last executing test programs:

1m34.164367261s ago: executing program 1 (id=42):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0xe5, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r1, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

1m33.298982554s ago: executing program 1 (id=60):
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x9}, {0x1, 0x0, 0x0, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfc}]}) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f00000001c0)={0xbe, 0x0, 0x1}) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92, 0x80a0000})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240}) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000640)={[0xa, 0x7, 0x8000, 0x7, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41847})
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2881, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000140)=ANY=[@ANYBLOB="0100000000000000cd00000900000000feffffffffffffff43be0f44ad1a26"]) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000000)={0x150001, 0x0, [0x6, 0x5, 0x1, 0x3715701a, 0x8, 0x299c0e99, 0x1ff, 0x92]}) (async)
r6 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8d], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0xfffffffffffffffc, 0x0, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x2004c8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8020000000, 0x6011, 0x0, 0x200000], 0x6000, 0x12002})

1m33.073379648s ago: executing program 1 (id=63):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x100a, 0x1})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x1})
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
openat$ashmem(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x901, 0x0)

1m33.000548649s ago: executing program 1 (id=65):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r3, 0xae9a)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$RTC_SET_TIME(r5, 0x4008700c, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x3, 0x100000000, 0x0, 0x0, 0x100000, 0x7ff, 0x2004c8, 0x8000000, 0x7, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffeffffffff], 0x4})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000797000/0x2000)=nil, 0x2000, 0x3000001, 0x22052, r0, 0x2000)

1m32.836065721s ago: executing program 1 (id=71):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) (async)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400})
close(r0) (async)
r1 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder-control\x00', 0x0, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000280)=0x10) (async, rerun: 64)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async, rerun: 64)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0, 0x0)
mkdirat(r6, &(0x7f0000000040)='./file1\x00', 0x40) (async)
openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x458002, 0x55) (async)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 32)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f00000005c0)=ANY=[@ANYBLOB="0100000000000000014d564b00000000af0000002c"]) (async, rerun: 32)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x80080, 0x0)
ioctl$PPPIOCUNBRIDGECHAN(r7, 0x7434) (async)
ioctl$PPPIOCCONNECT(r7, 0x4004743a, &(0x7f0000000080)=0x4) (async)
ioctl$AUTOFS_IOC_READY(r1, 0xc1086201, 0x20002000)

1m32.745365313s ago: executing program 1 (id=73):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/disk', 0x169a82, 0x0)
write$tcp_congestion(r1, &(0x7f0000000000)='dctcp\x00', 0x6)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x8b, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @fda={0x66646185, 0x8, 0x2, 0x40}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

1m17.715939424s ago: executing program 32 (id=73):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/disk', 0x169a82, 0x0)
write$tcp_congestion(r1, &(0x7f0000000000)='dctcp\x00', 0x6)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x8b, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @fda={0x66646185, 0x8, 0x2, 0x40}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

43.295317104s ago: executing program 4 (id=751):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x3c241, 0x0)
ioctl$BLKROGET(r1, 0x125e, &(0x7f0000000240))
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x25)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/custom0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @flat=@binder={0x73622a85, 0x3000, 0x2}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x44, 0x0, &(0x7f00000003c0)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000140)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x2}, @fd={0x66642a85, 0x0, r2}, @fd={0x66642a85, 0x0, r2}}, &(0x7f0000000080)={0x0, 0x28, 0x40}}}], 0x9d, 0x0, &(0x7f0000000440)="86a26c9da618d909bce30b7cf1cd8e3cd67bebed2f51f050b192202dc79a841f2307e8a18d200c24f92523c2e73cd5d0392854de671d87310511c3173d65868163dae6dca81ce9330e7f8083114ca0336d334fce1f60203ec29a53e0f3109b5f95a1f5a20b1ee8f1d39b9660a40c44c98093ce8a73170e7bde42b3d6635738d31f142a3cc29ae231a13c3312602d24a87dd2633985828593c874478e39"})

43.110994786s ago: executing program 4 (id=753):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="82000000000000008204"]) (async)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="82000000000000008204"])
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3, 0x8032, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3, 0x8032, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f00000002c0)="ff99e28a", 0x4)
syz_clone3(0x0, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000240)={0xeeee0004, 0x5000, 0x2, 0x1, 0x5}) (async)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000240)={0xeeee0004, 0x5000, 0x2, 0x1, 0x5})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = syz_clone(0x41020000, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000080)=r3, 0x12)
r6 = openat$cgroup_ro(r2, &(0x7f0000000040)='cgroup.kill\x00', 0x275a, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000073020000000000000400000000000000801bfda7833a53"])
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) (async)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/203, &(0x7f0000000140)=""/92, 0x6000}) (async)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/203, &(0x7f0000000140)=""/92, 0x6000})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r9, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r9, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845}) (async)
ioctl$KVM_SET_REGS(r9, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
write$cgroup_int(r6, &(0x7f0000000200)=0x1, 0x12)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000440)=ANY=[@ANYBLOB="010000000000000000000000000100000000000000000008a7e15acdf55ffba7a6f4aa628d4be1cd54f370dd2406ff425f6e554bb15c347a1423bade7494fb4b4e9dd00a2d2ee0b7b31f8d323877c10af0743e1632933f94cbc85fe50ed64cf977607dc39e22e755e00605854c4957accb877c9b34d755ea77093df4ec1ab4cd5f3a24be248722abb565efa73ef882e1e67205983b4ac51417d8b46c49f9b246c5bb41c76db25f1ce0edbc4368ae7008a4"]) (async)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000440)=ANY=[@ANYBLOB="010000000000000000000000000100000000000000000008a7e15acdf55ffba7a6f4aa628d4be1cd54f370dd2406ff425f6e554bb15c347a1423bade7494fb4b4e9dd00a2d2ee0b7b31f8d323877c10af0743e1632933f94cbc85fe50ed64cf977607dc39e22e755e00605854c4957accb877c9b34d755ea77093df4ec1ab4cd5f3a24be248722abb565efa73ef882e1e67205983b4ac51417d8b46c49f9b246c5bb41c76db25f1ce0edbc4368ae7008a4"])
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0) (async)
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000100)={0xc, 0x0, &(0x7f0000000180)=[@free_buffer], 0xfffffffffffffeec, 0x0, &(0x7f0000000140)="f3"}) (async)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000100)={0xc, 0x0, &(0x7f0000000180)=[@free_buffer], 0xfffffffffffffeec, 0x0, &(0x7f0000000140)="f3"})

42.269532309s ago: executing program 4 (id=768):
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000d40), 0x1, 0x0)
read$FUSE(r0, 0x0, 0x0)
mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x200c804, &(0x7f0000000100)=ANY=[@ANYBLOB="6d61783d30313737373737373737373737373737373737373630352c6d61783d30303030303030303030303030303030303030303030322c73746174733d676c6f62616c2c73746174733d676c6f62616c2c73746174733d676c6f62616c2c00264d7c68e81d77c70c8d680a49a938d010d15e4599de91229ddd0162e923b0952ebae1c7d5087eb72b88649543db38fb20c954bca69bc3abab9bad695ab4a0204f78ac97d36cec468fd052564d7793db4c1dbef7b45abee0973ed43603f3d4b854eb0b66130b522944926b69cebc1f50aac8c99731fe82354dd10e4a62d80523ca98f0a8"])
openat$binderfs(0xffffffffffffff9c, &(0x7f0000002500)='./binderfs2/binder0\x00', 0x0, 0x0)
r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000080)='.pending_reads\x00', 0x288002, 0x80)
read$FUSE(r1, &(0x7f0000002540)={0x2020, 0x0, <r2=>0x0}, 0x2020)
ioctl$NS_GET_OWNER_UID(r0, 0xb704, &(0x7f00000000c0)=<r3=>0x0)
read$FUSE(r1, &(0x7f0000004580)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
read$FUSE(r5, &(0x7f00000065c0)={0x2020, 0x0, 0x0, 0x0, <r6=>0x0}, 0x2020)
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000200)=<r7=>0x0)
read$FUSE(r0, &(0x7f0000008600)={0x2020, 0x0, 0x0, 0x0, <r8=>0x0}, 0x2020)
read$FUSE(r1, &(0x7f000000a640)={0x2020, 0x0, 0x0, <r9=>0x0}, 0x2020)
read$FUSE(r0, &(0x7f000000c680)={0x2020, 0x0, 0x0, 0x0, <r10=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000240)={0x350, 0x0, r2, [{{0x3, 0x0, 0x8, 0x9, 0x800, 0x7fff, {0x3, 0x3, 0xdd6e, 0x8000, 0x100, 0x4, 0x9, 0x18000000, 0x536a, 0x9000, 0x419, r3, 0xee01, 0xfffffffe, 0xfffffff8}}, {0x2, 0xfffffffffffff800, 0xc, 0x3, './binderfs2\x00'}}, {{0x1, 0x1, 0x8, 0xd598, 0x7, 0x3, {0x2, 0x567b9dc1, 0x3, 0x5, 0xffffffffffffff01, 0xfffffffffffffffe, 0x0, 0xe, 0x7fffffff, 0x2000, 0x2, r4, r6, 0x10001, 0x7}}, {0x3, 0x9, 0x1e, 0x5, '/selinux/commit_pending_bools\x00'}}, {{0x3, 0x0, 0x5, 0x8, 0x7, 0x6, {0x0, 0x1, 0x0, 0x2, 0x1, 0x8000, 0x40, 0x8, 0xc, 0xa000, 0xfffffffc, r7, 0xffffffffffffffff, 0x6, 0x7}}, {0x6, 0x7, 0x4, 0x3, '*/-/'}}, {{0x1, 0x0, 0xc0, 0x0, 0x3, 0x3fc, {0x0, 0x2, 0x4, 0x1, 0x89, 0x40, 0x0, 0x100, 0x2, 0x1000, 0x1191, 0xee00, r8, 0xb, 0xaaf}}, {0x0, 0x6, 0x5, 0x471b664, ')!\'*)'}}, {{0x2, 0x3, 0x200, 0xf6, 0x4, 0x8da7, {0x4, 0x6, 0xe, 0xbf, 0x1, 0x4, 0x7, 0x65, 0x6, 0x4000, 0x62, r9, r10, 0x6, 0x4}}, {0x4, 0x0, 0x1, 0x4, '{'}}]}, 0x350)
ioctl$VHOST_SET_VRING_NUM(r1, 0x4008af10, &(0x7f0000000000)={0x3, 0x400})
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2)

42.148784001s ago: executing program 4 (id=769):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000280), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000680)={0x1, 0x0, [{0xe1, 0x0, 0x80000000}]})
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f0000000000)={0x0, {0x20, 0x0, 0x3, 0x100000000, 0x8}})
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000180)=ANY=[])
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)

41.916992485s ago: executing program 4 (id=771):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0xa, 0x2})
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x10}], 0x5b, 0x0, 0x0})

41.633208689s ago: executing program 4 (id=774):
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
write(r1, &(0x7f0000000100)="843e7c9526a035e55ec7dfa96cde46f707e0d6389a546c3e8047f1fe92e60115ec3dfc92485d6bbf75fd5f9a", 0x2c)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x1, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0x2000, 0x7000, 0x1})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x0, &(0x7f0000001e40)={[{@stats}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000280)={0x1, 0x0, [{0x3, 0x1, 0x0, 0x0, @adapter={0x5, 0x7fffffffffffffff, 0x8000000000000001, 0x80, 0x3}}]})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000002500)='./binderfs2/binder0\x00', 0x0, 0x0)

26.505655042s ago: executing program 33 (id=774):
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
write(r1, &(0x7f0000000100)="843e7c9526a035e55ec7dfa96cde46f707e0d6389a546c3e8047f1fe92e60115ec3dfc92485d6bbf75fd5f9a", 0x2c)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x1, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0x2000, 0x7000, 0x1})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x0, &(0x7f0000001e40)={[{@stats}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000280)={0x1, 0x0, [{0x3, 0x1, 0x0, 0x0, @adapter={0x5, 0x7fffffffffffffff, 0x8000000000000001, 0x80, 0x3}}]})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000002500)='./binderfs2/binder0\x00', 0x0, 0x0)

1.938457s ago: executing program 5 (id=1274):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='pids.current\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000580)={0x2020}, 0x2020)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
close(0x3)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @fda={0x66646185, 0x8, 0x2, 0x40}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

1.892901461s ago: executing program 3 (id=1275):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x9250)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0x4)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x9250) (async)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r0, 0x0) (async)
openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0x4) (async)

1.756842933s ago: executing program 3 (id=1279):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000003c0)={0x1, 0x0, [{0x488, 0x0, 0x6}]}) (async)
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f0000000080), 0x400, &(0x7f00000000c0)=ANY=[@ANYBLOB='non'])

1.551908676s ago: executing program 3 (id=1282):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) (async)
read(r0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1b) (async)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_NAME(r1, 0x40087708, 0x0)

1.432365678s ago: executing program 3 (id=1285):
r0 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$FICLONERANGE(r0, 0x4020940d, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYRES64=r2])
ioctl$KVM_GET_EMULATED_CPUID(r2, 0xc008ae09, &(0x7f0000000080))
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000440)={0x4, 0x0, &(0x7f0000000300)=[@acquire={0x40046305, 0x2}, @decrefs, @exit_looper, @release={0x40046306, 0x3}, @acquire_done={0x40106309, 0x1}], 0xfd, 0x0, &(0x7f0000000340)="54e42d650e78fc8731fedb8308f3bb09a2d00f8ae07df8fa983a6c87cdb0dfb7a6c12a6cef682db693fa3350e1295b56c582677288565c1a9bd3f87101edf598707f02462227baff38531b92efe04d91bd54ef49567b71471e16cb7c561b0ba17a5c2e1e77fb99f72644ed6bcac574698aff3cc23362f73f87db1ae3e15e55f4f67bb1ec2ea61017c9b4da019c2beb09aedcb3fe15161a583b3fc0734511b3101130e303e4fc2f01790c0de2bdf1837af82cce6a36db09eaf5d5352feb34f7ccf09d9f962367726b8274391da6511dd09349a4fcaffd0fd064f2de285a55ef7b8e68d50f8d8201c17ef9a38a1bf6af2cfedcdab74c29602d42a7cb688b"})

1.052956144s ago: executing program 0 (id=1289):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x2, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, &(0x7f0000000040)=0xfffffff7) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x1000, 0x3})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x50, 0x0, &(0x7f0000000140)=[@register_looper, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x4, 0x0, &(0x7f00000001c0)="5e0f626a"})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001d00)={0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000d00)="f249c144"})
write$UHID_CREATE2(r1, &(0x7f0000000240)={0xb, {'syz0\x00', 'syz1\x00', 'syz1\x00', 0x3d, 0x4, 0x10001, 0x5, 0x85, 0x3d, "a7536eeb9b687c3c2db26d2366f53d7f0293c214ecd593c03f04e7189fe2217eff2eecfe8ab7dcc1af642b1ae7557767a382c5536fa5aff116e18591e1"}}, 0x155)

1.031692964s ago: executing program 0 (id=1290):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x100, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000f2000040"])
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
ioctl$BLKSECDISCARD(r5, 0x127d, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000480)={0x10, 0x0, &(0x7f0000000540)=[@acquire, @release], 0x0, 0x0, 0x0})

1.005548445s ago: executing program 5 (id=1291):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x400, 0x0, 0x6}]}) (async)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) (async)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/power/resume', 0x88102, 0x0)
write$cgroup_int(r4, &(0x7f0000000040)=0x700, 0xfdef) (async)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0) (async)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000740)={0x30}, 0x30) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x208000000000002})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x10b, 0x1})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r5, 0xc018620b, &(0x7f0000000100)={0x2})

895.980466ms ago: executing program 0 (id=1293):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000000000009900004000000000009ceed33326b70000000033378b0497bcff0000303c0d2ec816386b"])
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000040)=0x4)
ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000000440)={"db4c1421593cb4d3f8fe6094dc821bbbe06520701fc6de7b0349f34b0f8c556a9e9aff1355aab8d6da26d74608530f150f127f9e3f0a2f1fff0be9774c95d6c007c91903f78616596487bf50017c56b15385ab264cba5b168c62d971e67e6f3e73d60b5a8adbaaf2af8610c6a91c0a116f619adce4aa91d5a68faf8ee98693d32d8d8244381b5720ef596600e39491d216c22d0725904bab7d90fa8afb8fa04b707410aa300ef098609b4fa6dd77b1b7c321b1fc6356564ce3f90826be3a9a5be186ffc48eb13824e9dae77ed212a0f802074ff4f1725c4ad88cf5bbd36e3406bc59d96e82047631d8be9462ee7e54e5b2897c3fff38eabf67e1e160c2b5e18be06457844d89c9a606b7d25fbde713f4759da0bee1fabe3f71dcca63540f113a2b5edc4b327d1f9610377b97265d4aa875b4bc3c44bf8110d5df1beb1fe54794a0aa52dfc80df1caf7d812b4f1cdba1a6836b45ea2180d08439d411ce8e0755868cc839eaeac73e5d28f9f1990584038cf5fa6bee0c4095a27cc8c7b59519bf2a9bf1fedf54cc2dc6aea6c42c32de40c291e5f422f5c7792a08926af160fb379576dd81bac746232fb246817fc3248097914b75e83cc5eb518ce8fb643b34ca69c3b61f0d94e7db62dd480198d41e0862f1ec4429ab637569884a5ba446a0b09edfd986a2b3e15ee35bbd18610dad6271681ed240b0ffab9199b541013c0aadc36484da57511896c14776a41602aa1426edfbb828897d9c218b7936a0572840ebbc796e888a439b24e640324b511deb6ed0b2ce2f7567447826944b4f34101e492e8d20a2deda950e96e78f86d6d4c976f0c99041c94944309e6ce08d84a7c96677d570d9a57ec0506a4321d9e049b55be883ca3648c27772fc5dbaea5e6c2ded2ce72fb68989ae381fe1394cf6966ab04285d5ff8256bc2e85462b8d89aeeebd5432157c945b5dc1960d9282c6cc007fe029325d6078aef94d4954f956c71bcdf846f41392ebe0d3b289438d24ec4bc073617459a6b232445dd636a9f21140e14b162fd5ef1d626b0ff84884fd63d22cc1b05befb77ea937f3045cc15b125479b262c1e32fca75a5468423288c5776efee744b1fccb5e6d661d9d287cfa8582c96ea34a33c1bbc29c0035657da66a87150bbb885be5ee123e431fd793ea179a0fc77aaee66d874c0616cb32324826b36d0e27d14217ad1131cace3bae4ef82dfbc790e78de53a9bfbdb468bf0eb3ff134073b380858965de2d108862daf3fc6b49ad46f20832238aeaa5d010cf08e37938f0bb7bbeaa970c39ce9327a16fe07565708266ce9ef639bfa08538693b456228aa1c370d64ef9795b7cc208a2c528d381a042d149ed5c7f34ed26a7d5a4401b86434f054389e5dac7a4ee896e406d7b27240d925d478e0eb2202797832d3e2c74f4925ad58377b0d6ae9b97034f94"})
ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000000)=0x8000000)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000000000070000040"])
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f"])
r10 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xaece, 0x2)
read(r13, &(0x7f0000000040)=""/8, 0x8)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000f"])
r14 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)

818.115607ms ago: executing program 5 (id=1294):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000008480)={0x2020}, 0x2020)
read$FUSE(r0, &(0x7f000000bd80)={0x2020}, 0x2020)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x12)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder1\x00', 0x802, 0x0)
r3 = mmap$binder(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x4)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000001200)={0x18, 0x0, &(0x7f00000001c0)=[@acquire={0x40046305, 0x1}, @exit_looper, @free_buffer={0x40086303, r3}], 0x1000, 0x0, &(0x7f0000000200)="1c395470f142e336e91a54412bb6da63e1c97d9a258bb1659e17bc90288fbe6539336227e05be9de933bf112fce491a3c1d3409d2cbce261f98719ee7869d7f4254d0035a1649d3ab057414d88c723572eb83509572e8b60186e835ca994e35f9525d6d96c7e7fe6e1e5ad594ca441cf674b028fbd0b7a33fc21931f3bda60b48b237b30436e21aac11a679c53a68333a97ef539d327bbda887b09e5e870eb5053ed80afbf9b3546b7e8b0f18a881e6d3c37e290857696bc36b57a4a56be58b571d4a6ccf388bdeca3ccba6e29e9bbb5841df99b2c81e5f5f4802e34350ea942e931961b6cbc5b2a99347c670346aa5c09cba93faeec939dedac1e0272832ece559e097d5cc13a08f7d181e5568d4651dbd3ca86125d652232d6a6760acbb758f4ab2f4686e484e447c677ff93a705e1c514a8e57df74e282dc80a1066dc5bae693f3f8258cedcfcc513f36e16e7f24100151246e6186a16083bf95f8ee474b7dae4eb1bd0a94402cae9b78b9edd7021a91cfce0e4559b0a49663fc18321c3f0b4e4f261f9eaf4876c1153ec49dccec8f5e1d8c7ba9cb0789d1575aba1f00e598540a2bf05efcb07cd5846a70250752832fac8b5cd2e45ece5945d01eb548b07825fe8e9f5e5e5fde19652ffad8d25d169d0b2a9b248e3b48dc2f62c01342fdcffccc6cb616cbdb08919cf76c1b45ff4e633fb78267618e02d83f1e113de2fd2d5de45cf4fffb5dc0e147ead12e561774d2824538c5998c81aafd4286360bf10cbafb72200a224d47bda0488ee03d5f542ad35f2ea190fbc64c8286eeea2716eb8626b1d9de2a6195f1fabcc6089f17b8806992947f049b9b036977c648c780e7a55850388c94f54305c7c241669475681577f10a7820fe3198679e01b5c42aa540c44dd3cce342f453b783ba615c584c3f5821e1edb4cee0e8600cb5520d0f416f5167a2b58d760cfde63fd72c4483d12bb49faee9150e47551b4ef3ce6b00a4e09d335344c1427d293eea9a52d24f25285eea5f57019e11f75b68eda0d42b1f5e501f618d4f2a4cef55e49d38568d85bf50699f31c46452b92ffb8e6ad05b2e267e2bb145bbccfc8dd757b6a314b6c0ab86eca45e6bcec92895fd46b6a9ad24cf4f417dc4a453b94d51dfe111f16432dc44ae3a3e6981955aa0e3a979746bf26d8c8a1ae4544a9f0e12f2bb599fe7a3a62a2190a307f94c57e211d508e5747199183f6ea81f9418a321cee09aadd54e245db9861eeec812ad6d387efcdc13c01b09e05f52c6756a991860c88203e08befdf2c2d48af662f74f4bdf1702c32ec40378daedfbd7110102f417b34861d109283cfd92966edf9cc83ef1e2e67c2321fdd61aa432941acd2ddc53ccac0759274aeab88acf575e8e115471cb691ed9d744e7e790eaf786f37361ff6aa8d63792ceacbc93c84c90ba44a0ff3ae1deee19feb50c89be23139e723a01085cd638adaa1cafea5948a26425de60d0f539cecbf2a264b02ae49e83e5890c62913c04a3ff9ea75fbffed3fd8a021f3340fc1510f48fac4f609721322520d0eff78c2df22250ee18c625712de1c2430ae46cd4587f31f119c00d8ea8442b3402b106a56f3ee50f50824a14f05f5a804ec9baa8039967dc3a85c3675c2f5fc18bc5c304e936a3881f05e8cc1fd1ff75aff98ff66b2a1b8fa47aa45681a21cac68097d4b345e2cbfcb37b58848997e58a32c56dc278e2bc5c6e1ea9f3c18ec545a2a3cfd7aa00d7d9db315ada1460ef8b00f565c666c282686bfff9c9a074dfb8690eee2ce596305c3dcd8060cf43fb61f3b9cec2da948d8146a291b6e1d4212c4831ef1a962f8a39ddaa29964536176e7b867244180df50fcff811a3552cf848ef5e88b53b99898d4ca0c04133a736319a44231eaa4f5b67b5264ccc85cd4d5a49c19580b178e83c896a6c3b431dd077df5aa6e94d5de644ad496ee4ea25d2c745650768dc74a77d8d5ada0170819979f9d84529a6455c15a95bedfe90d5e6ca0650ce86d4e7d0ac2d39f19116a6af759d184e9ddb2d851cd63aed8ad4efdb40fae74c9590d4325bf230e6ad5a3c06c3abf5097dcb7541741c4783fbb658787038180392102278cb3b26315760f9fdc221c663dae18a503aa040abf3f28539618ee181559582efcb07d21f6ece5e665fd4abfb2e5473450019beeda08010bf3fe810ca61469a6db6e8349c5e4ac0f24f841a63fee807c9cd631f470c741a62e22ee128e6f2b396a20535d0f2c8ac49aedaccebfd03aa02882cc5100777439de0cefdbd4ff9660897fc7e21e11695c0eb6838a3256c0231741ecaa4435ef33e563532d5719b085c8be9276fa142c032d22ae241b682f2bfba2bc733185a1147b28dba22751380bb5805869bb69ec2d91ad9c7a1ddcfdfacd6b59f4d23e323b59efe6fe760c2ea1f017f3d4dbb9709207997c83cc498aff5ce5ccb1b7ae01d7c21d4065c0d5c2c7a49a8bd8689f15e5d651be2a84d289de6212771abf45d6d12ba2e521507451a1c50892d129903e9e0290a8e5833f75e8d37755d4a29908924e6f7b95f41112060087b6233673865aaf1f555d3335402e6dbc592285ded1006a4e353f20e0fcfe1a50ecdf96b7d53a563e794b78fb9752bf2a1ff0f7177a854a2bdb8e9d19334063055ad25df4b62b591aa9dc087d486f75f3a8e3513b537b2092d57433954e64c0f1e4860f9797651a9eca776fd8f90182c740acac4de4b191220a3978d501c8ffc5afc0866bf9052e1f6a0c8ccc47ee8707e42532183ec2d12dc7f486346a80c363111ca9041b39b84e9954924cea93ebc5aee2237d179d075deaf210949301d732936dc9bfc7987660a192ff242b83213a586ac276fd82853b5da798d24f94a135b1902c2aafce2bfc26cefe024da36f28b76a7f788ef3adb004713e90829aa7f686bfa9455974cc0ebf1272ac652947c500f6df9cfb0e5d30a08e7f365ccce2201f6e99957eae2286b573ed3986ffa81e5aab1ebe0a6c5345568ea5d12a93033d4b15dcddfddf8395eb8e73e44e8441fef434da5f00a92ada2650f1722423ddf83d6ec7fd4b787462381562b412eb3af2e6554d513dc68809b059e79a116321d52550d836117f9e3df1ca0ab275294acb16af38fba4d8121efb3f0c232dd06d4fea03369b744d7854b8fa4b465782c2af0d55519937019d0c7cf06d43d1b3517d3ca8f7508044c0b582055b40bf8fa494a5c4f26bd442c15102c9e43830e0037aa414d4afa38f2f22b67b8495cd1cfffa2a83ce5e6508bd11fb9dda2ca33dba63fd9224ef0a958d2934d1bac990df8074a83d6eab1d1c920d7380e834740ac3d29e6895f581d25f1c5a24610915bedf593adfb37066a95008a705e73fdb4b083af0833c5d5c0dfcfb2ad9cd1ab9fd0b5811eeaee4704b4fff2bdf9f85ea4e0cf8222ba861b9afc980385a8531a091e0371bc24c99feb5c7aaa158f55eb22c3c27d17c0c238b9404015429557eecd18e41c51d6752bc5cab79cc8fe43ef3d92fa49e74a4ee27fef2bcfa04bd5492a2c316333b3e8a1694df4ec9eb8f9aab1874a7361dede9fe519f6784ebc86745537a922ae8f6db011267caeffada5c08bf5453542c2fec7002622c5e8f952b26b8e7e89fd62c127175bdf7173dafef1690801017d387ea981e5756668ee9c5bf8f03694520103b8d11f3771c44654ecb671114e172fd3543937c349f73a513b896451b3d60de9377070ebdc3f2f7b19db6f390ea6709633e91a676d6a60835e24a73bfa56ffcca500abe006c696a50b561f49117bb3407593c5a0f129e8c05af32130cee02c7a47017df690fb890e1fe83b2ffa6b457ca47213b7c1d8e927c5e5b4b96d3ef3b178fdeda5b90f9fa7f12ef0ed957a1fb653240f196073f7332c235d823d979d4a49852d8190ceb76e178709a0084fb3989028bf717632ca0a285e60a5bfc846e2aaf865a50c16b86daca6729a0e3031f075a9f4f5895f9ad5086528a6b038c28d4c482205d6c6ab2c2fb9408d2ebd672a060eac975f162830771d83f8e66696dbeeb352ad347d3d2bb78110d3f123c7190804dc6757d788524dd6ffbb7d8d4ddd17805e57ffd83abd5f3bb10ea3011108223a72ac5384788c4ce9db11d14b8c56f6bfca2a114b1d2ac729dad7151ca5f0660de34f2d12732fa3036d59ccf86665124ec49ce8ffad3000f7305b17584f74976d0343a8d70c1a6a0dddcecdf5a25be749729e38205ce6dc766953b1a0f4c98258bd904345e14b47c1d4820c805866bb1813f1c76a6c55e80cf2dfb4f82da8d5461d21173911c177358a7b5c3d194383ec9359870598b52cec10ddbd709a7f9bfb488ae7916e972ab59a8efbe4a56db6305191be77937a02ab6f728e0a77b4fd2b73e1b6229bf4465beab3b0e2a6089353f38936180fc2e1fe68075ab53526b0f8b9daebf103b170ff3a33727081872a3e718b66f57d48de332c250e407c04ed4db31430f93afd28edba3afc15c2481f7e09e4202e8379e544eaec9f19ba25e8dc352082ffe77913b7606f3916106ed18535550373775fd62424ab70fccbbaae4a020e941340e8b96558f421254186e51848df72d85225f5d936dc654e8bd634f1a0d00898a3ab0b83b253bab16d99da3e38c466e9faec91570af60dbfc0de0a80b9052ba02ab759094dc1cfd16264ba533cbe2c904731a9a25584d6a1b9cdb597a45532603d5e9ad1a58e0cb132137d8990f19a87495fc62b932ff91b9b0881c559c215b5bacfad602dad1a1b44c14a1abd04b06d80b38b5ffbf303647b362142c569cbf012282152a417df9197e02f26adb5e1a45ea057e3993863a460f7212f240adaf1da85be06e9dc5dd0cdc85d1f5399daec156aa6796ad8e8633fc846bc1568fa485efa87793dc14335e5a8e94b7979adc01b9efa249b5193003f2863bdfc9d2c8bc5b526c5df9228ced9e34afc9201e6ded0a0146a63fbf5422d63b167b49c63fb549f0fc0fb0817f1a57295ff2bb22b25c36ad4e66ac77050a1d397cd7d65e6da09adeffea0d7ee6414e31ccf2d9204c8d03bbe8954652a0f45f9d1bd96e59528aab13f7771237a890d91072835ec858f5719c50435673f018ac46c2b29e4477bc281219aad9fb051825610a5b7212c821b92cca04fd29547c41a17674bc44dc23f07f905cb58301ca7ff22b4ac4c7f54a54f14422061986a1133eb67b19557504b8955e262852d1902273782c0e2827e7bed211d8977d6d595cae3c10109bc76e06bb6912d1bcb9e6bc31c4a454b710a1b40e8ef709876785ca6a19316657aa1719c9e24680dd214875956d5395392a9d493f852faedd2a4c3b720fe10d2fb11cc098ddea56011b79a3ce1cb4bd4bae76549d3eaad8a21d2278e5ecb2fbeb2029ed7223545a3ed90bf8358dd1280d95e39dfc2049a21c4aa1ec33d2ecdb1b545a18991177d858a6b863b022a9d19bde75ea08a6653e662065f4292a8083e85293a529d7757f0189cab54f2a4ff80ce326853d83c80bb5f812f8cd6c9bad2c1574964ac1a620fb407bc8e6d441568548503e8ba4e8aa209e9ea5d96d719debcacb33010b9d03d12ca8d8ecd7c595c1c90b001b4e9126ba0c81193ec8144d6a83d3e294d4eba93931ba6dfe590c5b1774d3a6bbbb284308036c49d15e1b4014b93324c938cf7403a1e688bcd4f490809c941d980376ccbb2431bb8888ae014456d2f82aae22f48bea06d20c67487fbbf108c7272e8b79dd3417fe0f8f724462d19d1fcb311bbe0b0077b00c9c844cd8edda1890bbd86d8a41cb92331456a4f0c9f136"})
ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000000100))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f000049b000/0x1000)=nil, 0x1000, 0x100000f, 0x100010, 0xffffffffffffffff, 0xc6002000)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x40000003, 0x0, 0x8}]})
r7 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x484100, 0x0)
close(r7)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x4000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
read(0xffffffffffffffff, &(0x7f0000000040)=""/106, 0x6a)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0) (async)
read$FUSE(r0, &(0x7f0000008480)={0x2020}, 0x2020) (async)
read$FUSE(r0, &(0x7f000000bd80)={0x2020}, 0x2020) (async)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x12) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder1\x00', 0x802, 0x0) (async)
mmap$binder(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x4) (async)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000001200)={0x18, 0x0, &(0x7f00000001c0)=[@acquire={0x40046305, 0x1}, @exit_looper, @free_buffer={0x40086303, r3}], 0x1000, 0x0, &(0x7f0000000200)="1c395470f142e336e91a54412bb6da63e1c97d9a258bb1659e17bc90288fbe6539336227e05be9de933bf112fce491a3c1d3409d2cbce261f98719ee7869d7f4254d0035a1649d3ab057414d88c723572eb83509572e8b60186e835ca994e35f9525d6d96c7e7fe6e1e5ad594ca441cf674b028fbd0b7a33fc21931f3bda60b48b237b30436e21aac11a679c53a68333a97ef539d327bbda887b09e5e870eb5053ed80afbf9b3546b7e8b0f18a881e6d3c37e290857696bc36b57a4a56be58b571d4a6ccf388bdeca3ccba6e29e9bbb5841df99b2c81e5f5f4802e34350ea942e931961b6cbc5b2a99347c670346aa5c09cba93faeec939dedac1e0272832ece559e097d5cc13a08f7d181e5568d4651dbd3ca86125d652232d6a6760acbb758f4ab2f4686e484e447c677ff93a705e1c514a8e57df74e282dc80a1066dc5bae693f3f8258cedcfcc513f36e16e7f24100151246e6186a16083bf95f8ee474b7dae4eb1bd0a94402cae9b78b9edd7021a91cfce0e4559b0a49663fc18321c3f0b4e4f261f9eaf4876c1153ec49dccec8f5e1d8c7ba9cb0789d1575aba1f00e598540a2bf05efcb07cd5846a70250752832fac8b5cd2e45ece5945d01eb548b07825fe8e9f5e5e5fde19652ffad8d25d169d0b2a9b248e3b48dc2f62c01342fdcffccc6cb616cbdb08919cf76c1b45ff4e633fb78267618e02d83f1e113de2fd2d5de45cf4fffb5dc0e147ead12e561774d2824538c5998c81aafd4286360bf10cbafb72200a224d47bda0488ee03d5f542ad35f2ea190fbc64c8286eeea2716eb8626b1d9de2a6195f1fabcc6089f17b8806992947f049b9b036977c648c780e7a55850388c94f54305c7c241669475681577f10a7820fe3198679e01b5c42aa540c44dd3cce342f453b783ba615c584c3f5821e1edb4cee0e8600cb5520d0f416f5167a2b58d760cfde63fd72c4483d12bb49faee9150e47551b4ef3ce6b00a4e09d335344c1427d293eea9a52d24f25285eea5f57019e11f75b68eda0d42b1f5e501f618d4f2a4cef55e49d38568d85bf50699f31c46452b92ffb8e6ad05b2e267e2bb145bbccfc8dd757b6a314b6c0ab86eca45e6bcec92895fd46b6a9ad24cf4f417dc4a453b94d51dfe111f16432dc44ae3a3e6981955aa0e3a979746bf26d8c8a1ae4544a9f0e12f2bb599fe7a3a62a2190a307f94c57e211d508e5747199183f6ea81f9418a321cee09aadd54e245db9861eeec812ad6d387efcdc13c01b09e05f52c6756a991860c88203e08befdf2c2d48af662f74f4bdf1702c32ec40378daedfbd7110102f417b34861d109283cfd92966edf9cc83ef1e2e67c2321fdd61aa432941acd2ddc53ccac0759274aeab88acf575e8e115471cb691ed9d744e7e790eaf786f37361ff6aa8d63792ceacbc93c84c90ba44a0ff3ae1deee19feb50c89be23139e723a01085cd638adaa1cafea5948a26425de60d0f539cecbf2a264b02ae49e83e5890c62913c04a3ff9ea75fbffed3fd8a021f3340fc1510f48fac4f609721322520d0eff78c2df22250ee18c625712de1c2430ae46cd4587f31f119c00d8ea8442b3402b106a56f3ee50f50824a14f05f5a804ec9baa8039967dc3a85c3675c2f5fc18bc5c304e936a3881f05e8cc1fd1ff75aff98ff66b2a1b8fa47aa45681a21cac68097d4b345e2cbfcb37b58848997e58a32c56dc278e2bc5c6e1ea9f3c18ec545a2a3cfd7aa00d7d9db315ada1460ef8b00f565c666c282686bfff9c9a074dfb8690eee2ce596305c3dcd8060cf43fb61f3b9cec2da948d8146a291b6e1d4212c4831ef1a962f8a39ddaa29964536176e7b867244180df50fcff811a3552cf848ef5e88b53b99898d4ca0c04133a736319a44231eaa4f5b67b5264ccc85cd4d5a49c19580b178e83c896a6c3b431dd077df5aa6e94d5de644ad496ee4ea25d2c745650768dc74a77d8d5ada0170819979f9d84529a6455c15a95bedfe90d5e6ca0650ce86d4e7d0ac2d39f19116a6af759d184e9ddb2d851cd63aed8ad4efdb40fae74c9590d4325bf230e6ad5a3c06c3abf5097dcb7541741c4783fbb658787038180392102278cb3b26315760f9fdc221c663dae18a503aa040abf3f28539618ee181559582efcb07d21f6ece5e665fd4abfb2e5473450019beeda08010bf3fe810ca61469a6db6e8349c5e4ac0f24f841a63fee807c9cd631f470c741a62e22ee128e6f2b396a20535d0f2c8ac49aedaccebfd03aa02882cc5100777439de0cefdbd4ff9660897fc7e21e11695c0eb6838a3256c0231741ecaa4435ef33e563532d5719b085c8be9276fa142c032d22ae241b682f2bfba2bc733185a1147b28dba22751380bb5805869bb69ec2d91ad9c7a1ddcfdfacd6b59f4d23e323b59efe6fe760c2ea1f017f3d4dbb9709207997c83cc498aff5ce5ccb1b7ae01d7c21d4065c0d5c2c7a49a8bd8689f15e5d651be2a84d289de6212771abf45d6d12ba2e521507451a1c50892d129903e9e0290a8e5833f75e8d37755d4a29908924e6f7b95f41112060087b6233673865aaf1f555d3335402e6dbc592285ded1006a4e353f20e0fcfe1a50ecdf96b7d53a563e794b78fb9752bf2a1ff0f7177a854a2bdb8e9d19334063055ad25df4b62b591aa9dc087d486f75f3a8e3513b537b2092d57433954e64c0f1e4860f9797651a9eca776fd8f90182c740acac4de4b191220a3978d501c8ffc5afc0866bf9052e1f6a0c8ccc47ee8707e42532183ec2d12dc7f486346a80c363111ca9041b39b84e9954924cea93ebc5aee2237d179d075deaf210949301d732936dc9bfc7987660a192ff242b83213a586ac276fd82853b5da798d24f94a135b1902c2aafce2bfc26cefe024da36f28b76a7f788ef3adb004713e90829aa7f686bfa9455974cc0ebf1272ac652947c500f6df9cfb0e5d30a08e7f365ccce2201f6e99957eae2286b573ed3986ffa81e5aab1ebe0a6c5345568ea5d12a93033d4b15dcddfddf8395eb8e73e44e8441fef434da5f00a92ada2650f1722423ddf83d6ec7fd4b787462381562b412eb3af2e6554d513dc68809b059e79a116321d52550d836117f9e3df1ca0ab275294acb16af38fba4d8121efb3f0c232dd06d4fea03369b744d7854b8fa4b465782c2af0d55519937019d0c7cf06d43d1b3517d3ca8f7508044c0b582055b40bf8fa494a5c4f26bd442c15102c9e43830e0037aa414d4afa38f2f22b67b8495cd1cfffa2a83ce5e6508bd11fb9dda2ca33dba63fd9224ef0a958d2934d1bac990df8074a83d6eab1d1c920d7380e834740ac3d29e6895f581d25f1c5a24610915bedf593adfb37066a95008a705e73fdb4b083af0833c5d5c0dfcfb2ad9cd1ab9fd0b5811eeaee4704b4fff2bdf9f85ea4e0cf8222ba861b9afc980385a8531a091e0371bc24c99feb5c7aaa158f55eb22c3c27d17c0c238b9404015429557eecd18e41c51d6752bc5cab79cc8fe43ef3d92fa49e74a4ee27fef2bcfa04bd5492a2c316333b3e8a1694df4ec9eb8f9aab1874a7361dede9fe519f6784ebc86745537a922ae8f6db011267caeffada5c08bf5453542c2fec7002622c5e8f952b26b8e7e89fd62c127175bdf7173dafef1690801017d387ea981e5756668ee9c5bf8f03694520103b8d11f3771c44654ecb671114e172fd3543937c349f73a513b896451b3d60de9377070ebdc3f2f7b19db6f390ea6709633e91a676d6a60835e24a73bfa56ffcca500abe006c696a50b561f49117bb3407593c5a0f129e8c05af32130cee02c7a47017df690fb890e1fe83b2ffa6b457ca47213b7c1d8e927c5e5b4b96d3ef3b178fdeda5b90f9fa7f12ef0ed957a1fb653240f196073f7332c235d823d979d4a49852d8190ceb76e178709a0084fb3989028bf717632ca0a285e60a5bfc846e2aaf865a50c16b86daca6729a0e3031f075a9f4f5895f9ad5086528a6b038c28d4c482205d6c6ab2c2fb9408d2ebd672a060eac975f162830771d83f8e66696dbeeb352ad347d3d2bb78110d3f123c7190804dc6757d788524dd6ffbb7d8d4ddd17805e57ffd83abd5f3bb10ea3011108223a72ac5384788c4ce9db11d14b8c56f6bfca2a114b1d2ac729dad7151ca5f0660de34f2d12732fa3036d59ccf86665124ec49ce8ffad3000f7305b17584f74976d0343a8d70c1a6a0dddcecdf5a25be749729e38205ce6dc766953b1a0f4c98258bd904345e14b47c1d4820c805866bb1813f1c76a6c55e80cf2dfb4f82da8d5461d21173911c177358a7b5c3d194383ec9359870598b52cec10ddbd709a7f9bfb488ae7916e972ab59a8efbe4a56db6305191be77937a02ab6f728e0a77b4fd2b73e1b6229bf4465beab3b0e2a6089353f38936180fc2e1fe68075ab53526b0f8b9daebf103b170ff3a33727081872a3e718b66f57d48de332c250e407c04ed4db31430f93afd28edba3afc15c2481f7e09e4202e8379e544eaec9f19ba25e8dc352082ffe77913b7606f3916106ed18535550373775fd62424ab70fccbbaae4a020e941340e8b96558f421254186e51848df72d85225f5d936dc654e8bd634f1a0d00898a3ab0b83b253bab16d99da3e38c466e9faec91570af60dbfc0de0a80b9052ba02ab759094dc1cfd16264ba533cbe2c904731a9a25584d6a1b9cdb597a45532603d5e9ad1a58e0cb132137d8990f19a87495fc62b932ff91b9b0881c559c215b5bacfad602dad1a1b44c14a1abd04b06d80b38b5ffbf303647b362142c569cbf012282152a417df9197e02f26adb5e1a45ea057e3993863a460f7212f240adaf1da85be06e9dc5dd0cdc85d1f5399daec156aa6796ad8e8633fc846bc1568fa485efa87793dc14335e5a8e94b7979adc01b9efa249b5193003f2863bdfc9d2c8bc5b526c5df9228ced9e34afc9201e6ded0a0146a63fbf5422d63b167b49c63fb549f0fc0fb0817f1a57295ff2bb22b25c36ad4e66ac77050a1d397cd7d65e6da09adeffea0d7ee6414e31ccf2d9204c8d03bbe8954652a0f45f9d1bd96e59528aab13f7771237a890d91072835ec858f5719c50435673f018ac46c2b29e4477bc281219aad9fb051825610a5b7212c821b92cca04fd29547c41a17674bc44dc23f07f905cb58301ca7ff22b4ac4c7f54a54f14422061986a1133eb67b19557504b8955e262852d1902273782c0e2827e7bed211d8977d6d595cae3c10109bc76e06bb6912d1bcb9e6bc31c4a454b710a1b40e8ef709876785ca6a19316657aa1719c9e24680dd214875956d5395392a9d493f852faedd2a4c3b720fe10d2fb11cc098ddea56011b79a3ce1cb4bd4bae76549d3eaad8a21d2278e5ecb2fbeb2029ed7223545a3ed90bf8358dd1280d95e39dfc2049a21c4aa1ec33d2ecdb1b545a18991177d858a6b863b022a9d19bde75ea08a6653e662065f4292a8083e85293a529d7757f0189cab54f2a4ff80ce326853d83c80bb5f812f8cd6c9bad2c1574964ac1a620fb407bc8e6d441568548503e8ba4e8aa209e9ea5d96d719debcacb33010b9d03d12ca8d8ecd7c595c1c90b001b4e9126ba0c81193ec8144d6a83d3e294d4eba93931ba6dfe590c5b1774d3a6bbbb284308036c49d15e1b4014b93324c938cf7403a1e688bcd4f490809c941d980376ccbb2431bb8888ae014456d2f82aae22f48bea06d20c67487fbbf108c7272e8b79dd3417fe0f8f724462d19d1fcb311bbe0b0077b00c9c844cd8edda1890bbd86d8a41cb92331456a4f0c9f136"}) (async)
ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000000100)) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
mmap(&(0x7f000049b000/0x1000)=nil, 0x1000, 0x100000f, 0x100010, 0xffffffffffffffff, 0xc6002000) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x40000003, 0x0, 0x8}]}) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x484100, 0x0) (async)
close(r7) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x4000, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
read(0xffffffffffffffff, &(0x7f0000000040)=""/106, 0x6a) (async)

750.871749ms ago: executing program 2 (id=1295):
ioctl$VHOST_VDPA_GET_DEVICE_ID(0xffffffffffffffff, 0x8004af70, &(0x7f0000000000))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000500)=0x304000002)
read(r0, &(0x7f0000000080)=""/203, 0xcb)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f0000000200)=ANY=[@ANYBLOB="636f6e746578743d73792274656d5f75dd47d0b9"])

629.6981ms ago: executing program 5 (id=1296):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000003c0)={0x10003, 0x0, 0xf000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x2000, &(0x7f0000008000/0x2000)=nil})
r3 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r3, 0x40087703, 0xfffffffa)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r3, 0x0)
ioctl$ASHMEM_SET_NAME(r3, 0x40087708, &(0x7f00000007c0)='\x00\x00\x03\x06\x00\x00\x00\x1f\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\x87\xa3\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9f\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b^:4\xeb\xd37\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Hd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84\x1b\xdaR-\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~\x00\x00\x00\x00\x00\x00\x00')
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000000000099000040000000000000000000020000"])
ioctl$ASHMEM_SET_NAME(r3, 0x40087708, &(0x7f00000034c0)='\x00\x00\x03\x86\x00\x00\x00\x01\x00x\x92\x12\xbc\x00\x00\xbb\x0642\x9c\x1a\xd1\xcbx\xb0\xd6\x1e\x10gQ\xca\x0e;\xf7\'\x8c\x95\x83=\t7\x94\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcbzA\x8e\xf6\x89\xc2\'\xdfn\x054Y\xd4\x91s\x00\x00\x00-<\r\xd1?$\x8b\x17Bn\xe0\\\x98\xe1%\x1c\xf4\xd0\xf5\xd5\x80\xc4\xb4a \xac\xc4K\x03\xfa\x13Vz\xbf\xe3c\x8d \x0f\xb1\xe9\xf2oci(\xcb\x82\x05\xfe[H\xaf\x01\x18\xc8\x1b\x1e\xbe\xd8>\a\x00\x00\x00\xf7\xafd%\xf1\xdbjE\x01\xd1sD5hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\x851Y9OB\xdeB\xe1\x02-&\"1hS\x92\xe4$-\x02\x00\xe4\x8e\"\x85\xc9x\xef\x81E.r\x89\xe5\x00\x9e\x97\x96\xb8j\x81\xf0\xa5a\xfb\xa6\xff\xfbj\x11\x12\xc0\xbb\xfdq~#\xf7\xa8\"$,\xf4\x84|\x89o\x00<\xa6-\xb0\xd3\x80\xbe\xcf\a\x00\xfc\xa6\xb1\x05\x94\x84l\x05\x00\xeb\xd8\t\x00\x00\x00CvNx461\x04Nl\xedV\xcet\xaa~\x01j\x94\xec\x92\x86uY\xf6\xb5\t?,~\xa67\\\xb9\xc9K\xf8\x9d\x96\xc0\xb5\xc7wF\f\x00\x97T\x90.\x9c\xe3\x9a\xf1\xb9\x9c\x13\xbc\x19\xde/\xaahB\t\x97\a03\xcd\xb3\xc8\xd5l\x14!\xf9Xg\xc52\x1d\xeeB\xccT\x0e\xd8\xef\xc8\xe9\xb4\xf3l\xc3\x99f.\xeb\xe9\x05\xcbkz3+\xdd\xe1*8\x95@0t0\xad\xe3#\xd7\x19\xe7Q\xdfmI\xe5\x1e\xe4\x87\xc9\x8f\xa7\xe0\xd9v\xf6\x01\x9d\x8f`,\x1a8\x81I\x86l\x8f2\r:\xc1\x02\xdeZ%\xa7\x01\x00\x00\x00\x01\x00\x00\x00\xbe\x97\x1fGe\x94\xa6\xa3\xab\xdb\r\x17\xff[\xb1\x00\xff\x7f\x00\x00\x1c\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\"Y\xad\xaf\x83\xaf\x93\xdaHg\xd4\x8c\xee\x0f\x00\x1c/\x9a\xf83\';:q\x92\x010g\\Ym\xd8,\x8d\b\xab\x9dq\xed\xcc\xba\x06\x1ej\xb7s33\xe5\xec\xe90M\xd1\xfd\xbb\xdf\xedc\xd1\xbbI\xa3\xbdqU\x02\x00\x00\x00\x00\x00\x00\x00\xee\xb0\v\x84\xc7\xac\xec\x92t\x00\x00\x00\x92\x1a\f\xbbM\x1cG\xb8\xa4\x05\x16\x06\xb6\x1a\tL\xe3C$K~\xf7\xa1mt\x87E\xc4\xb6h\xf3\x8cG=&\xbd\xa16\xaa\xa2N\xac\xad,Q\x97\xd6\x15\xc46v\x9a\x97\xa6\xb9`\x03\x8ff,V\xe8\xeb\x8bJn\x12o\x8b\xe7K)+\xe0\x06\x8a\\\xfc\nw\xf8\x01\xc4\xd8\x97\xd2\x9cF\xda6F\xfa6I\x03o\xa7\x15&*\xf6Wn\xb9\x00~Y\x17:\x03\xef\xf9\x03\xe7\x8d\x16\\/\xe3\xfcV\x9d\xf2g\xbcFy\xca\x8a\x10*\xbdU#\x7f\xbb\'6\x9e\x1d\n\x19\xff[\x92n\xe1\x81q\xfe\x10\xfd\xa6pL\xc6\x0fN\x06&W\xa2\x9dPWp\x94r\xe2\x92X\x12\x87\xe5\x94\xb3Aa\xb1/\\\xde\x9c\x93\xf5(,u|\f`\x8e\x86\xeb\xcb\x18J+\xdcv\x894\x01\xd0\xc6\x95\xea^j(x\xa5\x9b\xd6f1\x9d\x8fcr\x18\x1fs%\x91~\x19@\x84!u\xc8u\x8aL\x021k\xb4\b\xbb_#A{dw<\xb9\x9dR\xef\xaf]\xe0\xca\xd9x\xdab7@\xfd\x0e\x94\xf8\xab\x8c\xf4\xf1\xb0\xd6\xbe\x8e,\xa2Y\x000F\xe6q\xe3~\xc9\xaa!\xf3\'UF\xf0\xc0\x11\x11\xc2\xc9\x93#K\xea\xc2c\xb9\xe7)\xa4\xd9X\xb9\xaay\xd1\xc7\xab\xe9F\xc6r5\xdf\xa0\'y\r\xbf\xbd\x97\x9d\x8aS\xdb\rF\x9e99\xb4\xf7\x8c\xf9\xca;\xef\xc7]\xa4\xdd<6wc5\xc6\xdeS\xe5*H\xed\xc8^a-\xe8\xb1\xc2\xca\xfa\t\xd0\\\xfc\xe9\x90\x83oj\xa9E\xfb\x8du\x94\x97\x1cF\x0f\xe9d\xf2\xe4\fc\xdf\xde\x1c\xd8u\x9b\xd7\x9c\x11\xbe\b\xb5\x1e\x04\xa0\xdc\xe1Oxu\xd7O#\n%\x89+\xcc\x9f\x8e\xb2:\xa0\xb0\xdc\xd1\xba\xbd@\xf4\x00\x00\xfd\aqn:\x83\x84N\x83K\xbf^\xd8&\xde\x14\x17\x9d\xcd\xed\x19\xd0\xc1$*K\b$\x12\xf3\x88#\xb1#\xb6RX\x11\x86X\x94\x84\x8e\xdd\x82b\x19b\x9fQ\x91\x98\x9e\xf7\xf6`\x03\xb3\x8a\x86\xf9\x00\x00\x00\x00\x00P\x00'/1066)
ioctl$ASHMEM_SET_NAME(r3, 0x40087707, &(0x7f0000000040)='\x00\x00\x03\x06\x00\x00\x00\x05\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9f\xf0:\xfd$\xad\xbb\x9a|c\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84x\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~~\x84\\\xe4\x00')
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r7, 0x0)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/kernel/profiling', 0x149a82, 0x8a)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r12, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x48a, 0x0, 0x5}]})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x66, 0x0, &(0x7f0000000440)="641e1adc6f6c6d2a7411f3de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b418709844294623"})
mmap$binder(&(0x7f0000006000/0x2000)=nil, 0x2000, 0x1, 0x11, r9, 0xffffffffffff0001)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000100)={0x60, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}, @increfs_done={0x40106308, 0x3}], 0x0, 0x0, 0x0})

560.775051ms ago: executing program 2 (id=1297):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x80401, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000000)={0x10000, 0x140, 0x3c0, 0x0})
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0x4b564d00, 0x0, 0x9}]})
ioctl$BLKRRPART(r0, 0x125f, 0x0)

476.327573ms ago: executing program 3 (id=1298):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x52, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a4"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000200)=0x11)
read(r2, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000000), 0xffffff6a)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000180)={0x0, 0x2, 0x5, 0x5})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})

469.826043ms ago: executing program 5 (id=1299):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(r2, 0x4068aea3, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x8abc, 0x4, 0x4, 0x804, 0x7, 0xf, 0x120004, 0x81, 0x1, 0x2, 0x8000000000000001, 0x100000002, 0x0, 0x200000000000101, 0x6, 0x1], 0xeeee8000, 0x141200})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x10, 0x2, 0xb6, '\x00', 0x2}) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x3f)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x17a, 0x0, 0x8000000000000002}]}) (async, rerun: 32)
r9 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (rerun: 32)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f00000004c0)={0x1, 0x0, [{0x40000108, 0x0, 0x6}]}) (async)
r11 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r12, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="f98215638fc2f72620f524950100000000000000830500000000000009000002590000005f77745a12351f8f80dcd7ff07be80c2ef3c4ee93dc4bda7f3377bbffecdf7662c4259f79c470c2adc3f600fb289917132758a3f9f298a41b857431f3cea6274be62b8aa3a8a33c8ef822753e28f0a20f513d3f4c9454038f16e38bf65150c4a920c000000657c923e79e846d0a50461fd07339bc8e442ed3662e39fb81161694100000008000000"])
mmap(&(0x7f0000797000/0x2000)=nil, 0x2000, 0x3000001, 0x2010, r4, 0xfa261000) (async, rerun: 32)
ioctl$FIONCLEX(r3, 0x5450) (rerun: 32)

402.963714ms ago: executing program 2 (id=1300):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000040))
close(r0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000280)={0x2})

346.079584ms ago: executing program 3 (id=1301):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, &(0x7f0000000140)=0x3) (async, rerun: 64)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x51, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7"}) (rerun: 64)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0)
r4 = syz_clone(0x10000, &(0x7f0000000600)="e5ffe5de58b7f173f5e378b52f2a2ea6c7394487375b3584e0c78916a437c0e7d2888873be97eddfda3a2606718b4e9302578d129af19c13f2c5907bf1fe8a2fc358070a49ea3e76a6a143c8b62982f38089843eaf27f3777ebd449399d5fa82e79d02faee2850a7f623e8cae9fe9926ee82cad5d8639a4d76efd43289da9a18e02890d7c3f51061a9a58ec08d7003c8d85e7313481684e03ae87ff1d05971a11027987133c50e11bf8e629f53099f5151e51f129091bba24c42301cb5939b625e49c259069684f99f05ea8d5f36a419948f6b9ae34f55f702b8620d0351d22917324e81a4175f26498c8c884a92939430032d2bdf677198669a3504fc1dde66974b36d9f492640ff838fa57d24c20b2d28a0181ab3ac57d2a15009b83f7cb4c4f62b8b1bf5387680e521c38c7e511370e637d97d7a6618e699b7344364cd817936450a2a52505f94ca5099de634c18c97c847f8b09676931eec2a18f037312e199782d21aafeff007256d5e210c5994120358a5ee82cf27b748233907188b9e332bc2000661880114932ecca166e2cbb760331e70c2a61b37e7a2e7c1927db0d50029850ed6172716813f45daa3d4da109a31403d095b75057266d6ccd9768062a27e9bf48988d287d29f8193309dda9ec4829df0c2d099365d41d64ad1f54528cb88e133c874db403c8027c24661a2e0556c876427c80fb1d2dfb63b6fb3907317fbb9ff7627e7c48380a0233f57ed7551ba14bc88af58b3600440c3b96bc59f1a6e12c4a5b07facd7804e6e2bc5e616b39a89bf363c09f5f6ece9ab951e0b2d68c401012362e7f9a51cfa61f5801a80eb6b0e8c7860395b7a3fa7d80eb9a68b7ca69fb0a1096c7696a159421fdef9685e1eb92e5033cfb8903c1296e1f42b1c9a76173cdb61aa62dd4f94c556ac8ef5c13d5cf2a2747bc7a40e1fcb2c96a623bf6b7d08ae384cbc7baf58114485fd395a3fd9ac024e96e55a14d81ad426bc78129420698eb05298ed3d4fd565ff64032c7757ff8fd7fec15b04285b2e497d032e9b46930024793fc41dce474d9acea39cdfd0f7b8a8aec4c02d508034e872c978c79f4d7238879e147132bfdac10476932a8b4bba18732af4a03533bfa2b53637abc1aa41824f5e9eee647667d200550bb45262199db3370fe4839f4155dc1965343fa01f5c8596827f377c3e294e0e5a93a36873bbc8822fa919173f5c1766b7c460a1f088587256d111f3f8c08c318dfe52da751f3481763125510e6c2e5b200fde0cb5b84121d5c903f8a719028f9a324dbd9e69cb46d62285e19e6d3ff24663e382f89cc121d042f4548cb82d6f6bb81c137f415738e693a08f42729f94bb2d59889cf355bc52b935e4736938bfd1b882a239b6679abc2744686104328fc52d7eb88891eb91ef27a68f3ef900de364c0c083a1b5b61e1acdf61c4fd6fcfcc21eea70fdfbf2f030507f4540ff80dfbb904a9a9e83df904ea3e0b365b23a7f42f1f14d38c9f45c9753466d1994079b9d59c847adab8aca07539356cacfaccddece81ad6f5def0b736a7c901e3353285ec9966692f0e587539baa62fcf9d650913921a8f5a804b02d0cd596f2cd16921cb80e950493bb9769694ca5ebe5fa69f9fc2f78bf5cb0b02c59f5016f482e1f6a9cf1449bfae380ebf749916b3466a539c34711f85637062d0837b61b8ee2b5e55f05be232f73b60771a020e3344a9160a69be1cebb7edda40d5bf6e3bdbfdb3755baabc6cabe6f8654f16d89f86d335e8f55e03e41945ea51ec9a14effaf4cd221f202c035890a00ff2d225e51dc04ab455ba4186d8d61039bd23e6c237ca0ea6cef0f5a6c41943dc20dc1b11870ba21b23935afb812b3654bfa40a9a5f501e4b2eaeecd14efb4af2d162af4f9c6f15ff699da9f4197dca6ebc86d03a5096abaee4a0c385b99e1d08b6dbb274acaef9253a0c9ef0cd22caa7f9956734453190955e4c32038474ec37048cfb25630915e275c16ba0a8daa7db0cfc9d5f136a5bf102dc953e2ddaef8664e1a6f30de816354aee71cf5630b7453bb3c264c1a0fdf704a72de707931a7ce8c2d7791ea5efbff6e1e33aa44e0c726a12c39a64d1a868e5dfdd506d2e1fff91e32c9c97fb0d92821163fe8e81affc5df72fda2f200583a593c7cf2aef676f328a0754e24058b0a418bded2528d295637f8b5255887866c7d4fc98bfbe6ab1c800968657f2f8682e6ae34b6217d279c0934554d058c325be5d49c2963d527abc21a93d2a257e9c03b740d7633d23f081105caf2ed3bb2107a3b90455fb2aaad081843f0a1db89a56f38082b4bda425fd0beaaa81a868fecfe3f4dbead10d09b22ff18bdb3a60afa931d9d2484eea209ed5253c9e1cdeb267ef9c244d4850e01178a9972bf157430cd9d1732ee511974f66c4dc2593d4b09bb31d8027cb6a72eb6b8260cacbb38f119402ad330a63e7d557efa9e23f7070a8472b1ff31be4a13dc9d1224103716b6070d4a85c6ff3bf50a7d8ae7e8da5dca6cbd111369c41249574aa764583bd3af4c4192b3f8dbfebeb9443f67f4095480c874ab529869fed9872b2d0fc6c93e224e4c0b4859afe4071373b71830b685312ebd78f315a7d228f9933cb270641b883c1416208808f3e15d110a331f8479ebd30bb9868034d15c2a6f67a70788711dc482a91db6634e7cdb743bb0a18c3868b4b99459bf899c402191c72b623c38c9229de75062026cdadbdca50dcf9868f5e960328cd9240bb834d25c2abb41b484f10e4b6a117b70c67e1b3fa2ed7a03be4cf5e8b124ceec77202da718a1fb90fbc39a4eaa3f2736308539fc8915a6012dc4497872120426774d17c52b2f822e53213e7d3fa9bf6f19eda28e58d9cf57347f6af02834bf558a0f79be59694c3f0ca189a2742eee17cd758d86c16427ac2e121ac21be5909a8adc30d619b6fff8b2af0c1ee0336f80aff5b0c16a1a5d479c102352de2a59a90249dd3d36d909dea6576e96511e056da19bf7462ec2d89e64c4b916b5270f0c2c91d25f2e389a8ecb67a1ee0c13a98b0944ef94b03e8df4fe6d9e1e94f4617fde7643d9bae0281f2f16f96fb5c6e715a58476dedcb794881e9dbec75b3599be2ee57faf5755a968a469e6e6666f083c1cce0fc549567d623eb081539b1ccc2878eec21bd17e771f62f64511249b771ecd35dad5c19f31e89f2b0158ebbb0fb2692fadf7b02f20a0a44b616e0d50b40e03d990d1b6e90aa89d5ce37341b4a7c076a487153d6e5e0014d1969dde795e345be64d3c0796b445ea4e798c2f3ac61cde85ab8a337cad18c56e4cee02b2241df009d6cefa10cdfa7d3550fb509e7d835d3d17e4e1a131035e995ab919dd564ea37fc4c5161136c44b537871f015205ec4ec335b9e5aa677dab6676d0f8125bdb560c13a53379d2b573002f486660273022471ef6b897ca0434a68d66844e86883423d5c1a6175693ddc8fec756da9101f38c1394f30c32cc432a3ef4f54298b0b4fffa2cedbdf853ba0137d66ab3064568c25b6dcd1c78b36c159af19fe5b38f3ed2a82bd6da6dfc42c8aaed0be27b7305f0cf6380dd7fb0b2d1251caee27ea9e35d4abb75898168a047dee47315c7c42d635cb8d08ad9f99aba85d94cd257e3e91d42a02a7720c5d1aba57c2ad55d554799d65ee0327a019848d13bb466106a2187234afd98dcaed0ee6bf0006d89b5b17def1ee7c4f111bbba280a5100d9760ffcb60beb1087572b98982edd932e04e1d3e2e2e52403365c505eca0ee3cfdd44272f4cfb606c499f5887352a02ba099e636eaf153305fda535ef337e5f6b278c2f5dbf9b8d108c0669d46f0b1edeaa2607f743514301bb0ac62d10a8adb4aac068ee00c27cf37e17d5969164e60461cedaf1deb696aaaeced9e2f81002649b93620e5e55ac6c5f8c4dffe937b7e39bf47c6d562d57cd5f6cd8c4075c7c3cd4bb72dd9bdcc95f688c9f46d8754ac46d00de52c0150b13c7070eae44d5f6d793a52ab7f11fa6adc402aff337a50e5ae5cf0ada59879c6d4f2a22beee339cc130b3f5f6f051febb6cb1add68decaf8da2640002263c08a32064e7cf40fc414dc74fbe985eaf924ec7e0f3ef4454cd0843be81508df0cc12d47195767fc4c0d8ed69b5945c4e2a83a71ef51252776fb0b737fdca6716cdecc32d6e38b3576be2bba60a5310bbf4dad852b5ebf91b56953ff80a7e78d3abc2f922b1fb7145700816a772585856be88b7f391e62f62ad99036ef622d4aa2afa9ee58ea58ea3c0c25b6ee17f2557884b1eaffe214959383387e2b258c6f620b0a00619b48338bd4017bfca3d146e84ebaa276aa01ae1ed7d3060cf07d0a70f95a393cb943c1b0dfb796cfa0b407e0e5fcdc93ee518f8db3c40560097840e985919da9ca0931d599e99b87735b134f599b018d410c9d0af0fc720825876cdd1ae6e3ed7c9856f6b597100aebb78afbe70436843cb4256c4067b2aab7769e8888be88166cc3b17acb1f16001227b041191e37f1612a055211620873f13748fc82b1befef30c7b987d9d13e5b48c800f37cbcb2995e3921e120933896293bd4ad0696927bbf3cf9f4cda43bae166a885a03ee92bae0d9047474eae989553e7d59f5e407515cf412318ade2a9e421e34177399f66dc3d0905ec961bedc9094585c85f1539f31a0a8c45fbfb74071f45306adb60ada89c0a11768661fb70d8f576f40f571557b49c795983e994fd0ca4d9a8eac78295cf922206fc9535ed8c1d728bd2ea7ab36f51b5c77d0a2645fed307af8e567da86d74a00f5921526ce630801540588dcdb6c460d83cb39fd1e34402d393a0e84b03fcf34d8594f526fd183c28578521688a0382e58aba5e19c970f964c8e97759d724a729281fb3b5aaa177261bb063d04453d1751c9157d2f64724a35ddc9c67d1d76462a3dd1418184d0a314e1a381da5b7b6fa87051d1f4d8cd2274e78982c0140a01378c268b3b07369b2f75830939a49add61de9f7de5a369000113da1aa4d364c3e8c2dcf40659ec21daa1072f201a3b7219706b11ec4b893334d8a63f984df73d0358ca35b845a01600cf68054ccf30aa2d0fd8770f634de02733875784ddf761990735bb247bf44739733b1eb8ffb9e47bddaad383304a22476d2cc9f48f2e4ee35982fb2b550ee11afeff1b5ebf948a17b55d533a3de7f3ab7b7029f7bc5ac43ee49b41cec644d5d1cd05a2c1cb4ccbad44535a92eedfe3904fb6382f807c756faeab3c66ab3069af272a3708bacce90b4af931ec8f9fb122798f1707d5f44dde724c6ef4fd3520b973b4934bec88d0b72aec8db9314240e77c246fc3311f81ead31bc93add60580af64d56bdd7c0bcf2988d49064018c77eaf8b96aa8fc5b0fee81db2f2756c951bf1030be15d5b3e94271e24bd064c68de8c3a666841fb5c065106954cc0f890c9c754667b9241c4e23f07e09f41a0a404938948df5143a49517992db68dbd43c42f85e34c960f823fc3a678d9599267e12fe0feee495e83453ab93b68db8cd0149a0c5e699d538d0e9a9af4f07e5bbb9824d888db00d6fdf1366c6ae292ac27e91dd0eb73bf52f302d7336b0b1b61d28249f7629be3ecbb9401a32c1c6a179c1138fbed2d4adcf34512130a299625284f1701b10f53bac27c2170c894f590f3b7ab566b844de27818186f6ba2342a6f5bc8f865d21a206029077c5c5e3df3c8b93a93ad0ffc5f772c8fb4b8614a73ade7a26cebc90849523deed4e8f31eb2798385ec90dbe7a6167a14664d1764bfa173e5b7802858a3857c66699fa98da9", 0x1000, &(0x7f0000000200), &(0x7f00000003c0), &(0x7f0000000400)="810e14c1e4b0a4cc5823fb6d1ae36d77534a147a8693795109cb42e7d5dccf19889cc3ec792fa48235957fd1208dbe579f4a29b7b05af8451cb8acd1c57a6d09e85e00192abb77f3b1")
syz_clone3(&(0x7f00000004c0)={0x480, &(0x7f0000000040), &(0x7f0000000080), &(0x7f0000000100), {0x7}, &(0x7f0000000300)=""/188, 0xbc, &(0x7f0000000180)=""/59, &(0x7f0000000480)=[r4], 0x1}, 0x58) (async, rerun: 32)
syz_clone3(&(0x7f0000000280)={0x243012400, 0x0, 0x0, 0x0, {0x13}, 0x0, 0x0, 0x0, 0x0}, 0x58) (rerun: 32)

272.445505ms ago: executing program 0 (id=1302):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0xa})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000280)={0x2})

271.606436ms ago: executing program 2 (id=1303):
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000000040)={0x0, 0x1, 0xfffffffffffffffb})
read(r0, &(0x7f0000000080)=""/134, 0x86)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x10004, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x80049367, &(0x7f0000000180))
r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
ioctl$ASHMEM_SET_NAME(r2, 0x41007701, &(0x7f0000000200)='/dev/ppp\x00')
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000240)={[0x7, 0x7, 0x6, 0x1, 0x5, 0x7, 0x1, 0x56e, 0x80000001, 0x0, 0x9, 0x0, 0x3, 0x1, 0x9, 0x7f], 0xdddd0000, 0x2000})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000300)={0x2, <r3=>0xffffffffffffffff})
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, 0x4010, r3, 0x1fb42000)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$FIBMAP(r1, 0x1, &(0x7f0000000340)=0x7f)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000380)={0xe, 0xe})
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f00000003c0)={0x2, 0x8})
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x57c)
ioctl$BTRFS_IOC_BALANCE_V2(r4, 0xc4009420, &(0x7f0000000400)={0x0, 0x1, {0xa94c, @usage=0x5bc, 0x0, 0x6, 0x80000000, 0x9, 0x2, 0xa, 0x0, @usage=0x4, 0x4, 0x5, [0x6, 0x2, 0x0, 0x8001, 0xe, 0x9335]}, {0x1, @struct={0x22ac, 0x10}, <r5=>0x0, 0x2, 0x6, 0x5, 0x80000001, 0x6, 0x412, @usage=0x2, 0x4, 0x7, [0xc, 0x3, 0x3, 0x34b, 0x9, 0xf396]}, {0x9, @struct={0x8, 0x4}, 0x0, 0x9, 0x10001, 0x4, 0x2, 0x5, 0x81, @usage=0x7, 0x20, 0x0, [0x10000, 0x1, 0x800000000000, 0x6, 0x0, 0x4]}, {0x100000000, 0x9, 0x21a0}})
ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000800)={0x0, 0x6, {0x5, @usage=0x6, 0x0, 0x586, 0x9, 0x3, 0x2, 0x9, 0x0, @struct={0x755c1bd8}, 0x4, 0x5, [0x6, 0xffffffffffffffff, 0x7f, 0x800, 0x3, 0x6a862f9d]}, {0x0, @struct={0x10001, 0x6}, 0x0, 0xd2, 0x1, 0x6c, 0x5, 0x4, 0x85, @usage=0x3, 0x1be28af8, 0x1, [0x6e, 0x2, 0x7, 0x2, 0x9, 0x8]}, {0xab6, @usage=0x4, r5, 0x0, 0x6, 0x7, 0x100000000, 0x2, 0x48, @usage=0xb, 0x6572, 0x5, [0x4, 0xffffffffffffffff, 0x10000, 0x0, 0xf0d7, 0xfffffffffffffffc]}, {0x4, 0x7, 0x1}})
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000c00), 0x20c80, 0x0)
ioctl$VT_RELDISP(r6, 0x5605)
ioctl$TCSETSW(r6, 0x5403, &(0x7f0000000c40)={0xfffffff9, 0xe3, 0x1, 0x5, 0x6, "dcf47738d1e7ec7b73f1ba3fdaf81f13a6dfaf"})
close(r6)
r7 = openat$cgroup_ro(r0, &(0x7f0000000c80)='blkio.bfq.time\x00', 0x0, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000cc0)=0x5)
ioctl$BTRFS_IOC_SEND(r2, 0x40489426, &(0x7f0000000d40)={{r0}, 0x7, &(0x7f0000000d00)=[0x9, 0x6, 0x100, 0x29c, 0x8, 0x8000000000000000, 0x8], 0x3, 0x2, 0x1})
ioctl$ASHMEM_SET_NAME(r2, 0x41007701, &(0x7f0000000dc0)='+\x00')
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000f80)={0x54, 0x0, &(0x7f0000000ec0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000e00)={@fd={0x66642a85, 0x0, r6}, @flat=@binder={0x73622a85, 0x101, 0x2}, @flat=@binder={0x73622a85, 0xb, 0x1}}, &(0x7f0000000e80)={0x0, 0x18, 0x30}}, 0x400}, @increfs], 0x5, 0x0, &(0x7f0000000f40)="158ccfe96c"})
write$cgroup_devices(r7, &(0x7f0000000fc0)={'b', ' *:* ', 'r\x00'}, 0x8)
write$snapshot(r0, &(0x7f0000001000)="64cd1cde71fb490d628638170bd9362d34b251f99b47d3276dddc325346ba1ef67e9a76ecfbc5273e83242160acd73145d92ce8672df86631880ed3829bd2adc2eeaccdd709d3a2d639e6e42d49e442c51685f547101c8dc7d32e77081acf40c623ffba4a2a53196e5e73afa3b4b979d9bf91866f949a0b41448986eddd574ddb451fa3fc595b47601fc5bc018a782", 0x8f)
write$selinux_context(r0, &(0x7f00000010c0)='system_u:object_r:audit_spool_t:s0\x00', 0x23)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x8001)

232.171306ms ago: executing program 5 (id=1304):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000000000000b6000040"])
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0)
ioctl$TCSETSW2(r6, 0x5453, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
write$cgroup_subtree(r7, 0x0, 0x0)
ioctl$KVM_REINJECT_CONTROL(r2, 0xae71, &(0x7f0000000000)={0x15})
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r9, 0x4004ae99, &(0x7f0000000040))
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="020000000000000068020000000000000500", @ANYRES32=r8, @ANYRESOCT])
ioctl$BINDER_GET_EXTENDED_ERROR(r0, 0xc00c6211, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0) (async)
openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000000000000b6000040"]) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0) (async)
ioctl$TCSETSW2(r6, 0x5453, 0x0) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) (async)
write$cgroup_subtree(r7, 0x0, 0x0) (async)
ioctl$KVM_REINJECT_CONTROL(r2, 0xae71, &(0x7f0000000000)={0x15}) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) (async)
ioctl$KVM_SET_MP_STATE(r9, 0x4004ae99, &(0x7f0000000040)) (async)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="020000000000000068020000000000000500", @ANYRES32=r8, @ANYRESOCT]) (async)
ioctl$BINDER_GET_EXTENDED_ERROR(r0, 0xc00c6211, 0x0) (async)

144.859928ms ago: executing program 2 (id=1305):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000000), 0x12)
read(r1, &(0x7f0000000080)=""/1, 0x1)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x9c, 0x0, &(0x7f0000000440)=[@dead_binder_done, @reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x60, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000180)=""/22, 0x16, 0x0, 0x2e}, @fda={0x66646185, 0x3, 0x0, 0x1c}}, &(0x7f0000000240)={0x0, 0xfffffe67, 0x40}}}, @dead_binder_done], 0x4a, 0x0, &(0x7f00000002c0)})

92.371998ms ago: executing program 0 (id=1306):
r0 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000002140)='/proc/sys/fs/binfmt_misc/syz3\x00', 0x2, 0x0)
read(r0, 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x22882, 0x0)
ioctl$BLKBSZSET(r2, 0x40081271, &(0x7f00000000c0)=0x8)
r3 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000140), 0x4b3542, 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f00000000c0)=0x1a)
mmap(&(0x7f000070a000/0x1000)=nil, 0x1000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0xa101, 0x0)
r5 = openat$ashmem(0xffffffffffffff9c, &(0x7f00000001c0), 0x220880, 0x0)
ioctl$ASHMEM_SET_NAME(r5, 0x41007701, &(0x7f0000000200)='^+%:..%\x00')
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$vga_arbiter(r6, &(0x7f0000000100)=ANY=[@ANYBLOB="6c6fe36b206e6f6e6500"], 0xa)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r6, 0x0)
write$vga_arbiter(r4, &(0x7f0000000000)=@unlock_all, 0xb)
ioctl$VHOST_SET_OWNER(r6, 0xaf01, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000180))
ioctl$VHOST_GET_VRING_ENDIAN(r1, 0x4008af14, &(0x7f0000000080)={0x0, 0x3})
mount$binderfs(0x0, &(0x7f0000002200)='./binderfs\x00', &(0x7f0000002240), 0x10, 0x0)
write$binfmt_format(r0, &(0x7f0000000000)='-1\x00', 0x3)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)

16.7669ms ago: executing program 0 (id=1307):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
ioctl$RTC_IRQP_READ(r1, 0x8008700b, &(0x7f0000000180))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x0, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x606c)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x1100})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x9, 0x0, &(0x7f0000000200)=[@acquire_done, @dead_binder_done], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000888000/0x4000)=nil, 0x4000, 0x1, 0x11, r3, 0x100008)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000480)={0x60, 0x0, &(0x7f0000000600)=[@reply_sg={0x40486312, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000580)={@fda={0x66646185, 0x2, 0x20000000000001, 0x32}, @ptr={0x70742a85, 0x1, &(0x7f0000000680)=""/180, 0xb4, 0x400000000002, 0x2e}, @flat=@binder={0x73622a85, 0x1000, 0x1}}, &(0x7f0000000000)={0x0, 0x20, 0x48}}, 0x40}, @clear_death={0x400c630f, 0x2}, @register_looper], 0x0, 0x0, 0x0})
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000002c0), 0x801, 0x0)
write$rfkill(r5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.stat\x00', 0x275a, 0x0)
mmap(&(0x7f00004f1000/0x3000)=nil, 0x3000, 0x2000003, 0x12, r2, 0x913e0000)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f00004f1000/0x2000)=nil, 0x2000, 0x2000000, 0x11, r6, 0x0)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x494282, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r6, 0x8048ae66, &(0x7f00000004c0)={[{0x8e6, 0xf001, 0xf1, 0x0, 0x3, 0x9, 0x53, 0x6, 0xc, 0x4, 0x5, 0xfb, 0x4}, {0x4, 0x8001, 0xfc, 0xb, 0xff, 0x0, 0x7d, 0xe, 0xe, 0x2f, 0x0, 0x0, 0x7}, {0x5, 0x0, 0x7, 0x10, 0xd6, 0x6, 0x4, 0x7f, 0x7, 0xfa, 0x81, 0x7, 0x7f}], 0xffff1093})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)

0s ago: executing program 2 (id=1308):
r0 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000040)=0x1)
close_range(r0, r0, 0x0)
r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r1, 0xc018620c, &(0x7f00000000c0))
ioctl$BLKRRPART(r1, 0x125f, 0x0)
write$binfmt_format(r1, &(0x7f0000000100)='-1\x00', 0x3)
r2 = openat$cgroup_ro(r1, &(0x7f0000000140)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000180), 0x4202, 0x0)
write$vga_arbiter(r3, &(0x7f00000001c0)=@other={'decodes', ' ', 'io+mem'}, 0xf)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r4, 0x4068aea3, &(0x7f0000000200)={0x8f, 0x0, 0x1})
ioctl$SNDRV_TIMER_IOCTL_CREATE(r2, 0xc02054a5, &(0x7f0000000280)={0x876, <r5=>r0, 'id0\x00'})
ioctl$VHOST_SET_FEATURES(r5, 0x4008af00, &(0x7f0000000300)=0x200000000)
r6 = openat(r2, &(0x7f0000000340)='./file0\x00', 0x1, 0x191)
ioctl$INCFS_IOC_CREATE_FILE(r6, 0xc058671e, &(0x7f0000000740)={{'\x00', 0x1}, {0x3}, 0xcc, 0x0, 0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)="a892aa1a2440de8ce2f634958d384b2640543888eb0181f9144e3161a458c892593ef6e67dc534647994c3af696d641683d5e861c62165f84f8bdbbd02adc0ce73315222b2606ea3343b3df5f4bba24527f635d0c93c688100fb9baaff6a11dcb0388aab18621bf54c413ed9ebf3e2c4030bf671cec2ecf5cd5d05506b7112bae2fefb5470891c0c2bd0f9c8e4704cb908b8426465f7731676c05549a4e16f9639c5f650c4f2650e555f0c65ab0f87551a1b2971c9a77c999fa00798b128ef0d147114586cb75e12d2ad986d1611372898a53b7bfcda9d8879a30045155985391e65d45def286cdc91d1a2588ccde03d30c42f60a6b0e6517158b1dd399ed2433be29c9a989402e51ab629c0366a8b8718c2fa9ed6fd35fb453c162b3aee814001b6f0acfad80c73273a174657f481465144ee7befd33705f27440a2286631bedbda972d4976c708045dbbf57d4330ade57ded1f09d15705788e4ca82373909c1b9f36b132f358865a5a0842dad4b91ffe7471081118757ad7e216a081a62c69f444f1a9a54eaf3fcf7d5b6f98033443f5eb8fcefb1a6ad90db87e0859", 0x19d, 0x0, &(0x7f00000005c0)={0x2, 0x100, {0x1, 0xc, 0x0, "", 0xf3, "883e843b23fdff1ec034ed6cd7f93803b708866734f7902a535f1f13e50e7b1afff0ebf2e0c21897476b6319f4b309039ad6a1e6a1b9353a4312205a1e51d2c7223cc007542f4c9a53bc9f4cec378bef1b53a5eec05a94a5ed31bf0f2f4e6ea156617170152d99098e029b1483c36f9307ec4a13b8eeccaa39969c921ab97220ed2649a8e2e61a7c46bb108d82c2b0d65514bbf3f0cb3e047eaf2075bb3105742c92e831b05a185e2469a0f39803ae7c16740e893be590270dd84090971260e75d3afcad23dae06f9ad0f0532821b2b3ec6cd48bbbad9aa366125ef55beecd467cee0f9a927f0de5bcb03edda6b7cb0a46ffcb"}, 0x3b, "5d1c58d2a874470d422e6abe9e154bad73c4fb96f29df7319619517488391fe5226710fa716c7817ef5c54f90349c54020eb72ef576a1585b3d068"}, 0x147})
ioctl$FIONCLEX(r5, 0x5450)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x24240, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000800), 0x2, 0x0)
close_range(r8, r7, 0x0)
ioctl$VHOST_VDPA_GET_STATUS(r5, 0x8001af71, &(0x7f0000000840))
close_range(r0, r5, 0x2)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r9 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000880), 0x802, 0x0)
read(r9, &(0x7f00000008c0)=""/231, 0xe7)
r10 = openat$uhid(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0)
write$UHID_CREATE2(r10, &(0x7f0000000a00)={0xb, {'syz1\x00', 'syz0\x00', 'syz1\x00', 0x76, 0x0, 0xff, 0xffff7fff, 0x5, 0x3ff, "13d85ec862af9c86e10022f9bf2714a6ecd213a21beab7574c704bc2044b6e634f3dbae63fa4988ad60aef2e92134a5c87a1b9a14c06b825616717138670372d61f3d1e75498b291d3a8638971d8cfe24261bff6212ff9e6de802907d1ced0e66065c1c618dce49b5bbf2a0180a7df4aa95fdb4f696d"}}, 0x18e)
write$UHID_INPUT2(r10, &(0x7f0000000bc0)={0xc, {0xd6, "f428b5ac9841a877d18462d41f125016d1f01ef9598fd5b4e1f984d8e7a9e396bd7b1a1b31f6fb13f6db26e9e23c215e9df47bbc686376f316a446c13b9cb7094216f32c5b29e0dfb74b686e1e793a92935c55b00e1c7760057057d5a6b8e022854f01bfa39e4404384e370e00c7a8f387ee3d74cf01fdc49f9dac45e225171c89b24bb7b5f4a18efdbc2c4b59f9f2db0f1dc02a09a3b1f94fd3e20797b8101720cb0a2d127e76bfee9733a013a956180aa8448b23d9b86c440721d4986c31e0ae244649bd74c7fe70c16ce4513cd44081258806b9f4"}}, 0xdc)
ioctl$TIOCMSET(r1, 0x5418, &(0x7f0000000cc0))
ioctl$ASHMEM_SET_PROT_MASK(0xffffffffffffffff, 0x40087705, &(0x7f0000000d00)={0x9, 0xbb10})

kernel console output (not intermixed with test programs):

ser requested TSC rate below hardware speed
[   35.444345][  T980] rust_binder: Write failure EINVAL in pid:164
[   35.489816][  T988] binder: Unknown parameter 'dev/rtc0'
[   35.640557][  T997] rust_binder: Write failure EINVAL in pid:167
[   35.927126][ T1004] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[   36.014179][ T1007] rust_binder: Got transaction with invalid offset.
[   36.014221][ T1007] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   36.043675][ T1011] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   36.061871][ T1007] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:211
[   36.184829][ T1013] binder: Unknown parameter 'secla{÷á^ôpu/syz0'
[   36.922955][ T1038] random: crng reseeded on system resumption
[   37.002928][ T1038] rust_binder: Write failure EFAULT in pid:124
[   37.283001][ T1051] SELinux: syz.3.192 (1051) set checkreqprot to 1. This is no longer supported.
[   37.332161][ T1054] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   37.365325][ T1054] input: syz0 as /devices/virtual/input/input11
[   37.400372][ T1054] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   37.400410][ T1054] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:188
[   37.402713][   T36] kauditd_printk_skb: 3239 callbacks suppressed
[   37.402728][   T36] audit: type=1400 audit(1750405040.730:4938): avc:  denied  { setattr } for  pid=289 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   37.489473][   T36] audit: type=1400 audit(1750405040.770:4939): avc:  denied  { setattr } for  pid=289 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   37.562560][   T36] audit: type=1400 audit(1750405040.770:4940): avc:  denied  { setattr } for  pid=289 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   37.591649][  T289] audit: audit_backlog=65 > audit_backlog_limit=64
[   37.604422][ T1060] audit: audit_backlog=65 > audit_backlog_limit=64
[   37.611157][  T289] audit: audit_lost=31 audit_rate_limit=0 audit_backlog_limit=64
[   37.620072][ T1060] audit: audit_lost=32 audit_rate_limit=0 audit_backlog_limit=64
[   37.642553][  T289] audit: backlog limit exceeded
[   37.644710][   T36] audit: type=1400 audit(1750405040.770:4941): avc:  denied  { setattr } for  pid=289 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   37.653408][ T1060] audit: backlog limit exceeded
[   37.865183][ T1072] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   37.896239][ T1067] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   37.917139][ T1074] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:226
[   38.415567][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.461851][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.493088][ T1099] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[   38.521405][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.541655][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.550800][ T1101] binder: Unknown parameter 'context'
[   38.573882][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.574119][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.584758][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.604309][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.604493][ T1104] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.611051][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.650916][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.670127][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.700816][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.717402][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.725058][ T1109] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.742813][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.748307][ T1110] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:210
[   38.749587][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.796837][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.812739][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.823182][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.836571][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.864990][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.888816][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.922159][ T1115] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.929015][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.949800][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.963121][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.967265][ T1115] rust_binder: Got transaction with invalid offset.
[   38.969884][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.984100][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.990765][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.998491][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.005898][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.013001][ T1115] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   39.014689][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.048028][ T1115] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:214
[   39.054860][ T1117] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.064622][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.071299][ T1098] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.088370][ T1117] rust_binder: Write failure EINVAL in pid:152
[   39.291621][ T1124] input: syz1 as /devices/virtual/input/input12
[   39.555663][ T1131] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.561737][ T1133] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.875098][ T1153] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.927360][ T1156] binder: Bad value for 'max'
[   40.002873][ T1158] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   40.018561][ T1154] rust_binder: Error while translating object.
[   40.032636][ T1154] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   40.059241][ T1154] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:164
[   40.078532][ T1161] binder: Unknown parameter ''
[   40.273934][ T1172] rtc_cmos 00:00: Alarms can be up to one day in the future
[   40.303266][ T1171] rtc_cmos 00:00: Alarms can be up to one day in the future
[   40.455008][ T1180] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   40.455314][ T1178] rust_binder: Write failure EINVAL in pid:256
[   40.472719][ T1178] random: crng reseeded on system resumption
[   40.644859][ T1193] binder: Unknown parameter 'ÿÿÿÿÿÿÿÿ'
[   40.758055][ T1195] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   40.762678][ T1195] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   40.769944][ T1198] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   40.774709][ T1199] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   40.788243][ T1198] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:185
[   40.807780][ T1195] rust_binder: Failed to allocate buffer. len:18446744073709551608, is_oneway:false
[   40.812666][ T1199] rust_binder: Write failure EINVAL in pid:259
[   40.829738][ T1195] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   40.829793][  T306] rtc_cmos 00:00: Alarms can be up to one day in the future
[   40.837323][ T1195] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:185
[   40.859927][  T306] rtc_cmos 00:00: Alarms can be up to one day in the future
[   40.921036][  T306] rtc_cmos 00:00: Alarms can be up to one day in the future
[   40.945846][  T306] rtc_cmos 00:00: Alarms can be up to one day in the future
[   40.962839][ T1202] tun0: tun_chr_ioctl cmd 1074025675
[   40.968175][ T1202] tun0: persist disabled
[   40.974721][  T306] rtc rtc0: __rtc_set_alarm: err=-22
[   41.002762][ T1204] tun0: tun_chr_ioctl cmd 1074025675
[   41.008494][ T1204] tun0: persist disabled
[   41.088859][ T1209] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   41.233386][ T1213] binder: Unknown parameter 'coyBLV§"i5ŽÝ”ÃùÒntext'
[   41.335908][ T1218] input: syz0 as /devices/virtual/input/input15
[   41.523649][ T1221] kvm: vcpu 0: requested 16 ns lapic timer period limited to 200000 ns
[   41.544013][ T1221] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=220138064 (3522209024 ns) > initial count (200000 ns). Using initial count to start timer.
[   41.588889][ T1223] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   41.595757][ T1221] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[   41.785348][ T1228] rust_binder: Write failure EFAULT in pid:271
[   41.805594][ T1226] SELinux: security_context_str_to_sid () failed with errno=-22
[   41.854525][ T1231] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   41.905549][ T1233] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   42.030267][ T1238] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   42.033874][ T1239] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:247
[   42.037782][ T1238] rust_binder: Write failure EINVAL in pid:274
[   42.140338][ T1245] input: syz1 as /devices/virtual/input/input18
[   42.250939][ T1244] rust_binder: Write failure EFAULT in pid:201
[   42.413168][   T36] kauditd_printk_skb: 3611 callbacks suppressed
[   42.413189][   T36] audit: type=1400 audit(1750405045.740:8520): avc:  denied  { setattr } for  pid=289 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   42.476833][ T1249] audit: audit_backlog=65 > audit_backlog_limit=64
[   42.477052][  T289] audit: audit_backlog=65 > audit_backlog_limit=64
[   42.484576][ T1249] audit: audit_lost=44 audit_rate_limit=0 audit_backlog_limit=64
[   42.498427][   T36] audit: type=1400 audit(1750405045.740:8521): avc:  denied  { setattr } for  pid=289 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   42.499576][ T1249] audit: backlog limit exceeded
[   42.521775][  T289] audit: audit_lost=45 audit_rate_limit=0 audit_backlog_limit=64
[   42.534762][  T289] audit: backlog limit exceeded
[   42.541156][  T289] audit: audit_backlog=65 > audit_backlog_limit=64
[   42.550020][   T36] audit: type=1400 audit(1750405045.740:8522): avc:  denied  { setattr } for  pid=289 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   42.659311][ T1252] binder: Unknown parameter '*Ô…îÔ‚ìël8bzÔ�\£<3òµ<“ƒÉ´1™ôÃr£2ª^ýÕýuÐ`Ä0ùØ)K ÞpÉÉ¢AzxG�åÁC•\q—NÜÅxö§™êÌoêOY¨4T
äüµiìpæVŽ°ÙÙb‘„?êT²@¤à¥u3Ò©%!YØÀÌIîÊúÞ§A7°ª|º#~²>0XP4ý>¿X‚žn¶õø@ª¡þvøuXÁÿeˆŒQißwžjö°Šz*†00ì—;dôtW«†·%ðÐßzaç9d«æ�­Ê§�.â)²~FÜ|Ëð9¡¦“ˆ'
[   42.754274][ T1257] binder: Unknown parameter 'fowner'
[   42.819549][ T1260] binder: Unknown parameter 'fowner'
[   43.125817][ T1273] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   43.159367][ T1273] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   43.168022][ T1273] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   43.182557][ T1273] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   43.214609][  T292] bridge_slave_1: left allmulticast mode
[   43.232613][  T292] bridge_slave_1: left promiscuous mode
[   43.238481][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.246315][  T292] bridge_slave_0: left allmulticast mode
[   43.253534][  T292] bridge_slave_0: left promiscuous mode
[   43.259190][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.330480][ T1278] rust_binder: Error in use_page_slow: ESRCH
[   43.330508][ T1278] rust_binder: use_range failure ESRCH
[   43.340248][ T1278] rust_binder: Failed to allocate buffer. len:4096, is_oneway:false
[   43.346532][ T1278] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   43.355415][ T1278] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:258
[   43.387754][  T292] veth1_macvtap: left promiscuous mode
[   43.415953][  T292] veth0_vlan: left promiscuous mode
[   43.514989][ T1274] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.522080][ T1274] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.529238][ T1274] bridge_slave_0: entered allmulticast mode
[   43.535480][ T1274] bridge_slave_0: entered promiscuous mode
[   43.543561][ T1274] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.550576][ T1274] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.557863][ T1274] bridge_slave_1: entered allmulticast mode
[   43.564149][ T1274] bridge_slave_1: entered promiscuous mode
[   43.634810][ T1274] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.641847][ T1274] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.649142][ T1274] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.656287][ T1274] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.705592][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.713359][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.728375][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.735537][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.746802][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.753944][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.826924][ T1274] veth0_vlan: entered promiscuous mode
[   43.856673][ T1274] veth1_macvtap: entered promiscuous mode
[   43.947745][ T1290] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   43.964020][ T1288] rust_binder: got new transaction with bad transaction stack
[   43.970455][ T1288] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:291
[   44.109551][ T1293] random: crng reseeded on system resumption
[   44.363307][ T1307] SELinux: security_context_str_to_sid () failed with errno=-22
[   44.372351][ T1309] binder: Bad value for 'max'
[   44.419360][ T1310] input: syz1 as /devices/virtual/input/input20
[   44.495903][ T1312] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[   44.590615][ T1315] rust_binder: Write failure EFAULT in pid:7
[   44.673855][ T1319] rust_binder: Error while translating object.
[   44.680074][ T1319] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   44.690314][ T1319] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:9
[   44.773710][ T1324] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[   44.791118][ T1324] rust_binder: Write failure EINVAL in pid:300
[   44.838160][ T1328] input: syz0 as /devices/virtual/input/input21
[   44.856150][ T1328] input: failed to attach handler leds to device input21, error: -6
[   44.893136][ T1328] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   44.895778][ T1328] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   44.921032][ T1328] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:270
[   44.957271][ T1333] rust_binder: Write failure EINVAL in pid:14
[   45.026554][ T1337] binder: Bad value for 'max'
[   45.072947][ T1335] cgroup: fork rejected by pids controller in /syz3
[   45.169898][ T1344] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   45.172475][ T1342] binder: Bad value for 'max'
[   45.251780][ T1344] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[   45.251808][ T1344] rust_binder: Error while translating object.
[   45.288325][ T1344] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   45.300478][ T1344] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:274
[   45.434121][ T1357] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   45.495295][ T1359] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   45.505083][  T292] bridge_slave_1: left allmulticast mode
[   45.529245][  T292] bridge_slave_1: left promiscuous mode
[   45.544658][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.563833][ T1361] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   45.563858][ T1361] rust_binder: Read failure Err(EFAULT) in pid:25
[   45.582797][  T292] bridge_slave_0: left allmulticast mode
[   45.584791][ T1357] rust_binder: Error in use_page_slow: ESRCH
[   45.592330][  T292] bridge_slave_0: left promiscuous mode
[   45.610962][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.620371][ T1357] rust_binder: use_range failure ESRCH
[   45.620404][ T1357] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[   45.627037][ T1357] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   45.655611][ T1357] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:227
[   45.798741][  T292] veth1_macvtap: left promiscuous mode
[   45.825090][  T292] veth0_vlan: left promiscuous mode
[   45.995779][ T1381] binder: Unknown parameter 'context'
[   46.117169][ T1391] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   46.121166][ T1370] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.166955][ T1391] rust_binder: Error in use_page_slow: ESRCH
[   46.166982][ T1391] rust_binder: use_range failure ESRCH
[   46.176995][ T1370] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.215843][ T1391] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[   46.215878][ T1391] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   46.224724][ T1370] bridge_slave_0: entered allmulticast mode
[   46.244149][ T1395] kvm: user requested TSC rate below hardware speed
[   46.251113][ T1391] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:238
[   46.260224][ T1395] rust_binder: Write failure EINVAL in pid:289
[   46.262458][ T1370] bridge_slave_0: entered promiscuous mode
[   46.284855][ T1370] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.291979][ T1370] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.300462][ T1370] bridge_slave_1: entered allmulticast mode
[   46.319758][ T1370] bridge_slave_1: entered promiscuous mode
[   46.452852][ T1400] binder: Bad value for 'max'
[   46.477517][ T1406] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   46.480204][ T1406] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[   46.530635][ T1370] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.537760][ T1370] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.545092][ T1370] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.552130][ T1370] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.562582][ T1406] rust_binder: Write failure EINVAL in pid:294
[   46.568634][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.603333][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.615943][ T1411] __vm_enough_memory: pid: 1411, comm: syz.2.300, bytes: 281474976845824 not enough memory for the allocation
[   46.708108][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.715299][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.758369][ T1415] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   46.761861][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.775751][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.887645][ T1422] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[   46.887683][ T1422] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:38
[   46.930128][ T1370] veth0_vlan: entered promiscuous mode
[   47.094659][ T1370] veth1_macvtap: entered promiscuous mode
[   47.101505][ T1436] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   47.136389][ T1437] rust_binder: Error while translating object.
[   47.152603][ T1437] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   47.158839][ T1437] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:42
[   47.263721][ T1444] __vm_enough_memory: pid: 1444, comm: syz.4.312, bytes: 137438957568 not enough memory for the allocation
[   47.422617][   T36] kauditd_printk_skb: 1541 callbacks suppressed
[   47.422639][   T36] audit: type=1400 audit(1750405050.740:9930): avc:  denied  { read write open } for  pid=1274 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   47.459453][ T1450] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[   47.472827][   T36] audit: type=1400 audit(1750405050.740:9931): avc:  denied  { ioctl } for  pid=1274 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   47.508381][   T36] audit: type=1400 audit(1750405050.780:9932): avc:  denied  { ioctl } for  pid=1448 comm="syz.2.314" path="/dev/rnullb0" dev="devtmpfs" ino=31 ioctlcmd=0x1268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   47.564701][ T1459] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[   47.564729][ T1459] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   47.581745][ T1459] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:310
[   47.591392][   T36] audit: type=1400 audit(1750405050.780:9933): avc:  denied  { ioctl } for  pid=1449 comm="syz.3.313" path="/dev/binderfs/binder0" dev="binder" ino=13 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   47.629094][   T36] audit: type=1400 audit(1750405050.780:9934): avc:  denied  { call } for  pid=1449 comm="syz.3.313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   47.647952][   T36] audit: type=1400 audit(1750405050.780:9935): avc:  denied  { read write } for  pid=1448 comm="syz.2.314" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   47.672125][   T36] audit: type=1400 audit(1750405050.780:9936): avc:  denied  { ioctl open } for  pid=1448 comm="syz.2.314" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   47.742571][   T36] audit: type=1400 audit(1750405050.790:9937): avc:  denied  { ioctl } for  pid=1448 comm="syz.2.314" path="/dev/rnullb0" dev="devtmpfs" ino=31 ioctlcmd=0x125f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   47.802280][   T36] audit: type=1400 audit(1750405050.790:9938): avc:  denied  { write } for  pid=1448 comm="syz.2.314" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   47.864220][   T36] audit: type=1400 audit(1750405050.790:9939): avc:  denied  { write open } for  pid=1448 comm="syz.2.314" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   47.895212][ T1471] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   47.957708][ T1479] rust_binder: got new transaction with bad transaction stack
[   47.982302][ T1479] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:314
[   47.985659][ T1477] rust_binder: Error while translating object.
[   48.002639][ T1477] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   48.008978][ T1477] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:8
[   48.070662][ T1480] input: syz1 as /devices/virtual/input/input22
[   48.103682][ T1480] input: failed to attach handler leds to device input22, error: -6
[   48.167022][ T1487] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[   48.386597][ T1497] input: syz0 as /devices/virtual/input/input23
[   48.423306][ T1497] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   48.541151][ T1503] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:270
[   48.612153][ T1507] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:65
[   48.724362][ T1512] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:17
[   49.056837][ T1530] random: crng reseeded on system resumption
[   49.314474][ T1541] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:30
[   49.325104][ T1541] rust_binder: Read failure Err(EFAULT) in pid:30
[   49.393839][ T1544] binder: Bad value for 'max'
[   49.608592][ T1560] rust_binder: Write failure EINVAL in pid:332
[   49.641648][ T1559] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   49.661915][ T1564] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[   49.669339][ T1564] rust_binder: Error while translating object.
[   49.672410][ T1559] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   49.681772][ T1564] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   49.689783][ T1559] rust_binder: Write failure EINVAL in pid:281
[   49.697846][ T1564] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:334
[   49.716499][ T1566] binder: Unknown parameter ''
[   49.782302][ T1568] rust_binder: Write failure EINVAL in pid:338
[   49.837202][ T1576] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:283
[   49.874447][ T1578] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   49.883693][ T1578] rust_binder: Read failure Err(EFAULT) in pid:81
[   49.990865][ T1581] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.020334][ T1586] rust_binder: Error while translating object.
[   50.027650][ T1581] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[   50.049273][ T1586] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   50.061668][ T1586] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:83
[   50.254682][ T1597] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   50.295266][ T1597] rust_binder: Write failure EINVAL in pid:348
[   50.396699][ T1605] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.414747][ T1601] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[   50.443951][ T1605] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:290
[   50.482417][ T1601] rust_binder: Write failure EINVAL in pid:88
[   50.622691][ T1621] SELinux: security_context_str_to_sid (sytem_uÝGй‰:ÿß) failed with errno=-22
[   50.647826][ T1623] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.660434][ T1621] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   50.692055][ T1621] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:47
[   50.714483][ T1623] rust_binder: Error in use_page_slow: ESRCH
[   50.748058][ T1623] rust_binder: use_range failure ESRCH
[   50.768261][ T1623] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[   50.779853][ T1623] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   50.792686][ T1623] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:295
[   50.886384][ T1630] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:49
[   50.914034][ T1630] rust_binder: Error while translating object.
[   50.942975][ T1630] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   50.969630][ T1630] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:49
[   50.982339][ T1632] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[   51.001238][ T1632] rust_binder: Error while translating object.
[   51.054833][ T1632] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   51.065270][ T1632] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:92
[   51.199004][ T1647] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:364
[   51.277779][ T1649] SELinux: failed to load policy
[   51.322929][ T1655] rust_binder: Write failure EINVAL in pid:54
[   51.815516][ T1682] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   51.829546][ T1682] rust_binder: Error in use_page_slow: ESRCH
[   51.842279][ T1682] rust_binder: use_range failure ESRCH
[   51.854648][ T1682] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[   51.866663][ T1682] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   51.886635][ T1682] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:311
[   52.317744][ T1710] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   52.335144][ T1710] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:106
[   52.437659][   T36] kauditd_printk_skb: 1579 callbacks suppressed
[   52.437680][   T36] audit: type=1400 audit(1750405055.760:11492): avc:  denied  { ioctl } for  pid=1719 comm="syz.4.401" path="/dev/rnullb0" dev="devtmpfs" ino=31 ioctlcmd=0x125f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   52.520523][ T1709] rust_binder: Error in use_page_slow: ESRCH
[   52.520556][ T1709] rust_binder: use_range failure ESRCH
[   52.533073][ T1709] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[   52.543184][   T36] audit: type=1400 audit(1750405055.820:11493): avc:  denied  { read write } for  pid=1274 comm="syz-executor" name="loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   52.588105][ T1709] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   52.588158][ T1709] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:65
[   52.597284][ T1730] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   52.610441][   T36] audit: type=1400 audit(1750405055.820:11494): avc:  denied  { read write open } for  pid=1274 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   52.645715][ T1731] PM: Enabling pm_trace changes system date and time during resume.
[   52.645715][ T1731] PM: Correct system time has to be restored manually after resume.
[   52.647047][   T36] audit: type=1400 audit(1750405055.820:11495): avc:  denied  { ioctl } for  pid=1274 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   52.694754][ T1733] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:321
[   52.694908][   T36] audit: type=1400 audit(1750405055.830:11496): avc:  denied  { read write } for  pid=288 comm="syz-executor" name="loop0" dev="devtmpfs" ino=49 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   52.728725][   T36] audit: type=1400 audit(1750405055.830:11497): avc:  denied  { read write open } for  pid=288 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=49 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   52.749211][ T1737] binder: Unknown parameter 'smackfsrfs'
[   52.759824][   T36] audit: type=1400 audit(1750405055.830:11498): avc:  denied  { ioctl } for  pid=288 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=49 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   52.827350][   T36] audit: type=1400 audit(1750405055.830:11499): avc:  denied  { read } for  pid=1707 comm="syz.3.398" name="ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   52.871225][ T1742] input: syz1 as /devices/virtual/input/input24
[   52.877714][   T36] audit: type=1400 audit(1750405055.830:11500): avc:  denied  { read open } for  pid=1707 comm="syz.3.398" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   52.943922][   T36] audit: type=1400 audit(1750405055.830:11501): avc:  denied  { ioctl } for  pid=1707 comm="syz.3.398" path="/dev/ashmem" dev="devtmpfs" ino=201 ioctlcmd=0x7703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   53.118440][ T1755] binder: Bad value for 'max'
[   53.213712][ T1750] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=320745794 (2565966352 ns) > initial count (325012024 ns). Using initial count to start timer.
[   53.219220][ T1760] rust_binder: Error while translating object.
[   53.245359][ T1760] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[   53.254683][ T1760] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:75
[   53.430943][ T1768] rust_binder: Write failure EINVAL in pid:77
[   53.772890][ T1783] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   53.923464][ T1783] kvm: Disabled LAPIC found during irq injection
[   54.003181][ T1791] binder: Bad value for 'stats'
[   54.133171][ T1797] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   54.133206][ T1797] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:84
[   54.545860][ T1812] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   54.593955][ T1812] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   54.618754][ T1812] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   54.866096][ T1827] SELinux: security_context_str_to_sid (syste_uÝGй‰:ÿß) failed with errno=-22
[   57.733029][   T36] kauditd_printk_skb: 365 callbacks suppressed
[   57.733047][   T36] audit: type=1400 audit(1750405061.060:11867): avc:  denied  { read } for  pid=1832 comm="syz.4.435" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   57.769968][ T1837] kvm: kvm [1833]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010007) = 0x7
[   57.785362][   T36] audit: type=1400 audit(1750405061.060:11868): avc:  denied  { read open } for  pid=1832 comm="syz.4.435" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   57.810590][   T36] audit: type=1400 audit(1750405061.060:11869): avc:  denied  { append } for  pid=1833 comm="syz.3.437" name="hwrng" dev="devtmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   57.856558][   T36] audit: type=1400 audit(1750405061.060:11870): avc:  denied  { read } for  pid=1833 comm="syz.3.437" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   57.904485][   T36] audit: type=1400 audit(1750405061.060:11871): avc:  denied  { read open } for  pid=1833 comm="syz.3.437" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   57.942856][ T1851] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.958218][ T1838] SELinux:  policydb version 970860053 does not match my version range 15-33
[   57.994280][   T36] audit: type=1400 audit(1750405061.060:11872): avc:  denied  { read } for  pid=1833 comm="syz.3.437" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   58.057079][ T1838] SELinux: failed to load policy
[   58.067049][ T1852] audit: audit_backlog=65 > audit_backlog_limit=64
[   58.073634][   T36] audit: type=1400 audit(1750405061.060:11873): avc:  denied  { read open } for  pid=1833 comm="syz.3.437" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   58.101404][ T1852] audit: audit_lost=100 audit_rate_limit=0 audit_backlog_limit=64
[   58.110212][ T1864] audit: audit_backlog=65 > audit_backlog_limit=64
[   58.117336][ T1852] SELinux:  policydb version 970860053 does not match my version range 15-33
[   58.132595][ T1852] SELinux: failed to load policy
[   58.428180][ T1880] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   58.430525][ T1880] rust_binder: Write failure EINVAL in pid:346
[   58.581288][ T1883] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   58.605511][ T1883] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:108
[   58.629292][ T1891] SELinux: failed to load policy
[   58.802287][ T1901] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:158
[   58.804454][ T1901] rust_binder: Error while translating object.
[   58.837365][ T1901] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   58.849396][ T1903] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[   58.859222][ T1901] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:158
[   58.873296][ T1903] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   58.933690][ T1903] rust_binder: Failed to allocate buffer. len:64, is_oneway:false
[   59.233482][ T1923] __vm_enough_memory: pid: 1923, comm: syz.2.461, bytes: 281474976845824 not enough memory for the allocation
[   59.426086][ T1941] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   59.476657][ T1943] rust_binder: Write failure EINVAL in pid:124
[   59.495232][ T1943] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 136, limit: 136, size: 75)
[   59.495259][ T1943] rust_binder: Error while translating object.
[   59.515951][ T1943] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   59.558342][ T1943] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:124
[   59.825768][ T1963] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 132)
[   59.842650][ T1963] rust_binder: Error while translating object.
[   59.862602][ T1963] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   59.868955][ T1963] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:178
[   59.907799][ T1961] kvm: user requested TSC rate below hardware speed
[   60.330363][ T1994] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:182
[   60.687506][ T2019] binder: Unknown parameter '00000000000000000000000'
[   60.773953][ T2021] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   60.803668][ T2021] rust_binder: Error while translating object.
[   60.846712][ T2021] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   60.872664][ T2021] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:373
[   61.032314][  T292] Bluetooth: hci0: Frame reassembly failed (-84)
[   61.251404][ T2052] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   61.251436][ T2052] rust_binder: Read failure Err(EFAULT) in pid:155
[   61.364401][ T2055] rust_binder: Write failure EINVAL in pid:157
[   61.389523][ T2055] rust_binder: Write failure EFAULT in pid:157
[   61.469714][ T2063] rust_binder: Error while translating object.
[   61.476124][ T2063] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   61.482454][ T2063] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:160
[   61.691192][ T2076] binder: Bad value for 'max'
[   61.715399][ T2076] binder: Unknown parameter 'hash'
[   61.721583][ T2077] binder: Unknown parameter 'hash'
[   61.727476][ T2076] rust_binder: Write failure EINVAL in pid:167
[   61.907197][ T2084] __vm_enough_memory: pid: 2084, comm: syz.4.514, bytes: 281474976845824 not enough memory for the allocation
[   62.111020][ T2096] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   62.141934][ T2096] input: syz0 as /devices/virtual/input/input26
[   62.399246][ T2112] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[   62.399303][ T2112] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:225
[   62.757050][   T36] kauditd_printk_skb: 1180 callbacks suppressed
[   62.757069][   T36] audit: type=1400 audit(1750405066.080:13048): avc:  denied  { read } for  pid=2125 comm="syz.0.527" name="binder1" dev="binder" ino=24 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   62.804800][ T2119] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   62.804838][ T2119] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:229
[   62.808843][ T2126] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:502
[   62.823715][   T36] audit: type=1400 audit(1750405066.130:13049): avc:  denied  { ioctl } for  pid=2118 comm="syz.4.525" path="/dev/binderfs/binder0" dev="binder" ino=31 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   62.836994][ T2126] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   62.859346][   T36] audit: type=1400 audit(1750405066.130:13050): avc:  denied  { call } for  pid=2118 comm="syz.4.525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   62.862546][ T2126] rust_binder: Read failure Err(EFAULT) in pid:502
[   62.867394][   T36] audit: type=1400 audit(1750405066.130:13051): avc:  denied  { read open } for  pid=2125 comm="syz.0.527" path="/dev/binderfs/binder1" dev="binder" ino=24 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   62.920114][   T36] audit: type=1400 audit(1750405066.130:13052): avc:  denied  { ioctl } for  pid=2125 comm="syz.0.527" path="/dev/binderfs/binder1" dev="binder" ino=24 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   62.946426][   T36] audit: type=1400 audit(1750405066.240:13053): avc:  denied  { read write } for  pid=1370 comm="syz-executor" name="loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   62.982732][   T36] audit: type=1400 audit(1750405066.240:13054): avc:  denied  { read write open } for  pid=1370 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   63.008587][   T36] audit: type=1400 audit(1750405066.240:13055): avc:  denied  { ioctl } for  pid=1370 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   63.072198][   T36] audit: type=1400 audit(1750405066.270:13056): avc:  denied  { ioctl } for  pid=2125 comm="syz.0.527" path="/dev/binderfs/binder1" dev="binder" ino=24 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   63.102597][  T774] Bluetooth: hci0: command 0x1003 tx timeout
[   63.109015][   T52] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   63.157593][   T36] audit: type=1400 audit(1750405066.310:13057): avc:  denied  { read append } for  pid=2128 comm="syz.3.528" name="rtc0" dev="devtmpfs" ino=195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   63.362659][ T2143] rust_binder: Write failure EFAULT in pid:185
[   63.573025][ T2156] rust_binder: Write failure EFAULT in pid:240
[   63.617537][ T2160] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   63.632619][ T2160] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:190
[   63.781466][ T2167] binfmt_misc: register: failed to install interpreter file ./cgroup
[   63.893376][ T2179] random: crng reseeded on system resumption
[   63.970779][ T2183] binder: Unknown parameter 'subj_type'
[   63.985848][ T2188] tap0: tun_chr_ioctl cmd 2148553947
[   64.026249][ T2176] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:194
[   64.034283][ T2190] tap0: tun_chr_ioctl cmd 1074812118
[   64.059209][ T2193] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:517
[   64.059255][ T2193] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   64.068717][ T2193] rust_binder: Read failure Err(EFAULT) in pid:517
[   64.187975][ T2199] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   64.294085][ T2204] binder: Unknown parameter ' '
[   64.384229][ T2218] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   64.463716][ T2220] __vm_enough_memory: pid: 2220, comm: syz.3.556, bytes: 281474976845824 not enough memory for the allocation
[   64.801596][ T2238] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   64.813426][ T2236] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[   64.847936][ T2236] rust_binder: Write failure EINVAL in pid:204
[   64.858003][ T2236] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:204
[   64.922669][ T2242] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   64.964685][ T2241] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[   65.010794][ T2243] rust_binder: Failed to allocate buffer. len:65376, is_oneway:true
[   65.010822][ T2243] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   65.039295][ T2243] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:399
[   65.275965][ T2266] binder: Unknown parameter 'uid'
[   65.420348][ T2277] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   65.580472][ T2286] binder: Unknown parameter 'fscontext?}'
[   65.693133][ T2296] rust_binder: Write failure EINVAL in pid:220
[   65.894846][ T2307] rust_binder: Write failure EINVAL in pid:293
[   66.028784][ T2313] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   66.107302][ T2313] tun0: tun_chr_ioctl cmd 1074025676
[   66.158334][ T2319] rust_binder: Error in use_page_slow: ESRCH
[   66.158364][ T2319] rust_binder: use_range failure ESRCH
[   66.175287][ T2313] tun0: owner set to 0
[   66.184280][ T2319] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[   66.192603][ T2319] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   66.211844][ T2319] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:417
[   66.483504][ T2340] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   66.564812][ T2346] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:420
[   67.034884][ T2361] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   67.408807][ T2373] binder: Bad value for 'defcontext'
[   67.540747][ T2380] binder: Bad value for 'stats'
[   67.776596][   T36] kauditd_printk_skb: 1280 callbacks suppressed
[   67.776612][   T36] audit: type=1400 audit(1750405071.100:14338): avc:  denied  { read write } for  pid=1274 comm="syz-executor" name="loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   67.817747][   T36] audit: type=1400 audit(1750405071.100:14339): avc:  denied  { read write open } for  pid=1274 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   67.843514][   T36] audit: type=1400 audit(1750405071.100:14340): avc:  denied  { ioctl } for  pid=1274 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=53 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   67.869893][   T36] audit: type=1400 audit(1750405071.170:14341): avc:  denied  { read write } for  pid=2396 comm="syz.4.608" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   67.893801][   T36] audit: type=1400 audit(1750405071.170:14342): avc:  denied  { read open } for  pid=2396 comm="syz.4.608" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   67.896363][ T2399] audit: audit_backlog=65 > audit_backlog_limit=64
[   67.919560][   T36] audit: type=1400 audit(1750405071.170:14343): avc:  denied  { read write } for  pid=2396 comm="syz.4.608" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   67.925473][ T2399] audit: audit_lost=103 audit_rate_limit=0 audit_backlog_limit=64
[   67.956648][   T36] audit: type=1400 audit(1750405071.170:14344): avc:  denied  { read open } for  pid=2396 comm="syz.4.608" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   67.968978][ T2399] audit: backlog limit exceeded
[   68.091655][ T2402] rust_binder: Failed copying remainder into alloc: EFAULT
[   68.091679][ T2402] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[   68.108425][ T2402] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   68.117272][ T2402] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:435
[   68.312375][ T2407] SELinux: security_context_str_to_sid (syste_uÝGй‰:ÿß) failed with errno=-22
[   68.433733][ T2421] input: syz0 as /devices/virtual/input/input28
[   68.440143][ T2421] input: failed to attach handler leds to device input28, error: -6
[   68.853745][ T2435] binder: Bad value for 'max'
[   69.282361][ T2447] rust_binder: Write failure EINVAL in pid:451
[   69.313360][ T2446] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[   69.329811][ T2446] rust_binder: Error while translating object.
[   69.372362][ T2446] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   69.419401][ T2446] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:258
[   69.553652][ T2469] rust_binder: Error while translating object.
[   69.585728][ T2469] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[   69.592054][ T2469] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:260
[   69.869036][ T2481] binder: Unknown parameter 'staò­´|‰6ts'
[   70.361856][ T2499] kvm: kvm [2498]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc2) = 0xffffffffffff6253
[   70.512920][ T2503] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   70.568860][ T2506] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   70.578618][ T2506] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:462
[   70.712236][ T2505] random: crng reseeded on system resumption
[   70.894486][ T2516] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:278
[   71.191672][ T2529] rust_binder: Write failure EFAULT in pid:360
[   71.277315][ T2531] rust_binder: Error in use_page_slow: ESRCH
[   71.277342][ T2531] rust_binder: use_range failure ESRCH
[   71.284825][ T2531] rust_binder: Failed to allocate buffer. len:112, is_oneway:false
[   71.290633][ T2531] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   71.300968][ T2531] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:289
[   71.477795][ T2541] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   71.507741][ T2541] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:465
[   71.949503][ T2570] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[   71.997763][ T2570] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   72.032409][ T2570] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:370
[   72.204426][ T2583] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   72.236149][ T2583] rust_binder: Error in use_page_slow: ESRCH
[   72.256368][ T2581] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[   72.270505][ T2583] rust_binder: use_range failure ESRCH
[   72.270535][ T2583] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[   72.282597][ T2583] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   72.293688][ T2581] SELinux: failed to load policy
[   72.310547][ T2583] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:473
[   72.380817][ T2585] rust_binder: Error while translating object.
[   72.395641][ T2585] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   72.406911][ T2585] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:596
[   72.568195][ T2598] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   72.691213][ T2603] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:481
[   72.716130][ T2605] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:599
[   72.758274][ T2607] binder: Bad value for 'max'
[   72.789641][   T36] kauditd_printk_skb: 1314 callbacks suppressed
[   72.789662][   T36] audit: type=1400 audit(1750405076.110:15659): avc:  denied  { read } for  pid=2606 comm="syz.4.675" name="ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   72.822730][   T36] audit: type=1400 audit(1750405076.110:15660): avc:  denied  { read open } for  pid=2606 comm="syz.4.675" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   72.878768][   T36] audit: type=1400 audit(1750405076.110:15661): avc:  denied  { ioctl } for  pid=2606 comm="syz.4.675" path="/dev/ashmem" dev="devtmpfs" ino=201 ioctlcmd=0x7704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   72.922156][   T36] audit: type=1400 audit(1750405076.110:15662): avc:  denied  { read } for  pid=2606 comm="syz.4.675" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   72.949810][   T36] audit: type=1400 audit(1750405076.110:15663): avc:  denied  { read open } for  pid=2606 comm="syz.4.675" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   72.975122][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   72.992647][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.015383][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.032238][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.040324][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.048221][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.053392][ T1164] hid-generic 008E:0FFF:0006.0003: unknown main item tag 0xe
[   73.055821][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.073108][   T36] audit: type=1400 audit(1750405076.110:15664): avc:  denied  { ioctl } for  pid=2606 comm="syz.4.675" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   73.074408][ T1164] hid-generic 008E:0FFF:0006.0003: unknown main item tag 0x7
[   73.099148][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.132657][   T36] audit: type=1400 audit(1750405076.180:15665): avc:  denied  { read write } for  pid=1370 comm="syz-executor" name="loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   73.143439][ T1164] hid-generic 008E:0FFF:0006.0003: unknown main item tag 0x2
[   73.162638][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.184088][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.192280][ T1164] hid-generic 008E:0FFF:0006.0003: item fetching failed at offset 26/28
[   73.199914][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.201595][ T1164] hid-generic 008E:0FFF:0006.0003: probe with driver hid-generic failed with error -22
[   73.214504][   T36] audit: type=1400 audit(1750405076.180:15666): avc:  denied  { read write open } for  pid=1370 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   73.222404][ T1164] hid (null): unknown global tag 0xd
[   73.245300][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.250935][ T1164] hid (null): unknown global tag 0xc
[   73.257853][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.264384][ T1164] hid (null): unknown global tag 0xd
[   73.270763][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.276102][ T1164] hid (null): invalid report_count -533711321
[   73.283485][   T36] audit: type=1400 audit(1750405076.180:15667): avc:  denied  { ioctl } for  pid=1370 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   73.289047][ T1164] hid (null): global environment stack underflow
[   73.315454][  T306] hid-generic 009C:0008:0003.0002: unknown main item tag 0x0
[   73.321534][ T1164] hid (null): unknown global tag 0xe
[   73.329598][   T36] audit: type=1400 audit(1750405076.200:15668): avc:  denied  { read write } for  pid=288 comm="syz-executor" name="loop0" dev="devtmpfs" ino=49 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   73.337217][ T1164] hid-generic 0418:0007:03FF.0004: unknown main item tag 0x5
[   73.359524][  T306] hid-generic 009C:0008:0003.0002: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[   73.375386][ T1164] hid-generic 0418:0007:03FF.0004: unknown main item tag 0xd
[   73.415760][ T1164] hid-generic 0418:0007:03FF.0004: unknown main item tag 0x1
[   73.440946][ T1164] hid-generic 0418:0007:03FF.0004: unknown global tag 0xd
[   73.442869][ T2621] rust_binder: Write failure EFAULT in pid:317
[   73.449002][ T2622] rust_binder: Write failure EFAULT in pid:317
[   73.455360][ T1164] hid-generic 0418:0007:03FF.0004: item 0 2 1 13 parsing failed
[   73.470247][ T1164] hid-generic 0418:0007:03FF.0004: probe with driver hid-generic failed with error -22
[   73.698695][ T2625] fido_id[2625]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   73.732905][ T2639] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   73.778729][ T2640] rust_binder: Failed to allocate buffer. len:18446744073709551608, is_oneway:false
[   73.839029][ T2647] SELinux: failed to load policy
[   74.063125][ T2653] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[   74.303895][ T2670] binder: Bad value for 'max'
[   74.392948][ T2673] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   74.415287][ T2675] rust_binder: Error while translating object.
[   74.415319][ T2675] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[   74.416495][ T2676] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   74.445688][ T2673] SELinux: failed to load policy
[   74.457296][ T2675] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:616
[   74.458552][ T2679] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   74.484934][ T2679] rust_binder: Error while translating object.
[   74.491513][ T2679] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[   74.523390][ T2679] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:497
[   74.611239][ T2690] SELinux: security_context_str_to_sid (syste_uÝGй‰:ÿß) failed with errno=-22
[   74.667202][ T2693] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   74.689310][ T2693] rust_binder: Write failure EINVAL in pid:499
[   74.766528][ T2701] input: syz0 as /devices/virtual/input/input29
[   74.926734][ T2706] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   74.926761][ T2706] rust_binder: Read failure Err(EFAULT) in pid:343
[   75.200991][ T2717] SELinux: failed to load policy
[   75.251824][ T2727] rust_binder: Write failure EFAULT in pid:511
[   75.254038][ T2717] rust_binder: Error in use_page_slow: ESRCH
[   75.254889][ T2733] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   75.266478][ T2717] rust_binder: use_range failure ESRCH
[   75.291725][ T2733] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   75.301540][ T2717] rust_binder: Failed to allocate buffer. len:120, is_oneway:false
[   75.318833][ T2733] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   75.330852][ T2717] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   75.340085][ T2717] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:396
[   75.431113][ T2743] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   75.473367][ T2743] rust_binder: Error in use_page_slow: ESRCH
[   75.479834][ T2743] rust_binder: use_range failure ESRCH
[   75.512663][ T2743] rust_binder: Failed to allocate buffer. len:4240, is_oneway:false
[   75.518393][ T2743] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   75.542697][ T2743] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:515
[   75.604352][ T2737] rust_binder: Read failure Err(EFAULT) in pid:634
[   75.743440][ T2758] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[   75.831679][ T2762] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[   75.831736][ T2766] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   75.872640][ T2762] rust_binder: Write failure EINVAL in pid:640
[   75.893351][ T2770] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:361
[   75.939899][ T2767] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:401
[   75.963651][ T2770] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   76.035469][ T2770] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:361
[   76.259456][ T2780] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   76.266107][ T2777] kvm: kvm [2775]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0xa1a9
[   76.304526][ T2777] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:405
[   76.304570][ T2777] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   76.318841][ T2777] rust_binder: Read failure Err(EFAULT) in pid:405
[   76.321197][ T2780] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 255)
[   76.344737][ T2780] rust_binder: Error while translating object.
[   76.371282][ T2780] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   76.380214][ T2783] rust_binder: Read failure Err(EAGAIN) in pid:646
[   76.392338][ T2780] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:525
[   76.576177][ T2790] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   76.587933][ T2790] rust_binder: Write failure EINVAL in pid:527
[   76.824350][ T2797] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   76.839518][ T2797] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:653
[   76.865289][ T2812] binder: Bad value for 'stats'
[   76.894119][ T2811] rust_binder: Error while translating object.
[   76.902596][ T2811] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   76.911685][ T2811] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:369
[   76.951166][ T2818] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   76.995504][ T2823] rust_binder: Error while translating object.
[   77.022843][ T2823] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   77.043104][ T2823] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:534
[   77.044386][ T2818] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   77.237214][ T2833] input: syz1 as /devices/virtual/input/input31
[   77.473156][ T2844] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   77.473195][ T2844] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:662
[   77.504692][ T2844] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   77.532236][ T2844] rust_binder: Read failure Err(EFAULT) in pid:662
[   77.747735][ T2852] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   77.776329][ T2852] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:664
[   77.794783][   T36] kauditd_printk_skb: 1078 callbacks suppressed
[   77.794803][   T36] audit: type=1400 audit(1750405081.120:16747): avc:  denied  { read open } for  pid=2853 comm="syz.3.755" path="/dev/binderfs/binder0" dev="binder" ino=28 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   77.845347][ T2857] audit: audit_backlog=65 > audit_backlog_limit=64
[   77.852069][ T2857] audit: audit_lost=104 audit_rate_limit=0 audit_backlog_limit=64
[   77.857870][ T2855] audit: audit_backlog=65 > audit_backlog_limit=64
[   77.872759][ T2866] audit: audit_backlog=65 > audit_backlog_limit=64
[   77.890492][ T2867] audit: audit_backlog=65 > audit_backlog_limit=64
[   77.892941][ T2865] audit: audit_backlog=65 > audit_backlog_limit=64
[   77.909688][ T2866] audit: audit_lost=105 audit_rate_limit=0 audit_backlog_limit=64
[   77.912728][ T2857] audit: backlog limit exceeded
[   77.918970][ T2855] audit: audit_lost=106 audit_rate_limit=0 audit_backlog_limit=64
[   77.930844][ T2867] binder: Unknown parameter 'context'
[   78.053660][ T2873] rust_binder: Write failure EINVAL in pid:669
[   78.128119][ T2876] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[   78.150011][ T2876] SELinux: failed to load policy
[   78.316329][ T2886] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:673
[   78.595596][ T2899] rust_binder: Error while translating object.
[   78.623774][ T2899] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   78.640552][ T2899] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:394
[   78.988192][ T2911] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   79.006970][ T2911] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:435
[   79.056993][ T2911] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   79.068574][ T2911] rust_binder: Read failure Err(EFAULT) in pid:435
[   79.943343][ T2952] rust_binder: Write failure EINVAL in pid:692
[   80.236903][ T2968] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[   80.303372][ T2968] random: crng reseeded on system resumption
[   80.370278][ T2977] rust_binder: Write failure EINVAL in pid:696
[   80.509910][ T2982] SELinux:  policydb magic number 0x8 does not match expected magic number 0xf97cff8c
[   80.543675][ T2982] SELinux: failed to load policy
[   80.724925][ T2989] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   80.725245][ T2989] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:435
[   80.923243][ T3001] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   80.983888][ T3006] __vm_enough_memory: pid: 3006, comm: syz.0.801, bytes: 281474976845824 not enough memory for the allocation
[   81.014749][ T3007] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   81.214462][ T3018] input: syz0 as /devices/virtual/input/input34
[   81.340692][  T292] Bluetooth: hci0: Frame reassembly failed (-90)
[   81.351679][ T3027] kvm: kvm [3025]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010005) = 0x1
[   81.383828][ T3027] binder: Unknown parameter 'coyBLV§"i5ŽÝ”ÃùÒntext'
[   81.673587][ T3042] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   81.719674][ T3044] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   81.720945][ T3044] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:461
[   82.167366][ T3059] random: crng reseeded on system resumption
[   82.616992][ T3067] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   82.725631][ T3072] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   82.784259][ T3074] random: crng reseeded on system resumption
[   82.804193][   T36] kauditd_printk_skb: 3447 callbacks suppressed
[   82.804221][   T36] audit: type=1400 audit(1750405086.130:20189): avc:  denied  { setattr } for  pid=1274 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   82.850824][   T36] audit: type=1400 audit(1750405086.130:20190): avc:  denied  { setattr } for  pid=1274 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   82.877636][ T1274] audit: audit_backlog=65 > audit_backlog_limit=64
[   82.884327][ T1274] audit: audit_lost=109 audit_rate_limit=0 audit_backlog_limit=64
[   82.892321][ T1274] audit: backlog limit exceeded
[   82.899714][ T1274] audit: audit_backlog=65 > audit_backlog_limit=64
[   82.906370][   T36] audit: type=1400 audit(1750405086.130:20191): avc:  denied  { setattr } for  pid=1274 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   82.931312][ T1274] audit: audit_lost=110 audit_rate_limit=0 audit_backlog_limit=64
[   82.940142][ T1274] audit: backlog limit exceeded
[   82.945200][   T36] audit: type=1400 audit(1750405086.130:20192): avc:  denied  { setattr } for  pid=1274 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   83.058065][ T3081] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   83.064350][ T3081] rust_binder: Failed to allocate buffer. len:18446744073709551608, is_oneway:false
[   83.088850][ T3081] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   83.124187][ T3081] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:470
[   83.412581][   T52] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   83.428301][  T774] Bluetooth: hci0: command 0x1003 tx timeout
[   83.995857][ T3100] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   84.063110][ T3099] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   84.082605][ T3099] rust_binder: Failure in copy_transaction_data: BR_DEAD_REPLY
[   84.093044][ T3099] rust_binder: Failure BR_DEAD_REPLY during reply - delivering BR_FAILED_REPLY to sender.
[   85.174675][ T3127] rust_binder: Write failure EFAULT in pid:494
[   85.244446][ T3129] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   85.250650][ T3129] rust_binder: Read failure Err(EFAULT) in pid:724
[   85.340489][ T3134] binder: Unknown parameter 'non'
[   85.564424][ T3140] random: crng reseeded on system resumption
[   86.016746][  T292] bridge_slave_1: left allmulticast mode
[   86.022466][  T292] bridge_slave_1: left promiscuous mode
[   86.037314][ T3259] input: syz0 as /devices/virtual/input/input37
[   86.072609][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.100162][  T292] bridge_slave_0: left allmulticast mode
[   86.115822][  T292] bridge_slave_0: left promiscuous mode
[   86.121630][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.315426][  T292] veth1_macvtap: left promiscuous mode
[   86.320992][  T292] veth0_vlan: left promiscuous mode
[   86.538052][ T3269] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.546528][ T3269] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.556088][ T3269] bridge_slave_0: entered allmulticast mode
[   86.573966][ T3269] bridge_slave_0: entered promiscuous mode
[   86.601394][ T3269] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.622577][ T3269] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.632650][ T3269] bridge_slave_1: entered allmulticast mode
[   86.642240][ T3269] bridge_slave_1: entered promiscuous mode
[   86.838304][ T3269] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.845385][ T3269] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.852770][ T3269] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.859802][ T3269] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.923832][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.933331][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.965941][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.973297][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.009145][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.016527][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.215219][ T3269] veth0_vlan: entered promiscuous mode
[   87.261608][ T3269] veth1_macvtap: entered promiscuous mode
[   87.467682][ T3292] rust_binder: Write failure EFAULT in pid:2
[   87.813009][   T36] kauditd_printk_skb: 4215 callbacks suppressed
[   87.813029][   T36] audit: type=1400 audit(1750405091.130:24270): avc:  denied  { setattr } for  pid=1274 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   87.864790][ T3269] audit: audit_backlog=65 > audit_backlog_limit=64
[   87.866580][ T1274] audit: audit_backlog=65 > audit_backlog_limit=64
[   87.872994][ T3269] audit: audit_lost=157 audit_rate_limit=0 audit_backlog_limit=64
[   87.883130][ T1274] audit: audit_lost=158 audit_rate_limit=0 audit_backlog_limit=64
[   87.891724][  T288] audit: audit_backlog=65 > audit_backlog_limit=64
[   87.895568][   T36] audit: type=1400 audit(1750405091.140:24271): avc:  denied  { ioctl } for  pid=3300 comm="syz.0.860" path="/dev/binderfs/binder1" dev="binder" ino=14 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   87.904315][ T3269] audit: backlog limit exceeded
[   87.927066][ T1274] audit: backlog limit exceeded
[   87.932864][  T288] audit: audit_lost=159 audit_rate_limit=0 audit_backlog_limit=64
[   88.966888][ T3348] kvm: user requested TSC rate below hardware speed
[   89.001128][ T3348] kvm: user requested TSC rate below hardware speed
[   89.100174][ T3362] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   89.100217][ T3362] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:771
[   89.232857][ T3369] binder: Bad value for 'max'
[   89.233435][ T3367] binder: Bad value for 'max'
[   89.586177][ T3383] SELinux:  policydb string  does not match my string SE Linux
[   89.619313][ T3383] SELinux: failed to load policy
[   89.709776][ T3386] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:779
[   89.815516][ T3391] rust_binder: Got transaction with invalid offset.
[   89.836866][ T3396] input: syz1 as /devices/virtual/input/input39
[   89.872636][ T3391] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   89.872673][ T3391] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:28
[   90.007403][ T3396] input: syz1 as /devices/virtual/input/input38
[   90.031030][ T3404] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:33
[   90.088922][ T3402] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   90.157013][ T3409] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:38
[   90.157082][ T3409] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   90.181332][ T3409] rust_binder: Read failure Err(EFAULT) in pid:38
[   90.212695][ T3402] can0: slcan on ttyS3.
[   90.358986][ T3402] can0 (unregistered): slcan off ttyS3.
[   90.443656][ T3425] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:40
[   90.443707][ T3425] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   90.471359][ T3425] rust_binder: Read failure Err(EFAULT) in pid:40
[   90.501201][ T3428] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:40
[   90.620723][ T3436] binder: Unknown parameter '00000000000000000000000'
[   91.153010][ T3462] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   91.173976][ T3462] rust_binder: Error while translating object.
[   91.174017][ T3462] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   91.180391][ T3462] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:813
[   91.295382][ T3466] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:44
[   91.326000][ T3467] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[   91.398151][ T3467] rust_binder: Write failure EINVAL in pid:44
[   91.713013][ T3484] rust_binder: Write failure EINVAL in pid:817
[   92.120642][ T3504] rust_binder: Write failure EINVAL in pid:50
[   92.214658][ T3510] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:825
[   92.249838][ T3510] rust_binder: Error while translating object.
[   92.278884][ T3510] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   92.293358][ T3510] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:825
[   92.823326][   T36] kauditd_printk_skb: 3921 callbacks suppressed
[   92.823344][   T36] audit: type=1400 audit(1750405096.150:28078): avc:  denied  { setattr } for  pid=1274 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   92.894051][   T36] audit: type=1400 audit(1750405096.160:28079): avc:  denied  { append } for  pid=3534 comm="syz.2.926" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   92.925884][ T3538] audit: audit_backlog=65 > audit_backlog_limit=64
[   92.925975][ T1274] audit: audit_backlog=65 > audit_backlog_limit=64
[   92.939087][ T1274] audit: audit_lost=198 audit_rate_limit=0 audit_backlog_limit=64
[   92.942548][ T3538] audit: audit_lost=199 audit_rate_limit=0 audit_backlog_limit=64
[   92.947656][ T1274] audit: backlog limit exceeded
[   92.956523][   T36] audit: type=1400 audit(1750405096.160:28080): avc:  denied  { append open } for  pid=3534 comm="syz.2.926" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   92.961969][ T1274] audit: audit_backlog=65 > audit_backlog_limit=64
[   92.991381][ T1274] audit: audit_lost=200 audit_rate_limit=0 audit_backlog_limit=64
[   93.426424][ T3559] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 192, size: 97)
[   93.426449][ T3559] rust_binder: Error while translating object.
[   93.457260][ T3559] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   93.472545][ T3559] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:835
[   93.503247][ T3559] rust_binder: Write failure EINVAL in pid:835
[   93.569833][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.586360][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.597371][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.604767][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.611532][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.638598][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.649780][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.665021][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.679865][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.694572][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.708610][ T3567] tun0: tun_chr_ioctl cmd 1074025675
[   93.722027][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.722312][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.730728][ T3567] tun0: persist disabled
[   93.742902][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.743131][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.750438][ T3570] rust_binder: Error while translating object.
[   93.758280][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.775608][ T3570] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   93.784593][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.802224][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.811035][ T3570] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:62
[   93.824060][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.834473][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.847389][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.855550][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.862314][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.869830][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.877377][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.884853][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.891630][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.917079][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.929085][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.947453][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.969888][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.982281][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   93.989705][ T3563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   94.066856][ T3581] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:842
[   94.185168][ T3585] SELinux: failed to load policy
[   94.383504][ T3591] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   94.383536][ T3591] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:71
[   94.550070][  T292] bridge_slave_1: left allmulticast mode
[   94.579096][  T292] bridge_slave_1: left promiscuous mode
[   94.602298][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.636224][  T292] bridge_slave_0: left allmulticast mode
[   94.641899][  T292] bridge_slave_0: left promiscuous mode
[   94.671841][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.716572][ T3610] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:855
[   94.767596][ T3611] rust_binder: Failed copying remainder into alloc: EFAULT
[   94.778135][ T3611] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[   94.789194][ T3611] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   94.805960][ T3615] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:75
[   94.815592][ T3611] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:855
[   94.835498][  T292] veth1_macvtap: left promiscuous mode
[   94.850405][  T292] veth0_vlan: left promiscuous mode
[   94.906714][ T3600] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.915035][ T3600] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.932379][ T3600] bridge_slave_0: entered allmulticast mode
[   94.945525][ T3600] bridge_slave_0: entered promiscuous mode
[   94.947985][ T3620] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   94.958915][ T3600] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.992461][ T3600] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.000274][ T3600] bridge_slave_1: entered allmulticast mode
[   95.007273][ T3600] bridge_slave_1: entered promiscuous mode
[   95.116429][ T3600] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.123532][ T3600] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.130937][ T3600] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.138029][ T3600] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.215520][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.224380][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.237782][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.244977][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.255823][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.262899][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.263832][ T3626] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:770
[   95.354892][ T3600] veth0_vlan: entered promiscuous mode
[   95.414260][ T3600] veth1_macvtap: entered promiscuous mode
[   95.480014][ T3633] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   95.480055][ T3633] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:87
[   95.676844][ T3640] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   95.697538][ T3640] rust_binder: Write failure EINVAL in pid:89
[   95.698159][ T3640] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   95.737552][ T3640] rust_binder: Failed to allocate buffer. len:88, is_oneway:false
[   95.763578][ T3642] binder: Unknown parameter 'fscontext?}'
[   95.835301][ T3650] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   95.835532][ T3650] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   95.861572][ T3650] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   95.870070][ T3650] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   95.954968][ T3659] rust_binder: Error while translating object.
[   95.961432][ T3659] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   95.982647][ T3659] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:96
[   96.096208][ T3665] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:98
[   96.128772][ T3671] binder: Bad value for 'max'
[   96.133873][ T3669] binder: Bad value for 'max'
[   96.465207][ T3676] rust_binder: Write failure EFAULT in pid:8
[   96.583320][  T292] Bluetooth: hci0: Frame reassembly failed (-84)
[   97.298158][ T3717] rust_binder: Error while translating object.
[   97.298193][ T3717] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   97.304553][ T3717] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:16
[   97.530491][ T3731] binfmt_misc: register: failed to install interpreter file ./file0
[   97.616425][ T3733] rust_binder: Error while translating object.
[   97.616458][ T3733] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   97.629077][ T3733] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:20
[   97.782460][ T3742] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:22
[   97.792143][ T3740] syz.0.996: attempt to access beyond end of device
[   97.792143][ T3740] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   97.836364][   T36] kauditd_printk_skb: 1809 callbacks suppressed
[   97.836382][   T36] audit: type=1400 audit(1750405101.160:29879): avc:  denied  { read write } for  pid=3600 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   97.893125][ T3747] rust_binder: Failed to allocate buffer. len:4294967280, is_oneway:false
[   97.893150][ T3747] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   97.910245][ T3740] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[   97.928238][   T36] audit: type=1400 audit(1750405101.160:29880): avc:  denied  { read write open } for  pid=3600 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   97.930698][ T3747] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:24
[   97.955876][ T3740] rust_binder: Write failure EINVAL in pid:902
[   97.970741][ T3751] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   97.979561][   T36] audit: type=1400 audit(1750405101.160:29881): avc:  denied  { ioctl } for  pid=3600 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   98.003366][ T3744] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:119
[   98.022879][   T36] audit: type=1400 audit(1750405101.190:29882): avc:  denied  { read } for  pid=3746 comm="syz.5.999" name="binder0" dev="binder" ino=32 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   98.062637][   T36] audit: type=1400 audit(1750405101.190:29883): avc:  denied  { read } for  pid=3743 comm="syz.3.998" name="binder0" dev="binder" ino=25 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   98.086383][   T36] audit: type=1400 audit(1750405101.190:29884): avc:  denied  { read open } for  pid=3746 comm="syz.5.999" path="/dev/binderfs/binder0" dev="binder" ino=32 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   98.111246][   T36] audit: type=1400 audit(1750405101.190:29885): avc:  denied  { read open } for  pid=3743 comm="syz.3.998" path="/dev/binderfs/binder0" dev="binder" ino=25 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   98.136993][   T36] audit: type=1400 audit(1750405101.190:29886): avc:  denied  { ioctl } for  pid=3746 comm="syz.5.999" path="/dev/binderfs/binder0" dev="binder" ino=32 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   98.162770][   T36] audit: type=1400 audit(1750405101.190:29887): avc:  denied  { set_context_mgr } for  pid=3746 comm="syz.5.999" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   98.183342][   T36] audit: type=1400 audit(1750405101.200:29888): avc:  denied  { read } for  pid=3743 comm="syz.3.998" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   98.239310][ T3754] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   98.239332][ T3754] rust_binder: Read failure Err(EFAULT) in pid:29
[   98.248588][ T3755] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   98.527321][ T3771] input: syz1 as /devices/virtual/input/input42
[   98.612580][   T52] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   98.612902][  T774] Bluetooth: hci0: command 0x1003 tx timeout
[   98.719277][ T3779] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[   98.719303][ T3779] rust_binder: Error while translating object.
[   98.733507][ T3779] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   98.762636][ T3779] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:787
[   98.852448][ T3786] rust_binder: Write failure EINVAL in pid:789
[   98.974328][ T3791] binder: Binderfs stats mode cannot be changed during a remount
[   99.128327][ T3796] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:794
[   99.305027][ T3799] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:796
[   99.562753][ T3807] rust_binder: Write failure EFAULT in pid:127
[   99.642453][ T3812] SELinux:  truncated policydb string identifier
[   99.667306][ T3812] SELinux: failed to load policy
[   99.724381][ T3814] kvm: user requested TSC rate below hardware speed
[  100.171859][ T3828] input input44: cannot allocate more than FF_MAX_EFFECTS effects
[  100.199851][ T3828] rust_binder: Error while translating object.
[  100.199889][ T3828] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  100.207668][ T3828] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:56
[  100.327607][ T3837] rust_binder: Write failure EINVAL in pid:58
[  100.528357][ T3852] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  100.563887][ T3848] rust_binder: Error while translating object.
[  100.570360][ T3848] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  100.581981][ T3848] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:136
[  100.721342][ T3858] binder: Unknown parameter '½ˆy00000000000000000004'
[  100.990157][ T3865] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[  101.018269][ T3865] rust_binder: Write failure EINVAL in pid:64
[  101.626155][ T3907] rust_binder: Write failure EFAULT in pid:73
[  102.119696][ T3928] rust_binder: Write failure EFAULT in pid:147
[  102.182615][ T3931] can0: slcan on ptm0.
[  102.249118][ T3933] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:150
[  102.292298][ T3935] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:947
[  102.313858][ T3936] rust_binder: Write failure EINVAL in pid:150
[  102.522117][ T3931] can0 (unregistered): slcan off ptm0.
[  102.556359][ T3941] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  102.582969][ T3941] SELinux: failed to load policy
[  102.851842][   T36] kauditd_printk_skb: 883 callbacks suppressed
[  102.851863][   T36] audit: type=1400 audit(1750405106.170:30772): avc:  denied  { search } for  pid=3957 comm="sed" name="resolv.conf" dev="tmpfs" ino=426 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  102.878039][ T3959] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22
[  102.941224][   T36] audit: type=1400 audit(1750405106.170:30773): avc:  denied  { read } for  pid=3957 comm="sed" name="eth0.dhcp" dev="tmpfs" ino=435 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  103.027448][   T36] audit: type=1400 audit(1750405106.170:30774): avc:  denied  { read open } for  pid=3957 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=435 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  103.119726][ T3947] audit: audit_backlog=65 > audit_backlog_limit=64
[  103.135933][ T3600] audit: audit_backlog=65 > audit_backlog_limit=64
[  103.147681][ T3947] audit: audit_lost=204 audit_rate_limit=0 audit_backlog_limit=64
[  103.155797][   T36] audit: type=1400 audit(1750405106.170:30775): avc:  denied  { getattr } for  pid=3957 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=435 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  103.164190][ T3975] audit: audit_backlog=65 > audit_backlog_limit=64
[  103.184067][ T3947] audit: backlog limit exceeded
[  103.202707][ T3947] audit: audit_backlog=65 > audit_backlog_limit=64
[  103.353197][ T3975] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  103.363222][ T3975] rust_binder: Failed to allocate buffer. len:4216, is_oneway:false
[  103.379169][ T3975] rust_binder: Write failure EINVAL in pid:153
[  103.413668][ T3984] input: syz0 as /devices/virtual/input/input47
[  103.993567][ T4012] rust_binder: Write failure EFAULT in pid:973
[  104.446506][ T4040] rust_binder: Write failure EFAULT in pid:101
[  104.878420][ T4054] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  104.902615][ T4054] rust_binder: Read failure Err(EFAULT) in pid:985
[  105.007658][ T4058] rust_binder: Failed copying remainder into alloc: EFAULT
[  105.023114][ T4058] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[  105.055508][ T4058] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  105.092572][ T4058] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:106
[  105.179586][ T4068] rust_binder: Write failure EFAULT in pid:169
[  105.312912][ T4068] tun0: tun_chr_ioctl cmd 1074025676
[  105.332718][ T4068] tun0: owner set to 0
[  105.361104][ T4078] tap0: tun_chr_ioctl cmd 1074812118
[  105.378587][ T4078] rust_binder: inc_ref_done called when no active inc_refs
[  105.582164][ T4084] rust_binder: Error while translating object.
[  105.590501][ T4084] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  105.597743][ T4084] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:115
[  105.727794][ T4093] rust_binder: Error while translating object.
[  105.764802][ T4093] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  105.777050][ T4093] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:172
[  105.841692][ T4098] rust_binder: Write failure EINVAL in pid:175
[  105.901372][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  105.924512][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  105.933710][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  105.942451][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  105.955913][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  105.964877][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  105.972373][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  105.980084][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  105.988515][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  105.993249][ T4106] rust_binder: Failed to allocate buffer. len:152, is_oneway:true
[  105.996531][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.017967][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.026549][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.034070][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.041543][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.049030][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.056526][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.064770][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.074589][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.082234][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.089938][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.097508][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.113487][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.128194][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.136385][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.145688][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.153895][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.185959][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.199797][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.213298][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.226625][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.242574][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.250349][ T1485] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  106.284129][ T1485] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  106.384936][ T4141] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  106.384978][ T4141] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:188
[  106.564049][ T4161] binder: Bad value for 'stats'
[  106.577640][ T4156] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  106.648086][ T4118] cgroup: fork rejected by pids controller in /syz0
[  106.721246][ T4173] binder: Bad value for 'stats'
[  106.832924][ T4180] rust_binder: got new transaction with bad transaction stack
[  106.832957][ T4180] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:127
[  106.902030][ T4176] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  106.975806][ T4180] rust_binder: Error while translating object.
[  107.033040][ T4180] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  107.060964][ T4183] fido_id[4183]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  107.102674][ T4180] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:127
[  107.406148][ T4199] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:130
[  107.434096][ T4201] SELinux: security_context_str_to_sid () failed with errno=-22
[  107.787487][ T4217] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  107.804621][ T4218] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  107.841462][ T4217] rust_binder: Write failure EINVAL in pid:201
[  107.856030][   T36] kauditd_printk_skb: 1066 callbacks suppressed
[  107.856050][   T36] audit: type=1400 audit(1750405111.180:31797): avc:  denied  { read } for  pid=4225 comm="syz.0.1130" name="binder0" dev="binder" ino=42 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  107.923501][ T4226] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  107.924198][ T4226] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  107.979764][   T36] audit: type=1400 audit(1750405111.210:31798): avc:  denied  { read open } for  pid=4225 comm="syz.0.1130" path="/dev/binderfs/binder0" dev="binder" ino=42 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  108.059476][   T36] audit: type=1400 audit(1750405111.230:31799): avc:  denied  { ioctl } for  pid=4225 comm="syz.0.1130" path="/dev/binderfs/binder0" dev="binder" ino=42 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  108.130135][   T36] audit: type=1400 audit(1750405111.230:31800): avc:  denied  { set_context_mgr } for  pid=4225 comm="syz.0.1130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  108.192491][   T36] audit: type=1400 audit(1750405111.230:31801): avc:  denied  { read } for  pid=4225 comm="syz.0.1130" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  108.221004][   T36] audit: type=1400 audit(1750405111.230:31802): avc:  denied  { read open } for  pid=4225 comm="syz.0.1130" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  108.264778][ T1164] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  108.291945][ T4235] audit: audit_backlog=65 > audit_backlog_limit=64
[  108.294039][ T4223] audit: audit_backlog=65 > audit_backlog_limit=64
[  108.306095][ T1164] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  108.307084][   T36] audit: type=1400 audit(1750405111.230:31803): avc:  denied  { ioctl } for  pid=4225 comm="syz.0.1130" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  108.332628][ T4235] audit: audit_lost=221 audit_rate_limit=0 audit_backlog_limit=64
[  108.347078][ T4237] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  108.352591][ T1164] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  108.374613][ T4235] rust_binder: Error while translating object.
[  108.374660][ T4235] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  108.378680][ T1164] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  108.398740][ T4235] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:141
[  108.411107][ T1164] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  108.452795][ T1164] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  108.679427][ T4240] fido_id[4240]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  108.776374][ T4243] tun0: tun_chr_ioctl cmd 1074025675
[  108.802003][ T4243] tun0: persist enabled
[  108.820264][ T4243] tun0: tun_chr_ioctl cmd 1074025675
[  108.847528][ T4243] tun0: persist enabled
[  108.938967][ T4243] rust_binder: Error while translating object.
[  108.939124][ T4243] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  108.947802][ T4243] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:207
[  108.963551][ T4243] tun0: tun_chr_ioctl cmd 1074025675
[  109.010141][ T4243] tun0: persist disabled
[  109.200775][ T4247] rust_binder: Failed to allocate buffer. len:4120, is_oneway:false
[  109.332177][ T4256] rust_binder: Error while translating object.
[  109.404353][ T4256] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  109.411762][ T4256] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:898
[  109.482628][ T4258] rust_binder: Write failure EFAULT in pid:209
[  109.663485][ T4265] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  109.723468][ T4265] rust_binder: Error while translating object.
[  109.723512][ T4265] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  109.727572][ T4268] SELinux: failed to load policy
[  109.729718][ T4265] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1055
[  109.958261][ T4280] rust_binder: Write failure EFAULT in pid:215
[  109.975617][ T4283] input: syz1 as /devices/virtual/input/input51
[  109.992643][ T4283] input: failed to attach handler leds to device input51, error: -6
[  110.063696][ T4283] random: crng reseeded on system resumption
[  110.141904][ T4283] input: syz1 as /devices/virtual/input/input52
[  110.213018][ T4286] rust_binder: Error while translating object.
[  110.213071][ T4286] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  110.228969][ T4286] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:218
[  110.247087][ T4286] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.382095][ T4289] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1064
[  110.394428][ T4291] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.597716][ T4298] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  110.642450][ T4300] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[  110.662441][ T4300] SELinux: failed to load policy
[  110.867400][ T4308] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.870517][ T4308] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:159
[  110.964407][ T4313] rust_binder: Write failure EINVAL in pid:159
[  111.127683][ T4315] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  111.139218][ T4315] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:910
[  111.397336][ T4327] rust_binder: Error while translating object.
[  111.418665][ T4327] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  111.425583][ T4327] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1077
[  111.442618][ T4328] rust_binder: Failed to allocate buffer. len:18446744073709551608, is_oneway:false
[  111.597109][ T4335] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  111.632616][ T4335] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  111.639383][ T4339] input: syz0 as /devices/virtual/input/input54
[  111.641471][ T4335] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:228
[  111.819056][ T4344] rust_binder: Error in use_page_slow: ESRCH
[  111.819086][ T4344] rust_binder: use_range failure ESRCH
[  111.842715][ T4344] rust_binder: Failed to allocate buffer. len:4096, is_oneway:false
[  111.848321][ T4344] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  111.885570][ T4344] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:162
[  111.964241][ T4354] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1088
[  112.160428][ T4360] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:165
[  112.194573][ T4362] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[  112.235315][ T4362] rust_binder: Write failure EINVAL in pid:235
[  112.419337][ T4382] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  112.441824][ T4378] input: syz1 as /devices/virtual/input/input57
[  112.486520][ T4378] binder: Unknown parameter 'context'
[  112.862803][   T36] kauditd_printk_skb: 892 callbacks suppressed
[  112.862823][   T36] audit: type=1400 audit(1750405116.190:32687): avc:  denied  { ioctl } for  pid=4406 comm="syz.2.1191" path="/dev/ppp" dev="devtmpfs" ino=86 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  112.927559][ T4407] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  112.927618][ T4407] rust_binder: Error in use_page_slow: EBUSY
[  112.943321][   T36] audit: type=1400 audit(1750405116.190:32688): avc:  denied  { ioctl } for  pid=4403 comm="syz.5.1188" path="/dev/binderfs/binder1" dev="binder" ino=38 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  112.987429][ T4407] rust_binder: use_range failure EBUSY
[  112.987472][ T4407] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  113.003490][ T4407] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  113.021713][ T4407] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  113.043640][ T4407] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:1109
[  113.056153][   T36] audit: type=1400 audit(1750405116.190:32689): avc:  denied  { set_context_mgr } for  pid=4403 comm="syz.5.1188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  113.093662][ T4416] audit: audit_backlog=65 > audit_backlog_limit=64
[  113.093737][ T4418] audit: audit_backlog=65 > audit_backlog_limit=64
[  113.100537][ T4416] audit: audit_lost=225 audit_rate_limit=0 audit_backlog_limit=64
[  113.100584][ T4416] audit: backlog limit exceeded
[  113.121330][   T36] audit: type=1400 audit(1750405116.190:32690): avc:  denied  { read } for  pid=4403 comm="syz.5.1188" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  113.122394][ T4418] audit: audit_lost=226 audit_rate_limit=0 audit_backlog_limit=64
[  113.156886][ T4416] audit: audit_backlog=65 > audit_backlog_limit=64
[  113.483212][ T4441] rust_binder: Error while translating object.
[  113.483264][ T4441] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  113.505164][ T4441] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:937
[  113.594660][ T4444] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1123
[  113.617915][ T4442] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  113.653233][ T4442] rust_binder: Error in use_page_slow: EBUSY
[  113.674848][   T60] bridge_slave_1: left allmulticast mode
[  113.693503][   T60] bridge_slave_1: left promiscuous mode
[  113.702662][ T4442] rust_binder: use_range failure EBUSY
[  113.702700][ T4442] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  113.712607][ T4442] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  113.712703][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.753658][ T4442] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  113.753878][ T4442] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:1123
[  113.783383][   T60] bridge_slave_0: left allmulticast mode
[  113.828801][   T60] bridge_slave_0: left promiscuous mode
[  113.844724][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.023885][ T4459] SELinux: security_context_str_to_sid () failed with errno=-22
[  114.031855][ T4454] SELinux: failed to load policy
[  114.075000][ T4457] kvm: vcpu 5: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  114.099149][   T60] veth1_macvtap: left promiscuous mode
[  114.128401][   T60] veth0_vlan: left promiscuous mode
[  114.175148][ T4452] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  114.175201][ T4452] rust_binder: Error in use_page_slow: EBUSY
[  114.202047][ T4467] binder: Bad value for 'max'
[  114.218067][ T4452] rust_binder: use_range failure EBUSY
[  114.218103][ T4452] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  114.228892][ T4468] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  114.245735][ T4452] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  114.245779][ T4452] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  114.271117][ T4452] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:181
[  114.464799][ T4455] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.493125][ T4455] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.501116][ T4455] bridge_slave_0: entered allmulticast mode
[  114.522454][ T4455] bridge_slave_0: entered promiscuous mode
[  114.534796][ T4455] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.541865][ T4455] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.550418][ T4455] bridge_slave_1: entered allmulticast mode
[  114.574204][ T4455] bridge_slave_1: entered promiscuous mode
[  114.758035][ T4485] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1138
[  114.758539][ T4485] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1138
[  114.810879][ T4490] rust_binder: Write failure EINVAL in pid:957
[  114.829836][ T4455] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.844298][ T4455] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.851778][ T4455] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.858878][ T4455] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.021854][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.046166][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.089524][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.097657][  T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.143173][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.150525][  T292] bridge0: port 2(bridge_slave_1) entered forwarding state
[  115.347051][ T4455] veth0_vlan: entered promiscuous mode
[  115.410469][ T4455] veth1_macvtap: entered promiscuous mode
[  115.631892][ T4522] binder: Unknown parameter 'defcontext01777777777777777777777'
[  115.652210][ T4517] rust_binder: Error while translating object.
[  115.652267][ T4517] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  115.664790][ T4517] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:965
[  115.854018][ T4533] rust_binder: Error while translating object.
[  115.872653][ T4533] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  115.882128][ T4533] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:1154
[  115.912881][ T4536] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:200
[  116.030533][ T4547] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.346050][ T4559] input: syz0 as /devices/virtual/input/input61
[  116.359435][ T4559] input: failed to attach handler leds to device input61, error: -6
[  116.510979][ T4559] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  116.511008][ T4559] rust_binder: Read failure Err(EFAULT) in pid:208
[  116.688460][ T4575] rust_binder: Write failure EINVAL in pid:974
[  116.769411][ T4581] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  116.789565][ T4581] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:14
[  117.143631][ T4610] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:221
[  117.261415][ T4614] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  117.302600][ T4614] rust_binder: Write failure EINVAL in pid:1175
[  117.382878][ T4623] binder: Unknown parameter 'processor	: 0
[  117.382878][ T4623] vendor_id	: GenuineIntel
[  117.382878][ T4623] cpu family	: 6
[  117.382878][ T4623] model		: 79
[  117.382878][ T4623] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[  117.382878][ T4623] stepping	: 0
[  117.382878][ T4623] microcode	: 0xffffffff
[  117.382878][ T4623] cpu MHz		: 2200.168
[  117.382878][ T4623] cache size	: 56320 KB
[  117.382878][ T4623] physical id	: 0
[  117.382878][ T4623] siblings	: 2
[  117.382878][ T4623] core id		: 0
[  117.382878][ T4623] cpu cores	: 1
[  117.382878][ T4623] apicid		: 0
[  117.382878][ T4623] initial apicid	: 0
[  117.382878][ T4623] fpu		: yes
[  117.382878][ T4623] fpu_exception	: yes
[  117.382878][ T4623] cpuid level	: 13
[  117.382878][ T4623] wp		: yes
[  117.382878][ T4623] flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities
[  117.382878][ T4623] vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi
[  117.473931][ T4625] binder: Unknown parameter 'nXI'
[  117.713961][ T4634] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1177
[  117.715946][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.752920][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.776253][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.783458][ T4635] rust_binder: Error while translating object.
[  117.803076][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.835066][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.848027][ T4635] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  117.855940][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.858981][ T4642] binder: Unknown parameter 'subj_role'
[  117.878793][   T36] kauditd_printk_skb: 1165 callbacks suppressed
[  117.878813][   T36] audit: type=1400 audit(1750405121.200:33838): avc:  denied  { read } for  pid=4639 comm="syz.5.1261" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  117.888745][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.926950][   T36] audit: type=1400 audit(1750405121.200:33839): avc:  denied  { read open } for  pid=4639 comm="syz.5.1261" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  117.934169][ T4635] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1177
[  117.960937][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.974093][   T36] audit: type=1400 audit(1750405121.210:33840): avc:  denied  { ioctl } for  pid=4632 comm="syz.0.1258" path="/dev/binderfs/binder0" dev="binder" ino=42 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  118.002993][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.016383][   T36] audit: type=1400 audit(1750405121.240:33841): avc:  denied  { ioctl } for  pid=4639 comm="syz.5.1261" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  118.018309][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.023455][   T36] audit: type=1400 audit(1750405121.280:33842): avc:  denied  { ioctl } for  pid=4632 comm="syz.0.1258" path="/dev/binderfs/binder0" dev="binder" ino=42 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  118.089395][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.089641][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.099421][ T4645] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.124497][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.131495][ T4641] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  118.148824][ T4641] rust_binder: Error in use_page_slow: EBUSY
[  118.181199][ T4641] rust_binder: use_range failure EBUSY
[  118.182874][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.187394][   T36] audit: type=1400 audit(1750405121.290:33843): avc:  denied  { ioctl } for  pid=4639 comm="syz.5.1261" path="/dev/binderfs/binder0" dev="binder" ino=48 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  118.219229][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.232708][ T4641] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  118.235488][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.239393][ T4641] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  118.277882][ T4645] audit: audit_backlog=65 > audit_backlog_limit=64
[  118.283810][ T4641] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  118.292819][ T4633] audit: audit_backlog=65 > audit_backlog_limit=64
[  118.305845][   T36] audit: type=1400 audit(1750405121.290:33844): avc:  denied  { set_context_mgr } for  pid=4639 comm="syz.5.1261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  118.316652][ T4645] audit: audit_lost=233 audit_rate_limit=0 audit_backlog_limit=64
[  118.335316][ T4641] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:228
[  118.353301][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.373683][ T4651] input: syz1 as /devices/virtual/input/input62
[  118.397739][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.397985][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.412951][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.434769][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.451773][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.460257][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.477130][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.510850][ T4633] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  118.724421][ T4667] input: syz0 as /devices/virtual/input/input63
[  118.789287][ T4671] binder: Bad value for 'stats'
[  118.843078][ T4667] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  119.076463][ T4694] binder: Unknown parameter 'non'
[  119.393466][ T4707] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  119.483315][ T4710] rust_binder: Write failure EFAULT in pid:51
[  119.611964][ T4714] rust_binder: Error while translating object.
[  119.618486][ T4714] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  119.626107][ T4714] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:1196
[  119.696184][ T4717] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1198
[  119.708749][ T4718] rust_binder: Error while translating object.
[  119.721956][ T4718] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  119.735985][ T4718] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:1018
[  119.822446][ T4723] syz.5.1291: attempt to access beyond end of device
[  119.822446][ T4723] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  119.993386][ T4730] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  120.042740][ T4732] rust_binder: Read failure Err(EAGAIN) in pid:247
[  120.070391][ T4738] rust_binder: Read failure Err(EAGAIN) in pid:247
[  120.112907][ T4741] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22
[  120.824350][ T1485] hid (null): report_id 1285667233 is invalid
[  120.839091][ T1485] hid-generic 0000:00FF:FFFF7FFF.0007: unknown main item tag 0x1
[  120.859566][ T1485] hid-generic 0000:00FF:FFFF7FFF.0007: unknown main item tag 0x2
[  120.882707][ T1485] hid-generic 0000:00FF:FFFF7FFF.0007: unknown main item tag 0x1
[  120.893670][ T4794] ------------[ cut here ]------------
[  120.899491][ T4794] WARNING: CPU: 1 PID: 4794 at mm/page_alloc.c:5157 __alloc_pages_noprof+0xe4/0x6c0
[  120.909077][ T4794] Modules linked in:
[  120.913259][ T4794] CPU: 1 UID: 0 PID: 4794 Comm: syz.0.1307 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  120.927144][ T4794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.932458][ T4761] rust_binder: Read failure Err(EFAULT) in pid:58
[  120.937422][ T4794] RIP: 0010:__alloc_pages_noprof+0xe4/0x6c0
[  120.937476][ T4794] Code: 0f 1f 44 00 00 41 83 fd 0b 72 28 b8 00 20 00 00 23 44 24 40 75 1d 80 3d a4 78 ee 05 00 0f 85 c4 00 00 00 c6 05 97 78 ee 05 01 <0f> 0b 31 c0 e9 b6 00 00 00 41 83 fd 0a 0f 87 aa 00 00 00 44 89 6c
[  120.937492][ T4794] RSP: 0018:ffffc9000754f680 EFLAGS: 00010246
[  120.937512][ T4794] RAX: 0000000000000000 RBX: 1ffff92000ea9ed4 RCX: 0000000000000000
[  120.937526][ T4794] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000754f728
[  120.993138][ T4794] RBP: ffffc9000754f7a8 R08: ffffc9000754f727 R09: 0000000000000000
[  121.001347][ T4794] R10: ffffc9000754f710 R11: fffff52000ea9ee5 R12: ffffc9000754f6c0
[  121.003389][ T4804] rust_binder: Write failure EFAULT in pid:1212
[  121.009534][ T4794] R13: 0000000000000016 R14: dffffc0000000000 R15: 0000000000000000
[  121.023124][ T4804] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1212
[  121.024377][ T4794] FS:  00007f535dfeb6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  121.043056][ T4794] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  121.049720][ T4794] CR2: 0000200000006000 CR3: 000000011c780000 CR4: 00000000003526b0
[  121.058054][ T4794] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  121.066358][ T4794] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  121.074753][ T4794] Call Trace:
[  121.078154][ T4794]  <TASK>
[  121.081290][ T4794]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  121.087193][ T4794]  ? __kasan_slab_alloc+0x73/0x90
[  121.092279][ T4794]  ? hashtab_init+0xdb/0x1f0
[  121.097215][ T4794]  ___kmalloc_large_node+0x9c/0x1d0
[  121.102455][ T4794]  ? ebitmap_read+0x21d/0x990
[  121.107382][ T4794]  ? hashtab_init+0xdb/0x1f0
[  121.112116][ T4794]  __kmalloc_large_node_noprof+0x1e/0xe0
[  121.118146][ T4794]  ? hashtab_init+0xdb/0x1f0
[  121.123152][ T4794]  __kmalloc_noprof+0x26d/0x450
[  121.128058][ T4794]  hashtab_init+0xdb/0x1f0
[  121.132647][ T4794]  ? policydb_read+0x86f/0x28c0
[  121.138143][ T4794]  symtab_init+0x44/0x70
[  121.142424][ T4794]  policydb_read+0x8fe/0x28c0
[  121.147203][ T4794]  ? kasan_save_alloc_info+0x40/0x50
[  121.152581][ T4794]  ? __cfi_policydb_read+0x10/0x10
[  121.157820][ T4794]  ? security_load_policy+0x128/0x12f0
[  121.163735][ T4794]  security_load_policy+0x162/0x12f0
[  121.169236][ T4794]  ? irqentry_exit+0x4a/0x60
[  121.173923][ T4794]  ? exc_page_fault+0x66/0xc0
[  121.179003][ T4794]  ? asm_exc_page_fault+0x2b/0x30
[  121.184302][ T4794]  ? __cfi_security_load_policy+0x10/0x10
[  121.190143][ T4794]  ? rep_movs_alternative+0x4a/0xa0
[  121.195514][ T4794]  sel_write_load+0x298/0x5e0
[  121.200220][ T4794]  ? futex_wait+0x288/0x540
[  121.204810][ T4794]  ? __cfi_sel_write_load+0x10/0x10
[  121.210489][ T4794]  ? __cfi_futex_wait+0x10/0x10
[  121.215406][ T4794]  ? bpf_lsm_file_permission+0xd/0x20
[  121.220805][ T4794]  ? __cfi_sel_write_load+0x10/0x10
[  121.226197][ T4794]  vfs_write+0x3c0/0xe80
[  121.231012][ T4794]  ? __cfi_vfs_write+0x10/0x10
[  121.235969][ T4794]  ? __kasan_check_write+0x18/0x20
[  121.241194][ T4794]  ? mutex_lock+0x92/0x1c0
[  121.245959][ T4794]  ? __cfi_mutex_lock+0x10/0x10
[  121.251378][ T4794]  ? __fget_files+0x2c5/0x340
[  121.256176][ T4794]  ksys_write+0x141/0x250
[  121.260711][ T4794]  ? xfd_validate_state+0x68/0x150
[  121.266005][ T4794]  ? __cfi_ksys_write+0x10/0x10
[  121.270888][ T4794]  ? __kasan_check_write+0x18/0x20
[  121.276067][ T4794]  ? fpregs_restore_userregs+0x11d/0x260
[  121.281732][ T4794]  __x64_sys_write+0x7f/0x90
[  121.286498][ T4794]  x64_sys_call+0x271c/0x2ee0
[  121.291214][ T4794]  do_syscall_64+0x58/0xf0
[  121.295816][ T4794]  ? clear_bhb_loop+0x35/0x90
[  121.300530][ T4794]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  121.306612][ T4794] RIP: 0033:0x7f535e18e929
[  121.311082][ T4794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.330977][ T4794] RSP: 002b:00007f535dfeb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  121.339782][ T4794] RAX: ffffffffffffffda RBX: 00007f535e3b5fa0 RCX: 00007f535e18e929
[  121.347835][ T4794] RDX: 000000000000606c RSI: 0000200000000000 RDI: 0000000000000003
[  121.355901][ T4794] RBP: 00007f535e210b39 R08: 0000000000000000 R09: 0000000000000000
[  121.364200][ T4794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  121.372579][ T4794] R13: 0000000000000000 R14: 00007f535e3b5fa0 R15: 00007ffd63512b58
[  121.381453][ T4794]  </TASK>
[  121.384827][ T4794] ---[ end trace 0000000000000000 ]---
[  121.390807][ T1485] hid-generic 0000:00FF:FFFF7FFF.0007: report_id 1285667233 is invalid
[  121.399552][ T1485] hid-generic 0000:00FF:FFFF7FFF.0007: item 0 4 1 8 parsing failed
[  121.402618][ T4794] SELinux: failed to load policy
[  121.408019][ T1485] hid-generic 0000:00FF:FFFF7FFF.0007: probe with driver hid-generic failed with error -22