449919][ T6328] cpu cores	: 1
[  142.449919][ T6328] apicid		: 0
[  142.449919][ T6328] initial apicid	: 0
[  142.449919][ T6328] fpu		: yes
[  142.449919][ T6328] fpu_exception	: yes
[  142.449919][ T6328] cpuid level	: 13
[  142.449919][ T6328] wp		: yes
[  142.449919][ T6328] flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities
[  142.449919][ T6328] vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi
[  142.499667][ T6332] binder: Unknown parameter 'coyB
'
[  142.668313][ T6336] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  142.717516][ T6338] rust_binder: Write failure EINVAL in pid:157
[  142.859144][ T6341] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  142.878598][ T6341] rust_binder: Write failure EINVAL in pid:159
[  142.893075][ T6343] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  143.070404][ T6353] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.070864][ T6353] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:161
[  143.321218][ T6356] rust_binder: Write failure EFAULT in pid:1535
[  143.926527][ T6378] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  144.020597][ T6386] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[  144.040190][ T6386] rust_binder: Error while translating object.
[  144.070326][ T6386] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  144.076610][ T6386] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:171
[  144.127976][ T6390] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  144.219773][ T6394] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  144.386373][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  144.529528][ T6408] rust_binder: Write failure EFAULT in pid:1560
[  144.546982][ T6409] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  144.761180][ T6420] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  144.761214][ T6420] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:1565
[  144.950977][ T6430] rust_binder: Write failure EINVAL in pid:1570
[  145.295701][ T6443] binder: Unknown parameter 'smackfstransmute'
[  145.389424][ T6448] binder: Bad value for 'max'
[  145.628461][ T6452] binder: Bad value for 'stats'
[  145.677133][ T6454] SELinux: security_context_str_to_sid (sytem_uÝGй‰:ÿß) failed with errno=-22
[  145.705972][   T36] kauditd_printk_skb: 949 callbacks suppressed
[  145.705988][   T36] audit: type=1400 audit(1750378058.309:28777): avc:  denied  { read write } for  pid=4757 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  145.744381][   T36] audit: type=1400 audit(1750378058.309:28778): avc:  denied  { read write open } for  pid=4757 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  145.793621][   T36] audit: type=1400 audit(1750378058.309:28779): avc:  denied  { ioctl } for  pid=4757 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  145.854290][ T6465] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  145.868071][   T36] audit: type=1400 audit(1750378058.329:28780): avc:  denied  { read } for  pid=6455 comm="syz.5.1764" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  145.916956][ T6467] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:177
[  145.918358][ T6466] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:874
[  145.932160][ T6463] rust_binder: Error while translating object.
[  145.940103][   T36] audit: type=1400 audit(1750378058.329:28781): avc:  denied  { read open } for  pid=6455 comm="syz.5.1764" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  145.941448][ T6463] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  145.947424][   T36] audit: type=1400 audit(1750378058.329:28782): avc:  denied  { ioctl } for  pid=6455 comm="syz.5.1764" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  145.976102][ T6463] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:874
[  145.984450][ T6468] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.015567][   T36] audit: type=1400 audit(1750378058.329:28783): avc:  denied  { read } for  pid=6455 comm="syz.5.1764" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  146.045951][ T6468] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  146.045969][ T6468] rust_binder: Read failure Err(EFAULT) in pid:177
[  146.055398][   T36] audit: type=1400 audit(1750378058.329:28784): avc:  denied  { read open } for  pid=6455 comm="syz.5.1764" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  146.087007][   T36] audit: type=1400 audit(1750378058.329:28785): avc:  denied  { ioctl } for  pid=6455 comm="syz.5.1764" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  146.111668][   T36] audit: type=1400 audit(1750378058.349:28786): avc:  denied  { read } for  pid=6455 comm="syz.5.1764" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  146.176755][ T6470] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:389
[  146.210406][ T6472] binder: Unknown parameter '%9¨"]ž
[  146.210406][ T6472] šãЋ™-/†CeC£g€¬rÛv�eU|–ª>“¼§´Sù"Áï³ÏÄ95Ù}…z+1sfPRLìÖ`4”—M�¶�µãÌS‘4�'
[  146.400378][ T6480] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:393
[  146.508877][ T6488] binder: Unknown parameter 'coMtex*•äO4¥“B¤[û“U«§ë@c¸±'
[  146.581193][ T6497] rust_binder: Write failure EFAULT in pid:1588
[  146.636656][ T6496] input: syz0 as /devices/virtual/input/input98
[  146.761183][ T6503] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.003418][ T6525] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.074966][ T6525] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 20)
[  147.102722][ T6525] rust_binder: Error while translating object.
[  147.108029][ T6532] rust_binder: Error in use_page_slow: ESRCH
[  147.129474][ T6532] rust_binder: use_range failure ESRCH
[  147.130150][ T6525] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  147.136433][ T6532] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  147.153486][ T6525] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:403
[  147.165966][ T6532] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  147.185130][ T6532] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:895
[  149.890594][ T6540] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  149.901852][ T6537] input: syz0 as /devices/virtual/input/input99
[  149.998392][ T6546] input: syz0 as /devices/virtual/input/input100
[  150.218146][ T6558] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.224622][ T6558] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  150.232497][ T6557] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.247509][ T6560] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.255944][ T6558] rust_binder: Error while translating object.
[  150.262735][ T6560] rust_binder: Write failure EINVAL in pid:413
[  150.276952][ T6563] rust_binder: Write failure EFAULT in pid:899
[  150.287956][ T6558] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  150.306190][ T6558] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:196
[  150.422198][ T6571] rust_binder: Read failure Err(EAGAIN) in pid:1609
[  150.543105][ T6580] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:199
[  150.546333][ T6579] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.555136][ T6580] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  150.578423][ T6580] rust_binder: Read failure Err(EFAULT) in pid:199
[  150.725599][   T36] kauditd_printk_skb: 588 callbacks suppressed
[  150.725616][   T36] audit: type=1400 audit(1750378063.329:29375): avc:  denied  { read write } for  pid=6587 comm="syz.5.1804" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  150.799981][ T6590] binder: Bad value for 'stats'
[  150.812499][ T6590] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.814350][   T36] audit: type=1400 audit(1750378063.329:29376): avc:  denied  { read open } for  pid=6587 comm="syz.5.1804" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  150.846769][ T6596] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.847052][ T6595] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.872648][   T36] audit: type=1400 audit(1750378063.329:29377): avc:  denied  { read } for  pid=6586 comm="syz.4.1805" name="binder0" dev="binder" ino=74 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  150.909669][   T36] audit: type=1400 audit(1750378063.329:29378): avc:  denied  { read open } for  pid=6586 comm="syz.4.1805" path="/dev/binderfs/binder0" dev="binder" ino=74 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  150.934162][   T36] audit: type=1400 audit(1750378063.329:29379): avc:  denied  { read write } for  pid=6587 comm="syz.5.1804" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  150.957428][   T36] audit: type=1400 audit(1750378063.329:29380): avc:  denied  { read open } for  pid=6587 comm="syz.5.1804" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  150.982770][   T36] audit: type=1400 audit(1750378063.339:29381): avc:  denied  { ioctl } for  pid=6586 comm="syz.4.1805" path="/dev/binderfs/binder0" dev="binder" ino=74 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  151.008255][   T36] audit: type=1400 audit(1750378063.339:29382): avc:  denied  { set_context_mgr } for  pid=6586 comm="syz.4.1805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  151.028181][   T36] audit: type=1400 audit(1750378063.339:29383): avc:  denied  { read } for  pid=6586 comm="syz.4.1805" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  151.055593][   T36] audit: type=1400 audit(1750378063.339:29384): avc:  denied  { read open } for  pid=6586 comm="syz.4.1805" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  151.167802][ T6602] binder: Unknown parameter 'smackfsfloor'
[  151.216598][ T6604] rust_binder: Write failure EINVAL in pid:910
[  151.282784][ T6606] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  151.321115][ T6606] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  151.523714][ T6618] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  151.531798][ T6618] rust_binder: Failure in copy_transaction_data: BR_DEAD_REPLY
[  151.539470][ T6618] rust_binder: Failure BR_DEAD_REPLY during reply - delivering BR_FAILED_REPLY to sender.
[  151.662428][ T6623] kvm: kvm [6622]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010000) = 0x79a38c48ff000000
[  151.694594][ T6623] binder: Unknown parameter 'fscontext?}'
[  152.036011][ T6636] rust_binder: Error while translating object.
[  152.036051][ T6636] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  152.048855][ T6636] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1633
[  152.116394][ T6641] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  152.247723][ T6645] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  152.400733][ T6655] rust_binder: Write failure EFAULT in pid:441
[  152.451230][ T6658] random: crng reseeded on system resumption
[  152.451467][ T6656] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1640
[  152.502779][ T6658] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  152.513338][ T6660] rust_binder: Error in use_page_slow: ESRCH
[  152.519760][ T6660] rust_binder: use_range failure ESRCH
[  152.526889][ T6660] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  152.547437][ T6660] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  152.578580][ T6660] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:211
[  152.730381][ T6671] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  152.850922][ T6673] binder: Unknown parameter '}w'
[  152.966739][ T6681] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  152.970418][ T6683] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  153.030933][ T6675] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  153.044385][ T6675] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  153.078383][ T6685] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:924
[  153.333141][ T6701] binder: Unknown parameter 'sïl'
[  153.506020][ T6716] rust_binder: Error while translating object.
[  153.506046][ T6716] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  153.520254][ T6716] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:462
[  153.632338][ T6725] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  153.643279][ T6725] rust_binder: Error while translating object.
[  153.649715][ T6725] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  153.670209][ T6725] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:466
[  153.720767][ T6728] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1657
[  153.955665][ T6743] kvm: user requested TSC rate below hardware speed
[  154.000474][ T6738] rust_binder: Write failure EFAULT in pid:473
[  154.196619][ T6763] input: syz1 as /devices/virtual/input/input103
[  154.331206][ T6769] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  154.353205][ T6774] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  154.353259][ T6775] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  154.521329][ T6782] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  154.533550][ T6783] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  154.590108][ T6786] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:230
[  154.691354][ T6785] SELinux: security_context_str_to_sid (system_uÝGй‰:ÿß0000000000000000000002500000000000000000000025) failed with errno=-22
[  154.820266][ T6789] rust_binder: Error while translating object.
[  154.820296][ T6789] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  154.826486][ T6789] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:953
[  154.955705][ T6793] SELinux: security_context_str_to_sid (sytem_uÝGй‰:ÿß) failed with errno=-22
[  155.069939][ T6797] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  155.191235][ T6808] random: crng reseeded on system resumption
[  155.218127][ T6808] rust_binder: Error while translating object.
[  155.218159][ T6808] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  155.224556][ T6808] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:965
[  155.322007][ T6813] rust_binder: Write failure EINVAL in pid:969
[  155.360722][ T6815] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  155.408518][ T6815] rust_binder: Failed copying remainder into alloc: EFAULT
[  155.415412][ T6822] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  155.428652][ T6815] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[  155.444148][ T6822] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  155.446279][ T6815] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  155.490168][ T6815] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:1679
[  155.551686][ T6832] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:235
[  155.621321][ T6836] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  155.628408][ T6830] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  155.640817][ T6830] rust_binder: Error in use_page_slow: EBUSY
[  155.678255][ T6830] rust_binder: use_range failure EBUSY
[  155.681787][ T6836] rust_binder: Error in use_page_slow: ESRCH
[  155.705426][ T6836] rust_binder: use_range failure ESRCH
[  155.710160][ T6830] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  155.721216][ T6836] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  155.730154][   T36] kauditd_printk_skb: 1162 callbacks suppressed
[  155.730170][   T36] audit: type=1400 audit(1750378068.329:30547): avc:  denied  { read open } for  pid=6839 comm="syz.5.1889" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  155.738199][ T6830] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  155.758479][ T6836] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  155.780088][   T36] audit: type=1400 audit(1750378068.359:30548): avc:  denied  { read write } for  pid=6839 comm="syz.5.1889" name="ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  155.824873][ T6830] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  155.824912][ T6830] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:975
[  155.837140][ T6836] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:238
[  155.853880][   T36] audit: type=1400 audit(1750378068.359:30549): avc:  denied  { read write open } for  pid=6839 comm="syz.5.1889" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  155.855320][ T6843] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  155.863900][   T36] audit: type=1400 audit(1750378068.359:30550): avc:  denied  { map } for  pid=6839 comm="syz.5.1889" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  155.923950][   T36] audit: type=1400 audit(1750378068.359:30551): avc:  denied  { execmem } for  pid=6839 comm="syz.5.1889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  155.947147][   T36] audit: type=1400 audit(1750378068.359:30552): avc:  denied  { read execute } for  pid=6839 comm="syz.5.1889" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  156.002542][   T36] audit: type=1400 audit(1750378068.359:30553): avc:  denied  { map } for  pid=6839 comm="syz.5.1889" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  156.031890][ T6844] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:497
[  156.032074][   T36] audit: type=1400 audit(1750378068.359:30554): avc:  denied  { read } for  pid=6839 comm="syz.5.1889" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  156.066337][ T6849] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  156.068536][ T6850] rust_binder: Write failure EINVAL in pid:241
[  156.076306][   T36] audit: type=1400 audit(1750378068.359:30555): avc:  denied  { map } for  pid=6839 comm="syz.5.1889" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  156.116066][   T36] audit: type=1400 audit(1750378068.359:30556): avc:  denied  { read } for  pid=6839 comm="syz.5.1889" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  156.143770][ T6848] rust_binder: Error while translating object.
[  156.143798][ T6848] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  156.151324][ T6848] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:978
[  156.166731][ T6853] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1685
[  156.178917][ T6853] rust_binder: Error while translating object.
[  156.196377][ T6853] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  156.203195][ T6853] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1685
[  156.410504][ T6863] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:984
[  156.410504][ T6862] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:984
[  156.577900][ T6873] rust_binder: Write failure EINVAL in pid:1693
[  156.596641][ T6873] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 18446744073709551585)
[  156.604672][ T6873] rust_binder: Error while translating object.
[  156.617726][ T6873] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  156.624453][ T6873] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1693
[  156.755081][ T6880] rust_binder: Write failure EINVAL in pid:1697
[  156.854135][ T6886] SELinux: security_context_str_to_sid (syst_u) failed with errno=-22
[  156.970182][ T6893] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  157.022425][ T6893] SELinux: failed to load policy
[  157.090777][ T6903] rust_binder: Error in use_page_slow: ESRCH
[  157.090798][ T6903] rust_binder: use_range failure ESRCH
[  157.101640][ T6904] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  157.111930][ T6903] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  157.118390][ T6903] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  157.126249][ T6907] rust_binder: Error while translating object.
[  157.147494][ T6907] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  157.154498][ T6903] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:245
[  157.163925][ T6907] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:508
[  157.203974][ T6909] binder: Unknown parameter ''
[  157.307974][ T6919] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1005
[  157.342502][ T6921] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:516
[  157.360564][ T6922] rust_binder: Write failure EINVAL in pid:1005
[  157.404842][ T6924] binder: Bad value for 'max'
[  157.495585][ T6936] input: syz0 as /devices/virtual/input/input109
[  157.549389][ T6936] rust_binder: Write failure EFAULT in pid:251
[  157.883670][ T6954] SELinux:  policydb version -1852032850 does not match my version range 15-33
[  157.899145][ T6954] SELinux: failed to load policy
[  157.907503][ T6954] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  157.917031][ T6954] rust_binder: Write failure EINVAL in pid:259
[  158.004868][ T6956] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  158.108368][ T6963] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  158.126668][ T6963] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:263
[  158.190998][ T6967] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  158.215891][ T6967] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:1008
[  158.231232][ T6969] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  158.244638][ T6969] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  158.250106][ T6967] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  158.257837][ T6967] rust_binder: Read failure Err(EFAULT) in pid:1008
[  158.368346][ T6971] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  158.390304][ T6971] rust_binder: Read failure Err(EFAULT) in pid:1010
[  158.846040][ T6989] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  158.868407][  T305] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  158.916231][  T305] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  158.936454][ T6987] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  158.936483][ T6987] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:1721
[  159.026399][ T6999] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  159.040349][ T6989] binder: Unknown parameter 'uid<18446744073709551615'
[  159.072273][ T6989] rust_binder: ENOSPC from range_alloc.reserve_new - size: 4216
[  159.072304][ T6989] rust_binder: Failed to allocate buffer. len:4216, is_oneway:false
[  159.084072][ T6989] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  159.123200][ T6989] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:536
[  159.155960][ T6999] rust_binder: Error while translating object.
[  159.180132][ T6999] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  159.186327][ T6999] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:266
[  159.289853][ T7006] random: crng reseeded on system resumption
[  159.457580][ T7014] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  159.680210][ T7026] rust_binder: Write failure EFAULT in pid:1029
[  159.706228][ T7026] rust_binder: Write failure EFAULT in pid:1029
[  159.770266][ T7028] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1735
[  159.788983][ T7028] rust_binder: Write failure EINVAL in pid:1735
[  159.829171][ T7028] rust_binder: Write failure EINVAL in pid:1735
[  159.859338][ T7034] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  159.913408][ T7080] input: syz1 as /devices/virtual/input/input112
[  159.931107][ T7034] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  160.143756][ T7142] rust_binder: Failed copying remainder into alloc: EFAULT
[  160.143778][ T7142] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[  160.151472][ T7145] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  160.160516][ T7142] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  160.169086][ T7145] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:280
[  160.180242][ T7142] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:1739
[  160.241371][ T7151] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[  160.295417][ T7151] rust_binder: Error while translating object.
[  160.321403][ T7151] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  160.328153][ T7151] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:543
[  160.419394][ T7162] binder: Unknown parameter 'cache'
[  160.490343][  T834] bridge_slave_1: left allmulticast mode
[  160.506286][  T834] bridge_slave_1: left promiscuous mode
[  160.532606][  T834] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.557475][  T834] bridge_slave_0: left allmulticast mode
[  160.566924][  T834] bridge_slave_0: left promiscuous mode
[  160.580154][  T834] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.735897][ T7168] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.750097][ T7168] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.755006][   T36] kauditd_printk_skb: 1033 callbacks suppressed
[  160.755022][   T36] audit: type=1400 audit(1750378073.359:31590): avc:  denied  { read write } for  pid=294 comm="syz-executor" name="loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  160.762314][ T7168] bridge_slave_0: entered allmulticast mode
[  160.765312][   T36] audit: type=1400 audit(1750378073.369:31591): avc:  denied  { read write open } for  pid=294 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  160.813856][ T7168] bridge_slave_0: entered promiscuous mode
[  160.825914][ T7168] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.832972][ T7168] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.840031][ T7168] bridge_slave_1: entered allmulticast mode
[  160.850695][ T7168] bridge_slave_1: entered promiscuous mode
[  160.859663][  T834] veth1_macvtap: left promiscuous mode
[  160.866873][  T834] veth0_vlan: left promiscuous mode
[  160.917800][   T36] audit: type=1400 audit(1750378073.419:31592): avc:  denied  { ioctl } for  pid=294 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  160.945101][   T36] audit: type=1400 audit(1750378073.469:31593): avc:  denied  { read } for  pid=7174 comm="syz.2.1959" name="ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  160.995115][   T36] audit: type=1400 audit(1750378073.469:31594): avc:  denied  { read open } for  pid=7174 comm="syz.2.1959" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  161.024376][   T36] audit: type=1400 audit(1750378073.469:31595): avc:  denied  { ioctl } for  pid=7174 comm="syz.2.1959" path="/dev/ashmem" dev="devtmpfs" ino=201 ioctlcmd=0x7703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  161.049949][   T36] audit: type=1400 audit(1750378073.479:31596): avc:  denied  { map } for  pid=7174 comm="syz.2.1959" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  161.107050][   T36] audit: type=1400 audit(1750378073.479:31597): avc:  denied  { read execute } for  pid=7174 comm="syz.2.1959" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  161.135209][   T36] audit: type=1400 audit(1750378073.479:31598): avc:  denied  { ioctl } for  pid=7174 comm="syz.2.1959" path="/dev/ashmem" dev="devtmpfs" ino=201 ioctlcmd=0x7708 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  161.167475][   T36] audit: type=1400 audit(1750378073.479:31599): avc:  denied  { ioctl } for  pid=7174 comm="syz.2.1959" path="/dev/ashmem" dev="devtmpfs" ino=201 ioctlcmd=0x7708 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  161.169948][ T7179] rust_binder: Error in use_page_slow: ESRCH
[  161.211369][ T7179] rust_binder: use_range failure ESRCH
[  161.222660][ T7179] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  161.246850][ T7179] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  161.255302][ T7179] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1750
[  161.260823][ T7168] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.280757][ T7168] bridge0: port 2(bridge_slave_1) entered forwarding state
[  161.288005][ T7168] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.295064][ T7168] bridge0: port 1(bridge_slave_0) entered forwarding state
[  161.311345][  T306] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.318579][  T306] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.372455][  T306] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.379614][  T306] bridge0: port 1(bridge_slave_0) entered forwarding state
[  161.420862][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.427911][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  161.589903][ T7193] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  161.608626][ T7195] rust_binder: Write failure EFAULT in pid:1753
[  161.611023][ T7168] veth0_vlan: entered promiscuous mode
[  161.620907][ T7198] rust_binder: ENOSPC from range_alloc.reserve_new - size: 4232
[  161.622922][ T7198] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  161.642190][ T7198] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  161.665467][ T7168] veth1_macvtap: entered promiscuous mode
[  161.667662][ T7198] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:556
[  161.832558][ T7206] SELinux:  policydb magic number 0x6 does not match expected magic number 0xf97cff8c
[  161.875469][ T7206] SELinux: failed to load policy
[  161.997854][ T7217] input: syz1 as /devices/virtual/input/input115
[  162.001763][ T7219] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  162.044148][ T7217] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  162.208951][ T7229] rust_binder: Error while translating object.
[  162.208990][ T7229] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  162.232835][ T7229] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:10
[  162.643287][ T7245] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  162.654345][ T7248] rust_binder: Write failure EFAULT in pid:17
[  162.669136][ T7245] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  162.690214][ T7245] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:316
[  162.882567][ T7263] rust_binder: Error while translating object.
[  162.888587][ T7262] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1761
[  162.928692][ T7263] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  162.971440][ T7263] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:22
[  163.123238][ T7275] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  163.147524][ T7275] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:322
[  163.177595][ T7279] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  163.188384][ T7279] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1766
[  163.230125][ T7281] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  163.243695][ T7283] rust_binder: Write failure EINVAL in pid:29
[  163.335256][ T7290] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  163.369774][ T7290] SELinux: failed to load policy
[  163.405956][ T7293] SELinux:  truncated policydb string identifier
[  163.444485][ T7293] SELinux: failed to load policy
[  163.472719][ T7292] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  163.472746][ T7292] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:31
[  163.547132][ T7299] rust_binder: Read failure Err(EAGAIN) in pid:1772
[  163.638260][ T7304] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  163.702488][ T7307] rust_binder: Write failure EFAULT in pid:328
[  163.720398][ T7304] SELinux: failed to load policy
[  163.763874][ T7302] rust_binder: Write failure EINVAL in pid:34
[  163.775961][ T7302] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  163.800528][ T7302] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:34
[  163.830189][ T7302] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  163.847342][ T7312] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  163.849448][ T7302] rust_binder: Read failure Err(EFAULT) in pid:34
[  163.882908][ T7312] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  163.889392][ T7312] rust_binder: Read failure Err(EFAULT) in pid:331
[  164.178953][ T7330] binder: Binderfs stats mode cannot be changed during a remount
[  164.405712][ T7340] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  164.410782][ T7340] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  164.423114][ T7340] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:583
[  164.666527][ T7356] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:44
[  164.930436][ T7373] rust_binder: Write failure EFAULT in pid:1792
[  164.944816][ T7375] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  165.273077][ T7395] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  165.273100][ T7395] rust_binder: Error while translating object.
[  165.313346][ T7395] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  165.350469][ T7395] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:55
[  165.702854][ T7413] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[  165.740178][ T7413] rust_binder: Write failure EINVAL in pid:1807
[  165.753594][ T7413] SELinux:  policydb version 51618937 does not match my version range 15-33
[  165.768579][   T36] kauditd_printk_skb: 1345 callbacks suppressed
[  165.768594][   T36] audit: type=1400 audit(1750378078.359:32945): avc:  denied  { load_policy } for  pid=7411 comm="syz.2.2031" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  165.805102][ T7415] binder: Unknown parameter 'coyBLV§"i5ŽÝ”ÃùÒntext'
[  165.817195][   T36] audit: type=1400 audit(1750378078.359:32946): avc:  denied  { read write } for  pid=7414 comm="syz.5.2032" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  165.817750][ T7420] SELinux: security_context_str_to_sid () failed with errno=-22
[  165.841454][ T7413] SELinux: failed to load policy
[  165.873926][   T36] audit: type=1400 audit(1750378078.359:32947): avc:  denied  { read open } for  pid=7414 comm="syz.5.2032" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  165.918855][ T7419] audit: audit_backlog=65 > audit_backlog_limit=64
[  165.922822][   T36] audit: type=1400 audit(1750378078.359:32948): avc:  denied  { read write } for  pid=7414 comm="syz.5.2032" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  165.969574][   T36] audit: type=1400 audit(1750378078.359:32949): avc:  denied  { read open } for  pid=7414 comm="syz.5.2032" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  166.000195][ T7419] audit: audit_lost=169 audit_rate_limit=0 audit_backlog_limit=64
[  166.011869][  T294] audit: audit_backlog=65 > audit_backlog_limit=64
[  166.027889][ T7419] audit: backlog limit exceeded
[  166.035187][   T36] audit: type=1400 audit(1750378078.359:32950): avc:  denied  { read write } for  pid=7414 comm="syz.5.2032" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  166.170141][ T7427] rust_binder: Error while translating object.
[  166.170169][ T7427] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  166.196034][ T7427] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1813
[  166.270306][ T7429] rust_binder: Write failure EFAULT in pid:605
[  166.287034][ T7434] rust_binder: Write failure EFAULT in pid:68
[  166.341261][ T7440] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  166.343761][ T7437] binfmt_misc: register: failed to install interpreter file ./file0
[  166.440335][ T7438] SELinux: security_context_str_to_sid (system_uÝGй‰:ÿß) failed with errno=-22
[  166.440752][ T7444] rust_binder: Write failure EINVAL in pid:610
[  166.899226][ T7472] rust_binder: Error while translating object.
[  166.905486][ T7472] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  166.911846][ T7472] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1826
[  167.258746][ T7488] SELinux:  policydb version 905587468 does not match my version range 15-33
[  167.277561][ T7488] SELinux: failed to load policy
[  167.547519][ T7501] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:89
[  167.572360][ T7501] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0
[  167.591146][ T7502] rust_binder: Write failure EINVAL in pid:620
[  167.599051][ T7501] rust_binder: Write failure EINVAL in pid:89
[  167.619794][ T7502] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:620
[  167.620930][ T7499] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  167.702006][ T7506] rust_binder: Write failure EFAULT in pid:91
[  167.746853][ T7509] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  167.766244][ T7509] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:623
[  167.798348][ T7514] input: syz0 as /devices/virtual/input/input118
[  167.835324][ T7515] rust_binder: Error while translating object.
[  167.835354][ T7515] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  167.842272][ T7515] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1839
[  167.933358][ T7521] rust_binder: Error while translating object.
[  167.974537][ T7521] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  168.007189][ T7521] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:625
[  168.079605][ T7524] rust_binder: Write failure EINVAL in pid:373
[  168.157236][ T7534] input: syz0 as /devices/virtual/input/input119
[  168.175525][ T7534] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:376
[  168.177413][ T7534] rust_binder: Read failure Err(EFAULT) in pid:376
[  168.433828][ T7554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  168.455932][ T7554] rust_binder: Write failure EFAULT in pid:1849
[  168.475403][ T7554] rust_binder: Failed to allocate buffer. len:18446744073709551592, is_oneway:false
[  168.490946][ T7554] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  168.513365][ T7554] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:1849
[  168.587799][ T7565] rust_binder: Error in use_page_slow: ESRCH
[  168.587826][ T7565] rust_binder: use_range failure ESRCH
[  168.609057][ T7565] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  168.642678][ T7565] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  168.697196][ T7565] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:639
[  168.717060][ T7569] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:108
[  168.766451][ T7569] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[  168.819142][ T7569] rust_binder: Write failure EINVAL in pid:108
[  168.988787][ T7574] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 120, limit: 136, size: 89)
[  168.995203][ T7574] rust_binder: Error while translating object.
[  169.011422][ T7574] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  169.017734][ T7574] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:110
[  169.080363][ T7580] rust_binder: Error while translating object.
[  169.089573][ T7580] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  169.099652][ T7580] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:647
[  169.277039][ T7592] binder: Unknown parameter 'non'
[  169.553205][ T7601] rust_binder: Write failure EFAULT in pid:112
[  169.599231][ T7604] rust_binder: Error while translating object.
[  169.607196][ T7604] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  169.616230][ T7604] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:115
[  169.668825][ T7606] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1860
[  169.796038][ T7613] rust_binder: Write failure EINVAL in pid:657
[  169.904464][ T7615] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  169.933157][ T7615] SELinux: failed to load policy
[  169.995913][ T7615] rust_binder: Write failure EINVAL in pid:1865
[  170.037473][ T7632] binder: Unknown parameter 'dont_hash'
[  170.201139][ T7642] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22
[  170.239700][ T7644] binder: Unknown parameter 'noninderfs/binder0'
[  170.311706][ T7650] random: crng reseeded on system resumption
[  170.323146][ T7647] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  170.385595][ T7652] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:673
[  170.610594][ T7660] SELinux: security_context_str_to_sid (syste_uÝGй‰:ÿß) failed with errno=-22
[  170.773595][   T36] kauditd_printk_skb: 1180 callbacks suppressed
[  170.773611][   T36] audit: type=1400 audit(1750378083.379:34087): avc:  denied  { read write } for  pid=7672 comm="syz.0.2116" name="uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  170.860098][   T36] audit: type=1400 audit(1750378083.379:34088): avc:  denied  { read write open } for  pid=7672 comm="syz.0.2116" path="/dev/uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  170.912272][   T36] audit: type=1400 audit(1750378083.429:34089): avc:  denied  { read } for  pid=7673 comm="syz.4.2115" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  170.949375][   T36] audit: type=1400 audit(1750378083.429:34090): avc:  denied  { read open } for  pid=7673 comm="syz.4.2115" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  170.973987][   T36] audit: type=1400 audit(1750378083.429:34091): avc:  denied  { read write } for  pid=5630 comm="syz-executor" name="loop0" dev="devtmpfs" ino=488 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  171.007094][ T7686] input: syz1 as /devices/virtual/input/input122
[  171.020106][   T36] audit: type=1400 audit(1750378083.429:34092): avc:  denied  { read write open } for  pid=5630 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=488 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  171.046564][ T7686] rust_binder: Write failure EINVAL in pid:139
[  171.046899][ T7686] rust_binder: Write failure EFAULT in pid:139
[  171.053872][   T36] audit: type=1400 audit(1750378083.429:34093): avc:  denied  { ioctl } for  pid=7673 comm="syz.4.2115" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  171.107751][   T36] audit: type=1400 audit(1750378083.429:34094): avc:  denied  { ioctl } for  pid=5630 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=488 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  171.134144][   T36] audit: type=1400 audit(1750378083.439:34095): avc:  denied  { read write } for  pid=7673 comm="syz.4.2115" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  171.159422][   T36] audit: type=1400 audit(1750378083.439:34096): avc:  denied  { read open } for  pid=7673 comm="syz.4.2115" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  171.227070][ T7691] rust_binder: Error while translating object.
[  171.227107][ T7691] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  171.234513][ T7691] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:408
[  171.272044][ T7692] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  171.292174][ T7692] SELinux: failed to load policy
[  171.391436][ T7700] SELinux:  policydb version 79218476 does not match my version range 15-33
[  171.441200][ T7700] SELinux: failed to load policy
[  171.447918][ T7705] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:681
[  171.491203][ T7707] binder: Unknown parameter 'context'
[  171.603457][ T7709] binder: Unknown parameter 'ÿþ
~¾Õ(<€Æˆ¥[ú¥Ý¨n
[  171.603457][ T7709] Ä:í«1‘<xØ_Áp…ÈÂîÞ0d"©“Ò¬¡’A•	ªh¡�{ÝÍö‘cÜä¸b.¡Có~‡\zå÷¢Ôý4Ãl½ö…JvÁ8HÁ¯x@ð?÷cÉf P1€gEØ|÷EÝ<ý;Œ£¹��ž_'
[  171.804599][ T7717] rust_binder: Error while translating object.
[  171.804634][ T7717] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  171.840117][ T7717] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:149
[  171.899355][ T7720] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  171.940547][ T7720] rust_binder: Got transaction with invalid offset.
[  171.947032][ T7720] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  171.963738][ T7724] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:153
[  171.985038][ T7720] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:686
[  172.114052][ T7734] kvm: kvm [7732]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010004) = 0x3
[  172.199907][ T7741] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1879
[  172.394484][ T7749] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  172.434530][ T7747] binder: Unknown parameter 'hash'
[  172.442119][ T7753] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  172.470837][ T7751] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  172.470858][ T7751] rust_binder: Error while translating object.
[  172.494272][ T7750] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  172.521616][ T7750] rust_binder: Error while translating object.
[  172.550134][ T7751] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  172.567664][ T7751] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:421
[  172.587282][ T7750] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  172.608370][ T7750] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:421
[  172.706030][ T7759] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  172.732339][ T7757] SELinux: failed to load policy
[  172.758755][ T7757] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:697
[  172.791559][ T7759] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  172.896307][ T7764] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  173.054684][ T7775] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1883
[  173.142314][ T7779] SELinux:  policydb table sizes (0,7) do not match mine (8,7)
[  173.176663][ T7779] SELinux: failed to load policy
[  173.181723][ T7781] rust_binder: Write failure EINVAL in pid:1885
[  173.306039][ T7792] random: crng reseeded on system resumption
[  173.545007][ T7798] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 18446744073709551585)
[  173.545029][ T7798] rust_binder: Error while translating object.
[  173.558490][ T7798] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  173.566445][ T7798] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1900
[  173.881301][ T7809] rust_binder: Error while translating object.
[  173.896014][ T7809] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  173.902916][ T7809] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1904
[  173.923202][ T7811] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 18446744073709551585)
[  173.932573][ T7811] rust_binder: Error while translating object.
[  173.945774][ T7811] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  173.952027][ T7811] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:434
[  174.147110][ T7826] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  174.180709][ T7826] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  174.421475][ T7836] rust_binder: validate_parent_fixup: fixup_min_offset=29, parent_offset=27
[  174.444598][ T7836] rust_binder: Error while translating object.
[  174.464643][ T7836] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  174.479618][ T7836] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:715
[  174.563822][ T7847] binder: Unknown parameter 'processor	: 0
[  174.563822][ T7847] vendor_id	: GenuineIntel
[  174.563822][ T7847] cpu family	: 6
[  174.563822][ T7847] model		: 79
[  174.563822][ T7847] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[  174.563822][ T7847] stepping	: 0
[  174.563822][ T7847] microcode	: 0xffffffff
[  174.563822][ T7847] cpu MHz		: 2200.222
[  174.563822][ T7847] cache size	: 56320 KB
[  174.563822][ T7847] physical id	: 0
[  174.563822][ T7847] siblings	: 2
[  174.563822][ T7847] core id		: 0
[  174.563822][ T7847] cpu cores	: 1
[  174.563822][ T7847] apicid		: 0
[  174.563822][ T7847] initial apicid	: 0
[  174.563822][ T7847] fpu		: yes
[  174.563822][ T7847] fpu_exception	: yes
[  174.563822][ T7847] cpuid level	: 13
[  174.563822][ T7847] wp		: yes
[  174.563822][ T7847] flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities
[  174.563822][ T7847] vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi
[  174.715101][ T7859] rust_binder: Write failure EFAULT in pid:1907
[  174.934150][ T7863] rust_binder: Failed to allocate buffer. len:4208, is_oneway:false
[  175.067212][ T7872] rust_binder: Error while translating object.
[  175.083990][ T7872] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  175.096770][ T7872] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:195
[  175.110540][ T7876] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  175.119961][ T7876] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:725
[  175.231102][ T7883] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[  175.272894][ T7883] rust_binder: Write failure EINVAL in pid:197
[  175.335727][ T7890] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  175.342393][ T7890] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  175.398946][ T7893] binder: Bad value for 'context'
[  175.509808][ T7898] binder: Unknown parameter '0xffffffffffffffff'
[  175.613800][ T7906] rust_binder: Write failure EINVAL in pid:739
[  175.796076][   T36] kauditd_printk_skb: 957 callbacks suppressed
[  175.796095][   T36] audit: type=1400 audit(1750378088.399:35033): avc:  denied  { map } for  pid=7911 comm="syz.0.2196" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  175.836467][   T36] audit: type=1400 audit(1750378088.409:35034): avc:  denied  { read } for  pid=7911 comm="syz.0.2196" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  175.864698][   T36] audit: type=1400 audit(1750378088.439:35035): avc:  denied  { map } for  pid=7910 comm="syz.5.2195" path="/dev/binderfs/binder0" dev="binder" ino=67 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  175.888843][   T36] audit: type=1400 audit(1750378088.439:35036): avc:  denied  { read } for  pid=7910 comm="syz.5.2195" path="/dev/binderfs/binder0" dev="binder" ino=67 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  175.927695][   T36] audit: type=1400 audit(1750378088.439:35037): avc:  denied  { read } for  pid=7910 comm="syz.5.2195" name="binder0" dev="binder" ino=67 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  175.971357][ T7921] audit: audit_backlog=65 > audit_backlog_limit=64
[  175.978020][ T7921] audit: audit_lost=192 audit_rate_limit=0 audit_backlog_limit=64
[  175.987042][ T7921] audit: backlog limit exceeded
[  175.992822][ T7921] audit: audit_backlog=65 > audit_backlog_limit=64
[  175.998967][   T36] audit: type=1400 audit(1750378088.439:35038): avc:  denied  { read open } for  pid=7910 comm="syz.5.2195" path="/dev/binderfs/binder0" dev="binder" ino=67 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  176.093507][ T7926] random: crng reseeded on system resumption
[  176.351817][ T7930] rust_binder: Got transaction with invalid offset.
[  176.351862][ T7930] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  176.358579][ T7930] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:467
[  176.846509][ T7964] binder: Unknown parameter 'dont_hash'
[  176.908776][ T7974] binder: Bad value for 'stats'
[  176.941636][ T7967] SELinux:  policydb version 12310 does not match my version range 15-33
[  176.941819][ T7974] binder: Bad value for 'stats'
[  176.955362][ T7977] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  176.955622][ T7977] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  176.971243][ T7967] SELinux: failed to load policy
[  176.982093][ T7977] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  176.983093][ T7977] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  177.006670][ T7977] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  177.040249][ T7974] binder: Bad value for 'stats'
[  177.098738][ T7974] binder: Bad value for 'stats'
[  177.113990][ T7974] binder: Bad value for 'stats'
[  177.134142][ T7974] binder: Bad value for 'stats'
[  177.191132][ T7974] binder: Bad value for 'stats'
[  177.200739][ T7974] binder: Bad value for 'stats'
[  177.206575][ T7974] binder: Bad value for 'stats'
[  177.242175][ T7974] binder: Bad value for 'stats'
[  177.261246][ T7974] binder: Bad value for 'stats'
[  177.267295][ T7974] binder: Bad value for 'stats'
[  177.274248][ T7974] binder: Bad value for 'stats'
[  177.284755][ T7974] binder: Bad value for 'stats'
[  177.291433][ T7974] binder: Bad value for 'stats'
[  177.297356][ T7974] binder: Bad value for 'stats'
[  177.304147][ T7974] binder: Bad value for 'stats'
[  177.310622][ T7974] binder: Bad value for 'stats'
[  177.318359][ T7974] binder: Bad value for 'stats'
[  177.325043][ T7974] binder: Bad value for 'stats'
[  177.331485][ T7974] binder: Bad value for 'stats'
[  177.337519][ T7974] binder: Bad value for 'stats'
[  177.344255][ T7974] binder: Bad value for 'stats'
[  177.384427][ T7974] binder: Bad value for 'stats'
[  177.400273][ T7974] binder: Bad value for 'stats'
[  177.414711][ T7974] binder: Bad value for 'stats'
[  177.422051][ T7988] SELinux: security_context_str_to_sid () failed with errno=-22
[  177.434728][ T7974] binder: Bad value for 'stats'
[  177.458899][ T7974] binder: Bad value for 'stats'
[  177.495131][ T7974] binder: Bad value for 'stats'
[  177.510333][ T7974] binder: Bad value for 'stats'
[  177.520123][ T7991] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  177.532427][ T7974] binder: Bad value for 'stats'
[  177.551185][ T7974] binder: Bad value for 'stats'
[  177.557027][ T7974] binder: Bad value for 'stats'
[  177.593674][ T7991] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  177.641186][ T7974] binder: Bad value for 'stats'
[  177.674776][ T7974] binder: Bad value for 'stats'
[  177.693024][ T7974] binder: Bad value for 'stats'
[  177.698864][ T7974] binder: Bad value for 'stats'
[  177.709903][ T7974] binder: Bad value for 'stats'
[  177.716143][ T7974] binder: Bad value for 'stats'
[  177.732140][ T7974] binder: Bad value for 'stats'
[  177.737967][ T7974] binder: Bad value for 'stats'
[  177.753963][ T7974] binder: Bad value for 'stats'
[  177.761062][ T7974] binder: Bad value for 'stats'
[  177.775764][ T7974] binder: Bad value for 'stats'
[  177.783390][ T7974] binder: Bad value for 'stats'
[  177.789237][ T7974] binder: Bad value for 'stats'
[  177.801929][ T7974] binder: Bad value for 'stats'
[  177.807802][ T7974] binder: Bad value for 'stats'
[  177.815928][ T7974] binder: Bad value for 'stats'
[  177.936088][   T13] bridge_slave_1: left allmulticast mode
[  177.952623][   T13] bridge_slave_1: left promiscuous mode
[  177.958295][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.991907][   T13] bridge_slave_0: left allmulticast mode
[  177.997638][   T13] bridge_slave_0: left promiscuous mode
[  178.028607][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.209132][   T13] veth1_macvtap: left promiscuous mode
[  178.215499][   T13] veth0_vlan: left promiscuous mode
[  178.304704][ T8012] SELinux: security_context_str_to_sid (system_uÝGй‰:ÿß) failed with errno=-22
[  178.383555][ T7992] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.394754][ T8017] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  178.403539][ T7992] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.418278][ T7992] bridge_slave_0: entered allmulticast mode
[  178.452346][ T7992] bridge_slave_0: entered promiscuous mode
[  178.459164][ T7992] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.510084][ T7992] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.517181][ T7992] bridge_slave_1: entered allmulticast mode
[  178.533005][ T7992] bridge_slave_1: entered promiscuous mode
[  178.651691][ T8033] SELinux:  policydb version -328278972 does not match my version range 15-33
[  178.661027][ T8033] SELinux: failed to load policy
[  178.762110][ T7992] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.769176][ T7992] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.776472][ T7992] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.783523][ T7992] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.869591][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.898982][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.931266][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.937562][ T8039] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  178.938338][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.948828][ T8039] rust_binder: Write failure EINVAL in pid:485
[  178.958434][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.971652][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.078194][ T8043] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 0
[  179.118239][ T8043] rust_binder: Write failure EINVAL in pid:779
[  179.151252][ T8046] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:781
[  179.168407][ T8048] SELinux: security_context_str_to_sid () failed with errno=-22
[  179.225131][ T7992] veth0_vlan: entered promiscuous mode
[  179.349264][ T7992] veth1_macvtap: entered promiscuous mode
[  179.403839][ T8054] SELinux: security_context_str_to_sid (oup.procs) failed with errno=-22
[  179.440364][ T8059] rust_binder: Write failure EFAULT in pid:786
[  179.604218][ T8063] rust_binder: Got transaction with invalid offset.
[  179.613347][ T8063] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  179.630115][ T8063] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:790
[  179.697128][ T8061] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  179.966053][ T8081] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:496
[  180.303742][ T8097] random: crng reseeded on system resumption
[  180.420895][ T8100] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  180.436797][ T8100] SELinux: failed to load policy
[  180.449191][ T8100] binder: Bad value for 'defcontext'
[  180.546683][ T8107] random: crng reseeded on system resumption
[  180.603568][ T8109] rust_binder: Failed to allocate buffer. len:18446744073709551608, is_oneway:false
[  180.701599][ T8119] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:19
[  180.800183][   T36] kauditd_printk_skb: 1386 callbacks suppressed
[  180.800200][   T36] audit: type=1400 audit(1750378093.409:36408): avc:  denied  { read write open } for  pid=5630 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=488 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  180.892987][   T36] audit: type=1400 audit(1750378093.449:36409): avc:  denied  { map } for  pid=8113 comm="syz.5.2259" path="/dev/binderfs/binder1" dev="binder" ino=68 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  180.943115][   T36] audit: type=1400 audit(1750378093.449:36410): avc:  denied  { read } for  pid=8113 comm="syz.5.2259" path="/dev/binderfs/binder1" dev="binder" ino=68 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  180.996296][   T36] audit: type=1400 audit(1750378093.459:36411): avc:  denied  { read write } for  pid=7992 comm="syz-executor" name="loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  181.046005][   T36] audit: type=1400 audit(1750378093.459:36412): avc:  denied  { read write open } for  pid=7992 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  181.100393][ T8142] rust_binder: Write failure EINVAL in pid:523
[  181.137762][ T8144] SELinux:  policydb version -845211227 does not match my version range 15-33
[  181.152947][   T36] audit: type=1400 audit(1750378093.459:36413): avc:  denied  { ioctl } for  pid=7992 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=51 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  181.207480][ T8144] SELinux: failed to load policy
[  181.215894][ T8149] audit: audit_backlog=65 > audit_backlog_limit=64
[  181.219414][ T8150] audit: audit_backlog=65 > audit_backlog_limit=64
[  181.229133][   T36] audit: type=1400 audit(1750378093.469:36414): avc:  denied  { ioctl } for  pid=5630 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=488 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  181.236464][ T8149] audit: audit_lost=199 audit_rate_limit=0 audit_backlog_limit=64
[  181.294803][ T8156] binder: Bad value for 'max'
[  181.684486][ T8176] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  181.708788][ T8176] SELinux: failed to load policy
[  181.894665][ T8185] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  181.894696][ T8185] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:45
[  181.927993][ T8185] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  181.993780][ T8186] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  181.993812][ T8186] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:45
[  182.012200][ T8189] rust_binder: Write failure EFAULT in pid:526
[  182.212094][ T8195] rust_binder: Write failure EFAULT in pid:528
[  182.301955][ T8200] binder: Unknown parameter 'processor	: 0
[  182.301955][ T8200] vendor_id	: GenuineIntel
[  182.301955][ T8200] cpu family	: 6
[  182.301955][ T8200] model		: 79
[  182.301955][ T8200] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[  182.301955][ T8200] stepping	: 0
[  182.301955][ T8200] microcode	: 0xffffffff
[  182.301955][ T8200] cpu MHz		: 2200.222
[  182.301955][ T8200] cache size	: 56320 KB
[  182.301955][ T8200] physical id	: 0
[  182.301955][ T8200] siblings	: 2
[  182.301955][ T8200] core id		: 0
[  182.301955][ T8200] cpu cores	: 1
[  182.301955][ T8200] apicid		: 0
[  182.301955][ T8200] initial apicid	: 0
[  182.301955][ T8200] fpu		: yes
[  182.301955][ T8200] fpu_exception	: yes
[  182.301955][ T8200] cpuid level	: 13
[  182.301955][ T8200] wp		: yes
[  182.301955][ T8200] flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities
[  182.301955][ T8200] vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi
[  182.324118][ T8200] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  182.491535][ T8199] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  182.502227][ T8199] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  182.950390][ T8227] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:273
[  183.010863][ T8229] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  183.014036][ T8197] rust_binder: Read failure Err(EFAULT) in pid:51
[  183.041789][ T8229] rust_binder: Error while translating object.
[  183.048259][ T8229] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  183.079492][ T8229] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:543
[  183.343616][ T8248] rust_binder: Write failure EFAULT in pid:547
[  183.477556][ T8252] rust_binder: Got transaction with invalid offset.
[  183.500338][ T8252] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  183.521284][ T8252] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:823
[  183.786278][ T8271] SELinux: security_context_str_to_sid (syste_uÝGй‰:ÿß) failed with errno=-22
[  183.803797][ T8273] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  183.870423][ T8276] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:60
[  183.911023][ T8276] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:60
[  184.172171][ T8291] input: syz0 as /devices/virtual/input/input125
[  184.384891][ T8291] input: syz1 as /devices/virtual/input/input126
[  184.403022][ T8291] input: failed to attach handler leds to device input126, error: -6
[  184.546978][ T8301] SELinux: security_context_str_to_sid () failed with errno=-22
[  184.787536][ T8307] random: crng reseeded on system resumption
[  184.820146][ T8316] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  184.820169][ T8316] rust_binder: Error while translating object.
[  184.824157][ T8314] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:845
[  184.860096][ T8314] rust_binder: Error while translating object.
[  184.877718][ T8314] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  184.887769][ T8314] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:845
[  184.910161][ T8316] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  184.940133][ T8316] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:570
[  185.471819][ T8352] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  185.493342][ T8357] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  185.540982][ T8352] rust_binder: Read failure Err(EFAULT) in pid:302
[  185.570250][ T8357] rust_binder: Read failure Err(EFAULT) in pid:302
[  185.620530][ T8359] SELinux: failed to load policy
[  185.675360][ T8363] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:75
[  185.682117][ T8363] rust_binder: Failed to allocate buffer. len:4208, is_oneway:true
[  185.696430][ T8363] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  185.706765][ T8363] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:75
[  185.824162][   T36] kauditd_printk_skb: 880 callbacks suppressed
[  185.824186][   T36] audit: type=1400 audit(1750378098.429:37268): avc:  denied  { read write } for  pid=5630 comm="syz-executor" name="loop0" dev="devtmpfs" ino=488 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  185.884738][   T36] audit: type=1400 audit(1750378098.429:37269): avc:  denied  { read write open } for  pid=5630 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=488 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  185.935028][ T8375] binder: Unknown parameter 'rtads'
[  185.942367][ T8373] kvm: kvm [8371]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0xbe599415
[  185.960867][   T36] audit: type=1400 audit(1750378098.429:37270): avc:  denied  { ioctl } for  pid=5630 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=488 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  186.010293][   T36] audit: type=1400 audit(1750378098.479:37271): avc:  denied  { read } for  pid=8361 comm="syz.2.2336" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  186.035887][   T36] audit: type=1400 audit(1750378098.479:37272): avc:  denied  { read open } for  pid=8361 comm="syz.2.2336" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  186.107343][   T36] audit: type=1400 audit(1750378098.479:37273): avc:  denied  { ioctl } for  pid=8361 comm="syz.2.2336" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  186.133561][   T36] audit: type=1400 audit(1750378098.479:37274): avc:  denied  { read } for  pid=8371 comm="syz.4.2339" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  186.157835][   T36] audit: type=1400 audit(1750378098.479:37275): avc:  denied  { read open } for  pid=8371 comm="syz.4.2339" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  186.181791][   T36] audit: type=1400 audit(1750378098.479:37276): avc:  denied  { ioctl } for  pid=8371 comm="syz.4.2339" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  186.208690][   T36] audit: type=1400 audit(1750378098.529:37277): avc:  denied  { read } for  pid=8371 comm="syz.4.2339" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  186.461504][ T8385] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  186.463095][ T8385] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 120, limit: 136, size: 89)
[  186.469561][ T8385] rust_binder: Error while translating object.
[  186.483259][ T8387] rust_binder: got new transaction with bad transaction stack
[  186.489727][ T8387] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:863
[  186.497348][ T8385] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  186.514440][ T8385] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:587
[  186.652754][ T8389] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:590
[  186.685409][ T8389] rust_binder: Error while translating object.
[  186.710219][ T8389] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  186.716527][ T8389] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:590
[  187.134840][  T306] bridge_slave_1: left allmulticast mode
[  187.158688][  T306] bridge_slave_1: left promiscuous mode
[  187.172795][  T306] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.190795][  T306] bridge_slave_0: left allmulticast mode
[  187.191190][ T8403] SELinux: security_context_str_to_sid (system_uÝGй‰:ÿß) failed with errno=-22
[  187.205843][  T306] bridge_slave_0: left promiscuous mode
[  187.218250][  T306] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.339478][ T8412] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:81
[  187.345412][ T8408] __vm_enough_memory: pid: 8408, comm: syz.2.2353, bytes: 281474976845824 not enough memory for the allocation
[  187.372703][  T306] veth1_macvtap: left promiscuous mode
[  187.400178][  T306] veth0_vlan: left promiscuous mode
[  187.646616][ T8401] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.662087][ T8428] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  187.690068][ T8401] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.697265][ T8401] bridge_slave_0: entered allmulticast mode
[  187.744552][ T8401] bridge_slave_0: entered promiscuous mode
[  187.762770][ T8401] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.770065][ T8401] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.777196][ T8401] bridge_slave_1: entered allmulticast mode
[  187.787659][ T8401] bridge_slave_1: entered promiscuous mode
[  187.818515][ T8435] rust_binder: got new transaction with bad transaction stack
[  187.818538][ T8435] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:88
[  188.081492][ T8448] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  188.141487][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.148559][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.167474][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.174540][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.413691][ T8401] veth0_vlan: entered promiscuous mode
[  188.487520][ T8401] veth1_macvtap: entered promiscuous mode
[  188.764320][ T8484] __vm_enough_memory: pid: 8484, comm: syz.0.2350, bytes: 281474976845824 not enough memory for the allocation
[  188.982553][   T64] hid-generic 009C:0008:0003.000C: unknown main item tag 0x6
[  189.011265][ T8497] rust_binder: Error while translating object.
[  189.011306][ T8497] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  189.023429][   T64] hid-generic 009C:0008:0003.000C: unknown main item tag 0x7
[  189.030150][ T8497] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:905
[  189.040507][   T64] hid-generic 009C:0008:0003.000C: unknown main item tag 0x0
[  189.078575][   T64] hid-generic 009C:0008:0003.000C: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  189.097498][ T8501] rust_binder: Write failure EFAULT in pid:907
[  189.232933][ T8508] rust_binder: Failed to allocate buffer. len:160, is_oneway:false
[  189.325109][ T8506] fido_id[8506]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  189.347976][ T8514] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:914
[  189.354607][ T8514] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 18446744073709551585)
[  189.383364][ T8514] rust_binder: Error while translating object.
[  189.461384][ T8514] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  189.479375][ T8514] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:914
[  189.660758][ T8516] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  189.781309][ T8519] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:9
[  189.904377][ T8527] rust_binder: Write failure EINVAL in pid:916
[  190.034306][ T8536] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:123
[  190.273582][ T8549] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  190.442493][ T8554] rust_binder: Write failure EFAULT in pid:133
[  190.534663][ T8564] input: syz1 as /devices/virtual/input/input128
[  190.548533][ T8568] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:926
[  190.648642][ T8576] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  190.711148][ T8576] rust_binder: Got transaction with invalid offset.
[  190.717623][ T8576] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  190.767292][ T8576] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:928
[  190.830179][   T36] kauditd_printk_skb: 1169 callbacks suppressed
[  190.830197][   T36] audit: type=1400 audit(1750378103.439:38447): avc:  denied  { read } for  pid=8578 comm="syz.0.2401" name="binder0" dev="binder" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  190.870761][ T8581] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:14
[  190.873663][ T8588] binder: Unknown parameter '0x0000000000000000'
[  190.921463][ T8590] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  190.943038][   T36] audit: type=1400 audit(1750378103.479:38448): avc:  denied  { read } for  pid=8578 comm="syz.0.2401" path="/dev/binderfs/binder0" dev="binder" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  191.070097][   T36] audit: type=1400 audit(1750378103.479:38449): avc:  denied  { read open } for  pid=8578 comm="syz.0.2401" path="/dev/binderfs/binder0" dev="binder" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  191.081399][ T8600] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  191.130069][   T36] audit: type=1400 audit(1750378103.479:38450): avc:  denied  { map } for  pid=8578 comm="syz.0.2401" path="/dev/binderfs/binder0" dev="binder" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  191.130361][ T8599] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  191.150123][   T36] audit: type=1400 audit(1750378103.479:38451): avc:  denied  { read } for  pid=8578 comm="syz.0.2401" path="/dev/binderfs/binder0" dev="binder" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  191.211803][ T8606] audit: audit_backlog=65 > audit_backlog_limit=64
[  191.219122][ T8605] audit: audit_backlog=65 > audit_backlog_limit=64
[  191.226455][ T8605] audit: audit_lost=209 audit_rate_limit=0 audit_backlog_limit=64
[  191.245366][ T8401] audit: audit_backlog=65 > audit_backlog_limit=64
[  191.268900][ T8600] audit: audit_backlog=65 > audit_backlog_limit=64
[  191.290518][ T8600] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  191.319310][  T555] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  191.343421][ T8599] kvm: user requested TSC rate below hardware speed
[  191.351144][ T8611] binder: Unknown parameter 'ma˜'
[  191.355457][  T555] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  191.370880][ T8599] rust_binder: Error while translating object.
[  191.370901][ T8599] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  191.383510][ T8599] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:933
[  191.470624][ T8609] random: crng reseeded on system resumption
[  191.634091][ T8609] rust_binder: Write failure EFAULT in pid:22
[  191.642981][ T8629] rtc_cmos 00:00: Alarms can be up to one day in the future
[  191.681321][ T8629] rtc_cmos 00:00: Alarms can be up to one day in the future
[  191.689271][ T8629] rtc_cmos 00:00: Alarms can be up to one day in the future
[  191.702581][ T8631] rust_binder: Write failure EFAULT in pid:370
[  191.710602][ T8622] rust_binder: Write failure EINVAL in pid:937
[  191.896071][ T8642] rust_binder: Error while translating object.
[  191.920222][ T8642] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  191.936623][ T8642] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:25
[  192.071912][ T8648] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:27
[  192.234619][ T8658] binder: Bad value for 'stats'
[  192.637272][ T8678] cgroup: fork rejected by pids controller in /syz2
[  192.659226][ T8665] rust_binder: Read failure Err(EFAULT) in pid:32
[  192.845663][ T8686] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  193.361351][   T12] bridge_slave_1: left allmulticast mode
[  193.377769][   T12] bridge_slave_1: left promiscuous mode
[  193.383724][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.391445][   T12] bridge_slave_0: left allmulticast mode
[  193.404721][   T12] bridge_slave_0: left promiscuous mode
[  193.412544][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.548528][ T8707] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.555689][ T8707] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.562830][ T8707] bridge_slave_0: entered allmulticast mode
[  193.569430][ T8707] bridge_slave_0: entered promiscuous mode
[  193.576744][ T8707] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.583818][ T8707] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.592146][ T8707] bridge_slave_1: entered allmulticast mode
[  193.598704][ T8707] bridge_slave_1: entered promiscuous mode
[  193.620139][   T12] veth1_macvtap: left promiscuous mode
[  193.625736][   T12] veth0_vlan: left promiscuous mode
[  193.679636][ T8726] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  193.688850][ T8726] rust_binder: Error in use_page_slow: ESRCH
[  193.696812][ T8726] rust_binder: use_range failure ESRCH
[  193.712881][ T8726] rust_binder: Failed to allocate buffer. len:4120, is_oneway:false
[  193.718377][ T8726] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  193.752172][ T8726] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:968
[  193.809806][ T8730] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[  193.826432][ T8730] rust_binder: Write failure EINVAL in pid:40
[  193.984547][ T8735] SELinux: security_context_str_to_sid (system_uÝGй‰:ÿß) failed with errno=-22
[  194.127552][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.134638][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.164878][  T306] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.171951][  T306] bridge0: port 2(bridge_slave_1) entered forwarding state
[  194.352376][ T8707] veth0_vlan: entered promiscuous mode
[  194.412282][ T8707] veth1_macvtap: entered promiscuous mode
[  194.671920][ T8757] input input129: cannot allocate more than FF_MAX_EFFECTS effects
[  194.737761][ T8760] binder: Unknown parameter 'processor	: 0
[  194.737761][ T8760] vendor_id	: GenuineIntel
[  194.737761][ T8760] cpu family	: 6
[  194.737761][ T8760] model		: 79
[  194.737761][ T8760] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[  194.737761][ T8760] stepping	: 0
[  194.737761][ T8760] microcode	: 0xffffffff
[  194.737761][ T8760] cpu MHz		: 2200.222
[  194.737761][ T8760] cache size	: 56320 KB
[  194.737761][ T8760] physical id	: 0
[  194.737761][ T8760] siblings	: 2
[  194.737761][ T8760] core id		: 0
[  194.737761][ T8760] cpu cores	: 1
[  194.737761][ T8760] apicid		: 0
[  194.737761][ T8760] initial apicid	: 0
[  194.737761][ T8760] fpu		: yes
[  194.737761][ T8760] fpu_exception	: yes
[  194.737761][ T8760] cpuid level	: 13
[  194.737761][ T8760] wp		: yes
[  194.737761][ T8760] flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities
[  194.737761][ T8760] vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi
[  194.815404][ T8764] binder: Unknown parameter 'd¹ö*ÄêKcgrK'
[  194.975988][ T8766] rust_binder: Error while translating object.
[  194.976028][ T8766] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  195.010084][ T8766] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:52
[  195.075420][ T8770] rust_binder: Write failure EINVAL in pid:11
[  195.087181][ T8772] rust_binder: Write failure EFAULT in pid:976
[  195.103294][ T8770] rust_binder: Write failure EINVAL in pid:11
[  195.168018][ T8776] random: crng reseeded on system resumption
[  195.218012][ T8776] Restarting kernel threads ... done.
[  195.840387][   T36] kauditd_printk_skb: 869 callbacks suppressed
[  195.840403][   T36] audit: type=1400 audit(1750378108.449:39314): avc:  denied  { read open } for  pid=8807 comm="syz.5.2473" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  195.873271][   T36] audit: type=1400 audit(1750378108.479:39316): avc:  denied  { ioctl } for  pid=8807 comm="syz.5.2473" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  195.928713][ T8809] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  195.940146][   T36] audit: type=1400 audit(1750378108.479:39315): avc:  denied  { ioctl } for  pid=8807 comm="syz.5.2473" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  195.982190][   T36] audit: type=1400 audit(1750378108.509:39317): avc:  denied  { read write } for  pid=8401 comm="syz-executor" name="loop0" dev="devtmpfs" ino=488 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  196.009907][   T36] audit: type=1400 audit(1750378108.509:39318): avc:  denied  { read write open } for  pid=8401 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=488 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  196.061770][   T36] audit: type=1400 audit(1750378108.509:39319): avc:  denied  { ioctl } for  pid=8401 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=488 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  196.076371][ T8820] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:14
[  196.088838][   T36] audit: type=1400 audit(1750378108.529:39320): avc:  denied  { ioctl } for  pid=8807 comm="syz.5.2473" path="/dev/binderfs/binder0" dev="binder" ino=16 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  196.127007][   T36] audit: type=1400 audit(1750378108.529:39321): avc:  denied  { set_context_mgr } for  pid=8807 comm="syz.5.2473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  196.147387][   T36] audit: type=1400 audit(1750378108.529:39322): avc:  denied  { ioctl } for  pid=8807 comm="syz.5.2473" path="/dev/binderfs/binder0" dev="binder" ino=16 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  196.174578][   T36] audit: type=1400 audit(1750378108.529:39323): avc:  denied  { read write } for  pid=8707 comm="syz-executor" name="loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  196.379669][ T8836] binder: Unknown parameter 'ddb3º&nªøÜÿ'
[  196.800787][ T8858] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  196.800844][ T8858] rust_binder: Error while translating object.
[  196.840136][ T8858] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  196.849481][ T8851] rust_binder: Write failure EINVAL in pid:24
[  196.854438][ T8858] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1015
[  196.862354][ T8853] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:24
[  197.191925][ T8871] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  197.332617][ T8873] pim6reg0: tun_chr_ioctl cmd 1074025677
[  197.358604][ T8873] pim6reg0: linktype set to 769
[  197.712527][ T8899] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 120, limit: 136, size: 89)
[  197.712554][ T8899] rust_binder: Error while translating object.
[  197.731228][ T8899] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  197.747423][ T8899] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:435
[  197.840593][ T8903] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:29
[  197.909238][ T8910] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:29
[  198.432649][ T8941] binder: Bad value for 'defcontext'
[  198.450903][ T8936] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  198.450934][ T8936] rust_binder: Error in use_page_slow: EBUSY
[  198.470116][ T8936] rust_binder: use_range failure EBUSY
[  198.476131][ T8936] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  198.515940][ T8946] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1041
[  198.537086][ T8936] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  198.567372][ T8936] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  198.587662][ T8936] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:38
[  198.660558][ T8952] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  198.691374][ T8953] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1045
[  198.705297][ T8955] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1045
[  198.741338][ T8958] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  198.768292][ T8958] rust_binder: Read failure Err(EFAULT) in pid:41
[  198.786839][ T8958] rust_binder: Write failure EINVAL in pid:41
[  198.793930][ T8953] rust_binder: Error while translating object.
[  198.816518][ T8953] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  198.829098][ T8953] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1045
[  198.834586][ T8959] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  199.031371][ T8965] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 120, limit: 136, size: 231)
[  199.037810][ T8965] rust_binder: Error while translating object.
[  199.062268][ T8965] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  199.068459][ T8965] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:46
[  199.117119][    T9] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  199.152397][    T9] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  199.261584][ T8974] rust_binder: Write failure EINVAL in pid:48
[  199.392843][ T8972] fido_id[8972]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  199.430759][ T8979] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[  199.445153][ T8983] rust_binder: Write failure EINVAL in pid:1055
[  199.448183][ T8979] rust_binder: Write failure EINVAL in pid:91
[  199.562307][ T8988] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  199.679454][ T8998] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  199.708301][ T8998] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:56
[  199.808708][ T9000] SELinux: failed to load policy
[  199.868246][ T9000] binder: Bad value for 'max'
[  200.096992][   T12] bridge_slave_1: left allmulticast mode
[  200.103207][   T12] bridge_slave_1: left promiscuous mode
[  200.108837][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.145314][   T12] bridge_slave_0: left allmulticast mode
[  200.152212][   T12] bridge_slave_0: left promiscuous mode
[  200.157894][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.281006][ T9036] rust_binder: Write failure EINVAL in pid:96
[  200.285095][ T9036] SELinux:  policydb string length 14080 does not match expected length 8
[  200.318389][ T9036] SELinux: failed to load policy
[  200.410148][   T12] veth1_macvtap: left promiscuous mode
[  200.415682][   T12] veth0_vlan: left promiscuous mode
[  200.443183][ T9038] SELinux: security_context_str_to_sid (syste_uÝGй‰:ÿß) failed with errno=-22
[  200.521545][ T9013] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.532004][ T9013] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.539087][ T9013] bridge_slave_0: entered allmulticast mode
[  200.546452][ T9013] bridge_slave_0: entered promiscuous mode
[  200.554018][ T9013] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.561139][ T9013] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.568283][ T9013] bridge_slave_1: entered allmulticast mode
[  200.575230][ T9013] bridge_slave_1: entered promiscuous mode
[  200.663915][ T9048] binder: Binderfs stats mode cannot be changed during a remount
[  200.682126][ T9050] binder: Binderfs stats mode cannot be changed during a remount
[  200.743445][ T9013] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.750518][ T9013] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.757817][ T9013] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.764883][ T9013] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.858404][   T36] kauditd_printk_skb: 1082 callbacks suppressed
[  200.858421][   T36] audit: type=1400 audit(1750378113.459:40406): avc:  denied  { read } for  pid=9064 comm="syz.0.2552" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  200.903923][  T306] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.929732][  T306] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.932030][   T36] audit: type=1400 audit(1750378113.459:40407): avc:  denied  { read open } for  pid=9064 comm="syz.0.2552" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  200.940213][ T9065] rust_binder: Write failure EINVAL in pid:109
[  200.979094][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.990769][   T36] audit: type=1400 audit(1750378113.459:40408): avc:  denied  { ioctl } for  pid=9064 comm="syz.0.2552" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  200.992336][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  201.024311][   T36] audit: type=1400 audit(1750378113.499:40409): avc:  denied  { read } for  pid=9064 comm="syz.0.2552" name="rtc0" dev="devtmpfs" ino=195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  201.051820][   T36] audit: type=1400 audit(1750378113.499:40410): avc:  denied  { read open } for  pid=9064 comm="syz.0.2552" path="/dev/rtc0" dev="devtmpfs" ino=195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  201.059310][ T9068] binder: Unknown parameter 'non'
[  201.077438][   T36] audit: type=1400 audit(1750378113.499:40411): avc:  denied  { ioctl } for  pid=9064 comm="syz.0.2552" path="/dev/rtc0" dev="devtmpfs" ino=195 ioctlcmd=0x7005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  201.106323][  T306] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.113409][  T306] bridge0: port 2(bridge_slave_1) entered forwarding state
[  201.148618][   T36] audit: type=1400 audit(1750378113.499:40412): avc:  denied  { ioctl } for  pid=9064 comm="syz.0.2552" path="/dev/rtc0" dev="devtmpfs" ino=195 ioctlcmd=0x700c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  201.235488][   T36] audit: type=1400 audit(1750378113.509:40413): avc:  denied  { sys_module } for  pid=9013 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  201.320084][   T36] audit: type=1400 audit(1750378113.509:40414): avc:  denied  { sys_module } for  pid=9013 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  201.347870][ T9078] audit: audit_backlog=65 > audit_backlog_limit=64
[  201.361073][ T9076] binder: Unknown parameter 'ÿÿÿÿ'
[  201.391647][ T9013] veth0_vlan: entered promiscuous mode
[  201.484872][ T9013] veth1_macvtap: entered promiscuous mode
[  201.749868][ T9089] rust_binder: Write failure EINVAL in pid:2
[  201.869373][ T9093] random: crng reseeded on system resumption
[  201.946391][ T9096] rust_binder: Failed copying remainder into alloc: EFAULT
[  201.946413][ T9096] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[  201.965129][ T9096] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  201.982250][ T9096] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:1087
[  202.021767][ T9099] rust_binder: Error while translating object.
[  202.040953][ T9099] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  202.047886][ T9099] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:4
[  202.114069][ T9103] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1089
[  202.152576][ T9103] rust_binder: Read failure Err(EFAULT) in pid:1089
[  202.209791][ T9106] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  202.241274][ T9106] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  202.262222][ T9106] rust_binder: Write failure EINVAL in pid:6
[  202.310671][ T9106] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  202.321542][ T9106] rust_binder: Read failure Err(EFAULT) in pid:6
[  202.340646][ T9108] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  202.349529][ T9108] rust_binder: Error in use_page_slow: EBUSY
[  202.361637][ T9114] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:6
[  202.379248][ T9108] rust_binder: use_range failure EBUSY
[  202.396157][ T9108] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  202.410177][ T9108] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  202.417841][ T9108] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  202.478579][ T9108] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:1091
[  202.490744][ T9116] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:125
[  202.682037][ T9129] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem
[  202.798826][ T9133] SELinux: failed to load policy
[  202.979804][ T9139] binder: Bad value for 'max'
[  203.516628][ T9159] binder: Unknown parameter 'coyBLV§"i5ŽÝ”ÃùÒntext'
[  203.543988][ T9160] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:16
[  203.564905][ T9160] rust_binder: Error while translating object.
[  203.624910][ T9160] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  203.646982][ T9160] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:16
[  203.764396][ T9169] input: syz1 as /devices/virtual/input/input134
[  203.975672][ T9178] rust_binder: Write failure EINVAL in pid:21
[  203.976962][ T9179] rust_binder: Error while translating object.
[  203.983167][ T9179] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  204.020172][ T9179] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:21
[  204.112135][ T9185] binder: Unknown parameter 'statS'
[  204.297798][ T9205] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1114
[  204.303755][ T9205] input: syz1 as /devices/virtual/input/input135
[  204.572360][ T9218] SELinux: security_context_str_to_sid () failed with errno=-22
[  204.792844][ T9226] rust_binder: Write failure EFAULT in pid:146
[  204.818481][ T9227] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:538
[  204.884688][ T9227] kvm: Disabled LAPIC found during irq injection
[  204.885635][ T9233] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:41
[  204.916865][ T9231] rust_binder: Error while translating object.
[  204.936856][ T9231] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  204.948638][ T9231] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:41
[  205.073389][ T9240] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  205.100148][ T9240] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:45
[  205.157723][ T9242] rust_binder: Error while translating object.
[  205.171686][ T9242] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  205.200163][ T9242] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:155
[  205.206138][ T9247] rust_binder: Write failure EINVAL in pid:155
[  205.587492][ T9251] binder: Unknown parameter 'contextevents'
[  205.891311][   T36] kauditd_printk_skb: 921 callbacks suppressed
[  205.891329][   T36] audit: type=1400 audit(1750378118.499:41310): avc:  denied  { map } for  pid=9277 comm="syz.2.2620" path="/dev/binderfs/binder0" dev="binder" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  205.960104][   T36] audit: type=1400 audit(1750378118.499:41311): avc:  denied  { read } for  pid=9277 comm="syz.2.2620" path="/dev/binderfs/binder0" dev="binder" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  206.010132][   T36] audit: type=1400 audit(1750378118.499:41312): avc:  denied  { read } for  pid=9277 comm="syz.2.2620" name="binder0" dev="binder" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  206.033761][   T36] audit: type=1400 audit(1750378118.499:41313): avc:  denied  { read open } for  pid=9277 comm="syz.2.2620" path="/dev/binderfs/binder0" dev="binder" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  206.089604][   T36] audit: type=1400 audit(1750378118.499:41314): avc:  denied  { read } for  pid=9277 comm="syz.2.2620" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  206.107858][ T9289] rust_binder: Write failure EFAULT in pid:165
[  206.140074][   T36] audit: type=1400 audit(1750378118.499:41315): avc:  denied  { read open } for  pid=9277 comm="syz.2.2620" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  206.235020][ T9295] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:168
[  206.239058][   T36] audit: type=1400 audit(1750378118.499:41316): avc:  denied  { ioctl } for  pid=9277 comm="syz.2.2620" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  206.311464][ T9293] audit: audit_backlog=65 > audit_backlog_limit=64
[  206.315508][ T7168] audit: audit_backlog=65 > audit_backlog_limit=64
[  206.317985][ T9293] audit: audit_lost=222 audit_rate_limit=0 audit_backlog_limit=64
[  206.378776][ T9300] rust_binder: Write failure EINVAL in pid:170
[  206.474388][ T9311] rust_binder: Write failure EINVAL in pid:175
[  206.719557][ T9321] SELinux: security_context_str_to_sid () failed with errno=-22
[  206.858636][ T9325] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:563
[  207.118380][ T9337] binder: Unknown parameter '00000000000000000004'
[  207.300448][ T9342] rust_binder: Write failure EINVAL in pid:62
[  207.322342][ T9344] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  207.420982][ T9352] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  207.429727][ T9352] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1144
[  207.441709][ T9352] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1144
[  207.595795][ T9357] rust_binder: Error in use_page_slow: ESRCH
[  207.595817][ T9357] rust_binder: use_range failure ESRCH
[  207.610348][ T9355] rust_binder: Write failure EFAULT in pid:181
[  207.610887][ T9358] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  207.628824][ T9357] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  207.637892][ T9358] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  207.652197][ T9357] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  207.662517][ T9358] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:68
[  207.681209][ T9357] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:68
[  207.779705][ T9361] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  207.822781][ T9369] rust_binder: Write failure EINVAL in pid:71
[  207.901347][ T9371] rust_binder: Write failure EINVAL in pid:73
[  207.974717][ T9379] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  207.993458][ T9381] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  208.017233][ T9378] random: crng reseeded on system resumption
[  208.103549][ T9378] rust_binder: Write failure EINVAL in pid:194
[  208.427746][ T9406] binder: Bad value for 'max'
[  208.533126][ T9413] binder: Unknown parameter 'non'
[  208.690145][ T9424] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  208.830209][  T510] ==================================================================
[  208.838310][  T510] BUG: KASAN: null-ptr-deref in down_write+0x83/0x2a0
[  208.845086][  T510] Write of size 8 at addr 0000000000000098 by task kworker/0:3/510
[  208.852982][  T510] 
[  208.855314][  T510] CPU: 0 UID: 0 PID: 510 Comm: kworker/0:3 Not tainted 6.12.23-syzkaller-gf9fbc66f8444 #0 b8de21ba31122219d6c6778e419c74a11adc861d
[  208.855342][  T510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  208.855355][  T510] Workqueue: events _RNvXs6_NtCs43vyB533jt3_6kernel9workqueueINtNtNtB7_4sync3arc3ArcNtNtCshgDM7dBCdno_11rust_binder7process7ProcessEINtB5_15WorkItemPointerKy0_E3runB13_
[  208.855408][  T510] Call Trace:
[  208.855415][  T510]  <TASK>
[  208.855423][  T510]  __dump_stack+0x21/0x30
[  208.855446][  T510]  dump_stack_lvl+0x10c/0x190
[  208.855465][  T510]  ? __cfi_dump_stack_lvl+0x10/0x10
[  208.855485][  T510]  ? wg_queue_enqueue_per_peer_tx+0x1eb/0x3d0
[  208.855510][  T510]  ? kthread+0x2c7/0x370
[  208.855532][  T510]  ? ret_from_fork_asm+0x1a/0x30
[  208.855554][  T510]  print_report+0x3d/0x70
[  208.855570][  T510]  kasan_report+0x163/0x1a0
[  208.855599][  T510]  ? down_write+0x83/0x2a0
[  208.855618][  T510]  ? down_write+0x83/0x2a0
[  208.855635][  T510]  kasan_check_range+0x299/0x2a0
[  208.855656][  T510]  __kasan_check_write+0x18/0x20
[  208.855674][  T510]  down_write+0x83/0x2a0
[  208.855691][  T510]  ? __cfi_down_write+0x10/0x10
[  208.855714][  T510]  ? _raw_spin_lock+0x8c/0x120
[  208.855733][  T510]  ? __cfi__raw_spin_lock+0x10/0x10
[  208.855753][  T510]  ? mutex_unlock+0x8b/0x240
[  208.855769][  T510]  ? __cfi_mutex_unlock+0x10/0x10
[  208.855787][  T510]  rust_binderfs_remove_file+0x6c/0x110
[  208.855805][  T510]  _RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x9d4/0x2860
[  208.855834][  T510]  ? unwind_next_frame+0x3c2/0x750
[  208.855852][  T510]  ? __cfi__RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x10/0x10
[  208.855878][  T510]  ? __kernel_text_address+0x11/0x40
[  208.855895][  T510]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  208.855913][  T510]  ? arch_stack_walk+0x139/0x170
[  208.855933][  T510]  ? ret_from_fork_asm+0x1a/0x30
[  208.855952][  T510]  ? stack_depot_save_flags+0x38/0x800
[  208.855974][  T510]  ? kasan_save_track+0x4f/0x80
[  208.855994][  T510]  ? kasan_save_track+0x3e/0x80
[  208.856013][  T510]  ? kasan_save_free_info+0x4a/0x60
[  208.856030][  T510]  ? __kasan_slab_free+0x5f/0x80
[  208.856051][  T510]  ? kfree+0x156/0x400
[  208.856068][  T510]  ? vfree+0x4c6/0x580
[  208.856084][  T510]  ? delayed_vfree_work+0x59/0x80
[  208.856101][  T510]  ? process_scheduled_works+0x7d2/0x1020
[  208.856121][  T510]  ? worker_thread+0xc58/0x1250
[  208.856141][  T510]  ? kthread+0x1d0/0x370
[  208.856162][  T510]  ? ret_from_fork+0x64/0xa0
[  208.856181][  T510]  ? calibrate_delay_converge+0x2e0/0x2e0
[  208.856205][  T510]  ? __kasan_check_write+0x18/0x20
[  208.856223][  T510]  ? _raw_spin_lock+0x8c/0x120
[  208.856243][  T510]  ? __virt_addr_valid+0x2a6/0x380
[  208.856267][  T510]  ? kick_pool+0xad/0x550
[  208.856288][  T510]  ? kasan_addr_to_slab+0x11/0x80
[  208.856309][  T510]  ? __queue_work+0xb5d/0x1120
[  208.856334][  T510]  ? __kasan_check_write+0x18/0x20
[  208.856352][  T510]  ? _raw_spin_lock_irq+0x8d/0x120
[  208.856373][  T510]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  208.856394][  T510]  ? __kasan_check_write+0x18/0x20
[  208.856412][  T510]  ? _raw_spin_lock_irq+0x8d/0x120
[  208.856432][  T510]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  208.856453][  T510]  ? __kasan_check_read+0x15/0x20
[  208.856470][  T510]  ? _raw_spin_unlock_irq+0x45/0x70
[  208.856499][  T510]  ? srcu_reschedule+0xc2/0x2a0
[  208.856518][  T510]  ? process_srcu+0x797/0x1570
[  208.856536][  T510]  ? __kasan_check_write+0x18/0x20
[  208.856555][  T510]  ? pwq_dec_nr_in_flight+0x6c7/0xc60
[  208.856575][  T510]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  208.856596][  T510]  ? kick_pool+0xad/0x550
[  208.856619][  T510]  process_scheduled_works+0x7d2/0x1020
[  208.856644][  T510]  worker_thread+0xc58/0x1250
[  208.856664][  T510]  ? try_to_wake_up+0xdd2/0x1aa0
[  208.856689][  T510]  ? schedule+0xc6/0x240
[  208.856716][  T510]  kthread+0x2c7/0x370
[  208.856736][  T510]  ? __cfi_worker_thread+0x10/0x10
[  208.856758][  T510]  ? __cfi_kthread+0x10/0x10
[  208.856779][  T510]  ret_from_fork+0x64/0xa0
[  208.856798][  T510]  ? __cfi_kthread+0x10/0x10
[  208.856819][  T510]  ret_from_fork_asm+0x1a/0x30
[  208.856842][  T510]  </TASK>
[  208.856849][  T510] ==================================================================
[  209.267577][  T510] Disabling lock debugging due to kernel taint
[  209.273781][  T510] BUG: kernel NULL pointer dereference, address: 0000000000000098
[  209.276929][ T9438] input input139: cannot allocate more than FF_MAX_EFFECTS effects
[  209.281579][  T510] #PF: supervisor write access in kernel mode
[  209.281594][  T510] #PF: error_code(0x0002) - not-present page
[  209.281604][  T510] PGD 0 P4D 0 
[  209.281619][  T510] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI
[  209.281638][  T510] CPU: 0 UID: 0 PID: 510 Comm: kworker/0:3 Tainted: G    B              6.12.23-syzkaller-gf9fbc66f8444 #0 b8de21ba31122219d6c6778e419c74a11adc861d
[  209.326174][  T510] Tainted: [B]=BAD_PAGE
[  209.330317][  T510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  209.340364][  T510] Workqueue: events _RNvXs6_NtCs43vyB533jt3_6kernel9workqueueINtNtNtB7_4sync3arc3ArcNtNtCshgDM7dBCdno_11rust_binder7process7ProcessEINtB5_15WorkItemPointerKy0_E3runB13_
[  209.357119][  T510] RIP: 0010:down_write+0x9a/0x2a0
[  209.362139][  T510] Code: 48 c7 44 24 20 00 00 00 00 be 08 00 00 00 e8 2d 34 55 fc 4c 89 f7 be 08 00 00 00 e8 20 34 55 fc 48 8b 44 24 20 b9 01 00 00 00 <f0> 48 0f b1 0b 0f 85 a0 00 00 00 48 c7 c0 c0 b9 20 87 48 c1 e8 03
[  209.381729][  T510] RSP: 0018:ffffc9000c60f500 EFLAGS: 00010256
[  209.387789][  T510] RAX: 0000000000000000 RBX: 0000000000000098 RCX: 0000000000000001
[  209.395740][  T510] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc9000c60f520
[  209.403721][  T510] RBP: ffffc9000c60f598 R08: ffffc9000c60f527 R09: 1ffff920018c1ea4
[  209.411676][  T510] R10: dffffc0000000000 R11: fffff520018c1ea5 R12: dffffc0000000000
[  209.419640][  T510] R13: 1ffff920018c1ea0 R14: ffffc9000c60f520 R15: 0000000000000000
[  209.427710][  T510] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  209.436650][  T510] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  209.443219][  T510] CR2: 0000000000000098 CR3: 00000000072aa000 CR4: 00000000003526b0
[  209.451175][  T510] DR0: 0000000000000000 DR1: 0000000000010000 DR2: 0000000000000000
[  209.459130][  T510] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  209.467079][  T510] Call Trace:
[  209.470340][  T510]  <TASK>
[  209.473256][  T510]  ? __cfi_down_write+0x10/0x10
[  209.478092][  T510]  ? _raw_spin_lock+0x8c/0x120
[  209.482847][  T510]  ? __cfi__raw_spin_lock+0x10/0x10
[  209.488028][  T510]  ? mutex_unlock+0x8b/0x240
[  209.492598][  T510]  ? __cfi_mutex_unlock+0x10/0x10
[  209.497600][  T510]  rust_binderfs_remove_file+0x6c/0x110
[  209.503128][  T510]  _RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x9d4/0x2860
[  209.515955][  T510]  ? unwind_next_frame+0x3c2/0x750
[  209.521047][  T510]  ? __cfi__RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x10/0x10
[  209.534217][  T510]  ? __kernel_text_address+0x11/0x40
[  209.539481][  T510]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  209.545621][  T510]  ? arch_stack_walk+0x139/0x170
[  209.550547][  T510]  ? ret_from_fork_asm+0x1a/0x30
[  209.555472][  T510]  ? stack_depot_save_flags+0x38/0x800
[  209.560912][  T510]  ? kasan_save_track+0x4f/0x80
[  209.565743][  T510]  ? kasan_save_track+0x3e/0x80
[  209.570580][  T510]  ? kasan_save_free_info+0x4a/0x60
[  209.575756][  T510]  ? __kasan_slab_free+0x5f/0x80
[  209.580675][  T510]  ? kfree+0x156/0x400
[  209.584730][  T510]  ? vfree+0x4c6/0x580
[  209.588774][  T510]  ? delayed_vfree_work+0x59/0x80
[  209.593804][  T510]  ? process_scheduled_works+0x7d2/0x1020
[  209.599504][  T510]  ? worker_thread+0xc58/0x1250
[  209.604336][  T510]  ? kthread+0x1d0/0x370
[  209.608564][  T510]  ? ret_from_fork+0x64/0xa0
[  209.613139][  T510]  ? calibrate_delay_converge+0x2e0/0x2e0
[  209.618844][  T510]  ? __kasan_check_write+0x18/0x20
[  209.623934][  T510]  ? _raw_spin_lock+0x8c/0x120
[  209.628686][  T510]  ? __virt_addr_valid+0x2a6/0x380
[  209.633780][  T510]  ? kick_pool+0xad/0x550
[  209.638093][  T510]  ? kasan_addr_to_slab+0x11/0x80
[  209.643105][  T510]  ? __queue_work+0xb5d/0x1120
[  209.647857][  T510]  ? __kasan_check_write+0x18/0x20
[  209.652948][  T510]  ? _raw_spin_lock_irq+0x8d/0x120
[  209.658043][  T510]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  209.663572][  T510]  ? __kasan_check_write+0x18/0x20
[  209.668668][  T510]  ? _raw_spin_lock_irq+0x8d/0x120
[  209.673769][  T510]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  209.679318][  T510]  ? __kasan_check_read+0x15/0x20
[  209.684324][  T510]  ? _raw_spin_unlock_irq+0x45/0x70
[  209.689505][  T510]  ? srcu_reschedule+0xc2/0x2a0
[  209.694337][  T510]  ? process_srcu+0x797/0x1570
[  209.699186][  T510]  ? __kasan_check_write+0x18/0x20
[  209.704277][  T510]  ? pwq_dec_nr_in_flight+0x6c7/0xc60
[  209.709635][  T510]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  209.715173][  T510]  ? kick_pool+0xad/0x550
[  209.719489][  T510]  process_scheduled_works+0x7d2/0x1020
[  209.725030][  T510]  worker_thread+0xc58/0x1250
[  209.729713][  T510]  ? try_to_wake_up+0xdd2/0x1aa0
[  209.734654][  T510]  ? schedule+0xc6/0x240
[  209.738894][  T510]  kthread+0x2c7/0x370
[  209.742949][  T510]  ? __cfi_worker_thread+0x10/0x10
[  209.748072][  T510]  ? __cfi_kthread+0x10/0x10
[  209.752647][  T510]  ret_from_fork+0x64/0xa0
[  209.757049][  T510]  ? __cfi_kthread+0x10/0x10
[  209.761624][  T510]  ret_from_fork_asm+0x1a/0x30
[  209.766374][  T510]  </TASK>
[  209.769372][  T510] Modules linked in:
[  209.773262][  T510] CR2: 0000000000000098
[  209.777397][  T510] ---[ end trace 0000000000000000 ]---
[  209.782829][  T510] RIP: 0010:down_write+0x9a/0x2a0
[  209.787836][  T510] Code: 48 c7 44 24 20 00 00 00 00 be 08 00 00 00 e8 2d 34 55 fc 4c 89 f7 be 08 00 00 00 e8 20 34 55 fc 48 8b 44 24 20 b9 01 00 00 00 <f0> 48 0f b1 0b 0f 85 a0 00 00 00 48 c7 c0 c0 b9 20 87 48 c1 e8 03
[  209.807445][  T510] RSP: 0018:ffffc9000c60f500 EFLAGS: 00010256
[  209.813498][  T510] RAX: 0000000000000000 RBX: 0000000000000098 RCX: 0000000000000001
[  209.821453][  T510] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc9000c60f520
[  209.829404][  T510] RBP: ffffc9000c60f598 R08: ffffc9000c60f527 R09: 1ffff920018c1ea4
[  209.837362][  T510] R10: dffffc0000000000 R11: fffff520018c1ea5 R12: dffffc0000000000
[  209.845313][  T510] R13: 1ffff920018c1ea0 R14: ffffc9000c60f520 R15: 0000000000000000
[  209.853267][  T510] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  209.862179][  T510] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  209.868780][  T510] CR2: 0000000000000098 CR3: 00000000072aa000 CR4: 00000000003526b0
[  209.876750][  T510] DR0: 0000000000000000 DR1: 0000000000010000 DR2: 0000000000000000
[  209.884705][  T510] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  209.892665][  T510] Kernel panic - not syncing: Fatal exception
[  209.898947][  T510] Kernel Offset: disabled
[  209.903248][  T510] Rebooting in 86400 seconds..