last executing test programs:

48.9248025s ago: executing program 3 (id=1312):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0xb})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

48.783590792s ago: executing program 3 (id=1316):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_GET_XSAVE2(0xffffffffffffffff, 0x9000aecf, &(0x7f0000ffc000/0x1000)=nil) (async)
ioctl$KVM_GET_MSR_INDEX_LIST(r2, 0xc004ae02, &(0x7f0000001fc0)=ANY=[@ANYBLOB="96"]) (async)
ioctl$KVM_RUN(r1, 0xae80, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0xa, 0x2}) (async)
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) (async)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000000)={@ptr={0x70742a85, 0x1, &(0x7f00000001c0)=""/89, 0xfffffffffffffc67, 0x2, 0x2}, @fda={0x66646185, 0x9, 0x0, 0x1e}, @fda={0x66646185, 0x2, 0x1, 0x3f}}, &(0x7f0000000240)={0x0, 0x28, 0x48}}, 0x10}], 0x0, 0x0, 0x0}) (async)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x15, 0x6, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x5, 0x8000000000000, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6], 0x1, 0x3c4210})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f0000000000)=""/35)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)

48.730401383s ago: executing program 3 (id=1317):
ioctl$FS_IOC_GETFSSYSFSPATH(0xffffffffffffffff, 0x80811501, &(0x7f0000000180)={0x80}) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r3 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RNDADDENTROPY(r3, 0x5207, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000080)={0x4000, 0x0, 0x1}) (async)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r6, 0x4068aea3, &(0x7f0000000000)={0xbe, 0x0, 0x1}) (async)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f00000002c0)={0xf, 0x0, [{0x4b564d02, 0x0, 0x7f}]})
r7 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
mmap(&(0x7f0000797000/0x2000)=nil, 0x2000, 0x3000001, 0x22052, r7, 0x2000) (async)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x10a}]})
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.stat\x00', 0x0, 0x0)

48.520350486s ago: executing program 3 (id=1320):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x45809000)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r1, &(0x7f00000021c0)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e7578703678894c36139e186b11564448ad1747d69cb3c4f7ce549918ab7d95774a555a7b8804edbbd63337b265ec11b5f175d7813a569fc480f9a78ab165cead7926195e37904234302b8fe358d7847101e93f490e81ab068de78efbc60360e6b9e64e3902128759b08569da0dd2c3026679b57f1fc9e6df38689bace0417cad1dd8457cd2f0fa1acc323f29e3de459886346c54c03f0ee5577b4084a303c64d50cca7d7769748979444fec00712c07dc1cb4539f231b36287c95172a58ec5f13f2615061722640486d3ba3d44dce1b03357c7702cc10a9864fa08d6e2ab8d1cd3d78d7ed215cb0db63666bd3ae8c40dfda714370a68d38508436f7b6b2a8cf3c8b14ca0d02cfbf55de2b5a35cb65caaddaa397e8efa14cb7eae48fb8c4c1cc720fee78d737c0b6a2322d8518b5ee32a73dd9f6886d9c236172f34fc637d6e10fd88becfd656233862207e6ee3e9b9234c9901f91cbf0212397a60151ce118fe06e792e2e75b69fff30151571d41ec8d45f4db65767bbac097996c96cc4ef718c43b8f8ce1684e2d6a07babd1868c567cdcc69dce8b6a26d22fa4be169f35eb97a479697da3dccfcd4838356a9e882ceed78230f68fe541ee878a91a5f2983907b2915f99a12b6ec611a1bf83ee37cf95c717ce15b3b6da07b9bab268f0d2cdc994196302e9ebfad2699964ea2b5c665ad8b7e685b57271a91e09c81bc3661f85082364b3bd6c6379ea559f2812631ad01b8f7308907a9251c5037ad1076197930910efcc78a9058701952dd3fbc04df1491161d0b27d9aec4079f6f0aaed0eaa82799066d14ea9a00a7a6e90c62e08df327d871cfec13958f6ea113f1656cf7a2bdd07a8368f616b152e5726b6129c6154ebe2e95ab5237548d19fdd4b3b837e2a06f636a643690f3ce4bd282de04e88d9bbccae3812dce2611916c23e7163e8ee72aa16c2bebd399b2dda4b9ed645fa3b990a51886445ae4627f49590ace3cb53bb22522ef5804a45252b7ec232ce90a30a934c381f1ef54fcc7fc3aba9099d1a1ed4ed2555639d3bac48f05d5a5b2110695576f3d841628671e3a51680317315563f500a3eebc5f8fa1a3947db423c396bb297cef384d00ef17ff80471871d416be0f52ee0c30f9d68d7b89f2264dd0f8023abdd123f55278ef3589cdd9d7b7a10fe833d6348fe42bc5d958cfbbce92bd5ea36e4199f3de6f2212149955a93f40c8a99dcbe270774511feca4e0f49a1db3b5e75973474c4fa4d72bf87284ac4fcdb31aaa116765a2cdea55cb8dd2c148209f63d2c9a4ebf28caaf50f1ee02704c6a922007ba90efa5807455dd0b62d890e046606f3d254df9c8f985d1eb6b47359b78008185375b36ba9d8b4698133091a129a0dcaff09d10e81f06e43cf02599bd8a9d11ae5bf60fb9df64ff225e653b7dd60475c378331f9c2d83638e1ffaa89d6f953c3a589aacbdc822d437f0905565cbf454c2d63408aa01cd170e2f4dd890563b33dc99681ce856e2fd4074e250f81a4ac08e87cba5fd1c88b6cebf8e672831d97c7f4a8ee8c692ea4f328762360a6a405af1c67081ad8210bac70c50c8089a79357838983761a43945475761377051b047f1fec0aef22174e3c840dbafd802e905f0a48d17d78c2fc3673cdcda1ae759844fdb7ef99ce9532ca28653ae88770a28c79af66612d711307ee22a49be3a7f339c49fe91b871dac2d4ad20a80a64af5686ee77336c335baf9701b90563312453b9dac575338f50447d7ab4a0f50b8dd76da3bee9e26bfd0bccc98be163a00ccae0d56d887bddc77b3eb04690dcea01f0485c2b10c3551be8c331d88a4db5f5d9961fbb19f617d2f010ed2c427a88bb4d59662886c09725f9011860f60d53d72c2231952f18231173971215d09eca70a0f96242903502f12e68e0c523bf986f5d93a8b1ac2218fbee6664ddc62c0a0e2e165056112541ffc4dd8ba20cf2858ab2827928b037e2ec51b71b6e2046c33fbc77ead54e2a7c139b309839deea96d40dfa421d7d4c605a089a1edeebc34dbd8e14340743d2f5b80ffa3443b251f7b8a41ba50a1978267067d9be22f2f25b0561a4138f0f8f83c0e90c76895c0780fbe3cb4be8c4a52cbb83fa5cfe95360ed23aca1306a31a8f472e7092fdbd96323827262dcc8999325ceb0d3d16f67484a7c65acf7aedfdd1bad2dd174027d73c593e159656f30a492607530a6774024e377b11f15575b6815d6b04407fcd6c1b656b3df77711a6c67b61ea26b11d81aa64858819414f0f7d2233d2fc4d92a6a34033192d82debeb866804d6288639354d4a9b62d546f7444ec33def7b94292205fd0054a590113f2590ef42a6432622db9674ceb9511071adf2cc6996b673a9183ce44438fd26ab232e25abe00610fc4135357892be40f37b08c90fd55e85603a7af5584b5b4c5e2af801b4afd4c4dcb2c30dcb4dd6cbdb16cb7bf3bf69344a2a2f65f65c281310367882ae826615ef186eb885863c051d4ef22c0d637187c90932216480ca38c6ebbeab4c4408634a05a00c21c94de60aa63dbcd3886d430f3b843105961335fd7948f7ffebf4b8b8793e02d8ccac32765f9be090d10caa526a2f056d667880507c5dbe5b8e074d9f9f2d30ffce05a7ca3d1482a750815bd8d74455af5a1bd2cd6f861e4198d297da7938990453e4534daa129b226edd619892d6bc872464b864735fc200b3933cb4e6eb9372ed1199838ec5a2654217185395adc99e11aae34188d773fdc6a0932aa317d3186d4c4d55ce19ac220e2bffa7e22a6fb09354efc0a2517f06dc481f36432beffac96daf5c5a78d0bbe57efd2d87dafaa0564144fa90323d22d5b3d56835f1ae134b3ecfe459f982163c610f733fe802ea5d6b021abdd8a419fc2fb653a1ea7571d8bdf98457db61ff877927eed4576a5cd350c04d1123d99f02a793036545d579f69f0b61fc1a005085ac7cb876b5e2c16516fefe2e9f41b07a246d978616c045c7981184c35366ee37676a712211800db857a8cd88fdf85416b7c9a6553cf15d4e39f8ee7a9d67825406466d7e6a81fe738488f5be2f534199bf02450053e5c1de8fdcce4b2393da0d9a64f30b9abb0ae3f77df1399d681d872a21beabfe3f5da312a2c574c60748d6f10ac72de4baab365937d3cdc2efd4b847613ce28d8d35078aa93e83d040eaab057a25334370958ada9cd4ed39bb86ff0b91d8b40c99a3f166b2e2fd6cabd3e9596ceda52a45e71071e9f3027fa5621c5d6d50a87560a5989e5e7d2386e88968718ff0de9742b0cd151c248c599011d45c55daa1e222a8239f3be7088d17890836e1bd32db4c319219af41da8eb882b6ab9b85273f3b78fd7a344df05aacb53201fd76c9a78b4110006f0d437e9faae69ab170212e43595b9e624f0b35d170c169c7052a8632976074276237628d53870ccebf9b71434e9aa60ae8919eb0244e44017c6415b14c4a6ed0492bf98f21d14b39f4103c8a79108bb1bb15bc44c89ed302f903019d897975d0124b8307a01b6ecb840fb6f90e8f9996d1e668e55ea219dff4139f04b1a9bfef1c8e55e1048dd7ca5100c6b65da7145e1b9a9f9f0d9e076f37768d9abb5ee4a84bca616a62747c741ff57842b3336dd7a80caea1b39e1bf55f7b1835f40a786f00dea29dc4c187b7c31cce820c2e7c61769d6d057580c179ddb5ac8278f96889dc2935bffd4cdd9f27bed0ee877061fdf93b5ca4e4f3c62edb7d2a1998d3ff94f216a47498d4e8559f614f19540f0994b6e8a57e27241e7985c78b8b16ba2bdb7372d4d4d418646d3c4b0ff039266be6237c37c3130ff3c535658e32b86599a42977d35f2a58bbdb9783245b88e46be3a3ac82e7b6994bcc5c05a04a42d0b9593aa90e105b8068795836045eebc362645aafb3156ba661dc39fe81a56c93088f44f139aa7f0db45ed0580960e331868e2a40222fee9ee2cac5fbbbd1aa45251587a902ad1627cfb60b25b5db3dde01aa1d01c1aa31538f439204b013790c6b31957afc8359fb0f58e7dcf85d3d8ea3a6f2e12f8d38da4bacfb169d541cd6bb415ea058e3f481229a3dda5f5083dfbc4b7748c5199956b9bb3451f4c7ff095a64f078d0cec1325116d740dddfb227327cb878ff2ded1a54d93436a40fe6691b3e111088b7427379e92b67fa33aeb5f602e4009a6ddd0b0a21a00787319242c5bdb0b234ca89ce9b88ec74a0f7302299d7a4841488812c5632a53f0e757b89536927224c3dde414abbed8a590995d1330854707a7ee1c5576da3de789bbf6feac49bbd3d069c78752167bb31d040129df110e3b16df8b31f20c2f60945ab4211dfaa23cf440139c8e6eb028634e22606e02b43eddb4bf92ab8c90cc34f54b3be13f5a01971b5a02f034348fdce9312a34d27fe505b3563cb036c76e1ba06ed6dc03548d2241b10949cadc1dceb0b3124d6ebee4f66820be05a10bb751aaf6887f815e8a3379e15cad9b0bc94b7fb5cd10271af1a846cdd37a091ef76d1da3a86435b5b16c3ff64c227f5f2c8b02e52da81cb8e15fe4813fd47aec7fa632d174fd23c29c097baaaaa21d070e61ea20440cef91d5729be5fed7706168e39cb2fc78bfe4908bd6d6981e593f4586274852e0a41dc906351eccad08379056fc3b1bcb67b39454e97463283a8a3dea1b22b461e40d3705016904daa96e5edea35d9c6c768f442dbb6b49ea6b3e751923a0735b57c3d0b85ed4cf624fc9b5cc9059b8f31892954495ba47272fecd6bbf02b71808c3b8b57518177c58f1c4fe6a61ab91f83e61a8df68e9b2ab5b65e7c4fb8d7b98105778c0c30deb6a88699377303056bc7fee9b658e41c1fb8fc696a2e8a102a509d782e49b1d595cde60c01db4668e667d6e32648f6c261f7d8a4ca4508de179248ae84f9e3b01cd3e8356d586e9a4393224721a8f6abe3b21fe187e42d962c71b013359ee7465ee83d548d5180c694137c9dc186c1f66b4b7d3f640610d9c7004fd66e5c7b242c62c47f44edb9fb33f2ada93e2e6dbc5e6487dacb415b9c4a0b7059722599167d28b3fe570f487d906c0859dfa1ea2293a1f37ed1e1cdfb16b5b8d7cc4080ce743e5c26ccd1b8d706ce7b87ae9d72808e3af45a4f2aa38a3d3a203a8460ea302265167591b1efd8ba3b5f0cf51ed9d48e40433a54e7d0f9cb2dbefcf9192781a859154bb93170d6d15cbdfab89fa8be4d66d1e9e85ad371071f06db9d76eb90a8b085315fb66a6c5084513493884ba20aca5cc3f632067a3b654ddc967c85a6f92966f444391ce4e16c206bef35022c7bf8f0b7e5216bbb08027718af4166fc4cee6a718c7e6dad178afce38c16fa94e169b288d4421f90edae0425e38f593bff8a42eb5c07ae740f7db1bb1664a99ea38c8e4f812a1a6217ecd30c8dbf6d41374be32e0c9db658bf0ca77ad51dcf3c34853615e87754556c21427af5c4a0c192f50ad71b84dd45bafa4643ada3d99f28b384e24d1423997c249782bdcc692089c5cb4b568a466ef1f1cf7523f8c3136baca30191b46650bdc873640d5f22b37dfd9f22ddb2833d705a72ecb8656212ece7ce2f6e5aa5cc2d952d76588d6f0a0d161c9e794212c7899ab54b7157bd13bf948640218a27eaf88b10a98615001132261a426910ec25fd2180dad22518af5bb087e243fd10d666e7e4ac771f13b8d50192282ae826d68307eb2e71935d85b44958d59f168f97fdb5022a2c3eec9061c875b3641aab05f8c4922a6eda52ba33d82e0d3164e5c607572b35b4f915c5718bc2fba7f0c45ef53a33f5b4846a50f4e2ca7020dd18bc632d2571d9c466683de868e9bf0401b6bb0b0d10346edd2b5ea54509d1b4a029c80601ec32c8cf070f578b29cdd5b02a89c884109f978db127907a624b419abd"], 0x1010)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x88680, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000869000/0x2000)=nil, 0x2000, 0x2000006, 0x12, r3, 0x70800000)
mmap(&(0x7f00004a3000/0x1000)=nil, 0x1000, 0x0, 0x13, r3, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305829, &(0x7f0000000540)={0x1100, 0x0, 0x52, 0x10000})
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
ioctl$ASHMEM_GET_NAME(r6, 0x40047703, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r7, 0x4068aea3, &(0x7f00000002c0)={0xbe, 0x0, 0x1})
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000000000000104564b00000000050000000000000004aaad99f229323f2d3933d651490d9b002732ab9aa91cdb13cb"])
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$TUNSETVNETBE(r8, 0x400454de, 0x0)
read(r0, &(0x7f0000000040)=""/106, 0x1001)

48.113165462s ago: executing program 3 (id=1326):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000000)=@v2={0x2, @adiantum, 0x8, '\x00', @auto="f63112a9c1fe1260ff73144bbebf2f67"})
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSUUID(r4, 0x80111500, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)=<r5=>0x0)
r6 = openat$incfs(0xffffffffffffffff, &(0x7f00000001c0)='.log\x00', 0x193080, 0x43)
ioctl$KDFONTOP_GET(r6, 0x4b72, &(0x7f0000000600)={0x1, 0x0, 0x13, 0x5, 0x5b, &(0x7f0000000200)})
syz_clone3(&(0x7f0000000b40)={0x2000000, &(0x7f0000000880), 0x0, &(0x7f0000000900), {0x2e}, &(0x7f0000000940)=""/146, 0x92, &(0x7f0000000a00)=""/255, &(0x7f0000000b00)=[r5, r5, r5, r5, r5], 0x5, {r6}}, 0x58)
r7 = syz_clone(0x40008000, &(0x7f0000001440)="955ace1d1beeeb16c6fdefbbbc8c347e33eb785c69f6d312df9473962cc08d1e082be76d78b96074184a61734e8d204ba8387fcddced669b035c7fa4484f13c5d01b08f280f076fd08913d468d83f30205d15819a721bdfc3bbd14e684e9353af231eb130e721b7a2ee958ca0f0b870248dc505af4e763fc174b1e4c03ea575b0e3b2a21b0967a0c2bb435afb510014ae35419173c6da896be9237ae3240f9543bbdefcbe30986a1adcf6238565edbfc4921d3b28e95dc7923cf566a234c949cdb09f0066ea5a8cd3a805a", 0xcb, 0x0, &(0x7f0000002840), 0x0)
syz_clone3(&(0x7f00000029c0)={0x0, 0x0, 0x0, &(0x7f00000016c0), {0x4}, &(0x7f0000001700)=""/58, 0x3a, &(0x7f0000001740)=""/4096, &(0x7f0000002980)=[r7, 0x0], 0x2}, 0x58)
r8 = syz_clone(0x40008000, &(0x7f0000002740), 0x0, 0x0, &(0x7f0000002840), 0x0)
syz_clone3(&(0x7f00000029c0)={0x0, 0x0, 0x0, &(0x7f00000016c0), {0x4}, &(0x7f0000001700)=""/58, 0x3a, &(0x7f0000001740)=""/4096, &(0x7f0000002980)=[r8, 0x0], 0x2}, 0x58)
r9 = getpid()
syz_clone3(&(0x7f00000013c0)={0x200010000, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000280), {0x33}, &(0x7f0000000300)=""/4096, 0x1000, &(0x7f0000001300)=""/112, &(0x7f0000001380)=[0x0, r5, r7, r8, r9, 0x0], 0x6, {r1}}, 0x58)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0xa, 0x2})
mmap$binder(&(0x7f00000c0000)=nil, 0x0, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
ioctl$KVM_SET_CPUID2(r12, 0x4008ae90, &(0x7f0000000140)=ANY=[@ANYRES32])
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0)

47.930061525s ago: executing program 3 (id=1330):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xc0081, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PPPIOCGFLAGS1(0xffffffffffffffff, 0x8004745a, 0x0)
syz_clone3(0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x11, r3, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ff9000/0x2000)=nil, 0x2000, &(0x7f0000000140)=',,\x00')
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r6, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r6, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0)
read(r6, &(0x7f00000002c0)=""/113, 0x20)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x15)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000c00000/0x400000)=nil, 0x400000, &(0x7f0000000380)='cache=mmap')
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x100, 0x6, 0x8000000000, 0x1, 0x7, 0x80000008, 0x4002004c5, 0x1002, 0xfffffffffffffffd, 0x0, 0x7, 0x800, 0x4, 0x6, 0x0, 0x49], 0xdddd1000, 0x1c6356})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz1\x00', 0x200002, 0x0)

44.314915959s ago: executing program 1 (id=1422):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x68800, 0x0)
ioctl$BLKRRPART(r0, 0x125f, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0)
read$FUSE(r1, &(0x7f0000000340)={0x2020}, 0x2020)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x40000083}]})
read$FUSE(r1, &(0x7f0000000080)={0x2020}, 0x2020)

44.23302961s ago: executing program 1 (id=1426):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000000000000014d564b00000000af"]) (async)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000001"]) (async)
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000100)={{0xeeef0000, 0xdddd1000, 0xf, 0x0, 0x8, 0x8, 0x0, 0x2, 0x0, 0x6, 0x9, 0x13}, {0x8080000, 0xeeee8000, 0xc, 0x8, 0x0, 0x0, 0x0, 0x65, 0x7, 0x7, 0x0, 0xff}, {0x3000, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x10000, 0xd000, 0xe, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4}, {0x1, 0xdddd0000, 0x8, 0x8, 0xff, 0x4, 0x81, 0xe, 0x0, 0x3c, 0x7d}, {0x0, 0x0, 0xd, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80}, {0x8080000, 0xdddd0000, 0xa, 0x6, 0x5, 0x0, 0x68, 0x0, 0x1, 0xff}, {0x0, 0xdddd0000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26, 0x0, 0x10, 0x45}, {0xf000}, {0xeeee8000}, 0xfdfcffdb, 0x0, 0xdddd0000, 0x138, 0x8000000000b, 0xf801, 0x0, [0x0, 0x0, 0xffffffffffffffff, 0x7]}) (async)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r7 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000003340), 0x40040, 0x0)
read$FUSE(r7, &(0x7f00000034c0)={0x2020}, 0x2020)
read$FUSE(r7, &(0x7f0000005580)={0x2020}, 0x2020) (async)
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r6, 0x0)

43.974434694s ago: executing program 1 (id=1429):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x18, 0x0, &(0x7f0000000000)=[@clear_death={0x400c630e}, @release], 0x0, 0x0, 0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/power/pm_freeze_timeout', 0xea241, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x2382, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r6, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x1})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000000fcff72000040"])
write$cgroup_int(r4, &(0x7f0000000180), 0x12)
r8 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000000000000014d564b00000000af"])
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0xb2242, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r9 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r9, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r9, 0x4008af03, &(0x7f0000000f40)={0x1a})
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f00000000c0)={0x1, 0xaa4, 0x0, &(0x7f0000000100)})
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000180)={0x1, 0xaa4, 0x0, &(0x7f0000000340)})
r10 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r10, 0xc038943b, &(0x7f00000001c0)={0x0, 0x10, '\x00', 0x0, &(0x7f0000000140)=[0x0, 0x0]})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r12, 0x4188aec6, &(0x7f0000000040))
ioctl$KVM_SET_CLOCK(r12, 0x4188aec6, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x95d})

43.672901658s ago: executing program 1 (id=1435):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x1432c1, 0x0) (async)
r1 = openat$ppp(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, 0x0) (async)
write$ppp(r1, 0x0, 0x0) (async)
r2 = openat$kvm(0x0, 0x0, 0x480, 0x0)
r3 = openat$snapshot(0xffffffffffffff9c, 0x0, 0x8c01, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r4, 0x4068aea3, &(0x7f0000000340)={0xdc, 0x0, 0x4})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0) (async)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f00000001c0)={0xbe, 0x0, 0x1})
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x4000002a, 0x0, 0x4}]}) (async)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) (async)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0x6f, 0x0, 0x0, 0x0, 0x2, 0x2], 0xeeee8000, 0x42240}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845})
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)
r8 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_ALM_READ(r8, 0x80247008, 0xffffffffffffffff)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)

43.430167102s ago: executing program 1 (id=1439):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f0000000000))
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$KVM_CREATE_PIT2(r5, 0x4040ae77, &(0x7f0000000040))
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f0000000280)=0x3)
ioctl$KVM_SET_PIT(r5, 0x8048ae66, &(0x7f0000000080)={[{0x0, 0x8, 0xb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x40}, {0x0, 0x0, 0x0, 0x2}]})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000003c0)={[0x82bf, 0x80], 0x0, 0x202})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x20f, 0x0, 0x3}]})
r8 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0xa, 0x2})
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r9, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0xa3)
ioctl$TUNATTACHFILTER(r8, 0x401054d5, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})

43.220301885s ago: executing program 1 (id=1443):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f0000000180)={0xbe, 0x0, 0x1})
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000074d564b000000040000000000000000"])
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000140)={0x0, 0x1c0, 0x3c0, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x98bd, 0x800000000000009, 0xfffffffffffffffe, 0x4, 0x10000, 0x100, 0x1004, 0x0, 0x8, 0x5, 0x5, 0x9, 0x9, 0x5, 0x2, 0x9, 0x8, 0x7, 0xc1, 0x3, 0x2, 0x2, 0x6, 0x9, 0x96, 0xf0, 0xffffffff00000000, 0x4, 0x4, 0x7, 0x23b, 0x3, 0x2, 0x888f, 0xffffffff, 0x8, 0x6, 0x6, 0x3, 0x4, 0x20000000006, 0x8, 0x9, 0x400, 0x3, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x2, 0xe, 0x6, 0x4, 0xea, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x5, 0x1, 0x47bc, 0xd, 0x6, 0xbbdc, 0x80000000, 0xfffffffffffffc00, 0x2, 0xb, 0x2, 0xcdc, 0x7, 0x2, 0x3, 0x2, 0x5, 0x2, 0x6, 0x0, 0x3403, 0xab6, 0x0, 0x4, 0x0, 0xffffffffffffff81, 0x9, 0xff, 0x6, 0x28000000, 0x5, 0x61d, 0x3, 0x7, 0xf6, 0x4, 0x6, 0x200, 0x7, 0xe53e, 0x2b, 0x8, 0x2293332f, 0x4, 0x5, 0x0, 0xd, 0x2, 0x80000001, 0x981, 0x2, 0x7, 0xdfd4, 0xfffd, 0x10, 0x5, 0x8, 0x1, 0x9, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0xcc, 0x8, 0x3]})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000000)={0x4})
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000040)={0x4, <r6=>0xffffffffffffffff})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x101, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r10, 0x4008ae90, &(0x7f0000000140)=ANY=[@ANYRES16=r10])
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_SET_CPUID2(r10, 0x4008ae90, &(0x7f0000000040)=ANY=[@ANYRES32=r10])
r11 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r11, 0x4068aea3, &(0x7f0000000040))
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r12, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xb, 0x9, 0x5, '\x00', 0x381d5667})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x20010, r3, 0x21d19000)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r6, 0x40047211, &(0x7f0000000100)=0x2)
read(r3, &(0x7f0000000040)=""/106, 0x6a)

32.885857289s ago: executing program 32 (id=1330):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xc0081, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PPPIOCGFLAGS1(0xffffffffffffffff, 0x8004745a, 0x0)
syz_clone3(0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x11, r3, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ff9000/0x2000)=nil, 0x2000, &(0x7f0000000140)=',,\x00')
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r6, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r6, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0)
read(r6, &(0x7f00000002c0)=""/113, 0x20)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x15)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000c00000/0x400000)=nil, 0x400000, &(0x7f0000000380)='cache=mmap')
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x100, 0x6, 0x8000000000, 0x1, 0x7, 0x80000008, 0x4002004c5, 0x1002, 0xfffffffffffffffd, 0x0, 0x7, 0x800, 0x4, 0x6, 0x0, 0x49], 0xdddd1000, 0x1c6356})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz1\x00', 0x200002, 0x0)

28.16815747s ago: executing program 33 (id=1443):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f0000000180)={0xbe, 0x0, 0x1})
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000074d564b000000040000000000000000"])
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000140)={0x0, 0x1c0, 0x3c0, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x98bd, 0x800000000000009, 0xfffffffffffffffe, 0x4, 0x10000, 0x100, 0x1004, 0x0, 0x8, 0x5, 0x5, 0x9, 0x9, 0x5, 0x2, 0x9, 0x8, 0x7, 0xc1, 0x3, 0x2, 0x2, 0x6, 0x9, 0x96, 0xf0, 0xffffffff00000000, 0x4, 0x4, 0x7, 0x23b, 0x3, 0x2, 0x888f, 0xffffffff, 0x8, 0x6, 0x6, 0x3, 0x4, 0x20000000006, 0x8, 0x9, 0x400, 0x3, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x2, 0xe, 0x6, 0x4, 0xea, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x5, 0x1, 0x47bc, 0xd, 0x6, 0xbbdc, 0x80000000, 0xfffffffffffffc00, 0x2, 0xb, 0x2, 0xcdc, 0x7, 0x2, 0x3, 0x2, 0x5, 0x2, 0x6, 0x0, 0x3403, 0xab6, 0x0, 0x4, 0x0, 0xffffffffffffff81, 0x9, 0xff, 0x6, 0x28000000, 0x5, 0x61d, 0x3, 0x7, 0xf6, 0x4, 0x6, 0x200, 0x7, 0xe53e, 0x2b, 0x8, 0x2293332f, 0x4, 0x5, 0x0, 0xd, 0x2, 0x80000001, 0x981, 0x2, 0x7, 0xdfd4, 0xfffd, 0x10, 0x5, 0x8, 0x1, 0x9, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0xcc, 0x8, 0x3]})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000000)={0x4})
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000040)={0x4, <r6=>0xffffffffffffffff})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x101, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r10, 0x4008ae90, &(0x7f0000000140)=ANY=[@ANYRES16=r10])
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_SET_CPUID2(r10, 0x4008ae90, &(0x7f0000000040)=ANY=[@ANYRES32=r10])
r11 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r11, 0x4068aea3, &(0x7f0000000040))
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r12, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xb, 0x9, 0x5, '\x00', 0x381d5667})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x20010, r3, 0x21d19000)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r6, 0x40047211, &(0x7f0000000100)=0x2)
read(r3, &(0x7f0000000040)=""/106, 0x6a)

1.234287282s ago: executing program 5 (id=2235):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x110b, 0x200000000000})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x5b, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b418709844294623"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000019c0)={0x164, 0x0, &(0x7f0000001780)=[@clear_death, @acquire_done, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000040)={@flat, @fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000140)={0x0, 0x18, 0x30}}}, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000280)={@fda={0x66646185, 0x3, 0x0, 0x39}, @fd={0x66642a85, 0x0, r0}, @fda={0x66646185, 0x1, 0x0, 0x26}}, &(0x7f0000000180)={0x0, 0x20, 0x38}}}, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x58, 0x18, &(0x7f00000003c0)={@flat=@binder={0x73622a85, 0x100, 0x1}, @ptr={0x70742a85, 0x1, &(0x7f0000000600)=""/4096, 0x1000, 0x2, 0x40}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000300)={0x0, 0x18, 0x40}}, 0x400}, @acquire_done={0x40106309, 0x1}, @acquire_done, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x70, 0x18, &(0x7f0000001700)={@ptr={0x70742a85, 0x0, &(0x7f0000001600)=""/231, 0xe7, 0x0, 0x2a}, @ptr={0x70742a85, 0x1, &(0x7f0000000440)=""/90, 0x5a, 0x2, 0x36}, @fda={0x66646185, 0x8, 0x0, 0x3b}}, &(0x7f00000004c0)={0x0, 0x28, 0x50}}}], 0xb8, 0x0, &(0x7f0000001900)="7e92c5e7b04f65659a1503fbbd58e90ced2453c3f9e93dde147faa93c98678242fd87a4c93dc94ca9014c97da19bb87e2930de34bf7a8da48d960a5ff2809f29e29d7dfa974f74a545bc357992f046a756c66a287927c2ed8130bdc5d4196f8a7534a6ce69e3bd72eb7dd38b03e29b728819a4a0fc72305edeb13aa09e342bb906ca31028f05cc2de76a61c5990271be23da6df3fd773d313414f9f2798a5bcedc18dc5134f2fb32ffa53fa7f20f5c07cb5510c095ad7401"})
openat$binderfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x61, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b2"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

798.450118ms ago: executing program 2 (id=2238):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000002d00), 0x2000)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/custom1\x00', 0x3, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='io.stat\x00', 0x26e1, 0x0)
close(r3)
write$cgroup_devices(r3, &(0x7f0000000140)=ANY=[@ANYBLOB="c021"], 0x5)
unlinkat(r3, &(0x7f0000000040)='./file0\x00', 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_GET_XSAVE2(r4, 0x9000aecf, &(0x7f0000ffa000/0x4000)=nil)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000000)=<r5=>0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000080)='rdma.current\x00', 0x275a, 0x0)
r6 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
read$FUSE(r6, &(0x7f00000007c0)={0x2020}, 0x2020)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x181441e, &(0x7f0000000180)=ANY=[@ANYBLOB='fowner=', @ANYRESDEC=r5, @ANYBLOB="ffb89dd0b0049f7c31bab2000e055c33eb482359f77526fc0955de78bdadaf9510b73b3774773f901a221f695994549b5682f93a383ec2391958d3e8ea2257e99f37608f187dfca3ae8e0cfdd9a0037f4bc2d32adf00000000000000"])
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000002d00), 0x2000) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/custom1\x00', 0x3, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='io.stat\x00', 0x26e1, 0x0) (async)
close(r3) (async)
write$cgroup_devices(r3, &(0x7f0000000140)=ANY=[@ANYBLOB="c021"], 0x5) (async)
unlinkat(r3, &(0x7f0000000040)='./file0\x00', 0x0) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
ioctl$KVM_GET_XSAVE2(r4, 0x9000aecf, &(0x7f0000ffa000/0x4000)=nil) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
close_range(r0, 0xffffffffffffffff, 0x0) (async)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000000)) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
openat$cgroup_ro(r3, &(0x7f0000000080)='rdma.current\x00', 0x275a, 0x0) (async)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
read$FUSE(r6, &(0x7f00000007c0)={0x2020}, 0x2020) (async)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x181441e, &(0x7f0000000180)=ANY=[@ANYBLOB='fowner=', @ANYRESDEC=r5, @ANYBLOB="ffb89dd0b0049f7c31bab2000e055c33eb482359f77526fc0955de78bdadaf9510b73b3774773f901a221f695994549b5682f93a383ec2391958d3e8ea2257e99f37608f187dfca3ae8e0cfdd9a0037f4bc2d32adf00000000000000"]) (async)

798.020968ms ago: executing program 4 (id=2239):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x0, 0x180, 0x5, 0x10, 0xf1, 0x0, 0x970, 0x8, 0xffffffffffffffff, 0xb, 0x0, 0x5, 0x0, 0xbdb], 0xfffe1001, 0x3d4e00})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000640)={[0x6, 0x7, 0x8000, 0x800000000005, 0x2, 0xffffffff00000001, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x43a45})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

709.09555ms ago: executing program 2 (id=2240):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xc5)
read$FUSE(0xffffffffffffffff, &(0x7f0000008180)={0x2020}, 0x2020)
read$FUSE(0xffffffffffffffff, &(0x7f0000003680)={0x2020}, 0x2020)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
write$selinux_attr(r3, 0x0, 0x500)
r4 = openat$kvm(0xffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x3, 0x0, 0x0, 0x2000, &(0x7f0000014000/0x2000)=nil})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r7, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x6c}, {0x6}]})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x213b2000)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYRESDEC])
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0x3000, 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x6000, 0x0, 0x0, 0x0, 0x7}, {0x5002, 0x0, 0xe, 0xc, 0x0, 0x9, 0x81, 0x0, 0x3, 0xe, 0x0, 0x3}, {0x8080000, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0xfd}, {0x11000, 0x0, 0x0, 0x1, 0x0, 0x80, 0x0, 0x0, 0x67, 0x0, 0x1a}, {0x100000, 0xd000, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x8, 0x0, 0x84, 0x1}, {0xeeee8000, 0x80a0000, 0x4, 0x0, 0xe, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x4, 0xf7}, {0x6000}, {0xeeef0000, 0xfffe}, 0x40000013, 0x0, 0x0, 0x0, 0x9, 0x0, 0x900, [0x10000001, 0x0, 0x0, 0x3]})
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
read$FUSE(r8, 0x0, 0x0)
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
mmap(&(0x7f0000701000/0x3000)=nil, 0x3000, 0x1, 0x4000010, r0, 0xfb02e000)
ioctl$PPPIOCNEWUNIT(r9, 0xc004743e, &(0x7f0000000140))
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r12, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000000010100c00000000000000000000000f2"])
openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0200, 0x0)

708.76692ms ago: executing program 4 (id=2241):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000007a80), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) (async)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', &(0x7f0000000140), 0x4a81, 0x0)

653.00846ms ago: executing program 0 (id=2242):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='tasks\x00', 0x2, 0x0) (async)
write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x12) (async)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz0\x00', 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000140)='cgroup.controllers\x00', 0x0, 0x0) (async)
r4 = openat$cgroup_ro(r0, &(0x7f0000000180)='cgroup.events\x00', 0x0, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r4, 0x40383d0c, &(0x7f00000001c0)={{0x3, 0x5}, {0xe7b9, 0xffffffff}, 0x5})
openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x8042, 0x0)
mkdirat$cgroup(r0, &(0x7f0000000240)='syz1\x00', 0x1ff) (async)
openat$cgroup_procs(r4, &(0x7f0000000280)='tasks\x00', 0x2, 0x0) (async)
mkdirat$cgroup(r4, &(0x7f00000002c0)='syz0\x00', 0x1ff) (async)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x42000, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8924, &(0x7f0000000340)={'veth0_to_team\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x25}}) (async)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, 0x0, 0x100000e, 0x12, r4, 0x0) (async)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000380), 0x40042, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0x400454d0, 0x18)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000003c0), 0x80000, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r3, 0x40103d0b, &(0x7f0000000400)={0xc, 0x2}) (async)
read$FUSE(r7, &(0x7f0000000440)={0x2020, 0x0, <r8=>0x0, 0x0, 0x0, <r9=>0x0}, 0x2020)
write$cgroup_pid(r1, &(0x7f0000002480)=r9, 0x12)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, &(0x7f00000024c0)={{0x0, 0x0, 0x80}}) (async)
write$cgroup_subtree(r3, &(0x7f0000004540)={[{0x2d, 'rlimit'}]}, 0x8) (async)
ioctl$KVM_GET_NESTED_STATE(r7, 0xc080aebe, &(0x7f0000004580)={{0x0, 0x0, 0x80}}) (async)
ioctl$ASHMEM_GET_NAME(r7, 0x81007702, &(0x7f0000006600)=""/78) (async)
syz_clone3(&(0x7f0000006900)={0x200000000, &(0x7f0000006680), &(0x7f00000066c0), &(0x7f0000006700)=<r10=>0x0, {0x12}, &(0x7f0000006740)=""/90, 0x5a, &(0x7f00000067c0)=""/203, &(0x7f00000068c0)=[r9, 0x0, r9, r9, r9, r9, r9, r9], 0x8, {r6}}, 0x58)
ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000006980)={r10, 0x0, 0x7}) (async)
write$cgroup_int(r4, &(0x7f00000069c0)=0x10, 0x12) (async)
ioctl$VHOST_SET_VRING_KICK(r6, 0x4008af20, &(0x7f0000006a00)) (async)
write$FUSE_OPEN(r2, &(0x7f0000006a40)={0x20, 0x0, r8, {0x0, 0x1}}, 0x20)

602.323641ms ago: executing program 0 (id=2243):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3, 0x8032, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002180)='/proc/partitions\x00', 0x0, 0x0)
read(r3, &(0x7f0000000080)=""/122, 0x7a)
read$FUSE(r3, &(0x7f0000000100)={0x2020}, 0x2020)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x29c, 0x0, 0x8}]})
write$selinux_load(0xffffffffffffffff, &(0x7f00000002c0)={0xf97cff8c, 0x8, 'SE Linux', "92a5ba78c2405d5d152a6c0393de78fcd9b23a09423101bf6f60e0252732e0b994a50b1701840bed9dfeb9b40b8bc2d877730404159adf08251e4004f750a5fd2af8eb0912b7c09f4e9b65f648e4526a76250657359064fac999e8763836d58d135108b4a30cd59214be6ed540b8d2dcc3f93f2624368edebe318b66840a5537c5e264485e75f2f1b4f6ab6c768896dc5aaecd8c92ff170dbb4f88"}, 0xab)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x7)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x100, 0x7})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$BINDER_THREAD_EXIT(r6, 0x40046208, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r7, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x5}, {0x6}]})
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000240)=""/10, 0xa}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, &(0x7f00000002c0)})

592.983651ms ago: executing program 4 (id=2244):
openat$rnullb(0xffffffffffffff9c, 0x0, 0x200, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000800)='/sys/power/image_size', 0x141a82, 0x0)
write$UHID_GET_REPORT_REPLY(r0, &(0x7f0000000000), 0xa)
r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000033c0), 0x0, 0x0)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1e1243, 0x0)
ioctl$BLKRRPART(r2, 0x125f, 0x0)
read$FUSE(r1, 0x0, 0x0)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_INTERRUPT(r6, 0x4004ae86, 0x0)
r7 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000002a40), 0x200, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$vga_arbiter(r8, &(0x7f0000000100)=@other={'lock', ' ', 'none'}, 0xa)
ioctl$BLKROSET(r7, 0x125d, &(0x7f0000000540)=0x10001)
ioctl$BLKRRPART(r3, 0x125f, 0x0)

463.118193ms ago: executing program 4 (id=2245):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x628242)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f00000001c0)={@flat, @fd={0x66642a85, 0x0, r0}, @fda={0x66646185, 0x6, 0x2, 0x13}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x7a, 0x0, &(0x7f00000002c0)="fbf4cb14742f95c20f4ecc7d758ae543865809ee9c940ef390898a69a6c12693bd7b65b7f9eb8dc0d2971b790b93f0157189a59ce6319b0aaba663eb60427d97fed19c12f6aa485980d59a85941649f7591488975b4be057d2c34463bb770c4b24cbec4728f20fb896c6079419d497af5afe4cd195bc6fe20000"})

399.554414ms ago: executing program 4 (id=2246):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="1e0334003c5c980128876360864668f82ffdeefa000000000000ffd2acb165fe580cd568cd1f31b87b548cb74136f366da0abe"], 0x3e)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r3, &(0x7f0000000280)=ANY=[], 0xffdd)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x58, 0x0, &(0x7f00000001c0)={@flat, @fd, @ptr={0x70742a85, 0x0, &(0x7f0000000240)=""/10, 0xa}}, 0x0}, 0x10}], 0x5e, 0x0, &(0x7f0000000280)="27340dbe79e8af432ff4fa2360c88df5a04d8e7eeb14f8d0fab09d900a6bb5bc0f07887e054cb7693ae1fb57bdf9173c6f2dd3f6284401f0a87fa2166027d3eda04b0809ab53399e60c5169690bcaa67b7123d2729933e63d78255ba0d07"})

398.991745ms ago: executing program 5 (id=2247):
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8, 0x13, r0, 0x2000)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000180))

397.746914ms ago: executing program 5 (id=2248):
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x280000, 0x0)
close(r2) (async)
syz_clone(0xd000, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$TUNSETOWNER(r2, 0xff07, 0x0) (async)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f00000004c0)=ANY=[@ANYBLOB="090000000000000004000000000000000000000002000000040080000e0000000800f40000000000000000000000000000000000060000000000000000000000020000008bc040150500000000000000000000000000000001000000050000000a000000ff7f000008000000fdffffffffffff7f000000000000000000000000010000000300000001000000040000007f0000000000000081000000000000000000000000000000000000c0ff07000003000000ffffffff0600000001000000ff0f000000000000000000000000000006000000000000800a000000000000000000000000000000080000800000008007000000040000000700000000000000030000000000000000000000000000000200000000000000010000000101000004000000010000000100000000000000000000000000000000000040000000000700000004000000070000000000000000279098e42b1b04"]) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/binder0\x00', 0x802, 0x0)

397.155734ms ago: executing program 0 (id=2249):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r2, 0x40309410, &(0x7f0000000000)={0x0, 0x1, 0x0, 0x6, 0x1, [0x6, 0x8, 0x3, 0x54e]})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000300)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
openat$snapshot(0xffffffffffffff9c, 0x0, 0x481, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x769, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c1ae2008448e5750c3a3d5733b4a2486788550e6353e9b12cc09750d5b9dcd2aedba61d0520e99a51e880d3dd78a2b502029deac1860cf50885f8bf5119491c6b1e06492e98ca64e5e3"})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r4, 0x0)
close(r3)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000280)=[@request_death={0x400c630e, 0x0, 0xfc}, @clear_death], 0x0, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0xa2)
read(r0, &(0x7f00000004c0)=""/92, 0x1001)

278.607866ms ago: executing program 5 (id=2250):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000100)=0x100000, 0x12)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f0000000200)=ANY=[@ANYBLOB="636f6e746578743d73792274656d5f75dd47d0b90b893a03ffdf"])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000008, 0x10010, r1, 0x3000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r4, 0x4030ae7b, &(0x7f0000000000)={0xf97, 0x8, 0x4, 0x94f, 0x8})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, 0x0)
read(r0, &(0x7f0000000040)=""/106, 0x6a)

278.120506ms ago: executing program 0 (id=2251):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)=0x6)
ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000080))
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
ioctl$PTP_PIN_SETFUNC(0xffffffffffffffff, 0x40603d07, &(0x7f00000001c0)={'\x00', 0x5, 0x0, 0x6})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000240)={0x6000, 0xa000})
r3 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000280)='cpu.max.burst\x00', 0x2, 0x0)
write$cgroup_int(r3, &(0x7f00000002c0)=0x2, 0x12)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, 0x12, r2, 0x5d26e000)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r4 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$int_in(r1, 0x5421, &(0x7f0000000340)=0x9)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000380)={0x101fd, 0x2, 0x8000000, 0x2000, &(0x7f0000ffc000/0x2000)=nil})
ioctl$KVM_CAP_MAX_VCPU_ID(r4, 0x4068aea3, &(0x7f00000003c0)={0x80, 0x0, 0xa2})
r5 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$cgroup_int(r4, &(0x7f0000000480)=0x7fff, 0x12)
ioctl$PTP_PEROUT_REQUEST(r4, 0x40383d03, &(0x7f00000004c0)={{0x7, 0xc97a}, {0xfffffffffffffff1, 0x38a1}, 0x9, 0x1})
ioctl$KVM_CAP_PTP_KVM(r4, 0x4068aea3, &(0x7f0000000500))
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000580), 0x30000, 0x0)
read$ptp(r4, &(0x7f00000005c0)=""/71, 0x47)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_print_times', 0x200000, 0x140)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r5, 0xc0c89425, &(0x7f0000000680)={"d2df4048632ac38e305a1de7b9ab65da", <r7=>0x0, 0x0, {0x800, 0x1}, {0x0, 0x8}, 0xffffffff, [0x400, 0x6d40, 0x9, 0xfffffffffffffff7, 0x9cc, 0x8, 0x9, 0x678ab9dd, 0x1, 0x43, 0x2, 0x8f58, 0x9, 0x10, 0x7fff, 0x6]})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r6, 0x5000943f, &(0x7f0000000780)={{r5}, r7, 0x0, @unused=[0xf04f000000000000, 0x7297, 0x1, 0x8], @name="880f93ea968aed3b4f9c13d9c2cadd6e0bb3d612a9d232ff429ef693690398733c25e998bd50104a2bd6f528581a2e3af39f99c357c4f9430513c11c90a2ef103d96b438aef512319b3a0f0c35b9b9bd44fec5c2f2d59be60ab537f7ed6abe6402fd94b55e5d2bae69dabc7868e272f0f43bbd205a52edb2377790c3d4dcd8c219d500713aaef48015a4f49ad0e178c914022205b727a08f4eba41a8abbaa5dddafeb7f3cb5bcb023285a162c4c2dcce2c79e318036bb632735dcbee556f167a1a0facbd2edfede1a40a5e2aec7c6f3e16a29df4e0e7e7edea4695e5f29b50ecb0d63b0ed4cd68d80a6faecf81cef839879e72cb1c61f24c8de42e58eff0f0100774218dd3692079bc9076de2030b8eca670ce6ab1993af60d41ec3598545ea7940d00e23f354531abec6acf35d1c36925e01c5dd727dc00f31a4c88d70f6fe3f8ee983acb950840e3cca89028275aa3198058c99755ccbf8b7dd7fa5cc4261adb927dbeb5b39b2bab70a541ee9a986c2d64dadc6647c7a5042b2d0a76d168cd7b339cbb8b970efc13eb31dc183978a58c0007a923f5851023a504dddb80cd9a48c7190216b6fa80d0971e6c6b3aebfffac1b76258a5d2031ebbcc7121406d300115c26b879ee68bd51b0d2d8d0b6b94bc5ee1cd529a5013c9c56c5df2af7cd663c32f55f46b6041cfd6000d334506b02b34e649707ffc2f137a3c2881ff3db2fc8d582266ca9023f7662e019345a26fc6aa5b8af6854640edbda77048b48ce3bffede3934d9183ef3d7cd59c9e8215812d618cd03117ebd70afb8780e66aa522022877fa30eb89dd071cae646dfcc40a4b4a60a4bad415e3996e0f03523a1e2b3ac6bee5484901b5c9e5799c4393331ceb2a52691e8b3ddcaa1040e44870dd59216fd982d7692f37bfa538625a50b5c6c14f6f37f84da1310d507c27e0849b53c4138b59f3527214a32b23997943d12980d890bd8b29d0435078e0bd62a9fedfc8f7716c083533cdedb3334539430626cbf351cbe75501d0265dfe20966ce8469bdd01b7b471a65b8be5f3d3e6a7991d986c8e77c95fbaffc117eacc7d822e1afe227b1a43c822fb5b4dc01eb5ecd692ce0a55b8d1dfc0481c2558371a9bfbc7f72688a69e367ea4a4be893ecb7f3a3865cf2bf211cc6038588bcbff51ad4d12f4de5ec9a6cea892d1e7f394706a031f093eda4e1955a4582fecabad736f0d3b4c54279746b27feeeaf740021ed10475282171c888e7a9e5d49d4efed23e0c73ece94e55bd6195eca347139df08f033b6af74d5c00977860ec7822a959589044b054fc28988c4bde0b8662fe9d8ac6335940ad00a6bf5b29f222d0efdbeaf19a515cc3fbf73de4975da487da56f96cd52d76bdd5e882958670be6aa06bc62ac95087ac0b4cc7164093442f81c820c5a857167f41101583e0bbc9c3abe0c04c158f289de9e7615cb461b7eeae7b2d71da366457f57773fa1ea8126fe41588ecf7fee4b2cf973a8d21f8ff0e28fdd3d7c1b6040bb24b9f731b0b7a9da43698e5766b6b2e72a815e96da8696f004fccbff061697556c969cfd036947003984b99dbe48b5546e71b952acb0005dff79a6b77e104f38ffbbab14bc9620bcb5aed1cf4631bb4cf6a1cd6d752aa29ed70f7cf39e579b98f7da94890e82ad7fa0895a11563e2e18e378a748f7d9aec80a62d52db9f1109a70cbe6fe54c0a99b538abb5f0fa0835e549b875151f6bcf24730ef7dcc4a3b5d277250a8ea7ae98d04b34428e44f709854f07ba552bb910b501119cfc18cfcfa458edf813a10f7c0006637489cbe2606293823a271bdf534cffc1e9ccfe2fe61913b7b4bd3d526541487a0d4ad1a7d0503abb41d7c1eb6799272bafb8fb40b09a14a91ab38fe72fa485d61a739ec7cbc023f1fafef0ff5e845bdfa68dd2e9d2e7c26315aa859335dc827dd7ae22ec83b91eec551b1e06a325e07eee57d64a443716b763b1501347207bf36252ae79ab91c66a5f660a42a0c74a851572c39f0dd68bca552f632ea98b9ace1ac4184443604e164c1a88dbcf48540bb4ba443e210ad3ebe2946c19485fffb368af3fb6a840697cad4aec8c1ca8863d20ee127bd0ceccf39e49b25e5aa1527f72e4c6130973440d11add5cb3c895f5e7fbd8592431a2cc768a6dd5e627a0d91564d4104e85820a4cc03aa040e099acc96cdda78e30711feac2c59ecbf2f27f16c3b29b21bdd57084f1261b53ccc4ab54f2ac19f8db8d2d031c2962c8bc36f51e50030975bfd513af9ae07af68e7c54b8e618a1e08dbe5a7d2b6b8c4ab3f4497f535b670d3ca592f1777526431b10a04581e127ae1fb3d190b0d3d7deac8bedd76ed3c8919eb71a3d95ca05e4c34f453b52866aa2bf73139756ae097f6d7603ffb70dde211b5fc6537fd98c23ef9484abe7c2d8d9b0cca1de682bef8ef5793edd7a945a97508267906ada471f94ffa6b2b59a43346a3fb2ac866ace8476785932183f9d74b3aeb93daf0f3ec4bdb9921b9686e7f92771c8cae09d8adb5452f0073d39077108a949146e641b9ef0897606cf56e4abbf516908a080e43b936b540cd90d6006e2ccf9713bb882911222e2fce20eedf8483025186f6b0fa9588009d338421cb24dcc09d256d7bb6e18ce4fc4dfdc0003ba4eb595e9abd73af7f5b39d54a43fa70ac5e1fdeee861c01ab013e64e3559c99e7721dec44c9c7b57a2b074f39b5e2db2ca67ef0cce8951711e46e86622dfd233e849c675943d002c20b1ed753e0226a5fe92c38765a3f2c42a716bdde6ab0d9e419021fbd90deaeb1772fe8e168b146b9f92f28f489621ecfc68245bde389e09bcf8a2a56c0eba265335ccdc9c35fc50d0e5a90c2a94dbf91ec9b15e52307bdc70530c34e2fad67d699b3e5c1aca1efe08d68a726e597f61950e3bac811b171e4668725b30f8a09eecbf01facac069b2561b3db66841aec4f73d62ee01ca6df3b206de0c619d2ca73a1a1048433f852d890240f6cb1fd83f4d6804ac91664d541942943f2bbde20ff2e4b498f02b8686c49a75d089ecb7d3a3bf207afc33701929b0a3c38db453b299c6d798ea56179e0efc1304e0a0683f02f6a3210c943abbdfce84186f964688663d96ec6f979ea84697e4a6ef8acc7d81d89706161f90e5007cbd2f13b057e60ea9c4c744f3e7b330330796221c28fa8b5cf4e0b6c4aac73d2f42c6672742acd9d4d6f8236fd65523f98d6dab50d2096c8f8852473ff46f63673b5716aa0251fc1e81bf3d734cdaa3c3d3e6c105e96b0215830134f47bea9fe73eb661fc4ff9a07288cf07186c9985d6d34da34f8c9f449e759b3dfe2ba86403a1a884edb8261e2956a28c757d1badefb6ed4a265be63955b196303d67f7f553e2dd81a7732b3055a53db3026ef79e2db1f85bcaae6c86f9b30a7d9bead7efcc3bf6b4c57f2228b0982edb02153c129aec5b451ec7759495a9e686e39f47c4276b7f148af8e948d62fe53ebfe106c5b2245bd4deaf14d72b1d72ec7352ec5ddb808f7d2a82c1311f2d3c45be2956c6fd6aa690d3ca07faf5f8f9210e925fd40ff854329d74caab0050903fe377752f2c3c104fb99961f3c13af9d7f6a2bf9ee96f21aaab7df3bb5905c7556ee4f20227efa1fb086e2dc268fb676a4a118e6ac4bfacf3abf100de01a3998d48601b7d9277874c83e84b61c4ce6608a5212891277c3f5b5d76e0d5107b11d03a4efb8e0e0fcc3d5fe7d7f0cf88a8d20752ed6eba2399e721a3c48178b1cb614e3b70cd80c55037000808396c012759ca21b4601188e1f0fb689a2c87f37dcbe74e40f22c83a438628976608a9e9af848f6c842f1a74ef971c50190a5deec250b10294a041e379eedc945514c83c14c8b13fa4959f25019b6eda1f88cc40d9d72f91687d3ab0a7b35fe25815199296fb5d7520669c1f85ae38663cdd18de25038aca15be814d9f49bdd77c04e215c24799f5643b345aca79641009e89adaa91759ee95682905eac7629ffcb535f1ce6e553e56ec056025152ef7dd7872f405b52fd42c2725be1c91ba67c5dd2e15a5e37109d4bc058deae8f30c22038bcf1d6defa45211f9427902e67e26f5e62c251c5aab263c96526763fb1e3f5728ec61c1fe1f6b142a0e49ed18da6da047ae6c0dd39db570b36274c86f9a87bc23c083fc563a78b335e2b317d9bac39a122317cf68fb24393d50892f089a7a0b62c2a0f7563a3b7f8def1745458ff57413c0f2a8d02057c2ce29fde1219fa9bf78a36c4bb83b227fa514d1bc823739aac9741a98849e8e3c3c960cffb5826d6197f742c85f1eaedf3c5061621591bf976b714c5f08070c8c7672863ed85254ef0345f1b057f6409680f198a57aa192bbcfc9a1de362fbc5d7120d892e385a1ef98fa5da0f3b19e2d967e6d51b59e972cf81504eedb2d251bac78d7f3ee5527dad62203ed5ac3fca88d1a89748f023845a3193e7789e992f91403fd30d21223c7425b83036b8adda526b612fe46d744bf1daf9102ead4bba70ef939090d26ba77e9e072e20f8b76ecf9283ab35d25b6d492944ad61edf4ce0773ba89a75d71bdb4b3f36bcbf21ec15360126779c77a77295fff326263d25dda91c6131819d977090d9e5e66fdcf86427c1aa0e71b52669c1ee300e570e3c3b0db424983634ffa8e2a6229f8c83c15666701c25972b9b074b478bc234e34db9441bf78dc23eac0d863dd1fd519ca75e6fe06162d32d672d1b180eb2f00c8bdfbb929d078f9a3a5efca990c17faeace71e28e438754b9abb723ff5bb2624283a3d1c2ca5c7f27bb00b2d289fb8e0ebb6594bc295cb6a6a19f0a8799dd2cf0f30f34783fd9498fad3204c2098562f51cbfefedb5fc0ded759c900b9d831b266d3054bcb31f6244fb7a31354c0e706fbe1651b8af360d2f3e88d8fc3f3ebe4377c6ad4112dcf7f293293bff23a8a70f13632f03e8f08acccf207704b9157e56e8277ad652195cbcec05ef7b1f13581414fdbf3098a0bef4def2efcd7b974155dbbc6ac9a09a909615a2a55ea8638cfb1721dc0cbfe4309cf01dbfa659b9ab0ccfea6ef9f24c01136fdd9fc4ee20c6052cba86b514d0db7b2bfce78e6a22db96f65886dd182f27cecefd07753b6fe228c30f48d4f1f3ec934f3c31742156ffddad98d1b18a9cad2ad32b2c50854d9c4f3549aae8e32377799e721478c2096c57d5228ef7a9ae820597d5fe268d194135580329bfd0e9f2744ca9cc21a66c8127cc2fcd791ced562be705426b1bd99dfd00d5162ad80d09d4147ccb8023fee1c22a85a3d0f795898adda1a916d1ec7e88cc496f458903007c4cc4bd2378c142d6a054a302110913c741f5d8a73a71c258a85388aabbbf8da8adc7ff00aacc5f138404914fc06a0c65727cf91eee744fb0246d3f16fe73f5fde03ee653c096585b038adc65b41c56ed51a3112a724bd76c602ffdd672b9c6783ccfddd12651f324e0be819ace2eaa5284399b46f467f261d9737226c534828e6bede0085bac52a5d89e5192575443e721799f5b6cea921544159a930bfc555e9f87a3e873d38178e4760822c4070d3751024f344edcd4e23ed428a425dc85f5d64856ea568de2ff31112cf938c98d97641643d938a0575098aebd100071a602e20a059d1d7d1b20a1d197e0865735c4d4c74e547cb10c9c27be42cd2dad3b2a29e82943f4fedc729800c2ae1ed293aeae5187c7a9dab65f95904258"})
ioctl$PTP_PIN_GETFUNC(r6, 0xc0603d06, &(0x7f0000001780)={'\x00', 0xa, 0x2, 0x6})
close(r1)
ioctl$TIOCMGET(r6, 0x5415, &(0x7f0000001800))
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000001840)={0x30, 0x5, 0x0, {0x0, 0x3, 0x1, 0x4}}, 0x30)
ioctl$FIONCLEX(r6, 0x5450)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f0000001880)={0x1, 0xc000})

274.092116ms ago: executing program 0 (id=2252):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'netdevsim0\x00', 0x1})
ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000200)=0x1)
close(0x3) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x6000, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x5000, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x0, 0x3}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (async)
r4 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000033c0), 0x2602, 0x0)
write$cgroup_int(r4, &(0x7f0000000580)=0x1, 0x12) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) (async)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0)

263.502046ms ago: executing program 4 (id=2253):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0xa, 0x2})
r3 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
read(r3, &(0x7f0000000280)=""/14, 0xe)
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})

212.885957ms ago: executing program 2 (id=2254):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009002"])
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x54, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat=@weak_handle={0x77682a85, 0x1001, 0x3}, @fd={0x66642a85, 0x0, r4}, @ptr={0x70742a85, 0x0, &(0x7f0000000240), 0x0, 0x0, 0x31}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}, @release={0x40046306, 0x3}], 0x5a, 0x0, &(0x7f00000002c0)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f612948409bc69ce5464f37"})

178.557537ms ago: executing program 5 (id=2255):
ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000000)={0x4b, {0x4, 0xff, 0x4, 0xfff, 0x4, 0x400}})
prctl$PR_CAPBSET_READ(0x17, 0x1b)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000080)={'syz0\x00', {0x3, 0x6, 0x8, 0x4}, 0x22, [0x12000, 0x100, 0x3, 0x0, 0xe, 0x6, 0x6, 0x11c, 0x4, 0xfffffff6, 0x4e7a, 0x5, 0x81, 0xffffff81, 0x3, 0x4e, 0x5, 0x3, 0x2, 0xfffffffa, 0x6, 0x0, 0x80000, 0x6, 0x5, 0x2, 0xdb, 0x4, 0x8, 0x96, 0x2, 0x6, 0x5, 0x10001, 0x1, 0xfff, 0x1, 0x7fff, 0x0, 0x9, 0x0, 0xfff, 0x1, 0xd, 0x7, 0x9, 0x8, 0x5, 0x800, 0x7, 0x101, 0x200, 0x2, 0x1, 0x0, 0x3c000, 0x7, 0x6, 0x4, 0x1, 0x9, 0x9, 0x9, 0x4], [0x9, 0x3, 0xc, 0x80000000, 0x8, 0x93, 0x2f, 0x3, 0x0, 0x9, 0x78c, 0x101, 0x7fffffff, 0xfffffff9, 0xf677, 0x7ff, 0x3, 0x7, 0x7, 0x3, 0x7a40, 0xe06, 0x8, 0x7fffffff, 0x3, 0x7, 0x3, 0x53ab, 0x7, 0x0, 0x7, 0x9, 0x9, 0x7ff, 0x2, 0x0, 0xffff, 0x8001, 0x4, 0x1, 0x7ff, 0xc, 0x80, 0xffffffff, 0xb6, 0x8, 0x3, 0x200, 0x3745, 0x5, 0x5, 0x0, 0x3, 0x5e03, 0xb, 0x100, 0x6, 0x8, 0x2, 0xfe0, 0x10000, 0x5, 0x4, 0xfffffffe], [0x200, 0x3, 0xecb, 0x0, 0x5, 0x2, 0x80000000, 0xffffffff, 0xfffffff7, 0x2, 0x8, 0xf6, 0xb7, 0xe6dd, 0x8, 0x9, 0x3, 0x657a, 0x9, 0x5, 0x54, 0x401, 0x1000, 0x7, 0x6, 0x7, 0x7, 0x1, 0x2, 0x0, 0x80000000, 0xb, 0x4, 0xa5b0, 0x2e3, 0x5, 0x6, 0x7, 0x9, 0xffffffff, 0x9, 0x80, 0x1000, 0xfffffffa, 0x3, 0xfffffff8, 0x6, 0x1, 0x800, 0x7, 0xc7d7, 0x6, 0x101, 0xc3ca, 0x9, 0x8001, 0xbae, 0x80000001, 0x2, 0x7, 0x1, 0xc1, 0x6, 0x8], [0x1, 0x1, 0x2, 0x5, 0x3, 0x49, 0x0, 0x9, 0xfffffff9, 0x2, 0x2, 0x5, 0x9, 0xccb, 0x8, 0x8, 0x0, 0xe05, 0x5, 0x6, 0x100, 0x9, 0xfff, 0x400, 0x92, 0x6, 0x8, 0x10001, 0x800, 0x4, 0xfffffffe, 0x2, 0x10001, 0x0, 0x3, 0x6, 0x3, 0x8, 0x40, 0x2, 0x3, 0x6, 0x5, 0xd, 0x1ff, 0xad2, 0x3, 0x4, 0x4, 0x8, 0x8, 0x100, 0x8, 0x9, 0x8, 0x4, 0x6, 0x4, 0x81, 0xf, 0x3, 0xc, 0x10001, 0x200]}, 0x45c)
prctl$PR_CAPBSET_READ(0x17, 0x14)
ioctl$F2FS_IOC_GET_COMPRESS_OPTION(r0, 0x8002f515, &(0x7f0000000500))
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x17)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000540), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x9)
ioctl$F2FS_IOC_SET_COMPRESS_OPTION(r1, 0x4002f516, &(0x7f0000000580)={0x6b, 0x7})
write$uinput_user_dev(r1, &(0x7f00000005c0)={'syz0\x00', {0xffff, 0x800, 0x1, 0xff}, 0x2, [0x8, 0x81, 0x0, 0xfffffff7, 0x4, 0x8, 0x0, 0xfffffffe, 0x1, 0xd9d, 0x5, 0x5, 0x5, 0x100, 0xad5, 0x7fffffff, 0x1c, 0x3, 0x9, 0x4, 0x7, 0x8, 0x4, 0x8b, 0x1000, 0x3, 0x4, 0xe, 0x1, 0x4b, 0x0, 0x10000, 0x4, 0x9, 0xecaa, 0x7ff, 0xfffffff7, 0x20000, 0x2, 0x1, 0x5, 0x1, 0x2f, 0x7, 0x66b0c04c, 0x7, 0x3, 0x400, 0x8, 0x0, 0x8, 0x1000, 0x8001, 0x3ff, 0xe, 0x3, 0xffff, 0xa0, 0xfffffffc, 0xf, 0x800, 0xffff, 0x4752, 0x6caf], [0x401, 0x40, 0x7, 0x1, 0x0, 0x4, 0x1000, 0x9, 0x7, 0x80, 0xffffffff, 0xb, 0x7, 0x7f, 0x7, 0x1, 0x7, 0x27, 0x5, 0x2, 0x5712, 0x7, 0x5518, 0xe4c2, 0x4d2, 0x4, 0x9, 0x10001, 0x4, 0x1, 0x10000, 0x9, 0x7, 0x3f, 0x6, 0xe, 0x2, 0x1, 0x1, 0x1, 0x10000, 0x8, 0x0, 0x400, 0x9, 0x1, 0x40, 0xa0cb, 0x9, 0xffffffff, 0xffff, 0xfffffeff, 0x4, 0x4, 0x7f, 0x0, 0x2, 0x9, 0x59, 0x0, 0xfffffffc, 0xc0e5, 0x4, 0x3], [0x80000001, 0x7fffffff, 0x2, 0x1, 0x8, 0x4, 0x2, 0x4, 0x7, 0xd, 0x7795, 0x3, 0xa3, 0x6, 0x6, 0x9, 0x100, 0x1, 0x9, 0xe3, 0x3, 0x40000000, 0x8, 0x7, 0x5, 0x1b, 0x8, 0x101, 0x401, 0x836, 0xac6, 0x4, 0x6, 0x401, 0x0, 0x7, 0x80000000, 0x5, 0x8, 0x7, 0x7, 0x6, 0x814, 0x8, 0x3, 0x0, 0xf298, 0x878, 0x832, 0x0, 0xb, 0x800, 0x200, 0x1, 0x1, 0x30b2, 0x6, 0x8, 0x7, 0x9, 0x7, 0x1, 0x31b, 0x2d], [0x7cd99884, 0x5, 0x4, 0x6, 0x3, 0xffffff2a, 0x1ff, 0x10000, 0x3, 0x1, 0x1, 0x80000001, 0x5, 0x1, 0x7, 0x1, 0xfff, 0x0, 0x0, 0x1, 0x10, 0x3, 0x3ff, 0x0, 0x6, 0x1, 0x1, 0xffff7fff, 0xfffffffb, 0x9, 0x9, 0x2, 0x5, 0xd, 0x0, 0x401, 0x400, 0x9, 0xe, 0x81, 0x10000, 0x9, 0xf, 0x0, 0x2, 0x0, 0x2, 0x100, 0xe9, 0x3, 0xf246, 0x0, 0x3, 0x7, 0x6, 0x7, 0xa3, 0x101, 0x33f7f9f3, 0x10000, 0x7, 0x80000000, 0xb, 0x2ba9c00]}, 0x45c)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f0000000a40)={{0x0, 0x0, 0x80}})
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000002ac0)={0x1, 0x0, [0x0, 0x2, 0x8940, 0x1000, 0xffff, 0x1, 0x88330806000000, 0x731]})
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000002b40), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000002b80)={{0x3, 0x1, 0xa, 0x91ec}, 'syz1\x00', 0x1d})
prctl$PR_CAPBSET_READ(0x17, 0x11)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000002c00), 0x802, 0x0)
ioctl$UI_DEV_DESTROY(r4, 0x5502)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x16)
ioctl$BTRFS_IOC_LOGICAL_INO(r1, 0xc0389424, &(0x7f0000002c80)={0xffffffffffffff80, 0x10, '\x00', 0x1, &(0x7f0000002c40)=[0x0, 0x0]})
ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000002cc0)={[0xeeee8000, 0x8000000, 0xdddd1000, 0x4000], 0x244, 0xd3, 0x8000})
r5 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000002d40), 0x0, 0x0)
ioctl$F2FS_IOC_GET_PIN_FILE(r5, 0x8004f50e, &(0x7f0000002d80))
prctl$PR_CAPBSET_READ(0x17, 0x1b)
prctl$PR_GET_THP_DISABLE(0x2a)
ioctl$UI_SET_EVBIT(r5, 0x40045564, 0xb)
ioctl$FAT_IOCTL_GET_VOLUME_ID(r5, 0x80047213, &(0x7f0000002dc0))
read$FUSE(0xffffffffffffffff, &(0x7f0000002e40)={0x2020}, 0x2020)

168.463938ms ago: executing program 5 (id=2256):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0x80a0000, 0x1000, 0x1})
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x101, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000140)=ANY=[@ANYRES16=r5])
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000040)=ANY=[@ANYRES32=r5])
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r1, 0x84009422, &(0x7f00000002c0)={0x0, 0x0, {}, {0x0, @struct, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TIOCGRS485(r7, 0x542e, &(0x7f0000002ec0))
ioctl$BTRFS_IOC_GET_DEV_STATS(r2, 0xc4089434, &(0x7f00000006c0)={r6, 0xe5, 0x0, [0x6, 0x8, 0x7, 0xfffffffffffffffc, 0x5], [0x0, 0x8337, 0xb, 0x6, 0xffffffffffffffff, 0xa6, 0x6, 0xd2, 0x1, 0x8, 0x7, 0x4, 0x7, 0x8, 0x5, 0x4, 0x4, 0xe29, 0xfffffffffffffffc, 0x1, 0x0, 0x6, 0x7, 0x8, 0x1, 0x6, 0x5, 0x3, 0x4, 0xf, 0xffffffffffffc0b1, 0xff, 0x9, 0x2, 0x8, 0x4, 0xfffffffffffffffa, 0xfff, 0x1, 0x5, 0x7, 0x8, 0x2d4, 0x8000000000000000, 0xbd, 0x9, 0x2, 0x2, 0x5, 0x9, 0xd, 0x5, 0xbd, 0x8, 0x1, 0xffff, 0x0, 0x101, 0xfffffffffffffff7, 0x9, 0x6, 0x5, 0x6, 0x7, 0x9, 0x7fff, 0x80000001, 0xe, 0x6, 0x80000000, 0x8000000000000001, 0x2c, 0x8, 0x4800000, 0xff, 0x80000000, 0x7fffffff, 0x9, 0x4, 0x8, 0x8b8, 0x6, 0x6, 0x6, 0x5, 0x0, 0xc1a, 0x80000001, 0x400, 0x37b, 0xe, 0x0, 0xb, 0x1800000000000000, 0x0, 0x1, 0x0, 0x9, 0x8, 0x0, 0x1000, 0xf1, 0xd, 0x7, 0x4, 0x8, 0x5, 0x8, 0x3ff, 0xfffffffffffffffe, 0x4, 0x7, 0x4, 0x1c83a00000000000, 0x6, 0xffffffffffffffc0, 0x1000, 0xf, 0xfffffffffffffffd, 0xc532, 0x9]})
ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r8, 0x4008af12, &(0x7f00000000c0)={0x2, 0x3})
close(0x4)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, 0x0)

102.348949ms ago: executing program 0 (id=2257):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_PIT2(r1, 0xaea2, &(0x7f0000000040)={[{0x3, 0x81, 0x0, 0x43, 0x0, 0xc5, 0x70, 0x8, 0x7, 0x8c, 0xda, 0x19, 0x800}, {0x0, 0xf3f, 0x2, 0x7d, 0x8, 0x7, 0x2, 0x9, 0x0, 0x7, 0xd, 0x41, 0x81}, {0x4, 0x9, 0x13, 0xfc, 0x5, 0x7, 0x1, 0x10, 0x2, 0xf4, 0x55, 0xe, 0xffffffffffffffb5}]})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000910000400eca"])
r2 = openat$kvm(0xffffff9c, &(0x7f0000000180), 0x2801, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x2515, 0x0, 0x0, 0x1000, &(0x7f0000fec000/0x1000)=nil})
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000ffe000/0x1000)=nil})
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000000)={[{0x80000000, 0x4, 0xc2, 0x4f, 0x40, 0x2, 0x80, 0x1, 0x3, 0x44, 0x8, 0x0, 0x9}, {0xb, 0x1, 0x6, 0x8, 0x9, 0xff, 0x4, 0x3, 0xa, 0x13, 0x7, 0x6, 0x1}, {0x1ff, 0x7, 0xd, 0x10, 0x25, 0x9, 0x0, 0xfb, 0x4, 0x5, 0x0, 0x2, 0x4}], 0x9})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x4000000000000000, 0x6, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x3, 0x7fffffffffffffff], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0)
syz_clone3(&(0x7f0000000480)={0x300040200, 0x0, 0x0, 0x0, {0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mount$binderfs(0x0, &(0x7f0000000280)='./binderfs\x00', 0x0, 0x2000063, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000380))
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
ioctl$FICLONE(r8, 0x40049409, r7)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000340)={0x18, 0x0, &(0x7f0000000040)=[@enter_looper, @acquire_done={0x40106309, 0x3}], 0x50, 0x0, &(0x7f00000002c0)="8a3e4b14485bef8901593175bfe04ac0baae7c5651ec6005649a06817a9203cff0f36f848684f4120d8c0faf025780d0819e642ae6cc84fec79002d8167fe3494aac7fd28e23c066793738f2fe6defcb"})

101.954329ms ago: executing program 2 (id=2258):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/custom1\x00', 0x0, 0x0)

101.694289ms ago: executing program 2 (id=2259):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0xe05, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c1ae2008448e5750c3a3d5733b4a2486788550e6353e9b12cc09750d5b9dcd2aedba61d0520e99a51e880d3dd78a2b502029deac1860cf50885f8bf5119491c6b1e06492e98ca64e5e32afbb3b0630cb35b58640afc2188a232f77968c18d2d0e8f91c974edcb3198b4520f530acacb12017216338cc479de3651e8f15f1672397c730e3ca2a189ca4cc85f35dd46aeb67b6a2eb7268a653b190d8ba670490d50f761c1fa25f1954d8fe6bcb15dbc23698c945262b991e6245b9a25b12b13c87bf8a8a06f51784007abd06e01a0c03ee80b236fabb5b22ce797c4d8a739ac96dcf16c93f454463d3631c4cdd2dea6732a486015dc9937ee4e6efbfff46bdd8887094ca4bd94d995f411421c7ef07f949fcc10132f58b7c99a871780d92464594c930b80596baab77b0d68a05d71ca8a1888f3128f12aebac362c4d80870ab3d9f2e77d51f9af16472faff98dda1e0133c8bc2510345d5eb1d64bce64761f4cc39ac6655902338bf1335dc55393995af4447ed1aa4c50bfacd576842560abca3e6c74dcea6dd03d36f9e7f8bda2cf33e3b7da195fba79f5a60421e19910f1fef31b9fa52064ce9ee8c415746a3cab47a8ad8477e9f21e9ee804a85dc568439b95c01bbbc3fa16a8c26bd81b01b8849795b2370f591e2a8e175cd465a600a541839bc734271b4b3afb2303dc1cf12bee00080ad10658c97672ad023e89f23d9301b5dbf1a7ba6d6c2b8dbd300f05f36a095f188b56fd3ba8e871aaf22e2128696e7232cb22f4f5404a3d1256a11665caaead326faad340031cafb99edbceba7bac44c7d2720aedba9cb708dae55b192a1e31835fae8756f062c151f6778b1d93c2d1f8b479ae9bbe1255abcef9beaa95b558fbbc9a979d46580aa85b10f160b438bea64f23b8e605ce34d2b46bbf8bfbfa683b10f55b3d30c58675dd1a524495e5d42c7d02dc60b853e8b3ed2caf41cd24a8a1d044e27d48b2184bac00730f7c20a1ba2bb6b6a5381a3d359d8e721504bbbce18ee49031b48c278a5730f31fb83f6cf32ac98326b722d3e2d7b38a7b80b94a3eb2b69fb1aefc8c0bbe431191f0ed76141a8365621e4f7118dd4465b4642bdb0af21d30c8cfb1d5201852c0428b1983d91f706e814c1395888b1c2a3516ea20a93d868e27c3c9b68a9cda4befc389b57661a4ff37137628ec96bcb625fd10324625ac1589c2918c66f811a323a19ab30bcf28fc20b64176e319d58f74578093e32ba9f51b255693dda9514ff43f6ef6010143554305073e94be322daa024cb7efcf405ea4924bfa72633b766365fee1d59d1a94717450657ff3b72853785e91f94ca1502b129eafa718633bec1557fb1e0ae2887e6e8c0fdd9f3f99de03c0af7364781766520d90c15b0e2a4c43613089dbecc4dd68be74204809f0270370097642d54388ccbb54b58be8b5796eac48ef5f17752eaa7301f075faee593aae71ee0e0ca1f45a22e7cede3597f14a344796ceec33e98b3b89e031c0d757e83d5093322d9afc9898f80b2e9bb17bc8b2b164d048c1b912f6cd92979df629efcb94968cca6e65b9b078677698fa4937a2ec23edd00971a5505ecc65fe150d3d00a34e52cc64951937fc79014b0df8d2c9c35f06209f45556278fa7ecfc70a92eca165bbd493686fb4c0cd607cec994657149a61da2e09414944c557be54908197724174247194d435b25bf78ec4cc164a574662eb4d1e4d784a6ea0c71dd1a16e53a7b8a27fcec679346afe90a05e06b276fe972d5e1d3486e0452d0a9a1636ab9c517f371a0592ef34513a9a4e961cd79c86891f460becb57f41e22b2a72ae175e29344184cde0b2beae00f90a6a79dc689da4b4b1da0e9758854d404a9cbcf725c68b6f2de865b2b5e12124d09f8745208b5cc544522f7c8bcfceb907422502f1641b600a60a5aef28be5a92ff71755efaf29e23c8ca52ad945bbdc4d6e7502adee312ea8d9338a80671f36309026c0d9c2ceb14da0b8beb087853b8014d30372f0d58448530f1bed15c4caaf8a844853030aab1ba6de9891678a16a2d9b9889d4a367753f0aacda03ce6fae1f62b34a3317a704527e65b18dc3186f32c5caa2d82f058066274e145f3cfe0bb5d40a77f54fb0de584d5f50de29d1c3aa29acea2363ef5c1e0592ef94370936df0152871396c13a89e56086f381862edb6f4bec0d937e94a689a8c5c87a51e073fdaa935591bbccff359e0805ded9ac71e3b295fdd05bc2b03d7af58a393778c9dfdfd8101b3503c86a6d9e2fdeb215be40f90bb7360a04e111d743207a8742275ee7df2508b909ea4d3a7af7886d3f26aa58943edbbcbd686bf9cf9a78b43dd9792bca97cda65083404bd7ab227f68e18cd87541bf069bde649a0b9ef1346a748d794685339973d6b59dcbe74a3caf48f4628eedfcd6900c56746f017f0845fea8c95ac7b2a4ff90940f98a163afc082ef6de72f5fddf056e5fe2d42a173f7fd5f6100933a38fad6"}) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='io.stat\x00', 0x26e1, 0x0)
close(r2) (async)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110c23003f)
write$cgroup_devices(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="c021"], 0x5) (async)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

0s ago: executing program 2 (id=2260):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000740)=0xffffffffffffffff)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000600))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xda0}]})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000380)={0x0, 0x1, 0x0, 0x0, 0x0, 0x10000})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs2\x00', 0x0, 0xc1fb7d1ef8ed8ba3, &(0x7f0000000080)=ANY=[@ANYRESHEX=r0, @ANYRES32=r0, @ANYRES16=r0, @ANYRES32=r0, @ANYRESOCT=r0])
r4 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r4, 0x40087703, 0xfffffffffffffffb)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r4, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000000)={0x0, 0x30f, 0x8, 0xc64, 0x5})

kernel console output (not intermixed with test programs):

e
[  111.941545][ T4579] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.210869][ T4579] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.217932][ T4579] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.262533][ T4738] binder: Bad value for 'stats'
[  112.329660][ T4647] veth0_vlan: entered promiscuous mode
[  112.339376][ T4647] veth1_macvtap: entered promiscuous mode
[  112.451452][ T4748] binder: Unknown parameter 'dont_hash'
[  112.842284][ T4776] rust_binder: Error in use_page_slow: ESRCH
[  112.842300][ T4776] rust_binder: use_range failure ESRCH
[  112.848281][ T4776] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  112.853787][ T4776] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  112.861639][ T4776] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:13
[  112.911500][ T4778] rust_binder: Failed to allocate buffer. len:65568, is_oneway:false
[  113.029572][ T4783] can0: slcan on ttyS3.
[  113.300330][ T4783] can0 (unregistered): slcan off ttyS3.
[  113.455942][   T36] kauditd_printk_skb: 132 callbacks suppressed
[  113.455959][   T36] audit: type=1400 audit(1750317225.080:9343): avc:  denied  { write } for  pid=4828 comm="syz.2.1299" name="ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  113.485477][   T36] audit: type=1400 audit(1750317225.080:9344): avc:  denied  { open } for  pid=4828 comm="syz.2.1299" path="/dev/ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  113.509541][   T36] audit: type=1400 audit(1750317225.140:9345): avc:  denied  { ioctl } for  pid=4828 comm="syz.2.1299" path="/dev/ppp" dev="devtmpfs" ino=86 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  113.564580][ T4836] kvm: kvm [4835]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010000) = 0x79a38c48ff000000
[  113.611035][ T4839] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  113.621609][   T36] audit: type=1400 audit(1750317225.250:9346): avc:  denied  { read } for  pid=4838 comm="syz.0.1303" name="ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  113.719316][ T4848] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  113.719316][   T36] audit: type=1400 audit(1750317225.340:9347): avc:  denied  { remount } for  pid=4828 comm="syz.2.1299" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  114.100887][   T36] audit: type=1400 audit(1750317225.730:9348): avc:  denied  { checkpoint_restore } for  pid=4860 comm="syz.0.1308" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  114.124520][   T36] audit: type=1400 audit(1750317225.750:9349): avc:  denied  { append } for  pid=4867 comm="syz.3.1310" name="binder1" dev="binder" ino=44 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  114.129892][ T4865] binder: Unknown parameter ''
[  114.149634][   T36] audit: type=1400 audit(1750317225.750:9350): avc:  denied  { read } for  pid=4867 comm="syz.3.1310" name="uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  114.175710][   T36] audit: type=1400 audit(1750317225.750:9351): avc:  denied  { open } for  pid=4867 comm="syz.3.1310" path="/dev/uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  114.199432][   T36] audit: type=1400 audit(1750317225.750:9352): avc:  denied  { ioctl } for  pid=4867 comm="syz.3.1310" path="/dev/uinput" dev="devtmpfs" ino=194 ioctlcmd=0x55c9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  114.570679][ T4873] binder: Unknown parameter 'ÿÿmory.events'
[  114.616366][ T4877] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:41
[  114.639107][ T4880] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  115.261105][ T4913] rust_binder: Error while translating object.
[  115.261128][ T4913] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  115.267312][ T4913] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1096
[  115.415832][ T4921] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  115.427662][ T4921] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  115.451651][ T4926] rust_binder: Write failure EINVAL in pid:51
[  115.502126][ T4931] binder: Bad value for 'max'
[  115.513004][ T4931] binder: Bad value for 'max'
[  115.517753][ T4931] binder: Bad value for 'max'
[  115.522897][ T4931] binder: Bad value for 'max'
[  115.527817][ T4931] binder: Bad value for 'max'
[  115.532916][ T4931] binder: Bad value for 'max'
[  115.537726][ T4931] binder: Bad value for 'max'
[  115.543106][ T4931] binder: Bad value for 'max'
[  115.547908][ T4931] binder: Bad value for 'max'
[  115.554508][ T4931] binder: Bad value for 'max'
[  115.559331][ T4931] binder: Bad value for 'max'
[  115.564459][ T4931] binder: Bad value for 'max'
[  115.569268][ T4931] binder: Bad value for 'max'
[  115.574292][ T4931] binder: Bad value for 'max'
[  115.579168][ T4931] binder: Bad value for 'max'
[  115.584278][ T4931] binder: Bad value for 'max'
[  115.589570][ T4931] binder: Bad value for 'max'
[  115.594506][ T4931] binder: Bad value for 'max'
[  115.599320][ T4931] binder: Bad value for 'max'
[  115.604336][ T4931] binder: Bad value for 'max'
[  115.609139][ T4931] binder: Bad value for 'max'
[  115.614094][ T4931] binder: Bad value for 'max'
[  115.618900][ T4931] binder: Bad value for 'max'
[  115.623946][ T4931] binder: Bad value for 'max'
[  115.628752][ T4931] binder: Bad value for 'max'
[  115.633986][ T4931] binder: Bad value for 'max'
[  115.638782][ T4931] binder: Bad value for 'max'
[  115.643784][ T4931] binder: Bad value for 'max'
[  115.648584][ T4931] binder: Bad value for 'max'
[  115.653737][ T4931] binder: Bad value for 'max'
[  115.658604][ T4931] binder: Bad value for 'max'
[  115.663955][ T4931] binder: Bad value for 'max'
[  115.668854][ T4931] binder: Bad value for 'max'
[  115.843268][ T4951] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:57
[  116.176543][ T4961] rust_binder: Read failure Err(EAGAIN) in pid:53
[  116.229355][ T4960] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.584519][ T4983] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  116.651516][ T4988] binder: Unknown parameter 'dont_hash'
[  117.340418][ T5023] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  117.498283][ T5038] binder: Bad value for 'stats'
[  117.535239][ T5041] input: syz0 as /devices/virtual/input/input68
[  117.618669][ T5052] binder: Unknown parameter 'dont_hash'
[  117.637787][ T5056] __vm_enough_memory: pid: 5056, comm: syz.0.1372, bytes: 2199023259648 not enough memory for the allocation
[  118.073603][ T5095] kvm: kvm [5094]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010005) = 0x1
[  118.131886][ T5114] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  118.144075][ T5117] rtc_cmos 00:00: Alarms can be up to one day in the future
[  118.344599][ T5126] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  118.391288][ T5126] binder: Binderfs stats mode cannot be changed during a remount
[  118.562408][   T36] kauditd_printk_skb: 46 callbacks suppressed
[  118.562425][   T36] audit: type=1400 audit(1750317230.190:9399): avc:  denied  { load_policy } for  pid=5141 comm="syz.1.1400" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  118.588805][ T5144] SELinux:  policydb version -845211227 does not match my version range 15-33
[  118.598637][ T5144] SELinux: failed to load policy
[  118.609318][ T5142] binder: Unknown parameter 'stats'
[  118.624793][ T5150] SELinux:  policydb version 429486051 does not match my version range 15-33
[  118.633712][ T5150] SELinux: failed to load policy
[  118.710034][ T5166] SELinux: security_context_str_to_sid (sytem_uÝGй‰:ÿß) failed with errno=-22
[  118.852014][ T5185] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1208
[  118.853978][ T5185] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  118.876971][ T5185] rust_binder: Write failure EINVAL in pid:1208
[  118.974649][   T36] audit: type=1400 audit(1750317230.600:9400): avc:  granted  { setsecparam } for  pid=5195 comm="syz.1.1418" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  119.327457][   T36] audit: type=1400 audit(1750317230.950:9401): avc:  denied  { relabelfrom } for  pid=5224 comm="syz.2.1428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  119.353693][   T36] audit: type=1400 audit(1750317230.950:9402): avc:  denied  { relabelto } for  pid=5224 comm="syz.2.1428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  119.602397][   T36] audit: type=1326 audit(1750317231.230:9403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.2.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe29f98e929 code=0x7ffc0000
[  119.647225][   T36] audit: type=1326 audit(1750317231.230:9404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.2.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe29f98e929 code=0x7ffc0000
[  119.673204][   T36] audit: type=1326 audit(1750317231.250:9405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.2.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fe29f98e929 code=0x7ffc0000
[  119.701389][   T36] audit: type=1326 audit(1750317231.250:9406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.2.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe29f98e929 code=0x7ffc0000
[  119.725589][ T5237] binder: Bad value for 'stats'
[  119.732222][   T36] audit: type=1326 audit(1750317231.250:9407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.2.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe29f98e929 code=0x7ffc0000
[  119.755819][   T36] audit: type=1326 audit(1750317231.250:9408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.2.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe29f98e929 code=0x7ffc0000
[  119.822930][ T5249] pim6reg0: tun_chr_ioctl cmd 1074025677
[  119.828619][ T5249] pim6reg0: linktype set to 769
[  119.840550][ T5252] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  120.179188][ T5271] binder: Bad value for 'stats'
[  120.187380][ T5271] binder: Bad value for 'stats'
[  120.192625][ T5271] binder: Bad value for 'stats'
[  120.197560][ T5271] binder: Bad value for 'stats'
[  120.202719][ T5271] binder: Bad value for 'stats'
[  120.207645][ T5271] binder: Bad value for 'stats'
[  120.216176][ T5271] binder: Bad value for 'stats'
[  120.221361][ T5271] binder: Bad value for 'stats'
[  120.226286][ T5271] binder: Bad value for 'stats'
[  120.235131][ T5271] binder: Bad value for 'stats'
[  120.240662][ T5271] binder: Bad value for 'stats'
[  120.245624][ T5271] binder: Bad value for 'stats'
[  120.250969][ T5271] binder: Bad value for 'stats'
[  120.256328][ T5271] binder: Bad value for 'stats'
[  120.263737][ T5271] binder: Bad value for 'stats'
[  120.268702][ T5271] binder: Bad value for 'stats'
[  120.280269][ T5271] binder: Bad value for 'stats'
[  120.288949][ T5271] binder: Bad value for 'stats'
[  120.300282][ T5271] binder: Bad value for 'stats'
[  120.308425][ T5271] binder: Bad value for 'stats'
[  120.315495][ T5271] binder: Bad value for 'stats'
[  120.320573][ T5271] binder: Bad value for 'stats'
[  120.325687][ T5271] binder: Bad value for 'stats'
[  120.340272][ T5271] binder: Bad value for 'stats'
[  120.350407][ T5271] binder: Bad value for 'stats'
[  120.357811][ T5271] binder: Bad value for 'stats'
[  120.363772][ T5271] binder: Bad value for 'stats'
[  120.369382][ T5271] binder: Bad value for 'stats'
[  120.374503][ T5271] binder: Bad value for 'stats'
[  120.385940][ T5271] binder: Bad value for 'stats'
[  120.391726][ T5271] binder: Bad value for 'stats'
[  120.396871][ T5271] binder: Bad value for 'stats'
[  120.401995][ T5271] binder: Bad value for 'stats'
[  120.540764][ T5285] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22
[  120.705396][ T5290] SELinux: ebitmap: truncated map
[  120.723496][ T5290] SELinux: failed to load policy
[  120.741005][ T5290] rust_binder: Error in use_page_slow: ESRCH
[  120.741027][ T5290] rust_binder: use_range failure ESRCH
[  120.747028][ T5290] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  120.770182][ T5290] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  120.778178][ T5290] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1234
[  120.884139][ T5297] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22
[  121.029401][ T5308] binder: Unknown parameter 'rš'
[  121.992642][ T5350] __vm_enough_memory: pid: 5350, comm: syz.2.1471, bytes: 281474976845824 not enough memory for the allocation
[  122.230433][ T5355] FAULT_INJECTION: forcing a failure.
[  122.230433][ T5355] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.263837][ T5355] CPU: 1 UID: 0 PID: 5355 Comm: syz.2.1473 Not tainted 6.12.23-syzkaller-g30b14cdad458 #0 c708c6bafa1314b3e84c64b9f03b67766970ebbd
[  122.263873][ T5355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.263884][ T5355] Call Trace:
[  122.263891][ T5355]  <TASK>
[  122.263900][ T5355]  __dump_stack+0x21/0x30
[  122.263925][ T5355]  dump_stack_lvl+0x10c/0x190
[  122.263944][ T5355]  ? __cfi_dump_stack_lvl+0x10/0x10
[  122.263963][ T5355]  ? __kasan_check_read+0x15/0x20
[  122.263984][ T5355]  dump_stack+0x19/0x20
[  122.264001][ T5355]  should_fail_ex+0x3d9/0x530
[  122.264021][ T5355]  should_fail+0xf/0x20
[  122.264037][ T5355]  should_fail_usercopy+0x1e/0x30
[  122.264056][ T5355]  __kvm_read_guest_page+0x177/0x210
[  122.264079][ T5355]  kvm_vcpu_read_guest_page+0x31a/0x400
[  122.264103][ T5355]  kvm_fetch_guest_virt+0x146/0x190
[  122.264124][ T5355]  ? __cfi_kvm_fetch_guest_virt+0x10/0x10
[  122.264145][ T5355]  __do_insn_fetch_bytes+0x321/0x730
[  122.264167][ T5355]  ? x86_decode_insn+0x4fb0/0x4fb0
[  122.264189][ T5355]  ? tdp_iter_restart+0x1c4/0x360
[  122.264206][ T5355]  ? kvm_tdp_mmu_fast_pf_get_last_sptep+0x290/0x290
[  122.264225][ T5355]  ? tdp_iter_next+0x362/0xa30
[  122.264240][ T5355]  x86_decode_insn+0x33b/0x4fb0
[  122.264261][ T5355]  ? trace_mark_mmio_spte+0x22/0x130
[  122.264282][ T5355]  ? __cfi_x86_decode_insn+0x10/0x10
[  122.264303][ T5355]  ? __kasan_check_write+0x18/0x20
[  122.264321][ T5355]  ? vmx_read_guest_seg_ar+0x1c8/0x350
[  122.264338][ T5355]  ? __asan_memset+0x39/0x50
[  122.264356][ T5355]  ? init_decode_cache+0x7c/0x90
[  122.264378][ T5355]  ? init_emulate_ctxt+0x410/0x540
[  122.264402][ T5355]  ? kvm_inject_realmode_interrupt+0x2e0/0x2e0
[  122.264426][ T5355]  ? kvm_mmu_do_page_fault+0x4b0/0x5f0
[  122.264444][ T5355]  x86_decode_emulated_instruction+0x66/0x190
[  122.264461][ T5355]  x86_emulate_instruction+0x2d3/0x1870
[  122.264478][ T5355]  ? kvm_multiple_exception+0x6d8/0xad0
[  122.264501][ T5355]  kvm_mmu_page_fault+0x336/0x970
[  122.264518][ T5355]  handle_ept_violation+0x21c/0x440
[  122.264540][ T5355]  ? vmx_vcpu_run+0xfbd/0x1e40
[  122.264557][ T5355]  ? __cfi_handle_ept_violation+0x10/0x10
[  122.264577][ T5355]  vmx_handle_exit+0x12c2/0x1b40
[  122.264593][ T5355]  ? kvm_deliver_exception_payload+0xd7/0x200
[  122.264610][ T5355]  ? __cfi_vmx_vcpu_run+0x10/0x10
[  122.264628][ T5355]  ? vmx_handle_exit_irqoff+0xe9/0x7a0
[  122.264647][ T5355]  vcpu_run+0x481a/0x7260
[  122.264662][ T5355]  ? proc_pident_lookup+0x1c7/0x270
[  122.264681][ T5355]  ? proc_tid_base_lookup+0x2f/0x40
[  122.264701][ T5355]  ? __cfi_selinux_file_open+0x10/0x10
[  122.264721][ T5355]  ? signal_pending+0xc0/0xc0
[  122.264735][ T5355]  ? __kasan_check_write+0x18/0x20
[  122.264748][ T5355]  ? xfd_validate_state+0x68/0x150
[  122.264763][ T5355]  ? fpu_swap_kvm_fpstate+0x93/0x5f0
[  122.264781][ T5355]  ? __kasan_check_write+0x18/0x20
[  122.264795][ T5355]  ? fpregs_mark_activate+0x69/0x160
[  122.264813][ T5355]  ? fpu_swap_kvm_fpstate+0x44d/0x5f0
[  122.264832][ T5355]  ? fpu_swap_kvm_fpstate+0x93/0x5f0
[  122.264851][ T5355]  kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0
[  122.264868][ T5355]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  122.264883][ T5355]  ? kstrtoull+0x13b/0x1e0
[  122.264897][ T5355]  ? kstrtouint+0x78/0xf0
[  122.264911][ T5355]  ? ioctl_has_perm+0x1aa/0x4d0
[  122.264932][ T5355]  ? __asan_memcpy+0x5a/0x80
[  122.264946][ T5355]  ? ioctl_has_perm+0x3e0/0x4d0
[  122.264964][ T5355]  ? has_cap_mac_admin+0xd0/0xd0
[  122.264984][ T5355]  ? __kasan_check_write+0x18/0x20
[  122.265002][ T5355]  ? mutex_lock_killable+0x92/0x1c0
[  122.265016][ T5355]  ? __cfi_mutex_lock_killable+0x10/0x10
[  122.265029][ T5355]  ? proc_fail_nth_write+0x17e/0x210
[  122.265044][ T5355]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  122.265061][ T5355]  kvm_vcpu_ioctl+0x96f/0xee0
[  122.265079][ T5355]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  122.265097][ T5355]  ? __cfi_vfs_write+0x10/0x10
[  122.265116][ T5355]  ? __kasan_check_write+0x18/0x20
[  122.265133][ T5355]  ? mutex_unlock+0x8b/0x240
[  122.265154][ T5355]  ? __cfi_mutex_unlock+0x10/0x10
[  122.265177][ T5355]  ? __fget_files+0x2c5/0x340
[  122.265199][ T5355]  ? __fget_files+0x2c5/0x340
[  122.265221][ T5355]  ? bpf_lsm_file_ioctl+0xd/0x20
[  122.265239][ T5355]  ? security_file_ioctl+0x34/0xd0
[  122.265259][ T5355]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  122.265279][ T5355]  __se_sys_ioctl+0x132/0x1b0
[  122.265302][ T5355]  __x64_sys_ioctl+0x7f/0xa0
[  122.265323][ T5355]  x64_sys_call+0x1878/0x2ee0
[  122.265344][ T5355]  do_syscall_64+0x58/0xf0
[  122.265364][ T5355]  ? clear_bhb_loop+0x35/0x90
[  122.265387][ T5355]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  122.265409][ T5355] RIP: 0033:0x7fe29f98e929
[  122.265425][ T5355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.265441][ T5355] RSP: 002b:00007fe2a07c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  122.265461][ T5355] RAX: ffffffffffffffda RBX: 00007fe29fbb5fa0 RCX: 00007fe29f98e929
[  122.265475][ T5355] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  122.265487][ T5355] RBP: 00007fe2a07c0090 R08: 0000000000000000 R09: 0000000000000000
[  122.265506][ T5355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.265518][ T5355] R13: 0000000000000000 R14: 00007fe29fbb5fa0 R15: 00007ffff860bc28
[  122.265533][ T5355]  </TASK>
[  122.938310][ T5364] block device autoloading is deprecated and will be removed.
[  122.958583][ T5364] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  123.182197][ T5376] binder: Unknown parameter 'LÊ^…ë¦y…û`
Ç*ó»Òµò’ŸmùŒ:÷i¶¢„ŸÁ¢Ý|’RÇ¥P²6ûIÙWž\÷•ŸSú•‡ÒØD:á^²f÷®wtMÿ…&áaNcŽu`×3{)>Þ+
[  123.182197][ T5376] º7}[®Èk~"Æc¬¼x£•­êÈE�¼i:ažœ�‡ÜÀBVÒy?'çêyÆŽ
[  123.182197][ T5376] –ì¹RÒ­í¦§3rZí Õš€{ÈcS9©ëBË7bN­—J_|öëý’ž…“°ª…9¥¦ymÕã¥3ï–ÿ˜æ}™Ñ˜Œ±ãÉ›ï¨Cd§lÆ'
[  123.513817][ T5379] FAULT_INJECTION: forcing a failure.
[  123.513817][ T5379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.540183][ T5379] CPU: 1 UID: 0 PID: 5379 Comm: syz.2.1483 Not tainted 6.12.23-syzkaller-g30b14cdad458 #0 c708c6bafa1314b3e84c64b9f03b67766970ebbd
[  123.540218][ T5379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.540229][ T5379] Call Trace:
[  123.540236][ T5379]  <TASK>
[  123.540245][ T5379]  __dump_stack+0x21/0x30
[  123.540270][ T5379]  dump_stack_lvl+0x10c/0x190
[  123.540289][ T5379]  ? __cfi_dump_stack_lvl+0x10/0x10
[  123.540309][ T5379]  ? __kasan_check_read+0x15/0x20
[  123.540329][ T5379]  dump_stack+0x19/0x20
[  123.540347][ T5379]  should_fail_ex+0x3d9/0x530
[  123.540366][ T5379]  should_fail+0xf/0x20
[  123.540382][ T5379]  should_fail_usercopy+0x1e/0x30
[  123.540409][ T5379]  __kvm_read_guest_page+0x177/0x210
[  123.540433][ T5379]  kvm_vcpu_read_guest_page+0x31a/0x400
[  123.540457][ T5379]  kvm_fetch_guest_virt+0x146/0x190
[  123.540478][ T5379]  ? __cfi_kvm_fetch_guest_virt+0x10/0x10
[  123.540499][ T5379]  __do_insn_fetch_bytes+0x321/0x730
[  123.540523][ T5379]  ? x86_decode_insn+0x4fb0/0x4fb0
[  123.540545][ T5379]  ? vmx_get_segment+0x3e4/0x8e0
[  123.540563][ T5379]  x86_decode_insn+0x33b/0x4fb0
[  123.540589][ T5379]  ? __cfi_x86_decode_insn+0x10/0x10
[  123.540610][ T5379]  ? __kasan_check_write+0x18/0x20
[  123.540627][ T5379]  ? vmx_read_guest_seg_ar+0x1c8/0x350
[  123.540646][ T5379]  ? __asan_memset+0x39/0x50
[  123.540664][ T5379]  ? init_decode_cache+0x7c/0x90
[  123.540685][ T5379]  ? init_emulate_ctxt+0x410/0x540
[  123.540709][ T5379]  ? kvm_inject_realmode_interrupt+0x2e0/0x2e0
[  123.540734][ T5379]  ? __kasan_check_write+0x18/0x20
[  123.540752][ T5379]  ? handle_mmio_page_fault+0x1cf/0xd80
[  123.540771][ T5379]  x86_decode_emulated_instruction+0x66/0x190
[  123.540789][ T5379]  x86_emulate_instruction+0x2d3/0x1870
[  123.540805][ T5379]  ? mmu_page_zap_pte+0x380/0x380
[  123.540823][ T5379]  ? kvm_io_bus_write+0x2a1/0x600
[  123.540840][ T5379]  kvm_mmu_page_fault+0x336/0x970
[  123.540857][ T5379]  handle_ept_misconfig+0xfd/0x280
[  123.540880][ T5379]  vmx_handle_exit+0x12f2/0x1b40
[  123.540899][ T5379]  ? kvm_deliver_exception_payload+0xd7/0x200
[  123.540918][ T5379]  ? __cfi_vmx_vcpu_run+0x10/0x10
[  123.540938][ T5379]  ? vmx_handle_exit_irqoff+0xe9/0x7a0
[  123.540959][ T5379]  vcpu_run+0x481a/0x7260
[  123.540976][ T5379]  ? proc_pident_lookup+0x1c7/0x270
[  123.540998][ T5379]  ? proc_tid_base_lookup+0x2f/0x40
[  123.541022][ T5379]  ? __cfi_selinux_file_open+0x10/0x10
[  123.541047][ T5379]  ? signal_pending+0xc0/0xc0
[  123.541064][ T5379]  ? __kasan_check_write+0x18/0x20
[  123.541083][ T5379]  ? xfd_validate_state+0x68/0x150
[  123.541101][ T5379]  ? fpu_swap_kvm_fpstate+0x93/0x5f0
[  123.541142][ T5379]  ? __kasan_check_write+0x18/0x20
[  123.541161][ T5379]  ? fpregs_mark_activate+0x69/0x160
[  123.541183][ T5379]  ? fpu_swap_kvm_fpstate+0x44d/0x5f0
[  123.541206][ T5379]  ? fpu_swap_kvm_fpstate+0x93/0x5f0
[  123.541230][ T5379]  kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0
[  123.541250][ T5379]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  123.541269][ T5379]  ? kstrtoull+0x13b/0x1e0
[  123.541286][ T5379]  ? kstrtouint+0x78/0xf0
[  123.541302][ T5379]  ? ioctl_has_perm+0x1aa/0x4d0
[  123.541324][ T5379]  ? __asan_memcpy+0x5a/0x80
[  123.541343][ T5379]  ? ioctl_has_perm+0x3e0/0x4d0
[  123.541365][ T5379]  ? has_cap_mac_admin+0xd0/0xd0
[  123.541386][ T5379]  ? __kasan_check_write+0x18/0x20
[  123.541410][ T5379]  ? mutex_lock_killable+0x92/0x1c0
[  123.541428][ T5379]  ? __cfi_mutex_lock_killable+0x10/0x10
[  123.541444][ T5379]  ? proc_fail_nth_write+0x17e/0x210
[  123.541460][ T5379]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  123.541477][ T5379]  kvm_vcpu_ioctl+0x96f/0xee0
[  123.541498][ T5379]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  123.541519][ T5379]  ? __cfi_vfs_write+0x10/0x10
[  123.541538][ T5379]  ? __kasan_check_write+0x18/0x20
[  123.541556][ T5379]  ? mutex_unlock+0x8b/0x240
[  123.541580][ T5379]  ? __cfi_mutex_unlock+0x10/0x10
[  123.541602][ T5379]  ? __fget_files+0x2c5/0x340
[  123.541625][ T5379]  ? __fget_files+0x2c5/0x340
[  123.541646][ T5379]  ? bpf_lsm_file_ioctl+0xd/0x20
[  123.541664][ T5379]  ? security_file_ioctl+0x34/0xd0
[  123.541686][ T5379]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  123.541705][ T5379]  __se_sys_ioctl+0x132/0x1b0
[  123.541726][ T5379]  __x64_sys_ioctl+0x7f/0xa0
[  123.541748][ T5379]  x64_sys_call+0x1878/0x2ee0
[  123.541769][ T5379]  do_syscall_64+0x58/0xf0
[  123.541789][ T5379]  ? clear_bhb_loop+0x35/0x90
[  123.541811][ T5379]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  123.541833][ T5379] RIP: 0033:0x7fe29f98e929
[  123.541849][ T5379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.541864][ T5379] RSP: 002b:00007fe2a07c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  123.541885][ T5379] RAX: ffffffffffffffda RBX: 00007fe29fbb5fa0 RCX: 00007fe29f98e929
[  123.541897][ T5379] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  123.541908][ T5379] RBP: 00007fe2a07c0090 R08: 0000000000000000 R09: 0000000000000000
[  123.541920][ T5379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.541931][ T5379] R13: 0000000000000000 R14: 00007fe29fbb5fa0 R15: 00007ffff860bc28
[  123.541946][ T5379]  </TASK>
[  123.610658][ T5384] rust_binder: Failed to allocate buffer. len:112, is_oneway:false
[  124.190889][ T5388] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:246
[  124.450418][ T5398] rust_binder: Write failure EFAULT in pid:1269
[  124.455645][ T5398] SELinux: security_context_str_to_sid (ǯ%ÀtæG´ôVJªcò~©‰ 8TÎý¸*§gŠ�æÈ„ƒá)êú­)0¡ý³EÌ‘´Ö;U^BH`ÊbÈQH=ŸÍ­Ð&)o&Mf81áH(¡¥´VäšÇ) failed with errno=-22
[  124.491494][ T4368] bridge_slave_1: left allmulticast mode
[  124.497192][ T4368] bridge_slave_1: left promiscuous mode
[  124.505707][ T4368] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.520695][ T4368] bridge_slave_0: left allmulticast mode
[  124.526348][ T4368] bridge_slave_0: left promiscuous mode
[  124.532314][   T36] kauditd_printk_skb: 28 callbacks suppressed
[  124.532327][   T36] audit: type=1400 audit(1750317236.160:9437): avc:  denied  { map } for  pid=5397 comm="syz.0.1490" path="/dev/uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  124.550255][ T4368] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.693366][ T5404] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  124.693398][ T5404] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1273
[  124.732286][ T4368] veth1_macvtap: left promiscuous mode
[  124.747097][ T4368] veth0_vlan: left promiscuous mode
[  124.777036][   T36] audit: type=1400 audit(1750317236.400:9438): avc:  denied  { mounton } for  pid=5405 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  124.959420][ T5407] FAULT_INJECTION: forcing a failure.
[  124.959420][ T5407] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.992071][ T5407] CPU: 0 UID: 0 PID: 5407 Comm: syz.0.1494 Not tainted 6.12.23-syzkaller-g30b14cdad458 #0 c708c6bafa1314b3e84c64b9f03b67766970ebbd
[  124.992102][ T5407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  124.992113][ T5407] Call Trace:
[  124.992119][ T5407]  <TASK>
[  124.992127][ T5407]  __dump_stack+0x21/0x30
[  124.992152][ T5407]  dump_stack_lvl+0x10c/0x190
[  124.992171][ T5407]  ? __cfi_dump_stack_lvl+0x10/0x10
[  124.992192][ T5407]  dump_stack+0x19/0x20
[  124.992210][ T5407]  should_fail_ex+0x3d9/0x530
[  124.992230][ T5407]  should_fail+0xf/0x20
[  124.992254][ T5407]  should_fail_usercopy+0x1e/0x30
[  124.992273][ T5407]  _copy_to_user+0x24/0xa0
[  124.992294][ T5407]  simple_read_from_buffer+0xed/0x160
[  124.992320][ T5407]  proc_fail_nth_read+0x19e/0x210
[  124.992338][ T5407]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  124.992355][ T5407]  ? bpf_lsm_file_permission+0xd/0x20
[  124.992373][ T5407]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  124.992389][ T5407]  vfs_read+0x278/0xb60
[  124.992408][ T5407]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  124.992429][ T5407]  ? __cfi_vfs_read+0x10/0x10
[  124.992446][ T5407]  ? __kasan_check_write+0x18/0x20
[  124.992464][ T5407]  ? mutex_lock+0x92/0x1c0
[  124.992487][ T5407]  ? __cfi_mutex_lock+0x10/0x10
[  124.992510][ T5407]  ? __fget_files+0x2c5/0x340
[  124.992532][ T5407]  ksys_read+0x141/0x250
[  124.992551][ T5407]  ? __cfi_ksys_read+0x10/0x10
[  124.992570][ T5407]  ? __kasan_check_read+0x15/0x20
[  124.992588][ T5407]  __x64_sys_read+0x7f/0x90
[  124.992607][ T5407]  x64_sys_call+0x2638/0x2ee0
[  124.992628][ T5407]  do_syscall_64+0x58/0xf0
[  124.992648][ T5407]  ? clear_bhb_loop+0x35/0x90
[  124.992670][ T5407]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  124.992692][ T5407] RIP: 0033:0x7fc2cd58d33c
[  124.992707][ T5407] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  124.992722][ T5407] RSP: 002b:00007fc2ce32b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  124.992742][ T5407] RAX: ffffffffffffffda RBX: 00007fc2cd7b5fa0 RCX: 00007fc2cd58d33c
[  124.992756][ T5407] RDX: 000000000000000f RSI: 00007fc2ce32b0a0 RDI: 0000000000000006
[  124.992768][ T5407] RBP: 00007fc2ce32b090 R08: 0000000000000000 R09: 0000000000000000
[  124.992779][ T5407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.992791][ T5407] R13: 0000000000000000 R14: 00007fc2cd7b5fa0 R15: 00007ffd01e04418
[  124.992806][ T5407]  </TASK>
[  125.246672][ T5405] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.261472][ T5405] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.268561][ T5405] bridge_slave_0: entered allmulticast mode
[  125.290812][ T5405] bridge_slave_0: entered promiscuous mode
[  125.297667][ T5405] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.320220][ T5405] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.327456][ T5405] bridge_slave_1: entered allmulticast mode
[  125.357442][ T5405] bridge_slave_1: entered promiscuous mode
[  125.380730][   T36] audit: type=1400 audit(1750317237.010:9439): avc:  denied  { write } for  pid=5412 comm="syz.0.1495" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  125.380745][ T5413] random: crng reseeded on system resumption
[  125.493175][   T36] audit: type=1400 audit(1750317237.120:9440): avc:  denied  { ioctl } for  pid=5412 comm="syz.0.1495" path="/dev/snapshot" dev="devtmpfs" ino=21 ioctlcmd=0x3309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  125.533385][ T5416] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1281
[  125.552156][ T5405] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.568415][ T5405] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.575713][ T5405] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.582756][ T5405] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.655030][ T4368] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.662651][ T4368] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.681907][ T4368] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.688954][ T4368] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.710711][ T4368] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.717757][ T4368] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.772902][ T5405] veth0_vlan: entered promiscuous mode
[  125.800392][ T5405] veth1_macvtap: entered promiscuous mode
[  126.066557][   T36] audit: type=1400 audit(1750317237.690:9441): avc:  denied  { write } for  pid=5431 comm="syz.2.1499" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  126.121394][   T36] audit: type=1400 audit(1750317237.690:9442): avc:  denied  { remove_name } for  pid=5431 comm="syz.2.1499" name="binder0" dev="binder" ino=25 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  126.183667][   T36] audit: type=1400 audit(1750317237.690:9443): avc:  denied  { unlink } for  pid=5431 comm="syz.2.1499" name="binder0" dev="binder" ino=25 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  126.243147][   T36] audit: type=1400 audit(1750317237.780:9444): avc:  denied  { ioctl } for  pid=5433 comm="syz.0.1500" path="/dev/uhid" dev="devtmpfs" ino=199 ioctlcmd=0x1500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  126.331829][ T5439] kvm: vcpu 512: requested lapic timer restore with starting count register 0x390=1531215282 (3062430564 ns) > initial count (1473793136 ns). Using initial count to start timer.
[  126.472127][   T36] audit: type=1400 audit(1750317238.100:9445): avc:  denied  { execute } for  pid=5445 comm="syz.0.1504" path="/dev/uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  126.524082][ T5450] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1301
[  126.622799][ T5455] SELinux:  policydb version 1661759854 does not match my version range 15-33
[  126.670707][ T5455] SELinux: failed to load policy
[  126.675826][   T36] audit: type=1400 audit(1750317238.300:9446): avc:  denied  { map } for  pid=5453 comm="syz.0.1507" path="/dev/snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  126.676031][ T5454] binder: Unknown parameter 'contex'
[  126.751322][ T5456] SELinux:  policydb version 1661759854 does not match my version range 15-33
[  126.751325][ T5455] binder: Unknown parameter 'contex'
[  126.751352][ T5456] SELinux: failed to load policy
[  127.220488][ T5471] random: crng reseeded on system resumption
[  127.271892][ T5473] tap0: tun_chr_ioctl cmd 1074025677
[  127.287399][ T5473] tap0: linktype set to 774
[  127.389312][ T5480] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1322
[  127.851315][ T5492] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  127.951241][ T5496] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  127.986715][ T5500] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  127.986744][ T5500] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1336
[  128.274748][ T5512] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22
[  128.332730][ T5514] kvm: Disabled LAPIC found during irq injection
[  128.707524][ T5528] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22
[  128.970420][ T5539] binder: Bad value for 'defcontext'
[  129.279928][ T5555] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  129.623257][ T5569] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22
[  129.870670][ T5578] SELinux: failed to load policy
[  130.090677][ T5591] input: syz0 as /devices/virtual/input/input79
[  130.481270][ T5604] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  130.481551][ T5604] rust_binder: Error while translating object.
[  130.488004][ T5604] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  130.520248][ T5604] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1394
[  130.529699][   T36] audit: type=1400 audit(1750317242.150:9447): avc:  denied  { execute } for  pid=5606 comm="syz.2.1558" path="/dev/binderfs/binder1" dev="binder" ino=124 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  130.531393][ T5607] rust_binder: Write failure EINVAL in pid:77
[  130.595042][ T5609] input: syz1 as /devices/virtual/input/input80
[  130.772227][  T309] bridge_slave_1: left allmulticast mode
[  130.777903][  T309] bridge_slave_1: left promiscuous mode
[  130.790237][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.803540][  T309] bridge_slave_0: left allmulticast mode
[  130.819328][  T309] bridge_slave_0: left promiscuous mode
[  130.825176][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.043027][ T5619] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.050070][ T5619] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.060292][ T5619] bridge_slave_0: entered allmulticast mode
[  131.081398][ T5619] bridge_slave_0: entered promiscuous mode
[  131.090984][  T309] veth1_macvtap: left promiscuous mode
[  131.096508][  T309] veth0_vlan: left promiscuous mode
[  131.192830][ T5619] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.199910][ T5619] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.207119][ T5619] bridge_slave_1: entered allmulticast mode
[  131.213449][ T5619] bridge_slave_1: entered promiscuous mode
[  131.261961][ T5634] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:88
[  131.313923][ T5619] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.330083][ T5619] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.337392][ T5619] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.344444][ T5619] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.369714][ T4368] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.379379][ T4368] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.394592][ T4579] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.401670][ T4579] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.433402][ T4579] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.440478][ T4579] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.476358][ T5619] veth0_vlan: entered promiscuous mode
[  131.494774][ T5619] veth1_macvtap: entered promiscuous mode
[  131.513011][ T5643] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  131.569998][   T36] audit: type=1400 audit(1750317243.190:9448): avc:  denied  { setcheckreqprot } for  pid=5644 comm="syz.4.1560" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  131.580869][ T5645] input: syz1 as /devices/virtual/input/input81
[  131.670484][ T5647] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  131.721943][ T5649] rust_binder: got new transaction with bad transaction stack
[  131.728461][ T5649] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1410
[  131.989975][ T5658] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  132.014773][ T5658] input: syz1 as /devices/virtual/input/input82
[  132.251243][ T5664] rust_binder: Error in use_page_slow: ESRCH
[  132.251262][ T5664] rust_binder: use_range failure ESRCH
[  132.257281][ T5664] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  132.268803][ T5663] rust_binder: Error in use_page_slow: ESRCH
[  132.282105][ T5663] rust_binder: use_range failure ESRCH
[  132.288517][ T5663] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  132.294930][ T5664] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  132.303175][ T5664] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:95
[  132.314883][ T5663] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  132.324698][ T5667] rust_binder: Error in use_page_slow: ESRCH
[  132.334158][ T5663] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:95
[  132.352278][ T5667] rust_binder: use_range failure ESRCH
[  132.362640][ T5667] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  132.368114][ T5667] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  132.378634][ T5667] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:95
[  132.457304][   T36] audit: type=1400 audit(1750317244.080:9449): avc:  denied  { map } for  pid=5674 comm="syz.4.1578" path="/dev/random" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  132.677570][ T5686] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.689081][ T5685] random: crng reseeded on system resumption
[  132.747130][ T5685] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  132.780304][ T5695] input: syz1 as /devices/virtual/input/input83
[  132.971541][   T36] audit: type=1400 audit(1750317244.600:9450): avc:  denied  { block_suspend } for  pid=5706 comm="syz.2.1590" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  133.117332][ T5714] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  133.218243][ T5717] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  133.440007][ T5725] SELinux:  policydb magic number 0x6f72702f does not match expected magic number 0xf97cff8c
[  133.475379][ T5725] SELinux: failed to load policy
[  133.522939][ T5730] binder: Unknown parameter ''
[  133.557522][ T5734] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  133.574354][ T5732] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  133.591840][ T5732] rust_binder: Error in use_page_slow: EBUSY
[  133.620255][ T5732] rust_binder: use_range failure EBUSY
[  133.629567][ T5732] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  133.641798][ T5732] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  133.660472][ T5732] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  133.680419][ T5732] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:40
[  133.919996][ T5759] rust_binder: Write failure EINVAL in pid:1434
[  134.091755][ T5765] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  134.098437][ T5765] rust_binder: Error while translating object.
[  134.104977][ T5765] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  134.119348][ T5765] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1439
[  134.160978][ T5774] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  134.241248][ T5785] binder: Unknown parameter ''
[  134.279479][   T36] audit: type=1400 audit(1750317245.900:9451): avc:  denied  { ioctl } for  pid=5788 comm="syz.2.1617" path="/dev/fuse" dev="devtmpfs" ino=23 ioctlcmd=0xe502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  134.492541][ T5800] input: syz1 as /devices/virtual/input/input85
[  134.517250][  T318] udevd[318]: setting owner of /dev/input/event3 to uid=0, gid=104 failed: No such file or directory
[  134.574944][ T5807] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1453
[  134.629313][   T36] audit: type=1400 audit(1750317246.250:9452): avc:  granted  { setsecparam } for  pid=5804 comm="syz.4.1622" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  134.629678][ T5811] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:74
[  134.942603][ T5830] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1461
[  134.988714][ T5830] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  135.014426][ T5830] rust_binder: Read failure Err(EFAULT) in pid:1461
[  135.067185][ T5843] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  135.074228][ T5843] rust_binder: Read failure Err(EFAULT) in pid:1464
[  135.101618][ T4579] Bluetooth: hci0: Frame reassembly failed (-84)
[  135.114630][ T5846] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  135.132416][   T36] audit: type=1400 audit(1750317246.760:9453): avc:  denied  { execute } for  pid=5845 comm="syz.2.1637" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  135.205779][ T5850] kvm: kvm [5849]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc2) = 0xffffffffffff6253
[  135.322607][ T5854] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:86
[  135.412099][ T5857] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.429164][ T5857] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.436824][ T5862] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  135.443117][ T5857] bridge_slave_0: entered allmulticast mode
[  135.456526][ T5857] bridge_slave_0: entered promiscuous mode
[  135.463504][ T5857] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.470677][ T5857] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.477864][ T5857] bridge_slave_1: entered allmulticast mode
[  135.484379][ T5857] bridge_slave_1: entered promiscuous mode
[  135.485120][ T5867] rust_binder: Error while translating object.
[  135.490628][  T309] bridge_slave_1: left allmulticast mode
[  135.497797][ T5867] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  135.502577][  T309] bridge_slave_1: left promiscuous mode
[  135.510242][ T5867] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:1469
[  135.511979][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.534248][  T309] bridge_slave_0: left allmulticast mode
[  135.539888][  T309] bridge_slave_0: left promiscuous mode
[  135.546862][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.594179][ T5877] SELinux:  policydb magic number 0x6f72702f does not match expected magic number 0xf97cff8c
[  135.606608][ T5877] SELinux: failed to load policy
[  135.611882][ T5877] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[  135.624140][ T5877] SELinux: failed to load policy
[  135.624899][ T5879] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  135.629955][ T5877] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[  135.648652][ T5877] SELinux: failed to load policy
[  135.654294][ T5877] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[  135.674113][ T5881] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1478
[  135.676806][ T5877] SELinux: failed to load policy
[  135.691339][ T5877] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[  135.706842][  T309] veth1_macvtap: left promiscuous mode
[  135.708235][ T5877] SELinux: failed to load policy
[  135.717643][  T309] veth0_vlan: left promiscuous mode
[  135.724447][ T5883] binder: Unknown parameter 'dont_hash'
[  135.796810][ T4368] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.803881][ T4368] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.812761][ T4579] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.819790][ T4579] bridge0: port 2(bridge_slave_1) entered forwarding state
[  135.850972][ T5857] veth0_vlan: entered promiscuous mode
[  135.865854][ T5857] veth1_macvtap: entered promiscuous mode
[  135.871729][   T36] audit: type=1326 audit(1750317247.490:9454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5887 comm="syz.0.1651" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc2cd58e929 code=0x0
[  135.975815][   T36] audit: type=1400 audit(1750317247.600:9455): avc:  denied  { read write } for  pid=5897 comm="syz.5.1654" name="uhid" dev="devtmpfs" ino=199 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  135.999482][   T36] audit: type=1400 audit(1750317247.600:9456): avc:  denied  { open } for  pid=5897 comm="syz.5.1654" path="/dev/uhid" dev="devtmpfs" ino=199 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  136.023098][   T36] audit: type=1400 audit(1750317247.600:9457): avc:  denied  { read write } for  pid=5897 comm="syz.5.1654" name="uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  136.047330][   T36] audit: type=1400 audit(1750317247.600:9458): avc:  denied  { open } for  pid=5897 comm="syz.5.1654" path="/dev/uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  136.071000][   T36] audit: type=1400 audit(1750317247.600:9459): avc:  denied  { map } for  pid=5897 comm="syz.5.1654" path="/dev/uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  136.115177][   T36] audit: type=1400 audit(1750317247.740:9460): avc:  denied  { read write } for  pid=5857 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  136.139766][   T36] audit: type=1400 audit(1750317247.760:9461): avc:  denied  { open } for  pid=5857 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  136.164472][   T36] audit: type=1400 audit(1750317247.760:9462): avc:  denied  { ioctl } for  pid=5857 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  136.195930][   T36] audit: type=1400 audit(1750317247.770:9463): avc:  denied  { mounton } for  pid=5899 comm="syz.5.1655" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  136.326966][ T5905] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  136.463525][ T5909] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:14
[  136.688969][ T5920] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  136.700072][ T5919] rust_binder: Write failure EFAULT in pid:1486
[  136.904783][ T5930] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  136.930463][ T5930] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  137.004384][ T5940] rust_binder: Write failure EINVAL in pid:117
[  137.150242][ T2526] Bluetooth: hci0: command 0x1003 tx timeout
[  137.150345][ T2525] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  137.211587][ T5954] rust_binder: Write failure EINVAL in pid:120
[  137.212397][ T5954] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:120
[  137.353377][ T5965] input: syz1 as /devices/virtual/input/input88
[  137.511626][ T5977] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1510
[  137.592277][ T5984] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:30
[  137.666727][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.680229][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.682647][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.689093][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.695869][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.710655][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.710677][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.717160][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.723583][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.729993][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.736468][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.749299][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.749322][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.756869][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.770418][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.770449][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.770959][ T5991] rust_binder: Error in use_page_slow: ESRCH
[  137.783880][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.795990][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.800727][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.801368][ T5991] rust_binder: use_range failure ESRCH
[  137.807476][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.819144][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.827803][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.832022][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.841857][ T5991] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  137.848595][ T5991] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  137.860234][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.860718][ T5991] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:32
[  137.875781][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.900387][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.910795][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.930212][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.939973][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.954935][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.968444][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.975858][ T5992] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.144573][ T6011] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1516
[  138.225415][ T6021] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  138.311472][ T6026] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  138.311712][ T6026] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:137
[  138.344607][ T6028] rust_binder: Write failure EFAULT in pid:42
[  138.360087][ T6028] rust_binder: Write failure EFAULT in pid:42
[  138.363045][ T6033] input: syz0 as /devices/virtual/input/input89
[  138.423754][ T6035] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:144
[  138.468305][ T6039] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  138.486112][ T6039] SELinux: failed to load policy
[  138.512938][ T6045] binder: Bad value for 'defcontext'
[  138.623587][ T6058] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:56
[  138.724661][ T6064] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.761757][ T6073] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.769366][ T6073] rust_binder: Error while translating object.
[  138.775903][ T6073] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  138.775978][ T6075] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.782198][ T6073] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:65
[  138.803405][ T6075] rust_binder: Error while translating object.
[  138.815847][ T6075] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  138.823704][ T6075] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1536
[  138.933790][ T6081] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.943275][ T6078] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  139.032458][ T6093] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  139.176310][ T6103] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  139.185543][ T6104] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  139.192023][ T6104] rust_binder: Read failure Err(EFAULT) in pid:74
[  139.443353][ T6119] input: syz1 as /devices/virtual/input/input90
[  139.469059][ T6119] input: syz0 as /devices/virtual/input/input91
[  139.496069][ T6126] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22
[  139.734171][ T6143] kvm: user requested TSC rate below hardware speed
[  139.969247][ T6159] binder: Unknown parameter '`'
[  139.999642][ T6161] SELinux:  Context system_u: is not valid (left unmapped).
[  140.081756][ T6164] binder: Unknown parameter 'coîtext'
[  140.253740][ T6171] input: syz0 as /devices/virtual/input/input92
[  140.263494][ T6171] rust_binder: Error while translating object.
[  140.263523][ T6171] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  140.275391][ T6171] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:189
[  140.315395][ T6181] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  140.367177][ T6189] rust_binder: inc_ref_done called when no active inc_refs
[  140.520882][ T6194] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:97
[  140.626938][ T6195] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  140.930205][   T36] kauditd_printk_skb: 55 callbacks suppressed
[  140.930221][   T36] audit: type=1326 audit(1750317252.550:9519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6211 comm="syz.2.1763" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd7c1d8e929 code=0x0
[  142.459764][   T36] audit: type=1400 audit(1750317254.080:9520): avc:  denied  { block_suspend } for  pid=6220 comm="syz.5.1767" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  142.516580][ T6225] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  142.516611][ T6225] rust_binder: Error in use_page_slow: EBUSY
[  142.530374][ T6225] rust_binder: use_range failure EBUSY
[  142.536607][ T6225] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  142.546037][ T6225] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  142.554184][ T6225] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  142.567285][ T6225] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:198
[  142.722145][ T6257] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:202
[  142.747947][ T6259] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  142.757587][ T6259] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  142.780601][ T6259] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  143.021727][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.021752][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.028233][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.040224][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.045916][ T6291] rust_binder: Error while translating object.
[  143.046727][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.059319][ T6291] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  143.059662][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.070217][ T6291] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:214
[  143.081635][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.092917][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.102166][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.108657][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.115348][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.121980][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.130800][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.137269][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.144015][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.150728][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.163616][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.170112][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.178852][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.186048][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.192551][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.203358][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.209978][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.216576][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.223031][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.229529][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.236070][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.242651][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.249118][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.252402][ T6301] input: syz1 as /devices/virtual/input/input94
[  143.255605][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.268364][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.275667][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.279161][ T6301] binder: Unknown parameter '@ð�Ý&·Ò�#£CQÚ͙ϒŋï?ãQŽ}erÎKKîƒ%÷(*NÌáˆö¥ÒN…\D`-þ~|ÝæP�Z­Ö½˜5¾ÔT­¡ðÂÃólûœ3õÛŠØ
Uy;jSÂÇ]ýÒKÏê¤À'
[  143.282204][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.309014][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.327148][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.345984][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.355475][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.373247][   T36] audit: type=1400 audit(1750317255.000:9521): avc:  denied  { read append } for  pid=6309 comm="syz.5.1796" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  143.407749][ T6310] rust_binder: Read failure Err(EAGAIN) in pid:130
[  143.420262][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.426878][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.449409][   T36] audit: type=1400 audit(1750317255.000:9522): avc:  denied  { open } for  pid=6309 comm="syz.5.1796" path="/dev/snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  143.479411][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.479435][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.496390][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.510189][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.536972][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.560226][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.568182][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.575546][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.582216][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.590694][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.597301][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.604000][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.610940][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.617421][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.624138][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.633896][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.640824][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.652692][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.668126][   T36] audit: type=1400 audit(1750317255.290:9523): avc:  denied  { execute } for  pid=6319 comm="syz.5.1800" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  143.698415][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.698449][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.706959][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.715025][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.721724][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.728316][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.735203][ T6293] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.806368][ T6330] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:225
[  144.076969][ T6364] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1607
[  144.134318][ T6377] serio: Serial port ttynull
[  144.328842][   T36] audit: type=1400 audit(1750317255.950:9524): avc:  denied  { append } for  pid=6389 comm="syz.5.1823" name="ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  144.401175][   T36] audit: type=1400 audit(1750317256.030:9525): avc:  denied  { write } for  pid=6391 comm="syz.5.1824" name="pfkey" dev="proc" ino=4026532637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  144.589659][   T36] audit: type=1400 audit(1750317256.210:9526): avc:  denied  { ioctl } for  pid=6400 comm="syz.4.1827" path="/dev/uhid" dev="devtmpfs" ino=199 ioctlcmd=0x5460 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  144.937544][ T6421] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  144.937566][ T6421] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  144.956206][ T6421] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  144.969319][ T6421] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  144.975809][ T6421] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  144.982297][ T6421] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  144.995565][ T6421] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  145.008414][ T6421] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  145.037157][   T36] audit: type=1400 audit(1750317256.660:9527): avc:  denied  { append } for  pid=6428 comm="syz.0.1836" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  145.124031][ T4368] Bluetooth: hci0: Frame reassembly failed (-84)
[  145.130634][ T4368] Bluetooth: hci0: Frame reassembly failed (-84)
[  145.139550][ T6443] Bluetooth: hci0: Frame reassembly failed (-84)
[  145.146221][ T6443] Bluetooth: hci0: Frame reassembly failed (-84)
[  145.152938][ T6443] Bluetooth: hci0: Frame reassembly failed (-84)
[  145.159435][ T6443] Bluetooth: hci0: Frame reassembly failed (-84)
[  145.380797][   T36] audit: type=1400 audit(1750317257.010:9528): avc:  denied  { relabelfrom } for  pid=6470 comm="syz.0.1849" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  145.561166][ T6481] SELinux: ebitmap: truncated map
[  145.574457][ T6481] SELinux: failed to load policy
[  145.580122][ T6481] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  145.652547][ T6486] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:174
[  145.697431][ T6495] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[  145.714091][ T6495] rust_binder: Write failure EINVAL in pid:183
[  145.716761][ T6495] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:183
[  146.021370][ T6508] rust_binder: Write failure EFAULT in pid:195
[  146.030770][ T6508] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:195
[  146.088417][ T6513] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:200
[  146.157914][ T6516] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  146.219396][ T6520] SELinux: security_context_str_to_sid () failed with errno=-22
[  146.284039][ T6527] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.284141][ T6528] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1635
[  146.378956][   T36] kauditd_printk_skb: 5 callbacks suppressed
[  146.378974][   T36] audit: type=1400 audit(1750317258.000:9534): avc:  denied  { map } for  pid=6533 comm="syz.0.1870" path="/proc/sys/net/ipv4/tcp_rmem" dev="proc" ino=68657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_net_t tclass=file permissive=1
[  146.424486][   T36] audit: type=1400 audit(1750317258.050:9535): avc:  denied  { sys_module } for  pid=6535 comm="syz.5.1871" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  146.461960][ T6543] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:218
[  146.465328][ T6541] binder: Unknown parameter '/dev/kvm'
[  146.483540][ T6545] random: crng reseeded on system resumption
[  146.489558][   T36] audit: type=1400 audit(1750317258.110:9536): avc:  denied  { write } for  pid=6544 comm="syz.5.1874" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  146.527532][   T36] audit: type=1400 audit(1750317258.150:9537): avc:  denied  { ioctl } for  pid=6544 comm="syz.5.1874" path="/dev/snapshot" dev="devtmpfs" ino=21 ioctlcmd=0x3311 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  146.527650][ T6545] binder: Unknown parameter 'dont_hash'
[  146.576494][   T36] audit: type=1400 audit(1750317258.200:9538): avc:  denied  { read open } for  pid=6546 comm="syz.5.1875" path="uts:[4026532358]" dev="nsfs" ino=4026532358 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  146.601765][   T36] audit: type=1400 audit(1750317258.220:9539): avc:  denied  { ioctl } for  pid=6546 comm="syz.5.1875" path="uts:[4026532358]" dev="nsfs" ino=4026532358 ioctlcmd=0xb704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  146.736071][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.736099][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.746501][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.753705][ T6557] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  146.760650][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.770185][ T6557] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:287
[  146.776821][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.786339][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.793567][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.800099][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.806870][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.813848][ T6559] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  146.814956][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.828952][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.835518][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.842139][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.848609][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.855067][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.861547][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.868021][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.874465][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.880926][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.887425][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.893901][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.900445][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.906876][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.913354][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.919847][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.926538][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.933006][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.939410][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.945867][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.952340][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.959124][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.966554][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.973176][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.979579][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.986107][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.992568][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.002067][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.008649][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.015496][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.021959][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.028438][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.032842][ T6562] SELinux: failed to load policy
[  147.034890][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.046444][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.047019][ T6562] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  147.053042][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.059392][ T6562] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  147.068026][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.074386][ T6562] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:233
[  147.083880][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.099341][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.106009][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.112573][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.118975][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.125567][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.132022][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.138479][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.144954][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.151422][ T2526] Bluetooth: hci0: command 0x1003 tx timeout
[  147.160867][ T2525] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  147.163838][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.169856][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.176354][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.182807][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.201604][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.208203][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.215373][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.232566][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.239368][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.246392][ T6554] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.311391][ T6589] input: syz1 as /devices/virtual/input/input99
[  147.368940][ T6587] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  147.407329][ T6596] rust_binder: Failed to allocate buffer. len:16, is_oneway:true
[  147.583309][ T6606] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.588513][ T6609] rust_binder: Write failure EINVAL in pid:242
[  147.595181][ T6606] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:295
[  147.599161][ T6609] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:242
[  147.624926][ T6611] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.669952][   T36] audit: type=1400 audit(1750317259.290:9540): avc:  denied  { write } for  pid=6621 comm="syz.2.1899" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  147.719357][   T36] audit: type=1400 audit(1750317259.290:9541): avc:  denied  { open } for  pid=6621 comm="syz.2.1899" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  147.748373][   T36] audit: type=1326 audit(1750317259.340:9542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6619 comm="syz.0.1898" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc2cd58e929 code=0x0
[  147.748417][ T6627] SELinux: security_context_str_to_sid () failed with errno=-22
[  147.827111][   T36] audit: type=1400 audit(1750317259.450:9543): avc:  denied  { checkpoint_restore } for  pid=6628 comm="syz.4.1902" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  147.915398][ T6634] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:280
[  148.041353][ T6643] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:282
[  148.165940][ T6645] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  148.184340][ T6655] input: syz1 as /devices/virtual/input/input100
[  148.191317][ T6655] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:292
[  148.279522][ T6670] binfmt_misc: register: failed to install interpreter file ./bus/file0
[  148.338935][ T6683] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  148.427990][ T6700] rust_binder: Error while translating object.
[  148.428018][ T6700] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  148.434319][ T6700] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:262
[  148.450333][ T6700] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  148.472434][ T6702] binder: Unknown parameter 'oª	~\Q Éh'
[  148.511743][ T6706] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  148.511774][ T6706] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:317
[  148.539952][ T6709] binder: Binderfs stats mode cannot be changed during a remount
[  148.578092][ T6712] rust_binder: Error in use_page_slow: ESRCH
[  148.578110][ T6712] rust_binder: use_range failure ESRCH
[  148.584542][ T6712] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  148.590094][ T6712] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  148.599027][ T6712] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:321
[  148.608943][ T6712] rust_binder: Error in use_page_slow: ESRCH
[  148.618849][ T6712] rust_binder: use_range failure ESRCH
[  148.630519][ T6712] rust_binder: Failed to allocate buffer. len:8, is_oneway:false
[  148.636031][ T6712] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  148.645764][ T6712] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:321
[  148.663464][ T6718] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  148.681794][ T6717] SELinux: security_context_str_to_sid (syte00000000000000000003) failed with errno=-22
[  148.763344][  T309] bridge_slave_1: left allmulticast mode
[  148.780215][  T309] bridge_slave_1: left promiscuous mode
[  148.786418][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.793659][ T6722] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  148.794218][  T309] bridge_slave_0: left allmulticast mode
[  148.806466][  T309] bridge_slave_0: left promiscuous mode
[  148.812125][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.927084][ T6725] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.934199][ T6725] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.945785][ T6725] bridge_slave_0: entered allmulticast mode
[  148.958856][ T6725] bridge_slave_0: entered promiscuous mode
[  148.980401][ T6725] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.988021][ T6731] kvm: user requested TSC rate below hardware speed
[  149.000568][ T6725] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.016807][ T6725] bridge_slave_1: entered allmulticast mode
[  149.026000][ T6731] binder: Unknown parameter 'ÆI¼'
[  149.037288][ T6725] bridge_slave_1: entered promiscuous mode
[  149.064993][  T309] veth1_macvtap: left promiscuous mode
[  149.080221][  T309] veth0_vlan: left promiscuous mode
[  149.109597][ T6740] rust_binder: Write failure EINVAL in pid:327
[  149.146053][ T6742] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:329
[  149.282117][ T4368] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.298294][ T4368] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.336758][ T6725] veth0_vlan: entered promiscuous mode
[  149.353023][ T4368] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.358408][ T6758] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  149.360086][ T6758] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:333
[  149.360094][ T4368] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.366925][ T6725] veth1_macvtap: entered promiscuous mode
[  149.380473][ T6758] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  149.563576][ T6763] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  149.648354][ T6778] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  149.712729][ T6780] SELinux: security_context_str_to_sid () failed with errno=-22
[  149.777522][ T6787] input: syz0 as /devices/virtual/input/input101
[  150.085238][ T6801] rust_binder: Write failure EINVAL in pid:287
[  150.176151][ T6807] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  150.182631][ T6807] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:292
[  150.870878][ T6814] SELinux:  policydb version 2123171039 does not match my version range 15-33
[  150.879759][ T6814] SELinux: failed to load policy
[  150.998365][ T6821] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  151.128377][ T6839] rust_binder: Write failure EFAULT in pid:297
[  151.542790][   T36] kauditd_printk_skb: 17 callbacks suppressed
[  151.542808][   T36] audit: type=1326 audit(1750317263.170:9561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6860 comm="syz.5.1976" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1dcd78e929 code=0x0
[  151.630176][ T2525] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  151.949940][ T6873] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  152.108257][ T6878] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:21
[  152.396724][ T6909] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:310
[  152.505639][ T6922] random: crng reseeded on system resumption
[  152.551761][ T6922] Unrecognized hibernate image header format!
[  152.558137][ T6922] PM: hibernation: Image mismatch: architecture specific data
[  152.599403][ T6932] input: syz1 as /devices/virtual/input/input103
[  152.611684][ T6933] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:42
[  152.684506][ T6942] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  152.703788][ T6942] SELinux: failed to load policy
[  152.732406][ T6951] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:378
[  152.754690][ T6955] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22
[  152.760225][   T36] audit: type=1326 audit(1750317264.380:9562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6956 comm="syz.0.2009" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f00ee18e929 code=0x0
[  152.861315][ T6963] kvm: Disabled LAPIC found during irq injection
[  152.892742][ T6968] kvm: user requested TSC rate below hardware speed
[  152.913679][ T6968] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  152.913755][ T6968] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  152.919677][ T6969] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  152.952696][ T6977] rust_binder: Write failure EFAULT in pid:328
[  152.962163][ T6969] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[  153.130219][ T6987] rust_binder: Error while translating object.
[  153.138164][ T6987] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  153.150178][ T6987] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:391
[  153.569352][ T7028] random: crng reseeded on system resumption
[  153.592719][ T7028] Restarting kernel threads ... done.
[  153.651348][ T7028] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  153.651381][ T7028] rust_binder: Error in use_page_slow: EBUSY
[  153.662463][ T7028] rust_binder: use_range failure EBUSY
[  153.675405][ T7028] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  153.681050][ T7028] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  153.688691][ T7028] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  153.698217][ T7028] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:341
[  153.732592][ T7035] rust_binder: Failed to allocate buffer. len:65568, is_oneway:false
[  153.762341][    T9] hid-generic 0000:0000:0000.0008: unknown main item tag 0x4
[  153.778014][    T9] hid-generic 0000:0000:0000.0008: unknown main item tag 0x2
[  153.786316][    T9] hid-generic 0000:0000:0000.0008: unknown main item tag 0x3
[  153.795135][    T9] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  153.811856][ T7037] kvm: user requested TSC rate below hardware speed
[  153.822789][ T7040] fido_id[7040]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  153.876643][ T7044] SELinux:  policydb version 905587468 does not match my version range 15-33
[  153.885551][ T7044] SELinux: failed to load policy
[  153.891425][ T7045] SELinux:  policydb version 905587468 does not match my version range 15-33
[  153.900451][ T7045] SELinux: failed to load policy
[  153.981409][ T7062] binder: Bad value for 'stats'
[  153.987648][ T7062] binder: Bad value for 'stats'
[  153.994158][ T7062] binder: Bad value for 'stats'
[  154.021311][ T7062] binder: Bad value for 'stats'
[  154.026325][ T7062] binder: Bad value for 'stats'
[  154.036041][ T7062] binder: Bad value for 'stats'
[  154.041150][ T7053] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  154.049535][ T7062] binder: Bad value for 'stats'
[  154.054539][ T7071] input: syz1 as /devices/virtual/input/input106
[  154.056601][ T7062] binder: Bad value for 'stats'
[  154.074915][ T7062] binder: Bad value for 'stats'
[  154.079907][ T7062] binder: Bad value for 'stats'
[  154.100325][ T7062] binder: Bad value for 'stats'
[  154.105351][ T7062] binder: Bad value for 'stats'
[  154.120309][ T7062] binder: Bad value for 'stats'
[  154.125295][ T7062] binder: Bad value for 'stats'
[  154.132481][ T7062] binder: Bad value for 'stats'
[  154.137657][ T7062] binder: Bad value for 'stats'
[  154.143039][ T7062] binder: Bad value for 'stats'
[  154.147961][ T7062] binder: Bad value for 'stats'
[  154.159039][ T7062] binder: Bad value for 'stats'
[  154.169651][ T7078] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  154.169680][ T7078] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:61
[  154.173919][ T7062] binder: Bad value for 'stats'
[  154.193916][ T7062] binder: Bad value for 'stats'
[  154.199102][ T7062] binder: Bad value for 'stats'
[  154.204234][ T7062] binder: Bad value for 'stats'
[  154.211923][ T7062] binder: Bad value for 'stats'
[  154.216891][ T7062] binder: Bad value for 'stats'
[  154.221137][ T7081] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  154.222485][ T7081] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  154.222582][ T7062] binder: Bad value for 'stats'
[  154.242075][ T7062] binder: Bad value for 'stats'
[  154.247026][ T7062] binder: Bad value for 'stats'
[  154.257456][ T7062] binder: Bad value for 'stats'
[  154.262764][ T7062] binder: Bad value for 'stats'
[  154.268238][ T7062] binder: Bad value for 'stats'
[  154.276041][ T7084] tun0: tun_chr_ioctl cmd 1074025675
[  154.281471][ T7062] binder: Bad value for 'stats'
[  154.286414][ T7062] binder: Bad value for 'stats'
[  154.297037][ T7084] tun0: persist enabled
[  154.301430][ T7084] tun0: tun_chr_ioctl cmd 1074025675
[  154.306718][ T7084] tun0: persist enabled
[  154.311235][ T7062] binder: Bad value for 'stats'
[  154.316183][ T7062] binder: Bad value for 'stats'
[  154.321446][ T7084] binder: Unknown parameter 'cotext<s9"tecloc'
[  154.336195][ T7062] binder: Bad value for 'stats'
[  154.341196][   T36] audit: type=1400 audit(1750317265.960:9563): avc:  denied  { attach_queue } for  pid=7092 comm="syz.0.2050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  154.362385][ T7062] binder: Bad value for 'stats'
[  154.367389][ T7062] binder: Bad value for 'stats'
[  154.374045][ T7062] binder: Bad value for 'stats'
[  154.379169][ T7062] binder: Bad value for 'stats'
[  154.384526][ T7062] binder: Bad value for 'stats'
[  154.389491][ T7062] binder: Bad value for 'stats'
[  154.394655][ T7062] binder: Bad value for 'stats'
[  154.399749][ T7062] binder: Bad value for 'stats'
[  154.406362][ T7062] binder: Bad value for 'stats'
[  154.411376][ T7062] binder: Bad value for 'stats'
[  154.416443][ T7062] binder: Bad value for 'stats'
[  154.421570][ T7062] binder: Bad value for 'stats'
[  154.426825][ T7062] binder: Bad value for 'stats'
[  154.432228][ T7062] binder: Bad value for 'stats'
[  154.437220][ T7062] binder: Bad value for 'stats'
[  154.442257][ T7062] binder: Bad value for 'stats'
[  154.447150][ T7062] binder: Bad value for 'stats'
[  154.452123][ T7062] binder: Bad value for 'stats'
[  154.461914][ T7062] binder: Bad value for 'stats'
[  154.473780][ T7062] binder: Bad value for 'stats'
[  154.478758][ T7062] binder: Bad value for 'stats'
[  154.479036][ T7103] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  154.487458][ T7062] binder: Bad value for 'stats'
[  154.502600][ T7062] binder: Bad value for 'stats'
[  154.508099][ T7062] binder: Bad value for 'stats'
[  154.513975][ T7062] binder: Bad value for 'stats'
[  154.519289][ T7062] binder: Bad value for 'stats'
[  154.527162][ T7062] binder: Bad value for 'stats'
[  154.532783][ T7062] binder: Bad value for 'stats'
[  154.538263][ T7062] binder: Bad value for 'stats'
[  154.550345][ T7109] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:420
[  154.550460][ T7109] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  154.559581][ T7109] rust_binder: Read failure Err(EFAULT) in pid:420
[  154.746673][ T7133] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:370
[  154.747248][ T7132] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  154.753763][ T7133] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  154.777331][ T7133] rust_binder: Read failure Err(EFAULT) in pid:370
[  154.967473][   T36] audit: type=1400 audit(1750317266.590:9564): avc:  denied  { map } for  pid=7157 comm="syz.0.2073" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  155.101518][ T7171] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  155.101540][ T7171] rust_binder: Read failure Err(EFAULT) in pid:457
[  155.110024][ T7171] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:457
[  155.133440][ T7176] binder: Unknown parameter ''
[  155.198661][ T7189] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:90
[  155.208375][ T7188] block device autoloading is deprecated and will be removed.
[  155.228828][ T7188] syz.4.2084: attempt to access beyond end of device
[  155.228828][ T7188] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  155.426358][ T7198] rust_binder: Error while translating object.
[  155.426381][ T7198] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  155.432801][ T7198] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:466
[  155.494047][ T7200] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:468
[  155.670100][ T7221] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22
[  155.688155][ T7223] binder: Unknown parameter 'dont_hash'
[  155.691938][ T7226] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22
[  155.717629][ T7230] random: crng reseeded on system resumption
[  155.808829][ T7234] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  155.838619][   T36] audit: type=1326 audit(1750317267.460:9565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7236 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00ee18e929 code=0x7ffc0000
[  155.853999][ T7237] input: syz0 as /devices/virtual/input/input109
[  155.866623][   T36] audit: type=1326 audit(1750317267.480:9566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7236 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00ee18e929 code=0x7ffc0000
[  155.897551][   T36] audit: type=1326 audit(1750317267.480:9567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7236 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f00ee18e929 code=0x7ffc0000
[  155.926691][   T36] audit: type=1326 audit(1750317267.480:9568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7236 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00ee18e929 code=0x7ffc0000
[  155.950515][   T36] audit: type=1326 audit(1750317267.480:9569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7236 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00ee18e929 code=0x7ffc0000
[  155.985954][   T36] audit: type=1326 audit(1750317267.480:9570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7236 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f00ee18e929 code=0x7ffc0000
[  156.234040][ T7257] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:402
[  156.234237][ T7257] FAULT_INJECTION: forcing a failure.
[  156.234237][ T7257] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.262720][ T7261] random: crng reseeded on system resumption
[  156.268932][ T7257] CPU: 1 UID: 0 PID: 7257 Comm: syz.5.2108 Not tainted 6.12.23-syzkaller-g30b14cdad458 #0 c708c6bafa1314b3e84c64b9f03b67766970ebbd
[  156.268961][ T7257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  156.268973][ T7257] Call Trace:
[  156.268980][ T7257]  <TASK>
[  156.268988][ T7257]  __dump_stack+0x21/0x30
[  156.269013][ T7257]  dump_stack_lvl+0x10c/0x190
[  156.269032][ T7257]  ? __cfi_dump_stack_lvl+0x10/0x10
[  156.269050][ T7257]  ? __cfi__RNvXs2_NtCshgDM7dBCdno_11rust_binder5errorNtB5_11BinderErrorNtNtCs9jEwPDbx20M_4core3fmt5Debug3fmt+0x10/0x10
[  156.269084][ T7257]  ? __cfi__RNvXs5_NtNtNtCs9jEwPDbx20M_4core3fmt3num3implNtB9_7Display3fmt+0x10/0x10
[  156.269110][ T7257]  dump_stack+0x19/0x20
[  156.269127][ T7257]  should_fail_ex+0x3d9/0x530
[  156.269146][ T7257]  should_fail+0xf/0x20
[  156.269170][ T7257]  should_fail_usercopy+0x1e/0x30
[  156.269189][ T7257]  _copy_from_user+0x22/0xb0
[  156.269210][ T7257]  _RNvMs2_NtCshgDM7dBCdno_11rust_binder6threadNtB5_6Thread10write_read+0x438/0x96a0
[  156.269246][ T7257]  ? __cfi__RNvMs2_NtCshgDM7dBCdno_11rust_binder6threadNtB5_6Thread10write_read+0x10/0x10
[  156.269305][ T7257]  ? is_bpf_text_address+0x17b/0x1a0
[  156.269328][ T7257]  ? kernel_text_address+0xa9/0xe0
[  156.269349][ T7257]  ? is_bpf_text_address+0x17b/0x1a0
[  156.269371][ T7257]  ? kernel_text_address+0xa9/0xe0
[  156.269388][ T7257]  ? __kernel_text_address+0x11/0x40
[  156.269404][ T7257]  ? unwind_get_return_address+0x51/0x90
[  156.269422][ T7257]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  156.269443][ T7257]  ? arch_stack_walk+0x10b/0x170
[  156.269467][ T7257]  ? is_bpf_text_address+0x17b/0x1a0
[  156.269490][ T7257]  ? kernel_text_address+0xa9/0xe0
[  156.269507][ T7257]  ? __kernel_text_address+0x11/0x40
[  156.269524][ T7257]  ? unwind_get_return_address+0x51/0x90
[  156.269540][ T7257]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  156.269560][ T7257]  ? arch_stack_walk+0x10b/0x170
[  156.269582][ T7257]  ? __kasan_check_write+0x18/0x20
[  156.269601][ T7257]  ? _raw_spin_lock+0x8c/0x120
[  156.269622][ T7257]  ? __cfi__raw_spin_lock+0x10/0x10
[  156.269642][ T7257]  ? stack_depot_save_flags+0x38/0x800
[  156.269662][ T7257]  ? _raw_spin_unlock+0x45/0x60
[  156.269682][ T7257]  ? rust_helper_spin_unlock+0x19/0x30
[  156.269700][ T7257]  ? _RNvMs3_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process18get_current_thread+0x934/0x1440
[  156.269731][ T7257]  ? __kasan_slab_alloc+0x73/0x90
[  156.269753][ T7257]  ? kmem_cache_alloc_noprof+0x131/0x3a0
[  156.269771][ T7257]  ? security_inode_alloc+0x51/0x200
[  156.269790][ T7257]  ? inode_init_always_gfp+0x756/0x9e0
[  156.269813][ T7257]  ? proc_pid_make_inode+0x25/0x140
[  156.269833][ T7257]  ? proc_pident_instantiate+0x6d/0x2c0
[  156.269855][ T7257]  ? proc_tid_base_lookup+0x2f/0x40
[  156.269872][ T7257]  ? do_filp_open+0x1c6/0x3e0
[  156.269895][ T7257]  ? do_sys_openat2+0x12c/0x1c0
[  156.269910][ T7257]  ? __x64_sys_openat+0x13a/0x170
[  156.269926][ T7257]  ? x64_sys_call+0xe69/0x2ee0
[  156.269947][ T7257]  ? do_syscall_64+0x58/0xf0
[  156.269970][ T7257]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  156.269995][ T7257]  ? __cfi__RNvMs3_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process18get_current_thread+0x10/0x10
[  156.270025][ T7257]  ? avc_has_perm_noaudit+0x268/0x360
[  156.270044][ T7257]  ? __asan_memcpy+0x5a/0x80
[  156.270063][ T7257]  ? avc_has_perm_noaudit+0x286/0x360
[  156.270081][ T7257]  ? avc_has_perm+0x144/0x220
[  156.270097][ T7257]  ? __cfi_avc_has_perm+0x10/0x10
[  156.270115][ T7257]  ? selinux_file_open+0x457/0x610
[  156.270137][ T7257]  _RNvMs5_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process5ioctl+0x411/0x2c20
[  156.270165][ T7257]  ? avc_has_extended_perms+0x7c7/0xdd0
[  156.270182][ T7257]  ? __asan_memcpy+0x5a/0x80
[  156.270200][ T7257]  ? avc_has_extended_perms+0x921/0xdd0
[  156.270218][ T7257]  ? __cfi__RNvMs5_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process5ioctl+0x10/0x10
[  156.270240][ T7257]  ? do_vfs_ioctl+0xeda/0x1e30
[  156.270261][ T7257]  ? arch_stack_walk+0x10b/0x170
[  156.270281][ T7257]  ? __ia32_compat_sys_ioctl+0x850/0x850
[  156.270304][ T7257]  ? _parse_integer+0x2e/0x40
[  156.270324][ T7257]  ? ioctl_has_perm+0x384/0x4d0
[  156.270346][ T7257]  ? has_cap_mac_admin+0xd0/0xd0
[  156.270368][ T7257]  ? proc_fail_nth_write+0x17e/0x210
[  156.270384][ T7257]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  156.270401][ T7257]  ? selinux_file_ioctl+0x6e0/0x1360
[  156.270423][ T7257]  ? vfs_write+0x8ba/0xe80
[  156.270441][ T7257]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  156.270463][ T7257]  ? __cfi_vfs_write+0x10/0x10
[  156.270482][ T7257]  ? __kasan_check_write+0x18/0x20
[  156.270500][ T7257]  ? mutex_unlock+0x8b/0x240
[  156.270522][ T7257]  ? __cfi_mutex_unlock+0x10/0x10
[  156.270544][ T7257]  ? __fget_files+0x2c5/0x340
[  156.270566][ T7257]  ? __fget_files+0x2c5/0x340
[  156.270587][ T7257]  _RNvCshgDM7dBCdno_11rust_binder26rust_binder_unlocked_ioctl+0xa0/0x100
[  156.270611][ T7257]  ? __se_sys_ioctl+0x114/0x1b0
[  156.270632][ T7257]  ? __cfi__RNvCshgDM7dBCdno_11rust_binder26rust_binder_unlocked_ioctl+0x10/0x10
[  156.270655][ T7257]  __se_sys_ioctl+0x132/0x1b0
[  156.270677][ T7257]  __x64_sys_ioctl+0x7f/0xa0
[  156.270698][ T7257]  x64_sys_call+0x1878/0x2ee0
[  156.270719][ T7257]  do_syscall_64+0x58/0xf0
[  156.270739][ T7257]  ? clear_bhb_loop+0x35/0x90
[  156.270761][ T7257]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  156.270782][ T7257] RIP: 0033:0x7f1dcd78e929
[  156.270798][ T7257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.270814][ T7257] RSP: 002b:00007f1dce5ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  156.270835][ T7257] RAX: ffffffffffffffda RBX: 00007f1dcd9b5fa0 RCX: 00007f1dcd78e929
[  156.270850][ T7257] RDX: 0000200000001d00 RSI: 00000000c0306201 RDI: 0000000000000003
[  156.270861][ T7257] RBP: 00007f1dce5ef090 R08: 0000000000000000 R09: 0000000000000000
[  156.270873][ T7257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.270885][ T7257] R13: 0000000000000000 R14: 00007f1dcd9b5fa0 R15: 00007ffdc9d087b8
[  156.270899][ T7257]  </TASK>
[  156.377976][ T7261] Restarting kernel threads ... 
[  156.481032][ T7270] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:105
[  156.494721][ T7261] done.
[  156.515521][ T7271] SELinux:  policydb string length 3171592 does not match expected length 8
[  156.652404][ T7272] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  156.663223][ T7271] SELinux: failed to load policy
[  156.953595][ T7287] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  156.953779][ T7286] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  156.967126][ T7286] rust_binder: Failed to allocate buffer. len:160, is_oneway:false
[  156.976163][ T7286] rust_binder: Write failure EFAULT in pid:492
[  156.986447][ T7289] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:495
[  157.002942][ T7291] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:497
[  157.012338][ T7291] FAULT_INJECTION: forcing a failure.
[  157.012338][ T7291] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.034547][ T7291] CPU: 0 UID: 0 PID: 7291 Comm: syz.4.2120 Not tainted 6.12.23-syzkaller-g30b14cdad458 #0 c708c6bafa1314b3e84c64b9f03b67766970ebbd
[  157.034577][ T7291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  157.034588][ T7291] Call Trace:
[  157.034595][ T7291]  <TASK>
[  157.034603][ T7291]  __dump_stack+0x21/0x30
[  157.034627][ T7291]  dump_stack_lvl+0x10c/0x190
[  157.034647][ T7291]  ? __cfi_dump_stack_lvl+0x10/0x10
[  157.034666][ T7291]  ? __cfi__RNvXs2_NtCshgDM7dBCdno_11rust_binder5errorNtB5_11BinderErrorNtNtCs9jEwPDbx20M_4core3fmt5Debug3fmt+0x10/0x10
[  157.034699][ T7291]  ? __cfi__RNvXs5_NtNtNtCs9jEwPDbx20M_4core3fmt3num3implNtB9_7Display3fmt+0x10/0x10
[  157.034725][ T7291]  dump_stack+0x19/0x20
[  157.034741][ T7291]  should_fail_ex+0x3d9/0x530
[  157.034759][ T7291]  should_fail+0xf/0x20
[  157.034775][ T7291]  should_fail_usercopy+0x1e/0x30
[  157.034794][ T7291]  _copy_to_user+0x24/0xa0
[  157.034814][ T7291]  _RNvMs2_NtCshgDM7dBCdno_11rust_binder6threadNtB5_6Thread10write_read+0x7a34/0x96a0
[  157.034838][ T7291]  ? __cfi__RNvMs2_NtCshgDM7dBCdno_11rust_binder6threadNtB5_6Thread14get_work_local+0x10/0x10
[  157.034869][ T7291]  ? __cfi__RNvMs2_NtCshgDM7dBCdno_11rust_binder6threadNtB5_6Thread10write_read+0x10/0x10
[  157.034926][ T7291]  ? is_bpf_text_address+0x17b/0x1a0
[  157.034948][ T7291]  ? kernel_text_address+0xa9/0xe0
[  157.034969][ T7291]  ? is_bpf_text_address+0x17b/0x1a0
[  157.034990][ T7291]  ? kernel_text_address+0xa9/0xe0
[  157.035007][ T7291]  ? __kernel_text_address+0x11/0x40
[  157.035024][ T7291]  ? unwind_get_return_address+0x51/0x90
[  157.035041][ T7291]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  157.035061][ T7291]  ? arch_stack_walk+0x10b/0x170
[  157.035092][ T7291]  ? is_bpf_text_address+0x17b/0x1a0
[  157.035114][ T7291]  ? kernel_text_address+0xa9/0xe0
[  157.035130][ T7291]  ? __kernel_text_address+0x11/0x40
[  157.035147][ T7291]  ? unwind_get_return_address+0x51/0x90
[  157.035163][ T7291]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  157.035182][ T7291]  ? arch_stack_walk+0x10b/0x170
[  157.035204][ T7291]  ? __kasan_check_write+0x18/0x20
[  157.035222][ T7291]  ? _raw_spin_lock+0x8c/0x120
[  157.035243][ T7291]  ? __cfi__raw_spin_lock+0x10/0x10
[  157.035262][ T7291]  ? stack_depot_save_flags+0x38/0x800
[  157.035282][ T7291]  ? _raw_spin_unlock+0x45/0x60
[  157.035301][ T7291]  ? rust_helper_spin_unlock+0x19/0x30
[  157.035319][ T7291]  ? _RNvMs3_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process18get_current_thread+0x934/0x1440
[  157.035349][ T7291]  ? __kasan_slab_alloc+0x73/0x90
[  157.035371][ T7291]  ? kmem_cache_alloc_noprof+0x131/0x3a0
[  157.035390][ T7291]  ? security_inode_alloc+0x51/0x200
[  157.035408][ T7291]  ? inode_init_always_gfp+0x756/0x9e0
[  157.035430][ T7291]  ? do_filp_open+0x1c6/0x3e0
[  157.035451][ T7291]  ? do_sys_openat2+0x12c/0x1c0
[  157.035468][ T7291]  ? __x64_sys_openat+0x13a/0x170
[  157.035484][ T7291]  ? x64_sys_call+0xe69/0x2ee0
[  157.035504][ T7291]  ? do_syscall_64+0x58/0xf0
[  157.035523][ T7291]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  157.035546][ T7291]  ? __cfi__RNvMs3_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process18get_current_thread+0x10/0x10
[  157.035574][ T7291]  ? avc_has_perm_noaudit+0x268/0x360
[  157.035592][ T7291]  ? __asan_memcpy+0x5a/0x80
[  157.035610][ T7291]  ? avc_has_perm_noaudit+0x286/0x360
[  157.035628][ T7291]  ? avc_has_perm+0x144/0x220
[  157.035644][ T7291]  ? __cfi_avc_has_perm+0x10/0x10
[  157.035662][ T7291]  ? selinux_file_open+0x457/0x610
[  157.035686][ T7291]  _RNvMs5_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process5ioctl+0x411/0x2c20
[  157.035709][ T7291]  ? avc_has_extended_perms+0x7c7/0xdd0
[  157.035726][ T7291]  ? __asan_memcpy+0x5a/0x80
[  157.035744][ T7291]  ? avc_has_extended_perms+0x921/0xdd0
[  157.035762][ T7291]  ? __cfi__RNvMs5_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process5ioctl+0x10/0x10
[  157.035783][ T7291]  ? do_vfs_ioctl+0xeda/0x1e30
[  157.035804][ T7291]  ? arch_stack_walk+0x10b/0x170
[  157.035823][ T7291]  ? __ia32_compat_sys_ioctl+0x850/0x850
[  157.035846][ T7291]  ? _parse_integer+0x2e/0x40
[  157.035865][ T7291]  ? ioctl_has_perm+0x384/0x4d0
[  157.035886][ T7291]  ? has_cap_mac_admin+0xd0/0xd0
[  157.035906][ T7291]  ? proc_fail_nth_write+0x17e/0x210
[  157.035921][ T7291]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  157.035935][ T7291]  ? selinux_file_ioctl+0x6e0/0x1360
[  157.035956][ T7291]  ? vfs_write+0x8ba/0xe80
[  157.035971][ T7291]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  157.035992][ T7291]  ? __cfi_vfs_write+0x10/0x10
[  157.036010][ T7291]  ? __kasan_check_write+0x18/0x20
[  157.036028][ T7291]  ? mutex_unlock+0x8b/0x240
[  157.036048][ T7291]  ? __cfi_mutex_unlock+0x10/0x10
[  157.036068][ T7291]  ? __fget_files+0x2c5/0x340
[  157.036096][ T7291]  ? __fget_files+0x2c5/0x340
[  157.036112][ T7291]  _RNvCshgDM7dBCdno_11rust_binder26rust_binder_unlocked_ioctl+0xa0/0x100
[  157.036133][ T7291]  ? __se_sys_ioctl+0x114/0x1b0
[  157.036153][ T7291]  ? __cfi__RNvCshgDM7dBCdno_11rust_binder26rust_binder_unlocked_ioctl+0x10/0x10
[  157.036176][ T7291]  __se_sys_ioctl+0x132/0x1b0
[  157.036196][ T7291]  __x64_sys_ioctl+0x7f/0xa0
[  157.036216][ T7291]  x64_sys_call+0x1878/0x2ee0
[  157.036235][ T7291]  do_syscall_64+0x58/0xf0
[  157.036255][ T7291]  ? clear_bhb_loop+0x35/0x90
[  157.036276][ T7291]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  157.036296][ T7291] RIP: 0033:0x7f1d0f98e929
[  157.036312][ T7291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.036327][ T7291] RSP: 002b:00007f1d1082a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  157.036347][ T7291] RAX: ffffffffffffffda RBX: 00007f1d0fbb5fa0 RCX: 00007f1d0f98e929
[  157.036361][ T7291] RDX: 0000200000001d00 RSI: 00000000c0306201 RDI: 0000000000000003
[  157.036374][ T7291] RBP: 00007f1d1082a090 R08: 0000000000000000 R09: 0000000000000000
[  157.036386][ T7291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.036398][ T7291] R13: 0000000000000000 R14: 00007f1d0fbb5fa0 R15: 00007ffc186b57f8
[  157.036412][ T7291]  </TASK>
[  157.039307][ T7291] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  157.133112][ T7293] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:115
[  157.137106][ T7291] rust_binder: Read failure Err(EFAULT) in pid:497
[  157.726999][ T7304] SELinux:  unknown common r
[  157.738383][ T7304] SELinux: failed to load policy
[  157.798379][   T36] kauditd_printk_skb: 55 callbacks suppressed
[  157.798395][   T36] audit: type=1400 audit(1750317269.420:9626): avc:  denied  { ioctl } for  pid=7308 comm="syz.2.2127" path="/dev/fuse" dev="devtmpfs" ino=23 ioctlcmd=0x9429 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  157.870575][ T7317] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:414
[  157.870822][ T7317] FAULT_INJECTION: forcing a failure.
[  157.870822][ T7317] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.892992][ T7317] CPU: 1 UID: 0 PID: 7317 Comm: syz.5.2130 Not tainted 6.12.23-syzkaller-g30b14cdad458 #0 c708c6bafa1314b3e84c64b9f03b67766970ebbd
[  157.893023][ T7317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  157.893033][ T7317] Call Trace:
[  157.893038][ T7317]  <TASK>
[  157.893045][ T7317]  __dump_stack+0x21/0x30
[  157.893069][ T7317]  dump_stack_lvl+0x10c/0x190
[  157.893088][ T7317]  ? __cfi_dump_stack_lvl+0x10/0x10
[  157.893107][ T7317]  ? __cfi__RNvXs2_NtCshgDM7dBCdno_11rust_binder5errorNtB5_11BinderErrorNtNtCs9jEwPDbx20M_4core3fmt5Debug3fmt+0x10/0x10
[  157.893142][ T7317]  ? __cfi__RNvXs5_NtNtNtCs9jEwPDbx20M_4core3fmt3num3implNtB9_7Display3fmt+0x10/0x10
[  157.893170][ T7317]  dump_stack+0x19/0x20
[  157.893188][ T7317]  should_fail_ex+0x3d9/0x530
[  157.893207][ T7317]  should_fail+0xf/0x20
[  157.893223][ T7317]  should_fail_usercopy+0x1e/0x30
[  157.893241][ T7317]  _copy_to_user+0x24/0xa0
[  157.893262][ T7317]  _RNvMs2_NtCshgDM7dBCdno_11rust_binder6threadNtB5_6Thread10write_read+0x862f/0x96a0
[  157.893286][ T7317]  ? __cfi__RNvMs2_NtCshgDM7dBCdno_11rust_binder6threadNtB5_6Thread14get_work_local+0x10/0x10
[  157.893320][ T7317]  ? __cfi__RNvMs2_NtCshgDM7dBCdno_11rust_binder6threadNtB5_6Thread10write_read+0x10/0x10
[  157.893372][ T7317]  ? unwind_next_frame+0x3c2/0x750
[  157.893385][ T7317]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  157.893398][ T7317]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  157.893410][ T7317]  ? __kernel_text_address+0x11/0x40
[  157.893423][ T7317]  ? is_bpf_text_address+0x17b/0x1a0
[  157.893436][ T7317]  ? kernel_text_address+0xa9/0xe0
[  157.893446][ T7317]  ? __kernel_text_address+0x11/0x40
[  157.893455][ T7317]  ? unwind_get_return_address+0x51/0x90
[  157.893464][ T7317]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  157.893476][ T7317]  ? arch_stack_walk+0x10b/0x170
[  157.893490][ T7317]  ? is_bpf_text_address+0x17b/0x1a0
[  157.893502][ T7317]  ? kernel_text_address+0xa9/0xe0
[  157.893512][ T7317]  ? __kernel_text_address+0x11/0x40
[  157.893521][ T7317]  ? unwind_get_return_address+0x51/0x90
[  157.893530][ T7317]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  157.893541][ T7317]  ? arch_stack_walk+0x10b/0x170
[  157.893553][ T7317]  ? __kasan_check_write+0x18/0x20
[  157.893564][ T7317]  ? _raw_spin_lock+0x8c/0x120
[  157.893576][ T7317]  ? __cfi__raw_spin_lock+0x10/0x10
[  157.893587][ T7317]  ? stack_depot_save_flags+0x38/0x800
[  157.893598][ T7317]  ? _raw_spin_unlock+0x45/0x60
[  157.893609][ T7317]  ? rust_helper_spin_unlock+0x19/0x30
[  157.893619][ T7317]  ? _RNvMs3_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process18get_current_thread+0x934/0x1440
[  157.893637][ T7317]  ? __kasan_slab_alloc+0x73/0x90
[  157.893649][ T7317]  ? kmem_cache_alloc_noprof+0x131/0x3a0
[  157.893660][ T7317]  ? security_inode_alloc+0x51/0x200
[  157.893671][ T7317]  ? inode_init_always_gfp+0x756/0x9e0
[  157.893684][ T7317]  ? do_filp_open+0x1c6/0x3e0
[  157.893697][ T7317]  ? do_sys_openat2+0x12c/0x1c0
[  157.893706][ T7317]  ? __x64_sys_openat+0x13a/0x170
[  157.893715][ T7317]  ? x64_sys_call+0xe69/0x2ee0
[  157.893727][ T7317]  ? do_syscall_64+0x58/0xf0
[  157.893739][ T7317]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  157.893753][ T7317]  ? __cfi__RNvMs3_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process18get_current_thread+0x10/0x10
[  157.893771][ T7317]  ? avc_has_perm_noaudit+0x268/0x360
[  157.893782][ T7317]  ? __asan_memcpy+0x5a/0x80
[  157.893792][ T7317]  ? avc_has_perm_noaudit+0x286/0x360
[  157.893802][ T7317]  ? avc_has_perm+0x144/0x220
[  157.893811][ T7317]  ? __cfi_avc_has_perm+0x10/0x10
[  157.893821][ T7317]  ? selinux_file_open+0x457/0x610
[  157.893835][ T7317]  _RNvMs5_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process5ioctl+0x411/0x2c20
[  157.893848][ T7317]  ? avc_has_extended_perms+0x7c7/0xdd0
[  157.893858][ T7317]  ? __asan_memcpy+0x5a/0x80
[  157.893868][ T7317]  ? avc_has_extended_perms+0x921/0xdd0
[  157.893878][ T7317]  ? __cfi__RNvMs5_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process5ioctl+0x10/0x10
[  157.893890][ T7317]  ? do_vfs_ioctl+0xeda/0x1e30
[  157.893902][ T7317]  ? arch_stack_walk+0x10b/0x170
[  157.893914][ T7317]  ? __ia32_compat_sys_ioctl+0x850/0x850
[  157.893927][ T7317]  ? _parse_integer+0x2e/0x40
[  157.893938][ T7317]  ? ioctl_has_perm+0x384/0x4d0
[  157.893952][ T7317]  ? has_cap_mac_admin+0xd0/0xd0
[  157.893964][ T7317]  ? proc_fail_nth_write+0x17e/0x210
[  157.893975][ T7317]  ? __cfi_proc_fail_nth_write+0x10/0x10
[  157.893984][ T7317]  ? selinux_file_ioctl+0x6e0/0x1360
[  157.893997][ T7317]  ? vfs_write+0x8ba/0xe80
[  157.894014][ T7317]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  157.894027][ T7317]  ? __cfi_vfs_write+0x10/0x10
[  157.894038][ T7317]  ? __kasan_check_write+0x18/0x20
[  157.894047][ T7317]  ? mutex_unlock+0x8b/0x240
[  157.894061][ T7317]  ? __cfi_mutex_unlock+0x10/0x10
[  157.894073][ T7317]  ? __fget_files+0x2c5/0x340
[  157.894086][ T7317]  ? __fget_files+0x2c5/0x340
[  157.894099][ T7317]  _RNvCshgDM7dBCdno_11rust_binder26rust_binder_unlocked_ioctl+0xa0/0x100
[  157.894113][ T7317]  ? __se_sys_ioctl+0x114/0x1b0
[  157.894125][ T7317]  ? __cfi__RNvCshgDM7dBCdno_11rust_binder26rust_binder_unlocked_ioctl+0x10/0x10
[  157.894138][ T7317]  __se_sys_ioctl+0x132/0x1b0
[  157.894151][ T7317]  __x64_sys_ioctl+0x7f/0xa0
[  157.894163][ T7317]  x64_sys_call+0x1878/0x2ee0
[  157.894174][ T7317]  do_syscall_64+0x58/0xf0
[  157.894186][ T7317]  ? clear_bhb_loop+0x35/0x90
[  157.894199][ T7317]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  157.894211][ T7317] RIP: 0033:0x7f1dcd78e929
[  157.894221][ T7317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.894230][ T7317] RSP: 002b:00007f1dce5ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  157.894241][ T7317] RAX: ffffffffffffffda RBX: 00007f1dcd9b5fa0 RCX: 00007f1dcd78e929
[  157.894248][ T7317] RDX: 0000200000001d00 RSI: 00000000c0306201 RDI: 0000000000000003
[  157.894255][ T7317] RBP: 00007f1dce5ef090 R08: 0000000000000000 R09: 0000000000000000
[  157.894262][ T7317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.894268][ T7317] R13: 0000000000000000 R14: 00007f1dcd9b5fa0 R15: 00007ffdc9d087b8
[  157.894277][ T7317]  </TASK>
[  158.230370][ T7323] random: crng reseeded on system resumption
[  158.563740][   T36] audit: type=1400 audit(1750317270.190:9627): avc:  denied  { map } for  pid=7331 comm="syz.2.2135" path="/dev/full" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:null_device_t tclass=chr_file permissive=1
[  158.638187][   T36] audit: type=1400 audit(1750317270.260:9628): avc:  denied  { ioctl } for  pid=7333 comm="syz.2.2136" path="/dev/loop-control" dev="devtmpfs" ino=48 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  158.690342][ T7341] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  158.710387][ T7341] SELinux: failed to load policy
[  158.717328][   T36] audit: type=1400 audit(1750317270.340:9629): avc:  denied  { append } for  pid=7342 comm="syz.5.2139" name="hwrng" dev="devtmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  158.777311][ T7351] binder: Bad value for 'stats'
[  158.794948][ T7353] input: syz1 as /devices/virtual/input/input112
[  158.800987][ T7355] rust_binder: Write failure EINVAL in pid:469
[  158.823281][ T7357] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:471
[  158.870234][ T7369] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:527
[  158.922228][ T7375] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  158.966318][ T7380] input: syz0 as /devices/virtual/input/input113
[  159.007423][ T7386] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  159.047558][ T7392] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:532
[  159.063231][   T36] audit: type=1326 audit(1750317270.690:9630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7395 comm="syz.0.2161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00ee18e929 code=0x7ffc0000
[  159.100246][   T36] audit: type=1326 audit(1750317270.730:9631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7395 comm="syz.0.2161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f00ee18e929 code=0x7ffc0000
[  159.124595][ T7403] binder: Unknown parameter 'dont_hash'
[  159.124874][ T7404] binder: Unknown parameter 'dont_hash'
[  159.130231][   T36] audit: type=1326 audit(1750317270.730:9632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7395 comm="syz.0.2161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00ee18e929 code=0x7ffc0000
[  159.159787][ T7403] input: syz1 as /devices/virtual/input/input115
[  159.166304][   T36] audit: type=1326 audit(1750317270.730:9633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7395 comm="syz.0.2161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00ee18e929 code=0x7ffc0000
[  159.190425][   T36] audit: type=1326 audit(1750317270.730:9634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7395 comm="syz.0.2161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f00ee18e929 code=0x7ffc0000
[  159.219109][   T36] audit: type=1326 audit(1750317270.730:9635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7395 comm="syz.0.2161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00ee18e929 code=0x7ffc0000
[  159.276875][ T7406] SELinux: failed to load policy
[  159.313173][ T7408] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  159.313197][ T7408] rust_binder: Error in use_page_slow: EBUSY
[  159.323766][ T7408] rust_binder: use_range failure EBUSY
[  159.331329][ T7408] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  159.336954][ T7408] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  159.348088][ T7408] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  159.357478][ T7408] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:537
[  159.450610][ T7431] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:142
[  159.555034][ T7447] input: syz1 as /devices/virtual/input/input116
[  159.565176][ T7452] rust_binder: Write failure EINVAL in pid:149
[  159.573636][ T7452] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  159.583685][ T7452] rust_binder: Error while translating object.
[  159.590325][ T7452] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  159.615291][ T7452] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:149
[  159.631306][ T7454] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  159.650081][ T7444] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  159.650110][ T7444] rust_binder: Error in use_page_slow: EBUSY
[  159.660647][ T7444] rust_binder: use_range failure EBUSY
[  159.666649][ T7444] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  159.672159][ T7444] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  159.683066][ T7444] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  159.694179][ T7457] rust_binder: Write failure EINVAL in pid:443
[  159.699119][ T7444] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:543
[  159.886851][ T7483] input: syz0 as /devices/virtual/input/input118
[  159.905123][ T7483] binder: Unknown parameter 'fowner<18446744073709551615'
[  160.004162][ T7492] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  160.004183][ T7492] rust_binder: Read failure Err(EFAULT) in pid:558
[  160.041602][ T7490] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  160.134821][ T7502] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  160.134845][ T7502] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:567
[  160.149949][ T7502] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  160.169036][ T7508] binder: Bad value for 'defcontext'
[  160.191936][ T7510] binder: Bad value for 'defcontext'
[  160.341252][ T7525] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  160.341273][ T7525] rust_binder: Read failure Err(EFAULT) in pid:522
[  160.409054][ T7528] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:524
[  161.187551][ T7557] binder: Bad value for 'defcontext'
[  161.287344][ T7563] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  161.308632][ T7563] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:589
[  161.715443][ T7584] rust_binder: Write failure EFAULT in pid:600
[  161.715663][ T7585] rust_binder: Write failure EFAULT in pid:600
[  161.872731][ T4579] bridge_slave_1: left allmulticast mode
[  161.884753][ T4579] bridge_slave_1: left promiscuous mode
[  161.906941][ T4579] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.915093][ T4579] bridge_slave_0: left allmulticast mode
[  161.920834][ T4579] bridge_slave_0: left promiscuous mode
[  161.932520][ T4579] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.950014][ T7602] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:173
[  162.000177][ T7607] rust_binder: Error in use_page_slow: ESRCH
[  162.000201][ T7607] rust_binder: use_range failure ESRCH
[  162.006203][ T7607] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  162.013293][ T7607] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  162.030859][ T7605] rust_binder: Error in use_page_slow: ESRCH
[  162.033513][ T7607] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:175
[  162.050300][ T7605] rust_binder: use_range failure ESRCH
[  162.073781][ T7605] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  162.079279][ T7605] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  162.092942][ T4579] veth1_macvtap: left promiscuous mode
[  162.110339][ T7605] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:175
[  162.126103][ T4579] veth0_vlan: left promiscuous mode
[  162.226740][ T7612] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.233850][ T7612] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.240941][ T7612] bridge_slave_0: entered allmulticast mode
[  162.242722][ T7632] rust_binder: Write failure EINVAL in pid:474
[  162.247209][ T7612] bridge_slave_0: entered promiscuous mode
[  162.248579][ T7628] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  162.254100][ T7612] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.273057][ T7612] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.280118][ T7612] bridge_slave_1: entered allmulticast mode
[  162.286458][ T7612] bridge_slave_1: entered promiscuous mode
[  162.314658][ T7632] rust_binder: got new transaction with bad transaction stack
[  162.314679][ T7632] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:474
[  162.350419][ T7612] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.366540][ T7612] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.373804][ T7612] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.380843][ T7612] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.399691][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.407321][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.416341][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.423407][  T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.433875][  T309] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.440925][  T309] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.463447][ T7612] veth0_vlan: entered promiscuous mode
[  162.473522][ T7612] veth1_macvtap: entered promiscuous mode
[  162.693148][ T7651] binder: Unknown parameter 'fowner'
[  163.010067][ T7669] rust_binder: Error while translating object.
[  163.010093][ T7669] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  163.016343][ T7669] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:628
[  163.076840][ T7681] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  163.138008][ T7682] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:191
[  163.144736][ T7681] rust_binder: Write failure EINVAL in pid:191
[  163.166933][ T7684] SELinux: security_context_str_to_sid (sytem_uÝGй‰:ÿß) failed with errno=-22
[  163.215049][ T7691] serio: Serial port ttynull
[  163.238406][ T7695] rust_binder: Error while translating object.
[  163.238425][ T7695] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  163.244929][ T7695] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:14
[  163.265739][ T7696] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  163.274808][ T7696] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:633
[  163.330662][ T7704] kvm: user requested TSC rate below hardware speed
[  163.348716][ T7711] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:19
[  163.358117][ T7704] kvm: user requested TSC rate below hardware speed
[  163.374603][ T7704] rust_binder: Read failure Err(EAGAIN) in pid:201
[  163.476034][ T7716] rust_kernel: panicked at /syzkaller/managers/ci2-android-6-12-rust/kernel/rust/kernel/page_size_compat.rs:60:5:
[  163.476034][ T7716] attempt to add with overflow
[  163.499377][ T7716] ------------[ cut here ]------------
[  163.504862][ T7716] kernel BUG at rust/helpers/bug.c:7!
[  163.510297][   T36] kauditd_printk_skb: 7 callbacks suppressed
[  163.510309][   T36] audit: type=1400 audit(1750317275.140:9643): avc:  denied  { read } for  pid=91 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  163.538942][ T7716] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[  163.545906][ T7716] CPU: 0 UID: 0 PID: 7716 Comm: syz.2.2260 Not tainted 6.12.23-syzkaller-g30b14cdad458 #0 c708c6bafa1314b3e84c64b9f03b67766970ebbd
[  163.550269][   T36] audit: type=1400 audit(1750317275.140:9644): avc:  denied  { search } for  pid=91 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  163.559334][ T7716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  163.559350][ T7716] RIP: 0010:rust_helper_BUG+0x8/0x10
[  163.581090][   T36] audit: type=1400 audit(1750317275.140:9645): avc:  denied  { write } for  pid=91 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  163.590725][ T7716] Code: cc cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 7e b0 c1 cc 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 <0f> 0b 66 0f 1f 44 00 00 b8 34 74 88 40 90 90 90 90 90 90 90 90 90
[  163.590744][ T7716] RSP: 0018:ffffc90002f873f0 EFLAGS: 00010246
[  163.590761][ T7716] RAX: 000000000000008c RBX: 1ffff920005f0e80 RCX: da0155797f7ee300
[  163.596304][   T36] audit: type=1400 audit(1750317275.140:9646): avc:  denied  { add_name } for  pid=91 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  163.617257][ T7716] RDX: ffffc9000444e000 RSI: 00000000000088a4 RDI: 00000000000088a5
[  163.617273][ T7716] RBP: ffffc90002f873f0 R08: ffffc90002f870e7 R09: 1ffff920005f0e1c
[  163.617285][ T7716] R10: dffffc0000000000 R11: fffff520005f0e1d R12: 0000000000000000
[  163.617298][ T7716] R13: dffffc0000000000 R14: ffffc90002f87420 R15: ffffc90002f87450
[  163.637273][   T36] audit: type=1400 audit(1750317275.140:9647): avc:  denied  { create } for  pid=91 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  163.642928][ T7716] FS:  00007f4c5affe6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  163.642947][ T7716] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  163.642960][ T7716] CR2: 000000110c2e1a3a CR3: 00000001307bc000 CR4: 00000000003526b0
[  163.642976][ T7716] DR0: 0000000000000007 DR1: 000000000000000b DR2: 0000000000000002
[  163.642988][ T7716] DR3: 000000000000000c DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  163.643000][ T7716] Call Trace:
[  163.643006][ T7716]  <TASK>
[  163.643013][ T7716]  _RNvCscSpY9Juk0HT_7___rustc17rust_begin_unwind+0x15b/0x160
[  163.643042][ T7716]  ? __cfi__RNvCscSpY9Juk0HT_7___rustc17rust_begin_unwind+0x10/0x10
[  163.643061][ T7716]  ? kernel_text_address+0xa9/0xe0
[  163.643079][ T7716]  ? __cfi__RNvXs1b_NtCs9jEwPDbx20M_4core3fmtRNtNtNtB8_5panic10panic_info9PanicInfoNtB6_7Display3fmtCs43vyB533jt3_6kernel+0x10/0x10
[  163.643108][ T7716]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  163.643129][ T7716]  ? arch_stack_walk+0x10b/0x170
[  163.643149][ T7716]  _RNvNtCs9jEwPDbx20M_4core9panicking9panic_fmt+0x84/0x90
[  163.653831][   T36] audit: type=1400 audit(1750317275.140:9648): avc:  denied  { append open } for  pid=91 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  163.671657][ T7716]  ? __cfi__RNvNtCs9jEwPDbx20M_4core9panicking9panic_fmt+0x10/0x10
[  163.671693][ T7716]  _RNvNtNtCs9jEwPDbx20M_4core9panicking11panic_const24panic_const_add_overflow+0xb2/0xc0
[  163.679924][   T36] audit: type=1400 audit(1750317275.140:9649): avc:  denied  { getattr } for  pid=91 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  163.687609][ T7716]  ? __cfi__RNvNtNtCs9jEwPDbx20M_4core9panicking11panic_const24panic_const_add_overflow+0x10/0x10
[  163.687639][ T7716]  _RNvXs1_CscPPBqWtAqum_11ashmem_rustNtB5_6AshmemNtNtCs43vyB533jt3_6kernel10miscdevice10MiscDevice4mmap+0xe44/0xfb0
[  163.907473][ T7716]  ? mas_wr_store_type+0x8eb/0x1ad0
[  163.912657][ T7716]  ? __cfi__RNvXs1_CscPPBqWtAqum_11ashmem_rustNtB5_6AshmemNtNtCs43vyB533jt3_6kernel10miscdevice10MiscDevice4mmap+0x10/0x10
[  163.925406][ T7716]  ? mas_preallocate+0x56e/0xc60
[  163.930329][ T7716]  ? __cfi_mas_preallocate+0x10/0x10
[  163.935593][ T7716]  ? kasan_save_alloc_info+0x40/0x50
[  163.940858][ T7716]  ? __asan_memset+0x39/0x50
[  163.945437][ T7716]  mmap_region+0x1371/0x1bd0
[  163.950024][ T7716]  ? __cfi_mmap_region+0x10/0x10
[  163.955037][ T7716]  ? __futex_queue+0x19a/0x340
[  163.959796][ T7716]  ? __kasan_check_read+0x15/0x20
[  163.964809][ T7716]  ? arch_get_unmapped_area_topdown+0x232/0x8d0
[  163.971052][ T7716]  ? file_mmap_ok+0x147/0x1a0
[  163.975710][ T7716]  do_mmap+0xb6d/0x13c0
[  163.979853][ T7716]  ? __cfi_do_mmap+0x10/0x10
[  163.984424][ T7716]  ? down_write_killable+0xe9/0x2d0
[  163.989602][ T7716]  ? __cfi_down_write_killable+0x10/0x10
[  163.995225][ T7716]  vm_mmap_pgoff+0x38f/0x4e0
[  163.999806][ T7716]  ? __cfi_vm_mmap_pgoff+0x10/0x10
[  164.004898][ T7716]  ? __fget_files+0x2c5/0x340
[  164.009562][ T7716]  ksys_mmap_pgoff+0x166/0x1e0
[  164.014323][ T7716]  __x64_sys_mmap+0x121/0x140
[  164.018989][ T7716]  x64_sys_call+0x13bf/0x2ee0
[  164.023649][ T7716]  do_syscall_64+0x58/0xf0
[  164.028046][ T7716]  ? clear_bhb_loop+0x35/0x90
[  164.032706][ T7716]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  164.038580][ T7716] RIP: 0033:0x7f4c5a18e929
[  164.042977][ T7716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.062570][ T7716] RSP: 002b:00007f4c5affe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  164.070968][ T7716] RAX: ffffffffffffffda RBX: 00007f4c5a3b5fa0 RCX: 00007f4c5a18e929
[  164.078921][ T7716] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000200000701000
[  164.086881][ T7716] RBP: 00007f4c5a210b39 R08: 0000000000000007 R09: 0000000000000000
[  164.094855][ T7716] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[  164.102812][ T7716] R13: 0000000000000000 R14: 00007f4c5a3b5fa0 R15: 00007ffe48f53c38
[  164.110768][ T7716]  </TASK>
[  164.113771][ T7716] Modules linked in:
[  164.118167][ T7716] ---[ end trace 0000000000000000 ]---
[  164.125044][ T7716] RIP: 0010:rust_helper_BUG+0x8/0x10
[  164.130389][ T7716] Code: cc cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 7e b0 c1 cc 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 <0f> 0b 66 0f 1f 44 00 00 b8 34 74 88 40 90 90 90 90 90 90 90 90 90
[  164.150059][ T7716] RSP: 0018:ffffc90002f873f0 EFLAGS: 00010246
[  164.156169][ T7716] RAX: 000000000000008c RBX: 1ffff920005f0e80 RCX: da0155797f7ee300
[  164.164258][ T7716] RDX: ffffc9000444e000 RSI: 00000000000088a4 RDI: 00000000000088a5
[  164.172363][ T7716] RBP: ffffc90002f873f0 R08: ffffc90002f870e7 R09: 1ffff920005f0e1c
[  164.180496][ T7716] R10: dffffc0000000000 R11: fffff520005f0e1d R12: 0000000000000000
[  164.188480][ T7716] R13: dffffc0000000000 R14: ffffc90002f87420 R15: ffffc90002f87450
[  164.196624][ T7716] FS:  00007f4c5affe6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  164.205602][ T7716] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  164.212333][ T7716] CR2: 00007f1d0fb81178 CR3: 00000001307bc000 CR4: 00000000003526b0
[  164.220320][ T7716] DR0: 0000000000000007 DR1: 000000000000000b DR2: 0000000000000002
[  164.228286][ T7716] DR3: 0000000000000009 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  164.236265][ T7716] Kernel panic - not syncing: Fatal exception
[  164.242547][ T7716] Kernel Offset: disabled
[  164.246856][ T7716] Rebooting in 86400 seconds..