last executing test programs:

1m31.251352598s ago: executing program 3 (id=1075):
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000003c0)={0x1, 0x0, [{0xe1, 0x0, 0x7}]})
mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="73746174893d896c6f62616c2c00fb06f538f4fa12710f1c709139111f0511976b86823f26641188f9f1db5889398d262c459c6e235b35e1c82d41e31e966dabad56bdd36ebd4e6accbbacd39245ccbc3072143394d9134877e6968fc87049623cff774f0b0312733d9c46528cb773563112f6309e251572356ffc723029bc113767569a081cc7f1"])
openat$binderfs(0xffffffffffffff9c, &(0x7f0000002500)='./binderfs2/binder0\x00', 0x0, 0x0)

1m31.155472579s ago: executing program 3 (id=1080):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x40087708, &(0x7f0000000540)='\x00\x00\x03\x06\x00\x00\x00\x1f\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\x87\xa3\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9f\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b^:4\xeb\xd37\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Hd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\xadP\x1c2\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84\x1b\xdaR-\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd8\\\x99\xc7Dp\x98\xa4o\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12KL\xf2\xd5\b^[D~\x00\x00\x00\x00\x00\x00\x00')
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x2, 0x0, "00629a7d82000000000000000000f7ffffff00"})
r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000000)=0x7fffffff)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000280)=0x3)
unlinkat$binderfs_device(0xffffffffffffff9c, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.numa_stat\x00', 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1m31.15227634s ago: executing program 3 (id=1081):
openat$rnullb(0xffffffffffffff9c, 0x0, 0x200, 0x0) (async)
openat$rnullb(0xffffffffffffff9c, 0x0, 0x200, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000800)='/sys/power/image_size', 0x141a82, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272})
ioctl$TUNSETCARRIER(r1, 0x400454e2, &(0x7f0000000280)=0x1)
close(0x3) (async)
close(0x3)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x0, 0x3})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r2, 0x40046208, 0x0) (async)
ioctl$BINDER_THREAD_EXIT(r2, 0x40046208, 0x0)
write$UHID_GET_REPORT_REPLY(r0, &(0x7f0000000000), 0xa)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000033c0), 0x0, 0x0) (async)
r4 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000033c0), 0x0, 0x0)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1e1243, 0x0) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1e1243, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='devices.list\x00', 0x275a, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f0000000740)={0x30}, 0x30) (async)
write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f0000000740)={0x30}, 0x30)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
ioctl$BLKRRPART(r5, 0x125f, 0x0)
read$FUSE(r4, 0x0, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_freeze_timeout', 0x200, 0x20)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x3, 0x32, 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000480)={0x2020}, 0x2020) (async)
read$FUSE(r6, &(0x7f0000000480)={0x2020}, 0x2020)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
r7 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000002a40), 0x200, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.swap.current\x00', 0x275a, 0x0)
write$vga_arbiter(r8, &(0x7f0000000140)=ANY=[@ANYBLOB="6c6f636b206e6f6e650038998fd3cc131cb2e3ec27a8f040a04998c90c59db59171f6b4056bb1244ace24505d72435c3cac8526836c2ffd8784e2e1ba6a0b556bfe13607fa29595967a22142b74f765709afd9fc03f04a65f6690101000079f64779f385c875d6c165db3866d8a68166093aee048e2ef40ef86c119ff1514f3603e8180617fd95a3f871918840e0a9d066d0109c9f3fa2813aab3e3ce03efe384464ee16f7212fb9a441ad168043d2340936a433496f4ba46dbcd4ccd23e647a9d18114c359acb888c0ee81c599f8faeb3877f0000005591989fe8183d25891176187012e071cf0c5b1bd4cfec2ab5677aa007563749aefc"], 0xa)
ioctl$BLKROSET(r7, 0x125d, &(0x7f0000000540)=0x10001)
ioctl$BLKRRPART(r0, 0x125f, 0x0) (async)
ioctl$BLKRRPART(r0, 0x125f, 0x0)

1m30.916183843s ago: executing program 3 (id=1086):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x45809000)

1m30.647420737s ago: executing program 3 (id=1091):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)=0x10) (async)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179) (async)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x104) (async)
syz_clone3(&(0x7f0000000340)={0x105480, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async)
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$UHID_CREATE2(r1, 0x0, 0x2) (async)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r2, 0x40485404, &(0x7f0000000040)={{0x1}}) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0x7704, 0x0)

1m30.647263017s ago: executing program 3 (id=1092):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x606081, 0x0)

1m15.59892991s ago: executing program 32 (id=1092):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x606081, 0x0)

56.498056733s ago: executing program 0 (id=1779):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x4, 0x0, [{0x946, 0x0, 0x4}, {0x326, 0x0, 0x7}, {0x8c3}, {0x9e9, 0x0, 0x9}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x1, 0x11, r3, 0x0)

56.415221494s ago: executing program 0 (id=1782):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0)
ioctl$NS_GET_USERNS(r1, 0x8004b708, 0x0)
r2 = openat$ptp0(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PTP_PIN_GETFUNC2(r2, 0xc0603d0f, &(0x7f0000000040))
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
mmap(&(0x7f0000797000/0x2000)=nil, 0x2000, 0x3000001, 0x22053, r3, 0x2000)

56.316178825s ago: executing program 0 (id=1784):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f00000000c0)={0xfff, 0x0, 0x0, 0x8, 0x13, "eb00"})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0xa)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCGICOUNT(r2, 0x545d, 0x0)
ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000cf0800004503"])
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100"])
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000100)={{0x0, 0xdddd1000, 0x10, 0x0, 0x8, 0x2, 0x0, 0x2, 0x0, 0x8, 0x9, 0x10}, {0xcccff001, 0x0, 0xc, 0x0, 0x0, 0x0, 0x2, 0x1, 0x7, 0x4}, {0x2000, 0xdddd0000, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xffff1000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4}, {0xeeee8000, 0x3000, 0xb, 0x0, 0x0, 0x4, 0x0, 0xe, 0x0, 0x3c}, {0x5000, 0x0, 0x0, 0x7, 0xc, 0x0, 0x2, 0x0, 0x4, 0x10, 0x80}, {0xdddd1000, 0x0, 0xa, 0x6, 0x0, 0x0, 0x2, 0x0, 0x10}, {0x8080000, 0x3000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1a, 0x26, 0x0, 0xfd}, {0x80ac000}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x1, 0x70, 0x0, 0xdd00, 0x5000, [0xfffffffffffffffc, 0x0, 0x1]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_TRANSLATE(r5, 0xc018ae85, &(0x7f00000000c0)={0x0, 0x87000})
r6 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040), 0x280, 0x0)
ioctl$ASHMEM_SET_PROT_MASK(r6, 0x40087705, &(0x7f0000000080))

56.301013556s ago: executing program 0 (id=1785):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100))
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0})
r2 = openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write(r2, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x29a}]})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r7, 0x541a, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x8, 0x4010, 0xffffffffffffffff, 0x7fa8c000)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat, @fd={0x66642a85, 0x0, r6}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000040))

56.214203677s ago: executing program 0 (id=1786):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0xb03cdf087638818c, 0x3}) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='pids.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x82013, r2, 0x81c5e000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x0, 0xb, 0x0, 0x8, 0x0, 0x0, 0x2, 0x7b, 0x40, 0x9, 0x10}, {0x10000, 0x0, 0xc, 0x8, 0x2, 0x0, 0x7, 0x0, 0x5, 0x7, 0x14, 0x6}, {0xeeef0000, 0xdddd0000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x4, 0xfc}, {0x5000, 0xd000, 0x0, 0xff, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4}, {0xeeee8000, 0xeeef0000, 0x9, 0x0, 0xfc, 0x4, 0x0, 0x3, 0x0, 0x3c}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0xbf, 0x2, 0x0, 0xa, 0x2}, {0xeeee0000, 0xdddd1000, 0xe, 0xfe, 0x0, 0x0, 0x3, 0x80, 0x0, 0xfc}, {0x2000, 0x0, 0xf, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26}, {0xdddd1000}, {0xdddd1000, 0xfbff}, 0xddf8ffdb, 0x0, 0xeeee8000, 0x430, 0x0, 0x2501, 0xdddd0000, [0x4, 0x0, 0x2]}) (async)
prctl$PR_SET_KEEPCAPS(0x8, 0x3) (async)
ioctl$KVM_TRANSLATE(r6, 0xc018ae85, &(0x7f0000000000)={0x4, 0x8080000, 0x5, 0xf7, 0xa})
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r9, 0x4068aea3, &(0x7f0000000080)={[{0x80, 0x0, 0x0, 0x0, 0x80}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}]}) (async)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@fd={0x66642a85, 0x0, r7}, @ptr={0x70742a85, 0xfffffffe, 0x0, 0x0, 0x0, 0x33}, @fda={0x66646185, 0x8, 0x2, 0x40}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

55.961403621s ago: executing program 0 (id=1789):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0xa101, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$vga_arbiter(r2, &(0x7f0000000100)=@other={'lock', ' ', 'none'}, 0xa)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0)
write$vga_arbiter(r1, &(0x7f0000000000)=@unlock_all, 0xb)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000800)={0x4c, 0x0, &(0x7f0000000600)=[@reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x51, 0x0, &(0x7f0000000700)="93ca2efc9445b68c079d41dcfff066e61c4d8f1021949c8c75c29113ed78c691e4a88534e71804ab594c9c0cea97e979adb05f81276775d60f54e903eb87a57f7cbe1f97039cb9d611ffa16ca4582a68cd"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @fda={0x66646185, 0x5, 0x0, 0xf}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

40.652508577s ago: executing program 33 (id=1789):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0xa101, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$vga_arbiter(r2, &(0x7f0000000100)=@other={'lock', ' ', 'none'}, 0xa)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0)
write$vga_arbiter(r1, &(0x7f0000000000)=@unlock_all, 0xb)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000800)={0x4c, 0x0, &(0x7f0000000600)=[@reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x51, 0x0, &(0x7f0000000700)="93ca2efc9445b68c079d41dcfff066e61c4d8f1021949c8c75c29113ed78c691e4a88534e71804ab594c9c0cea97e979adb05f81276775d60f54e903eb87a57f7cbe1f97039cb9d611ffa16ca4582a68cd"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @fda={0x66646185, 0x5, 0x0, 0xf}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

1.807443633s ago: executing program 2 (id=2953):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r1 = openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write(r1, 0x0, 0x0) (async, rerun: 32)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (rerun: 32)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r3, 0x541a, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x8, 0x4010, 0xffffffffffffffff, 0x7fa8c000)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) (async)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r5, 0x4068aea3, &(0x7f0000000040)={0xed, 0x0, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat, @fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0}) (async, rerun: 64)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000040)) (rerun: 64)
syz_clone(0x22000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r6 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1, 0x22052, r6, 0xfffff000)
r7 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r7, 0xaf01, 0x0) (async)
ioctl$VHOST_SET_VRING_ADDR(r7, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r7, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/87, 0x0}) (async, rerun: 64)
ioctl$VHOST_SET_FEATURES(r7, 0x4008af00, &(0x7f0000000400)=0x4000000) (async, rerun: 64)
ioctl$VHOST_SET_MEM_TABLE(r7, 0x4008af03, &(0x7f0000000380)={0x1, 0x0, [{0x27ddc99d2b6db97c, 0x34, &(0x7f00000003c0)=""/52}]}) (async)
ioctl$VHOST_VSOCK_SET_RUNNING(r7, 0x4004af61, &(0x7f0000000500)=0x1) (async)
ioctl$VHOST_SET_VRING_KICK(r7, 0x4008af04, &(0x7f0000000200)) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/custom0\x00', 0x1802, 0x0)

1.683861185s ago: executing program 4 (id=2956):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="1e03087c775c980128876360864668f82ffdd569d2f630b5e033ff11edf1c5ffc733d2acb165fe588cd568cd1f31b87b68b00ad888ca"], 0xffdd)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x45809000)
r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x81, 0x0)
ioctl$ASHMEM_PURGE_ALL_CACHES(r2, 0x770a, 0x0)

1.401047258s ago: executing program 2 (id=2959):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_GET_MP_STATE(r2, 0x8004ae98, &(0x7f0000000280))
mount$binderfs(&(0x7f00000021c0), &(0x7f0000002200)='./binderfs\x00', &(0x7f0000002240), 0x10, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async)
ioctl$KVM_GET_MP_STATE(r2, 0x8004ae98, &(0x7f0000000280)) (async)
mount$binderfs(&(0x7f00000021c0), &(0x7f0000002200)='./binderfs\x00', &(0x7f0000002240), 0x10, 0x0) (async)

1.210350961s ago: executing program 2 (id=2962):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x28000, 0x0)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0xfffffffe)
ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000000)='\x00')
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x1100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x0, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x31}}, 0x0}, 0x10}], 0x0, 0x0, 0x0})

1.107266913s ago: executing program 5 (id=2963):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040), 0x280, 0x0)
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000140)={0x30, 0x5, 0x0, {0x0, 0x1, 0x1cd, 0xfffffff9}}, 0x30)
ioctl$ASHMEM_SET_PROT_MASK(r0, 0x40087705, &(0x7f0000000080))

1.081738843s ago: executing program 2 (id=2964):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000280))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000040)=0x87)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r2, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x79, 0x0, 0x0, 0x5, 0x0, 0x0, 0x7a6e, 0x4, 0x20000000000, 0x0, 0x8, 0xc0, 0x0, 0x2], 0x0, 0x8340})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x46a00, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0xc53, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c1ae2008448e5750c3a3d5733b4a2486788550e6353e9b12cc09750d5b9dcd2aedba61d0520e99a51e880d3dd78a2b502029deac1860cf50885f8bf5119491c6b1e06492e98ca64e5e32afbb3b0630cb35b58640afc2188a232f77968c18d2d0e8f91c974edcb3198b4520f530acacb12017216338cc479de3651e8f15f1672397c730e3ca2a189ca4cc85f35dd46aeb67b6a2eb7268a653b190d8ba670490d50f761c1fa25f1954d8fe6bcb15dbc23698c945262b991e6245b9a25b12b13c87bf8a8a06f51784007abd06e01a0c03ee80b236fabb5b22ce797c4d8a739ac96dcf16c93f454463d3631c4cdd2dea6732a486015dc9937ee4e6efbfff46bdd8887094ca4bd94d995f411421c7ef07f949fcc10132f58b7c99a871780d92464594c930b80596baab77b0d68a05d71ca8a1888f3128f12aebac362c4d80870ab3d9f2e77d51f9af16472faff98dda1e0133c8bc2510345d5eb1d64bce64761f4cc39ac6655902338bf1335dc55393995af4447ed1aa4c50bfacd576842560abca3e6c74dcea6dd03d36f9e7f8bda2cf33e3b7da195fba79f5a60421e19910f1fef31b9fa52064ce9ee8c415746a3cab47a8ad8477e9f21e9ee804a85dc568439b95c01bbbc3fa16a8c26bd81b01b8849795b2370f591e2a8e175cd465a600a541839bc734271b4b3afb2303dc1cf12bee00080ad10658c97672ad023e89f23d9301b5dbf1a7ba6d6c2b8dbd300f05f36a095f188b56fd3ba8e871aaf22e2128696e7232cb22f4f5404a3d1256a11665caaead326faad340031cafb99edbceba7bac44c7d2720aedba9cb708dae55b192a1e31835fae8756f062c151f6778b1d93c2d1f8b479ae9bbe1255abcef9beaa95b558fbbc9a979d46580aa85b10f160b438bea64f23b8e605ce34d2b46bbf8bfbfa683b10f55b3d30c58675dd1a524495e5d42c7d02dc60b853e8b3ed2caf41cd24a8a1d044e27d48b2184bac00730f7c20a1ba2bb6b6a5381a3d359d8e721504bbbce18ee49031b48c278a5730f31fb83f6cf32ac98326b722d3e2d7b38a7b80b94a3eb2b69fb1aefc8c0bbe431191f0ed76141a8365621e4f7118dd4465b4642bdb0af21d30c8cfb1d5201852c0428b1983d91f706e814c1395888b1c2a3516ea20a93d868e27c3c9b68a9cda4befc389b57661a4ff37137628ec96bcb625fd10324625ac1589c2918c66f811a323a19ab30bcf28fc20b64176e319d58f74578093e32ba9f51b255693dda9514ff43f6ef6010143554305073e94be322daa024cb7efcf405ea4924bfa72633b766365fee1d59d1a94717450657ff3b72853785e91f94ca1502b129eafa718633bec1557fb1e0ae2887e6e8c0fdd9f3f99de03c0af7364781766520d90c15b0e2a4c43613089dbecc4dd68be74204809f0270370097642d54388ccbb54b58be8b5796eac48ef5f17752eaa7301f075faee593aae71ee0e0ca1f45a22e7cede3597f14a344796ceec33e98b3b89e031c0d757e83d5093322d9afc9898f80b2e9bb17bc8b2b164d048c1b912f6cd92979df629efcb94968cca6e65b9b078677698fa4937a2ec23edd00971a5505ecc65fe150d3d00a34e52cc64951937fc79014b0df8d2c9c35f06209f45556278fa7ecfc70a92eca165bbd493686fb4c0cd607cec994657149a61da2e09414944c557be54908197724174247194d435b25bf78ec4cc164a574662eb4d1e4d784a6ea0c71dd1a16e53a7b8a27fcec679346afe90a05e06b276fe972d5e1d3486e0452d0a9a1636ab9c517f371a0592ef34513a9a4e961cd79c86891f460becb57f41e22b2a72ae175e29344184cde0b2beae00f90a6a79dc689da4b4b1da0e9758854d404a9cbcf725c68b6"})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(r6, 0x4068aea3, &(0x7f0000000140))
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f00000011c0)=ANY=[@ANYBLOB="010000000000000091000040"])
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100))
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
r10 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r10, &(0x7f0000000180)={0xfffffffb, 0x7, 0x2, 0x0, 0x1}, 0x8)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x290, 0x0, 0x5}]})
close(0xffffffffffffffff)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x424840, 0x0)
ioctl$TUNSETOFFLOAD(r11, 0x400454d0, 0xb)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0})

1.026383384s ago: executing program 5 (id=2965):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cgroup.max.depth\x00', 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
write$uinput_user_dev(r3, &(0x7f0000005140)={'syz0\x00', {}, 0x0, [0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000], [0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40004, 0x10001, 0x0, 0x0, 0x0, 0xfffffffc], [0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfae, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x1], [0x2, 0x0, 0x0, 0x0, 0x0, 0x65e, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x533f30c6, 0x0, 0x0, 0x0, 0x5, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100004, 0x80000000, 0x0, 0xfffffffe, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x3]}, 0x45c) (async)
write$uinput_user_dev(r3, &(0x7f0000005140)={'syz0\x00', {}, 0x0, [0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000], [0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40004, 0x10001, 0x0, 0x0, 0x0, 0xfffffffc], [0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfae, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x1], [0x2, 0x0, 0x0, 0x0, 0x0, 0x65e, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x533f30c6, 0x0, 0x0, 0x0, 0x5, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100004, 0x80000000, 0x0, 0xfffffffe, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x3]}, 0x45c)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="81000500000001000000"])
write$cgroup_int(r1, &(0x7f0000000140), 0x12) (async)
write$cgroup_int(r1, &(0x7f0000000140), 0x12)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
ioctl$BLKSECDISCARD(r8, 0x127d, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000000000001000000000000000000000000000000001b0300ff", @ANYRESDEC=r8, @ANYRESHEX=r1, @ANYRESDEC=r7, @ANYBLOB="1940518de8063ad07a04f44a303c48209f32b51d1e97503502cf264f63b7969a15271c6a4ea79054ff1818efd30131ce7713c891d7e8cf0a13f477c8051a1c019546db9be3829f098a619b03bd264c85e0e901a5027d5cf1356d716626d807c98910712d4b9d2d37e24ca4a1444ba58c066511273a7234ed987327023f3ac918aea21d015283b0ccfc83c7abf5da784726b612091842aba5c847c397457ba005505adaeefca7e6ad07b87f5d051a7aa71c1288b2b3c05017a03f22d42d95358717c0aeafd86851df71315632776b1578405df73d24e7780f784909956da99e885d877f8bdd457cce8e43fe4df350407c2f9bccea9e1742e3"]) (async)
ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000000000001000000000000000000000000000000001b0300ff", @ANYRESDEC=r8, @ANYRESHEX=r1, @ANYRESDEC=r7, @ANYBLOB="1940518de8063ad07a04f44a303c48209f32b51d1e97503502cf264f63b7969a15271c6a4ea79054ff1818efd30131ce7713c891d7e8cf0a13f477c8051a1c019546db9be3829f098a619b03bd264c85e0e901a5027d5cf1356d716626d807c98910712d4b9d2d37e24ca4a1444ba58c066511273a7234ed987327023f3ac918aea21d015283b0ccfc83c7abf5da784726b612091842aba5c847c397457ba005505adaeefca7e6ad07b87f5d051a7aa71c1288b2b3c05017a03f22d42d95358717c0aeafd86851df71315632776b1578405df73d24e7780f784909956da99e885d877f8bdd457cce8e43fe4df350407c2f9bccea9e1742e3"])
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r9 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x28011, r9, 0x0) (async)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x28011, r9, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008004"])
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r4, 0x5460, 0x1000000000000)
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r11 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r11, &(0x7f0000000000), 0x2002)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r10, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r10, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r10, 0x0) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r10, 0x0)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000580)={@ptr={0x70742a85, 0x0, &(0x7f00000001c0)=""/75, 0x4b, 0x0, 0x32}, @fda={0x66646185, 0x7, 0x0, 0x16}, @ptr={0x70742a85, 0xfffffffc, 0x0, 0x0, 0x1}}, &(0x7f00000004c0)={0x0, 0x28, 0x48}}, 0x1000}], 0x0, 0x0, 0x0})

900.149166ms ago: executing program 5 (id=2966):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x4880, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000002d00), 0x2000)
ioctl$INCFS_IOC_PERMIT_FILL(0xffffffffffffffff, 0x40046721, &(0x7f0000000040)={r0}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x13, r3, 0x0) (async)
ioctl$TIOCSBRK(r3, 0x5427) (async, rerun: 32)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async, rerun: 32)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240}) (async)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/resume_offset', 0x341800, 0x10c) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x200, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845})
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)={0x7, 0x0, [{0x40000001, 0x0, 0x2, 0x10001, 0x40, 0x0, 0x1}, {0x80000012, 0x1ff, 0x2, 0x6, 0x0, 0x0, 0x1}, {0x4, 0xffff1948, 0x0, 0x3, 0x8, 0x9, 0x80000}, {0x80000007, 0x200, 0x0, 0x5, 0x1000, 0x1, 0xffff06b3}, {0x0, 0x9, 0x3, 0xf, 0x80, 0x2, 0x3}, {0xc0000000, 0x3, 0x0, 0x4, 0xf, 0x8001, 0xff}, {0x2, 0x0, 0x1, 0x401, 0x0, 0x7fffffff, 0x4}]}) (async)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r6, 0xc018620b, 0xfffffffffffffffe)

869.555106ms ago: executing program 4 (id=2967):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {0x0, 0x2}, 0x0, [0x3, 0x3, 0x3ff, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x10000000, 0x99, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1, 0xfffffffe, 0x5, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x8, 0x0, 0x3, 0x0, 0x6, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x6d, 0xffffffff, 0xedc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x2, 0x0, 0x2000079, 0x0, 0x0, 0x0, 0x10000, 0x40000, 0x8, 0xc0000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0xffffffff, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x44, 0x4000400, 0x0, 0x0, 0xfffffffd], [0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x101, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, 0x0, 0x0, 0x0, 0x0, 0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x3, 0x0, 0x0, 0x0, 0x100000]}, 0x45c)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"])
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) (async)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0x0, 0x2, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x200, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8c], 0xeeee8000}) (async)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0x0, 0x2, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x200, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8c], 0xeeee8000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100f3ff00000000810500000000000006"]) (async)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100f3ff00000000810500000000000006"])
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x32a280, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x800, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8d], 0xeeee8000, 0x2011c0}) (async)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8d], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$kvm(0xffffff9c, &(0x7f0000000280), 0x1, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000680)={0x1, 0x0, [{0xe1, 0x0, 0x80000000}]})
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000180)=ANY=[@ANYBLOB='defcontext=\"']) (async)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000180)=ANY=[@ANYBLOB='defcontext=\"'])

660.192799ms ago: executing program 1 (id=2969):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f00000001c0)=@x86={0x1, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x8, 0x6, 0x2, 0x0, 0x6, 0x6, 0xe2, 0x1, 0x29, 0x0, '\x00', 0x10, 0x6})
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x0)

659.15931ms ago: executing program 5 (id=2970):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/binder0\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f00000000c0)='notify_on_release\x00', 0x2, 0x0)
read(r2, &(0x7f0000000140)=""/106, 0x6a)
openat$cgroup_int(r1, &(0x7f0000000040)='cpu.idle\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4, 0x0, &(0x7f0000000000)=[@register_looper={0x40086315}], 0x0, 0x0, 0x0})

631.79781ms ago: executing program 5 (id=2971):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000200), 0x18d00, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r2, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0xdd52d6c}}, 0x1006)
ioctl$TCSETAW(r0, 0x5407, &(0x7f00000006c0)={0x5a0c, 0x5, 0x5, 0x920, 0x19, "1c98af337714cddf"})
read$FUSE(r2, &(0x7f00000019c0)={0x2020}, 0x2020)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(r1, 0x4068aea3, &(0x7f0000000880)={0x80, 0x0, 0x4})
close_range(r0, 0xffffffffffffffff, 0x2)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r3 = openat$rnullb(0xffffffffffffff9c, 0x0, 0xa00, 0x0)
ioctl$BLKPG(r3, 0x1269, 0x0)
write$binfmt_format(r2, &(0x7f0000001980)='0\x00', 0x2)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc0046209, 0xfffffffffffffffe)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0xc9001, 0x0)
write$khugepaged_scan(r4, &(0x7f00000023c0), 0x8)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_freezer_state(r7, &(0x7f00000000c0), 0x2, 0x0)
write$cgroup_freezer_state(r8, &(0x7f0000000200)='THAWED\x00', 0x7)

604.910811ms ago: executing program 2 (id=2972):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
close(r1)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz1\x00', 0x200002, 0x0)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f00000001c0), 0x802, 0x0)
write$UHID_INPUT(r3, &(0x7f0000000500)={0x8, {"97fca89d8cf8b0044a2d0e5b628f72b4215bb6829f6fbb27aec83edcbab7cfc03bfc71a77eb2b4eba964b877d542fbb48d47b8964f7b92921a41fc057135d30471e9353d807b29fcb29654f850603b476a4fdc6826cef39bf0092a13149cac261da49152bc49948f30a10820e704e37df3578daefdbb83c3434a4fc3cfbb299d9836fdd9322745234dcfc82797297fbd6da1560b91c520e2f2a5725434e23a9f3bd94e0dc6fe18b4684b922a0dacc4333444fd84e4c609ec928dc26cf4605f5aabfcc5ee9766df6e711f051d74243655e573a471e1d9b262c54b22623e5fc414bc8dd3e0b452d9bc1e6bfe8919736521e8f12e18141d25adc3798338ed8b1dbbff1f64caa314091006433ec2f93a2711800325fa88471aee95ef93a21a7e2a7fb66b8801f1cb6b927795cde82c2a4b4125d69236be7aa1cc8cb764a83eb954761d43ba9825266dfeaa2efb9c6e3194fb1faca3572ba9de78f171075776bf315261ff8b5278f305f19c960f4046fe87dce76a136c947ee87dd7823432276416389ac8d09a3ce4fe5ac3403a953c8790e07d47f272199116a668fe8632ae0d747e5eacc565e3f3ed9fd99de17ef3349242072063dda31ea63c07fdf67f05f468828917699cd9dfd75400d1ed50e707a7ccd388c46f239cd48544358ff759593304cbb4839dbb66c25dc6d6b20185dc7a146eb93a1ded735652e8711a2829c203f7e67e9699ea81bb78180fac7e1ebca73ecb1727ae21cc16a1deca09462ec36caeac4038a4ffcfa92ae941739bd269c0439016b60a4cb8b198c073ea0f3445cf14dc23c62406459e57b8992bb8b4d50eb85102934135c9411a018c5d7fa69c6a2cf8c74a304fdcae28a5ffcc6ae7e97453ad17822ac2341bb3badb72caf716bec3d95911911f486992e18ff90a742318a37f535e2016ce77199bbf46abcb0f8b02cab38472ee428ec83dbcf7d693e955dfce3b14ec34d68fdda803b1f51b9f5bafe798721f2738add7de101edd83e8725bd917c566575ca21b9e5094bd0c11a44003d061f79769bf21540c5d2621d817a1a521bf1562db49b403382ae7e3c07bb6eebcc6011c0527be9d7a9c27d5edf6383be4027a60f36e4d05db7ba0df7e17523b9005be14013a88c1e3e77d6a6418512250b11a7db1326f760ca3b2fb967e7dd163f76b5d2675cf04befc03829a67b8060a3bdb412bf362d03cd11843d1910ed7b6cd36563eda475e3f4e56baceaeea2f1dc2d2776aca431839a1e7e811682abe361974f52dc6924987c39ff44357e4996c8fd00bc115f54a463837c4c99935e63aeb834684cd2248975cb4dc5f0aabaf6e0ab01ccdba7f3944146e95c53cb6de598d8cdf39c82c74b843f8f3a37c4219fa05079e0fb684591342454199200d24aab1024b56b7655cd9e5d1449cf22287f5437b89ad10271fda3f0c349657754d6b87a2094f7b2252e4b71d1c750383d6519a6a1fc2422fbc93f9a11c3d707f4fa580db5938486e1ff32c63a7864beadb0000295ae8867fbd51db40d79e69e405a6ed6d813f0ff845290d298e76abec360c81e5deb3785e411fe726c685914e369ca4265dfda30c717cbbefd5ea105c25ff64ef026de0b81267857d1a267c5a2b67c1c1a22195b4848bd57450a855f8417541652ca6c686053397f8e5c458340760909516aa18ce8f75feed0dd281eb387a7b204d879eceaea5170251478b0372f99e5a8ccaf5607f06aefb570a18eacd60834fc0faed8207e7823b0eb266559b2b8b254f08a19714531db769593da06082cac8d1c36f5225a284b0e1d09fbcd50c6832bd17754de417b0d2f5897525b06157bb79982d232604d9d2bc7725ea1b4971c1a2cd99213fdb717d8a8f994a97140bd738fb53e7beb4b038744cc64ebb3df797931a0adb8c1b77fd19ee400f05c5bb5048caf412317010f1ea0a2c99a9fc0e9deb067216d8dd47bd14bcbecd3239160519cb4ba9e8ed1d9a6dec3d4ced2bbd79f03df5a29cf9e5f0e233789eaadd813e73d4910bc0283ed10ace26265c39e19e8ba276cb45023719924c7c5e3e423cd1c00a0ce80a608d41bf9fe059a105b0d25f27cffd0efdfbd2d0ff31bb2035cc16c4570e0d9a21ed960cbf34d721e6d5787d878d360aca86777f669600c12bfc97e665feebdd4d8be280028f24da4c06104c9ee5b7ea81576010ec7b4e2adfbd84ff7897af92f88546983240547f3eee37f541c5a1dc6afccd7539b93fe4215010d15852f3348120b217ab9cbdf44817572df061afc0a486f5d5666e4e44ffb88044a3422ab6cb27ac9370648d7a8c68c59fc4ec47f6e88d2d67ed8d03eb43672d5f2d352faad27f64fa843c0d72b215703d62396b9d1450c420b8d7184ced55186277bcb3f3783abd8f4c177e45974a027d83cdd734ce52cd47b5bb5c33dd1ebf510400b7ea2d28fe9f249ab2fae36899cf64177d65c550632cd0fc065805f5b23f40e0e165937a16f94d595d23e1f76e385a0c939970953d3f62b8764d624c011f440d936aa1c36b3bd79a9d6052c01341fe338d61dc3a98b402eec79e566d5498eb6c935d0184a8a79cefee47c839494ef5d916b540f3dc50b01d0db4028eaf32e3c4cc895ea50b7fdb8e556a7046a01873f066465239890c554bfd3fbe11e81a9d438752445567c67422435aac327698baf12641669e1d36089615efd248e15dcde7134bd0bb4aa48cd7a94d5d050afbf94f740a1b5009f393ced3227e8a4e6c9149f8204d4dc410e70793564485e8326c5348ce6b7553abcf5b1c4400e893cd7296fe4745bf3cd8744f6459417a09c5c41ad99531ea3cbb5df1cdec11e882651a0eff6a835fbe4f691ce931167fe5ef35e27cdb4a845d4971ec033aa51f6a42c966ccbbd8419f0c668814af2e00d7a4950f5295a2ba56b8b836d8e09d24811e4ee73eedef1df937955b8fcd4f28cd7c68e97a9059d355a7d9570f2313dffea15d037337a2d7009c85883ef4897b0c36bf1ace970fd6257115db508067082c06165fceb3d134b98c9c79264946cf5e86ff552d08a9a5655442c34c23173032ee3069831fc6ad364f765c1553dd093d23236fc37d489d30835ecbbcca9e6dd6624dec83f62bce67b59050c21c39d5b73ecd40099ca643222b7f354b930ec5c98c74960913f61808c40f5dd6a9acc58857b9b98de7d472262965773aa8c06fda37faf3c4ac1496e4c0f76b6380018125e49e86ab14bb488077278269d7862ee15dace8d6f4160713a960f0319b84a79dee10a09a9a0da68955c7c2bcf2cded52dca54df97fbea05a7a536b31bc4937f3e635cb4d033d5249c9349cb495c202680d5c4a4e0e0b6fcca200367bf01b821858adf09de3cde0176254fbd5a1408b9b50435385705a7b11fc0bb23ca3407b492a3aa4c0aaee6ae9bb7a64187cb79a684af393b22f8d514d0243300b155d617f27c7461ec413a3fde66d841118e28d3b21e7eff82223531c0c12b3362c113f864a53b432d62fb5dbbc008e90812e21ef548155934ef10e09974dc390f7c5845e847d9bd870b1134e105a244ca8f18d23553ecc045da31f17b3010fc497adca6ad4866ffde0fc1e89788fcb8de20a4fedb62e97a6f9618059677ebad8ad5c6f614db0f4b7416969b3e3057d34328317740f840ee7e0594a7efda42b1cfd6dd7b316f67ee32b6afa5cb86c205742a4cb9c0ef53536d063fba2b3e61dceca14a8f29ef0d926989368b83e8f0371201085c4e1be7aac76256cec7deb69ab04a11830315f96e8272ab133ca33e492dac7c29997117891b0c7e7a17f170a3167a58417d0336e240b03e2f8275953541ef55c03dc2b3b7ec19c133f826fab789b94eec3fa3bb68708f848c532e863339e343d459ca92167040be941773627d7d6508ca8efaaaf5e3cf357624b5a9ae6a728f7738eed01ba9f1de863c56d70782ab22fb146c4024a4dfbd4a3757ebeda6305842db7c00a6529ae63d31ac851e8c7b7c18ebbf737334d3d84abd89cca4de67226fcd5e4ba08ad5a712ec340db27e1f80b6e2ec811f6bc538073e475dfd3dd6d480fad0abb2af7c14ebb5423cfa059c4cab03b95a149f218e373c9354ff555f9f5059e87c6cd3ca0a712192fc09ff5c7ad73d4825914ba1caec2b340a75b79f2f4f4d57e5916a6c8852b863564a1dc11bba8cf635e7ccf0211b1d51bcb9ff46a0e92731b817c307ad084f85ed4436fa10db4b1ccc81f4ba2b376947e454db9272f3e074dc026e1830a45d1e4250674197e687f406acc566ef4a4bcdb4fa48f71b9d69b835cdeeb8e4159a67c65af4409a71f3bd40cc5cd421bcfd0497e885ab7ed509836bd256da118e0b528b4ebeba28bce816cf3e195de8920d4a859d316e9a7160f108b85255b471cf99b2cc1136bd0aa7a71bc2abac1a88289e88d84196f1b60adfbcd6e99dc6a3375f33a7781a7d71c961c089b26164bc74a1fb0b1aaa9b181ded23b9aab72714bf1830dfc51c45a43b6923e0837a6548a179764f3220d3cbcf8e36a3a6e049aac66df5ca5c950a50beb54618480a1243d97a78da645a7adca9d049a2fdfcba4c597f3e996b49c5cad824c411a1099330e14fccff454f566ef732b783f44b88e3162fd2949eed157609d9d36e85192b7d578b677ffcd37b3167af7d21a943e1073bcc70db7491488890909a767e1cd8668b3f9d184a4a00d844a7653ce61e1829e3e7cc21a1c497be88c4fbdc51eb5674ac9195c531f29e72878a3d4f8ec7e200157fb802f23a39197c0be6ec7797cbe93779382d4ea0ade5f987b2b5b48a2246eeff961b73648206225b0461a6a6d80dfb133cd9d7c06d58fdda082314a8aea66909c0877696c376d79160688d8301d49e7bbd1f46f78c13027709aec63a9d417cbf2be45eb2d7c6b8509da278dee787e2246b2391211605315a67e5946ce5c78606747e66a1058e85f3f4e8c47c33e6dfae6e83f8faaa2fa34491a7dbbb7ab4d3ed59bc4bc01693b72cd40325bf37a42720a58a23be3c62ddff6b3ddb1d6be3d0adc57531089e0827ad973a21ca5efe68f8766012158a6fba58b86d7e2b1527fc6883d4125b255be5013959f701557161c83c97b414b8782364d759f4929fa382fee1fd16c9e916769e26f2a66e023dcdda69f0fa0dc7a2d1a1d9d5a56bad66410dd42c6de922a1a34a540f99d6371f5b86e81bb6f2399b998e3d6b3bc824e3608661eb84008d457fbd181170fd4abbe0ee96f1e601083477e049b2be41f4c16e5147de46040233ba1e49a54ad0c2b5d005877d7b4078e296753787404f822ed725cbd34e1ea2df6701e42a5709295a6981019f28f1c9137bb9adafaffb90e30f108e33a03e9ed588c735251230f41c2e4a3c8bdd2f9be611edc07ae37f69fe121ceaf22f3e0eeb181407b337ed61356e498829dfbbe537e861508536dc16a87d9781d1b9e7d062948e6a5967015c0667c957d91378ba1c8eac952da58ff47b91346ccb84d99ac251f6c35c63200fe72efa6eded081fb50b5f3bfc03687654dfa3ea5de92428668437c2847e27dc22895ee161e767eb1674908773a2da2001af717a889e04eb0b250855a8f46923cc174f65b93ee128304dfacfc96e962fd502ba8f1893c1f2a84306edcc14a8a2b2c4aa67e967ef3e9fbbb6cc3fe2f6d27a1b566110ad20d569b4daad6ee2e184d7d3213ffa393ab77a0b96f24f8d305af82643a088825ec78a0a4dc123b22a1c02f6ecc2fd53b3c51915c92760b5fbf7270cb5a3e8b3eb4e65446bf904949daf75c128d408c23353330458009ac202db4e74bd2c7eed", 0x1000}}, 0x1006)
openat$cgroup_freezer_state(r2, &(0x7f0000000180), 0x2, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x0, 0x1, 0x11, r4, 0x2)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000300)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x32, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000000)={@ptr={0x70742a85, 0x4, &(0x7f0000000240)=""/64, 0x40, 0x0, 0x32}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffe, 0x16}, @ptr={0x70742a85, 0xfffffffc, 0x0, 0x0, 0x1, 0x36}}, &(0x7f00000004c0)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})

512.232692ms ago: executing program 1 (id=2973):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
ioctl$BLKSECDISCARD(r1, 0x127d, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x10, 0x0, &(0x7f0000000540)=[@clear_death={0x400c630f, 0x3}], 0x0, 0x0, 0x0})
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0) (async)
ioctl$BLKSECDISCARD(r1, 0x127d, 0x0) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x10, 0x0, &(0x7f0000000540)=[@clear_death={0x400c630f, 0x3}], 0x0, 0x0, 0x0}) (async)

504.443202ms ago: executing program 5 (id=2974):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000}) (async)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$FICLONE(r1, 0x40049409, 0xffffffffffffffff) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x28b, 0x0, 0x1a}]})
prctl$PR_SET_PDEATHSIG(0x1, 0xb) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0xb0, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac1"})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x2, 0x0)
mmap$binder(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, r5, 0x220ebeb0) (async)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

443.278793ms ago: executing program 4 (id=2975):
r0 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x8, 0x11, r0, 0x6b794000)
ioctl$BINDER_CTL_ADD(r0, 0xc1086201, &(0x7f0000000f00)={'binder0\x00'})

440.912453ms ago: executing program 1 (id=2976):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2710, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000001640)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r4, 0x40087703, 0x100000001)
mmap(&(0x7f0000701000/0x4000)=nil, 0x4000, 0x200000a, 0x12, r4, 0x2546c000)
ioctl$ASHMEM_SET_NAME(r4, 0x40087708, &(0x7f00000007c0)='\x00\x00\x03\x06\x00\x00\x00\x05\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9f\xf0:\xfd$\xad\xbb\x9a|c\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84x\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~~\x84\\\xe4\x00')
ioctl$ASHMEM_PURGE_ALL_CACHES(r4, 0x770a, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f00000000c0)={0x1, 0xaa4, 0x0, &(0x7f0000000100)})
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000180)={0x1, 0xaa4, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r6, 0x4188aec6, &(0x7f0000000040))
close_range(r4, r4, 0x0)
ioctl$BTRFS_IOC_SCRUB(r4, 0xc400941b, &(0x7f0000000000)={0x0, 0x8000003e, 0xc, 0x1})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x8000, 0x0)

339.917644ms ago: executing program 2 (id=2977):
ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, &(0x7f0000000000)=0x82)
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x40400, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x6)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x15)
ioctl$GIO_FONT(r0, 0x4b60, &(0x7f0000000100)=""/54)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000140)={<r1=>0x0, 0x7, 0x5, 0x1})
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000000540)={0x1c, 0x6, {0x0, @struct={0x1ff, 0x8}, 0x0, 0x4, 0x1000, 0x1000000000000000, 0x9, 0x4, 0x8, @struct={0x7, 0x3ff}, 0xfffffffb, 0xff9, [0x7, 0x100, 0x1, 0x3, 0x3, 0x2]}, {0x7, @struct={0x6, 0x7f9}, <r2=>0x0, 0x3, 0x2, 0x4, 0x8, 0x10001, 0x1b, @usage=0x57b, 0xfa0, 0x10001, [0x9, 0x10001, 0xf02a, 0x5, 0x2, 0xc7]}, {0x9, @struct={0x3, 0x6}, 0x0, 0x3, 0x1, 0xa03, 0x3567, 0x9, 0x5, @struct={0xfffff7a3}, 0xffffff00, 0x1, [0x10001, 0xc4, 0x1, 0x5, 0x7, 0x100000001]}, {0xe93, 0x80, 0x9}})
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000000940)={0x2, 0x6, {0x759, @struct={0x200, 0x9}, 0x0, 0xfffffffffffffff7, 0xe, 0x6f571b07, 0x10000, 0xdc, 0x440, @usage=0x9, 0x80000000, 0x238f8ef3, [0x1, 0x92, 0xfffffffffffffff9, 0x7, 0x8000000000000001, 0x7]}, {0x2, @struct={0x0, 0x40}, <r3=>0x0, 0x1, 0xf, 0x3, 0x6, 0x8, 0x50, @struct={0x6}, 0x3, 0x1, [0x81, 0x5, 0x80000001, 0x9, 0x99, 0xe]}, {0x7, @usage=0xa5, 0x0, 0x6, 0x6, 0x9, 0x8, 0x1000, 0x412, @struct={0x4, 0x2}, 0x10, 0x255, [0x200, 0x80, 0x1, 0x1, 0x99da, 0x4]}, {0x6, 0x2, 0x7}})
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000000d40)={0x3, 0x6, {0x7, @struct={0x0, 0x8}, r1, 0x14000, 0xffffffff, 0x8, 0x4a, 0x4, 0x2, @usage=0x1, 0x5, 0x2, [0x7, 0x1, 0x4, 0x5, 0xed36, 0x20000000]}, {0xc72000000000, @struct={0x2, 0x1a3a}, r2, 0x2, 0x6, 0x6, 0x2, 0xa, 0x412, @usage=0x4, 0x6, 0x4, [0x58b0, 0x0, 0x38, 0x9000000000, 0xb, 0x5]}, {0xee, @usage=0xcf3, r3, 0x3, 0x9, 0xfffffffffffffffd, 0x9, 0x8, 0x1, @usage=0xffffffffffffa857, 0x5313, 0x10000, [0x7b, 0x2, 0x9, 0x6, 0xefa, 0x8f6]}, {0x2, 0x7fff, 0x682b}})
read$FUSE(0xffffffffffffffff, &(0x7f0000001140)={0x2020}, 0x2020)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000003180)=0xc)
write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, &(0x7f00000031c0)={0xa, {0xa, 0x5, 0xd}}, 0xa)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000003200)='./cgroup/syz0\x00', 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000003240)='cpuacct.usage_all\x00', 0x0, 0x0)
r6 = openat$cgroup_type(r4, &(0x7f0000003280), 0x2, 0x0)
read(r6, &(0x7f00000032c0)=""/176, 0xb0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000003780)={0xcc, 0x0, &(0x7f00000035c0)=[@increfs={0x40046304, 0x2}, @clear_death={0x400c630f, 0x2}, @clear_death={0x400c630f, 0x1}, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x58, 0x18, &(0x7f0000003380)={@fda={0x66646185, 0x3, 0x0, 0x26}, @fd={0x66642a85, 0x0, r6}, @fda={0x66646185, 0x7, 0x0, 0x8}}, &(0x7f0000003400)={0x0, 0x20, 0x38}}}, @acquire={0x40046305, 0x3}, @enter_looper, @increfs={0x40046304, 0x2}, @release={0x40046306, 0x2}, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000003500)={@flat=@binder={0x73622a85, 0x1100, 0x2}, @ptr={0x70742a85, 0x1, &(0x7f0000003440)=""/187, 0xbb, 0x1, 0x32}, @flat=@binder={0x73622a85, 0x101}}, &(0x7f0000003580)={0x0, 0x18, 0x40}}}], 0xb5, 0x0, &(0x7f00000036c0)="cbede5ab57382d0c9d369ccfda3e7cfb8e8c5b3dd984134c8f5f2144e8178d26d6b1430b7c2d8b82be33f1f30f525a588182c45014bbaf6d368fb68ff521baa41955c7e88145c0dd3eb68f5c3c1171b3ffa8b0220654beda09231c026f62ddc329fde7c4ab63acbf11e6521b1302483818f2e365dfe48785f49620d79c1625138f9682d567f0d0f501220feba1c9c41f795bf8e3f4685f9ecceafa67814327f12360e0c1e3de1f53a90aa1ebf2298bbc4644201bfb"})
ioctl$BLKROSET(r5, 0x125d, &(0x7f00000037c0)=0x7fffffff)
r7 = openat$cgroup_ro(r5, &(0x7f0000003800)='cpuacct.usage_all\x00', 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000005, 0x8010, r6, 0x2af41000)
ioctl$EXT4_IOC_GETSTATE(r6, 0x40046629, &(0x7f0000003840))
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000003880)={0x5, 0x0, 0x8, 0x6, 0x6, 0x9})
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f00000038c0)=0x3)
ioctl$TIOCGISO7816(r0, 0x80285442, &(0x7f0000003900))
ioctl$TCSETSW(r5, 0x5403, &(0x7f0000003940)={0xe, 0x1b, 0x8, 0xc, 0x16, "489534f244673ca10ade4efeaee9392befa337"})
read(r4, &(0x7f0000003980)=""/247, 0xf7)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000003c80)={0x44, 0x0, &(0x7f0000003b40)=[@reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x783a154a113693fc, 0x0, 0x0, 0x48, 0x18, &(0x7f0000003a80)={@flat=@weak_handle={0x77682a85, 0x1001, 0x3}, @flat=@weak_binder={0x77622a85, 0x201, 0x1}, @flat=@handle={0x73682a85, 0x0, 0x2}}, &(0x7f0000003b00)={0x0, 0x18, 0x30}}}], 0xa7, 0x0, &(0x7f0000003bc0)="5eebfeb71a3a6e5bad806b7344d4d2c1d1351d78c59755dfac3716c845b09c3fd449306ffafa9aef1b05b7218221571594a5579f7f805fa413e20204889aeca751b1ededbacbaee60f6f8655887dad221c3367502e9dcf10ffc675decb1b5fb174047e2d09d95139102fd0a5d82e4e87791d35b35ef70cd46aa25cf6b074e72f81c51fa1f2e34081b808f7036a82faf631c3c583675476d2ba71b081769ae5e8b420dfb51a8255"})
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r7, 0x4068aea3, &(0x7f0000003cc0))
read(r0, &(0x7f0000003d40)=""/187, 0xbb)

320.859835ms ago: executing program 4 (id=2978):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000003580), 0x0, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x80082, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x8002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000000180100"])
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x0, 0x0, @pic={0x4, 0x8, 0x1e, 0x7f, 0x4, 0x2f, 0x9e, 0xf3, 0x1, 0xd4, 0x9, 0x3, 0xd, 0x6, 0x14}})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x1)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_GET_NODE_DEBUG_INFO(r4, 0xc018620b, &(0x7f0000000280)={0x2})

200.125466ms ago: executing program 1 (id=2979):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x0, 0x0) (async)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000180)={0x2020}, 0x2020)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x545083, 0x0)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/profiling', 0x42, 0x1)
write$UHID_DESTROY(r3, &(0x7f0000000200), 0x7)
r4 = openat(r3, &(0x7f0000000000)='./file0\x00', 0x107463, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0x40047705, 0x2)
openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) (async)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x0)
write$selinux_load(r2, &(0x7f0000000000)=ANY=[], 0x6000) (async)
write$selinux_load(r2, &(0x7f0000000000)=ANY=[], 0x6000)
ioctl$RTC_IRQP_READ(r1, 0x8008700b, &(0x7f0000000040))
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000180)=ANY=[])

136.323927ms ago: executing program 4 (id=2980):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/slabinfo\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
close(r0)

135.497217ms ago: executing program 4 (id=2981):
prctl$PR_GET_UNALIGN(0x5, &(0x7f00000000c0))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x7, 0xfffffffffffffffe, 0x40, 0x0, 0x7, 0x2000000000044, 0x0, 0x8000000000000, 0x5, 0x0, 0x9, 0x0, 0x0, 0x7, 0x1], 0x6000, 0x3c2a10})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000100000000000000000000e80000000000000000ff"])
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x404900, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000140))
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
prctl$PR_SET_SECUREBITS(0x1c, 0x26)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000180)=0x1)
syz_clone3(&(0x7f0000001280)={0x10000, 0x0, 0x0, 0x0, {}, &(0x7f00000011c0), 0x0, 0x0, 0x0}, 0x58)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000240)={0x0, 0x1, 0x0, 0x0, 0x0, 0x2000})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_GET_TSC_KHZ(r7, 0xaea3)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x2)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
unlinkat(r8, &(0x7f0000000400)='.\x00', 0x200)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008c04"])
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000500)={{0x6000, 0xeeee8000, 0x8, 0x4, 0x3, 0xe, 0x2, 0x3, 0x40, 0x3, 0xf2, 0x5}, {0x5000, 0x0, 0x4, 0x7, 0x4, 0x8, 0x7f, 0x6, 0xff, 0x1c, 0xff, 0x4}, {0x0, 0x0, 0x10, 0x38, 0xa5, 0x9, 0x1, 0xc5, 0x2, 0x17, 0x83, 0x9}, {0x5000, 0x105000, 0xc, 0x0, 0x3, 0x9, 0xff, 0x2, 0x3f, 0x4f, 0x2a, 0x36}, {0xdddd0000, 0xdddd0000, 0x4, 0x9, 0x4, 0x4, 0x6, 0x7, 0x74, 0x8, 0x1, 0x58}, {0x8080000, 0x10000, 0xc, 0x5, 0xb4, 0x2, 0x5, 0x3, 0x6, 0x2, 0x5, 0x63}, {0x80a0000, 0x2000, 0xd, 0x5, 0xf, 0x6, 0x7, 0x0, 0x1, 0x5, 0x6, 0x3}, {0x80a0000, 0xffff1000, 0xf, 0x2, 0x4, 0x40, 0x0, 0xa, 0x3, 0x1, 0x0, 0x3}, {0x2, 0xfe00}, {0x100000, 0xfffa}, 0x40000000, 0x0, 0x8000000, 0x20008, 0x3, 0x500, 0x6000, [0x4, 0xfffffffffffffff9, 0x0, 0x6]})
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000400)=ANY=[@ANYBLOB="7365636c6162656c2c0025dc4da04c5563229f7192a6a1a4b6c2fd109612b01f323c61fe8cc30c6da5a2dcff1ed66d10e630102ace526eca8075ecc9a58add030fed27715a6699bc39df01dde73b60509fd09607e0e2545e010877dfe6e36a4e1f8522f18a0d6606c2e84a4e78168a195ce41d41d3b89cdbefc743e2e58b531f2460765a12a92142306389a29cc990f297290eaa1d63efd2c3e278db1dd4a076b642d7dc1e5c86919c78edf0a40e6d41a10f70914fd7605f8c401a838e9eee65e431b1cea19e1a97dbcde0d6debe3d054d0c7e10ad"])

76.379208ms ago: executing program 1 (id=2982):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x58, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b418709844"}) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x1000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000005000000014d564b00000000af"]) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) (async)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)
close(0x3)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_GET_FROZEN_INFO(r6, 0xc00c620f, 0x0) (async)
ioctl$F2FS_IOC_DECOMPRESS_FILE(r6, 0xf517, 0x0)

0s ago: executing program 1 (id=2983):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0x40086602, 0x100000000000000) (async)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async)
r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r3 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r3, 0x40087703, 0xfffffffa) (async)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r3, 0x0)
ioctl$ASHMEM_SET_NAME(r3, 0x8008770b, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0xfffffffffffffff5, 0x0, {0x7, 0x1f, 0x10000, 0x10408, 0x0, 0x101, 0x0, 0x4, 0x0, 0x0, 0x2, 0x20004000}}, 0x50) (async, rerun: 64)
write$selinux_load(r1, &(0x7f0000000000)=ANY=[], 0x2000) (async, rerun: 64)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async, rerun: 64)
ioctl$IOC_PR_PREEMPT(r2, 0x401870cb, &(0x7f0000000000)={0x5, 0x400, 0x1ff}) (async, rerun: 64)
openat$cgroup_ro(r2, &(0x7f0000000100)='cgroup.stat\x00', 0x0, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) (async)
ioctl$KVM_CREATE_PIT2(r5, 0x4040ae77, &(0x7f0000000180)) (async)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x581, 0x0, 0x79d}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7fffffff], 0x80a0000})
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async, rerun: 32)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) (async, rerun: 32)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async, rerun: 32)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0) (async, rerun: 32)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)

kernel console output (not intermixed with test programs):

t_binder: BINDER_SET_CONTEXT_MGR already set
[  107.341554][ T6103] rust_binder: Error while translating object.
[  107.348092][ T6103] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  107.354357][ T6103] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:649
[  107.552449][ T6109] input: syz0 as /devices/virtual/input/input103
[  107.698095][ T6113] rust_binder: Write failure EINVAL in pid:590
[  107.847538][ T6133] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:484
[  107.904572][ T6137] rust_binder: Write failure EINVAL in pid:484
[  108.140051][ T6152] input: syz1 as /devices/virtual/input/input104
[  108.192835][ T6159] rust_binder: Got transaction with invalid offset.
[  108.192880][ T6159] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  108.200650][ T6159] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:605
[  108.245451][ T6163] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  108.339333][ T6166] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  108.450585][ T6178] kvm: kvm [6177]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x187) = 0xfff
[  108.466006][ T6178] rust_binder: Write failure EFAULT in pid:621
[  108.531269][   T36] audit: type=1326 audit(1750420400.960:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6179 comm="syz.4.1815" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f29c5d8e929 code=0x0
[  108.564597][ T6183] rust_binder: validate_parent_fixup: fixup_min_offset=29, parent_offset=27
[  108.564623][ T6183] rust_binder: Error while translating object.
[  108.574275][ T6183] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  108.582095][ T6183] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:623
[  108.644280][ T6184] rust_binder: Write failure EFAULT in pid:310
[  108.676782][ T6189] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  108.683751][ T6190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  108.691149][ T6189] rust_binder: Error while translating object.
[  108.697701][ T6190] rust_binder: Error while translating object.
[  108.704226][ T6190] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  108.710675][ T6189] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  108.720395][ T6190] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:487
[  108.739386][ T6189] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:487
[  108.827845][ T6197] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  109.259595][ T6208] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.269454][ T6208] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.329625][ T6212] rust_binder: Write failure EFAULT in pid:640
[  109.368945][ T6214] input: syz1 as /devices/virtual/input/input106
[  109.388995][ T6214] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:642
[  109.414688][ T6216] binder: Unknown parameter 'processor	: 0
[  109.414688][ T6216] vendor_id	: GenuineIntel
[  109.414688][ T6216] cpu family	: 6
[  109.414688][ T6216] model		: 79
[  109.414688][ T6216] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[  109.414688][ T6216] stepping	: 0
[  109.414688][ T6216] microcode	: 0xffffffff
[  109.414688][ T6216] cpu MHz		: 2199.998
[  109.414688][ T6216] cache size	: 56320 KB
[  109.414688][ T6216] physical id	: 0
[  109.414688][ T6216] siblings	: 2
[  109.414688][ T6216] core id		: 0
[  109.414688][ T6216] cpu cores	: 1
[  109.414688][ T6216] apicid		: 0
[  109.414688][ T6216] initial apicid	: 0
[  109.414688][ T6216] fpu		: yes
[  109.414688][ T6216] fpu_exception	: yes
[  109.414688][ T6216] cpuid level	: 13
[  109.414688][ T6216] wp		: yes
[  109.414688][ T6216] flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities
[  109.414688][ T6216] vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi
[  109.449719][ T6219] rust_binder: Write failure EINVAL in pid:646
[  109.450860][ T6220] rust_binder: Write failure EFAULT in pid:497
[  109.584666][ T6219] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  109.596374][ T6219] rust_binder: Read failure Err(EFAULT) in pid:646
[  109.611084][ T6219] rust_binder: Write failure EINVAL in pid:646
[  109.685956][ T6225] rust_binder: Read failure Err(EAGAIN) in pid:315
[  109.777375][ T6234] rust_binder: Error while translating object.
[  109.792606][ T6234] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  109.799177][ T6234] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:317
[  110.035149][ T6237] SELinux:  policydb table sizes (0,7) do not match mine (8,7)
[  110.067911][ T6237] SELinux: failed to load policy
[  110.185301][ T6247] kvm: kvm [6246]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc1) = 0x7fffffffffffffff
[  110.219405][ T6247] rust_binder: Write failure EINVAL in pid:330
[  110.286720][ T6252] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:505
[  110.310122][ T6254] binder: Binderfs stats mode cannot be changed during a remount
[  110.435268][ T6259] kvm: kvm [6258]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010006) = 0xaf
[  110.469866][ T6256] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:335
[  110.497248][ T6262] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.645735][ T6268] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  110.756491][ T6279] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 122)
[  110.765808][ T6279] rust_binder: Error while translating object.
[  110.787671][ T6279] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  110.794300][ T6279] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:517
[  110.805077][ T6279] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.862579][ T6288] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:522
[  110.882870][   T36] kauditd_printk_skb: 1 callbacks suppressed
[  110.882888][   T36] audit: type=1326 audit(1750420403.310:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.1.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  110.922629][   T36] audit: type=1326 audit(1750420403.350:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.1.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  110.946231][   T36] audit: type=1326 audit(1750420403.350:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.1.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  110.980401][   T36] audit: type=1326 audit(1750420403.350:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.1.1851" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fde24b8e929 code=0x0
[  111.005444][   T36] audit: type=1326 audit(1750420403.350:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.1.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  111.047066][   T36] audit: type=1326 audit(1750420403.430:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.1.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  111.090489][   T36] audit: type=1326 audit(1750420403.430:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.1.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  111.115366][   T36] audit: type=1326 audit(1750420403.430:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.1.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  111.143096][   T36] audit: type=1326 audit(1750420403.440:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.1.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  111.167017][   T36] audit: type=1326 audit(1750420403.440:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.1.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  111.282234][  T312] hid-generic C98F:0003:0000.000E: unknown main item tag 0x0
[  111.291394][  T312] hid-generic C98F:0003:0000.000E: unknown main item tag 0x0
[  111.303463][  T312] hid-generic C98F:0003:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  111.328357][ T6317] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[  111.361494][ T6326] rust_binder: Error while translating object.
[  111.369635][ T6326] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  111.380279][ T6326] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:670
[  111.399848][ T6326] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  111.441878][ T6334] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  111.519146][ T6349] input: syz0 as /devices/virtual/input/input108
[  111.519778][ T6342] can0: slcan on ttyS3.
[  111.568325][ T6347] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[  111.581962][ T6342] can0 (unregistered): slcan off ttyS3.
[  111.607662][ T6342] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[  111.619206][ T6342] SELinux: failed to load policy
[  111.713850][ T6374] rust_binder: Write failure EINVAL in pid:549
[  111.751179][ T6377] binder: Bad value for 'stats'
[  111.933334][ T6383] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  111.953995][ T6383] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  112.646717][ T6407] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:365
[  112.772074][ T6410] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:368
[  113.067613][ T6422] binder: Unknown parameter 'processor	: 0
[  113.067613][ T6422] vendor_id	: GenuineIntel
[  113.067613][ T6422] cpu family	: 6
[  113.067613][ T6422] model		: 79
[  113.067613][ T6422] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[  113.067613][ T6422] stepping	: 0
[  113.067613][ T6422] microcode	: 0xffffffff
[  113.067613][ T6422] cpu MHz		: 2199.998
[  113.067613][ T6422] cache size	: 56320 KB
[  113.067613][ T6422] physical id	: 0
[  113.067613][ T6422] siblings	: 2
[  113.067613][ T6422] core id		: 0
[  113.067613][ T6422] cpu cores	: 1
[  113.067613][ T6422] apicid		: 0
[  113.067613][ T6422] initial apicid	: 0
[  113.067613][ T6422] fpu		: yes
[  113.067613][ T6422] fpu_exception	: yes
[  113.067613][ T6422] cpuid level	: 13
[  113.067613][ T6422] wp		: yes
[  113.067613][ T6422] flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities
[  113.067613][ T6422] vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi
[  113.089343][ T6424] kvm: user requested TSC rate below hardware speed
[  113.560344][ T6451] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  113.571289][ T6451] binder: Bad value for 'stats'
[  113.660081][ T6458] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:714
[  113.909375][ T6468] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  113.980362][ T6467] rust_binder: Error in use_page_slow: ESRCH
[  113.980389][ T6467] rust_binder: use_range failure ESRCH
[  113.986673][ T6467] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  113.986787][ T6471] rust_binder: Error in use_page_slow: ESRCH
[  113.992784][ T6467] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  114.015944][ T6467] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:386
[  114.037680][ T6471] rust_binder: use_range failure ESRCH
[  114.048708][ T6471] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  114.054379][ T6471] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  114.062504][ T6471] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:386
[  114.147910][ T6479] __vm_enough_memory: pid: 6479, comm: syz.4.1901, bytes: 281474976845824 not enough memory for the allocation
[  114.419766][ T6498] rust_binder: Write failure EINVAL in pid:578
[  114.431836][ T6493] rust_binder: Write failure EINVAL in pid:731
[  114.496241][ T6502] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  114.623262][ T6515] rust_binder: Write failure EINVAL in pid:585
[  114.774608][ T6517] binder: Unknown parameter 'defcontext01777777777777777777777'
[  115.198337][ T6542] rust_binder: Write failure EFAULT in pid:744
[  115.229251][ T6544] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  115.260711][ T6544] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  115.268409][ T6546] rust_binder: Error while translating object.
[  115.287211][ T6546] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  115.299181][ T6546] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:746
[  115.353101][ T6554] binder: Unknown parameter 's
'
[  115.395803][ T6556] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  115.401073][ T6558] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:752
[  115.429446][ T6560] rust_binder: Error in use_page_slow: ESRCH
[  115.429470][ T6560] rust_binder: use_range failure ESRCH
[  115.435610][ T6560] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  115.442404][ T6560] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  115.450824][ T6560] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:402
[  115.460547][ T6562] rust_binder: Failed to allocate buffer. len:16, is_oneway:true
[  115.476422][ T6562] rust_binder: Write failure EINVAL in pid:613
[  115.505728][ T6564] rust_binder: Write failure EINVAL in pid:405
[  115.525945][ T6566] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  115.575373][ T6566] rust_binder: Error while translating object.
[  115.575397][ T6566] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  115.588656][ T6566] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:754
[  115.628571][ T6574] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  115.637917][ T6574] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:411
[  115.784670][ T6578] SELinux: security_context_str_to_sid () failed with errno=-22
[  115.896005][ T6583] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:417
[  115.897201][ T6582] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  115.906553][ T6582] rust_binder: Failure in copy_transaction_data: BR_DEAD_REPLY
[  115.920001][ T6582] rust_binder: Failure BR_DEAD_REPLY during reply - delivering BR_FAILED_REPLY to sender.
[  116.234058][ T6596] binder: Unknown parameter 'nXI'
[  116.422532][ T6598] SELinux: failed to load policy
[  116.540858][ T6611] input: syz0 as /devices/virtual/input/input116
[  116.552662][ T6609] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.552692][ T6609] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.559463][ T6609] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.566041][ T6611] input: failed to attach handler leds to device input116, error: -6
[  116.581210][ T6609] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.581236][ T6609] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.587754][ T6609] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.613229][ T6609] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.613255][ T6609] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.632795][ T6609] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.632821][ T6609] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.646563][ T6609] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.646590][ T6609] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.694741][ T6615] rust_binder: Failed copying remainder into alloc: EFAULT
[  116.694769][ T6615] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[  116.702670][ T6615] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  116.711212][ T6615] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:627
[  116.778386][ T6619] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:431
[  116.787633][ T6619] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  116.797075][ T6619] rust_binder: Read failure Err(EFAULT) in pid:431
[  116.900785][ T6632] rust_binder: Write failure EFAULT in pid:434
[  116.952818][   T36] kauditd_printk_skb: 65 callbacks suppressed
[  116.952837][   T36] audit: type=1400 audit(1750420409.380:745): avc:  denied  { attach_queue } for  pid=6633 comm="syz.4.1958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  117.041449][ T6637] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  117.041478][ T6637] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:640
[  117.052634][ T6637] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  117.059646][ T6640] serio: Serial port ttynull
[  117.064021][ T6637] rust_binder: Read failure Err(EFAULT) in pid:640
[  117.344828][ T6649] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  117.509723][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.517703][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.533383][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.533404][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.549482][ T6662] rust_binder: Error in use_page_slow: ESRCH
[  117.555939][ T6662] rust_binder: use_range failure ESRCH
[  117.573062][ T6662] rust_binder: Failed to allocate buffer. len:136, is_oneway:true
[  117.578647][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.587077][ T6662] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  117.595330][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.605165][ T6662] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:643
[  117.612628][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.621944][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.628434][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.635191][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.646019][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.652926][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.659664][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.667857][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.674814][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.681618][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.688218][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.695107][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.702056][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.708686][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.715956][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.722792][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.729407][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.735926][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.742556][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.749059][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.755628][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.762177][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.768684][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.775199][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.781737][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.788222][ T6661] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.922386][ T6674] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  118.009235][ T6676] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  118.009267][ T6676] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:647
[  118.189339][ T6681] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  118.201178][ T6681] rust_binder: Error while translating object.
[  118.211804][ T6681] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  118.218327][ T6681] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:650
[  118.273198][ T6687] rust_binder: Error while translating object.
[  118.282615][ T6687] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  118.296634][ T6687] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:443
[  118.342582][ T6692] rust_binder: Write failure EFAULT in pid:652
[  118.363848][ T6692] rust_binder: Error while translating object.
[  118.389194][ T6692] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  118.395414][ T6692] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:652
[  118.673303][ T6722] rust_binder: Error while translating object.
[  118.682556][ T6722] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  118.688745][ T6722] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:654
[  118.760432][ T6734] binder: Bad value for 'stats'
[  118.868163][ T6746] input: syz1 as /devices/virtual/input/input117
[  119.038824][ T6756] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  119.038863][ T6756] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:829
[  119.309089][   T36] audit: type=1400 audit(1750420411.730:746): avc:  granted  { setsecparam } for  pid=6761 comm="syz.1.1996" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  119.355993][ T6764] syz.1.1997 (6764) used obsolete PPPIOCDETACH ioctl
[  119.362781][   T36] audit: type=1400 audit(1750420411.760:747): avc:  granted  { setsecparam } for  pid=6761 comm="syz.1.1996" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  119.382877][ T6764] __vm_enough_memory: pid: 6764, comm: syz.1.1997, bytes: 281474976845824 not enough memory for the allocation
[  119.448936][ T6766] rust_binder: Failed to allocate buffer. len:120, is_oneway:false
[  119.555978][ T6779] rust_binder: Got transaction with invalid offset.
[  119.573432][ T6779] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  119.589188][ T6779] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:480
[  119.672598][ T6788] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  119.687372][ T6788] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  119.713198][   T36] audit: type=1400 audit(1750420412.140:748): avc:  denied  { map } for  pid=6793 comm="syz.4.2007" path="/dev/fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  119.765659][ T6796] rust_binder: Error in use_page_slow: ESRCH
[  119.765696][ T6796] rust_binder: use_range failure ESRCH
[  119.772054][ T6796] rust_binder: Failed to allocate buffer. len:4240, is_oneway:false
[  119.777583][ T6796] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  119.795065][ T6796] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:488
[  119.813959][ T6799] rust_binder: Read failure Err(EAGAIN) in pid:844
[  119.874286][ T6807] input: syz1 as /devices/virtual/input/input119
[  120.022901][ T6820] block device autoloading is deprecated and will be removed.
[  120.040676][ T6820] syz.2.2015: attempt to access beyond end of device
[  120.040676][ T6820] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  120.190107][ T6828] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[  120.203119][ T6830] tun0: tun_chr_ioctl cmd 1074025675
[  120.216720][ T6830] tun0: persist disabled
[  120.221968][ T6830] rust_binder: Write failure EINVAL in pid:860
[  120.302272][ T6832] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  120.320012][ T6832] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  120.326722][ T6832] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  120.494045][ T6836] input: syz0 as /devices/virtual/input/input121
[  120.610370][ T6840] block device autoloading is deprecated and will be removed.
[  120.623087][ T6840] syz.2.2024: attempt to access beyond end of device
[  120.623087][ T6840] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  120.752330][ T6856] rust_binder: Error while translating object.
[  120.752374][ T6856] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  120.762872][ T6856] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:871
[  120.803114][ T6862] rust_binder: Write failure EINVAL in pid:873
[  120.865108][ T6866] binder: Bad value for 'stats'
[  120.885971][ T6866] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  120.943112][ T6871] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  121.011769][ T6877] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:506
[  121.039535][ T6877] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 0
[  121.049710][ T6879] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:886
[  121.056208][ T6877] rust_binder: Write failure EINVAL in pid:506
[  121.089081][ T6884] rust_binder: Error while translating object.
[  121.095467][ T6884] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  121.102075][ T6884] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:693
[  121.192142][ T6893] rust_binder: Write failure EINVAL in pid:698
[  121.266797][ T6898] rust_binder: Failed to allocate buffer. len:96, is_oneway:false
[  121.269220][ T6900] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  121.279157][ T6898] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  121.291314][ T6898] rust_binder: Read failure Err(EFAULT) in pid:700
[  121.330944][ T6900] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  121.350784][ T6900] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:890
[  121.421256][ T6905] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  121.439180][ T6905] SELinux: failed to load policy
[  121.444521][ T6905] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  121.444547][ T6905] rust_binder: Failure in copy_transaction_data: BR_DEAD_REPLY
[  121.452368][ T6905] rust_binder: Failure BR_DEAD_REPLY during reply - delivering BR_FAILED_REPLY to sender.
[  121.501453][ T6917] rust_binder: Error while translating object.
[  121.526879][ T6917] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  121.533497][ T6917] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:893
[  121.737555][ T6932] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:715
[  121.855129][ T6940] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:718
[  122.070715][   T36] audit: type=1400 audit(1750420414.500:749): avc:  denied  { view } for  pid=6959 comm="syz.2.2064" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  122.102266][ T6960] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:905
[  122.102308][ T6960] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  122.111881][ T6960] rust_binder: Read failure Err(EFAULT) in pid:905
[  122.246053][   T36] audit: type=1326 audit(1750420414.670:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6967 comm="syz.2.2066" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f44a798e929 code=0x0
[  122.287740][ T6958] rust_binder: Read failure Err(EFAULT) in pid:537
[  122.300164][ T6971] input: syz1 as /devices/virtual/input/input124
[  122.328021][ T6970] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  122.328045][ T6970] rust_binder: Failure in copy_transaction_data: BR_DEAD_REPLY
[  122.335871][ T6970] rust_binder: Failure BR_DEAD_REPLY during reply - delivering BR_FAILED_REPLY to sender.
[  122.344128][ T6973] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  122.938619][ T7003] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  122.959165][ T7003] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:743
[  123.051188][ T4626] bridge_slave_1: left allmulticast mode
[  123.066687][ T4626] bridge_slave_1: left promiscuous mode
[  123.072982][ T4626] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.085982][ T4626] bridge_slave_0: left allmulticast mode
[  123.091823][ T4626] bridge_slave_0: left promiscuous mode
[  123.097494][ T4626] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.200380][ T7021] rust_binder: Error in use_page_slow: ESRCH
[  123.200403][ T7021] rust_binder: use_range failure ESRCH
[  123.206490][ T7021] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  123.212047][ T7021] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  123.212819][ T7007] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.220008][ T7021] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:755
[  123.229438][ T7007] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.252655][ T7007] bridge_slave_0: entered allmulticast mode
[  123.259024][ T7007] bridge_slave_0: entered promiscuous mode
[  123.265649][ T7007] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.272748][ T7007] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.279945][ T7007] bridge_slave_1: entered allmulticast mode
[  123.286307][ T7007] bridge_slave_1: entered promiscuous mode
[  123.294423][ T7023] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[  123.319427][ T7023] rust_binder: Write failure EINVAL in pid:757
[  123.319935][ T4626] veth1_macvtap: left promiscuous mode
[  123.339336][ T4626] veth0_vlan: left promiscuous mode
[  123.391942][ T7025] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  123.391977][ T7025] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:913
[  123.464486][ T7007] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.480756][ T7007] bridge0: port 2(bridge_slave_1) entered forwarding state
[  123.488084][ T7007] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.495117][ T7007] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.517716][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.525205][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.535167][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.542243][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.551296][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.558375][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  123.582709][ T7028] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  123.588721][ T7027] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[  123.596958][ T7007] veth0_vlan: entered promiscuous mode
[  123.608740][ T7027] rust_binder: Write failure EINVAL in pid:759
[  123.609582][ T7030] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  123.625813][ T7007] veth1_macvtap: entered promiscuous mode
[  123.678903][ T7038] binder: Bad value for 'max'
[  123.691421][   T36] audit: type=1400 audit(1750420416.120:751): avc:  denied  { execute } for  pid=7033 comm="syz.1.2084" path="/sys/power/wake_unlock" dev="sysfs" ino=1465 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=file permissive=1
[  123.910931][ T7059] binder: Bad value for 'stats'
[  123.917491][ T7064] random: crng reseeded on system resumption
[  123.924017][ T7062] rust_binder: Error while translating object.
[  123.924060][ T7062] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  123.932349][ T7062] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:17
[  123.932798][ T7066] SELinux: security_context_str_to_sid () failed with errno=-22
[  123.986510][ T7071] block device autoloading is deprecated and will be removed.
[  124.029312][   T36] audit: type=1400 audit(1750420416.450:752): avc:  denied  { read } for  pid=7065 comm="syz.2.2094" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  124.056242][   T36] audit: type=1400 audit(1750420416.450:753): avc:  denied  { open } for  pid=7065 comm="syz.2.2094" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  124.077476][ T7077] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:772
[  124.096767][   T36] audit: type=1400 audit(1750420416.460:754): avc:  denied  { read write } for  pid=7007 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  124.130557][   T36] audit: type=1400 audit(1750420416.460:755): avc:  denied  { open } for  pid=7007 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  124.155882][   T36] audit: type=1400 audit(1750420416.460:756): avc:  denied  { ioctl } for  pid=7007 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  124.182327][   T36] audit: type=1400 audit(1750420416.490:757): avc:  denied  { ioctl } for  pid=7065 comm="syz.2.2094" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  124.209288][   T36] audit: type=1400 audit(1750420416.490:758): avc:  denied  { read } for  pid=7073 comm="syz.4.2098" name="ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  124.245415][ T7083] rust_binder: Error while translating object.
[  124.245462][ T7083] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  124.252414][ T7083] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:25
[  124.299950][ T7088] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  124.345670][ T7090] input: syz0 as /devices/virtual/input/input125
[  124.357231][ T7090] input: failed to attach handler leds to device input125, error: -6
[  124.373162][ T7094] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:925
[  124.373576][ T7081] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:925
[  124.385922][ T7081] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  124.395240][ T7081] rust_binder: Error in use_page_slow: EBUSY
[  124.405772][ T7081] rust_binder: use_range failure EBUSY
[  124.411772][ T7081] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  124.417269][ T7081] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  124.425018][ T7081] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  124.434710][ T7081] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:925
[  124.439406][ T7096] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  124.459207][ T7096] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:29
[  124.879290][ T7122] rust_binder: Got transaction with invalid offset.
[  124.888790][ T7122] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  124.896920][ T7122] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:941
[  125.089414][ T7145] rust_binder: Error while translating object.
[  125.098746][ T7145] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  125.104939][ T7145] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:949
[  125.200707][ T7153] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  125.218694][ T7153] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  125.227368][ T7153] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  125.236314][ T7153] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  125.245335][ T7153] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  125.451208][ T7179] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1074291459
[  125.459401][ T7179] rust_binder: Write failure EINVAL in pid:959
[  125.499835][ T7186] rust_binder: Write failure EFAULT in pid:963
[  125.673189][ T7194] binder: Bad value for 'max'
[  125.895700][ T7214] binder: Unknown parameter '01777777777777777777777'
[  125.971069][ T7219] binder: Bad value for 'defcontext'
[  126.152306][ T7231] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:791
[  126.327926][ T7238] input: syz0 as /devices/virtual/input/input126
[  126.346947][ T7240] input: syz0 as /devices/virtual/input/input127
[  126.362588][ T7238] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  126.718703][ T7259] rust_binder: Failed to allocate buffer. len:96, is_oneway:false
[  126.826808][ T7265] input: syz0 as /devices/virtual/input/input128
[  126.845351][ T7265] rust_binder: Write failure EINVAL in pid:620
[  127.022531][ T7283] cgroup: fork rejected by pids controller in /syz5
[  127.035952][ T7283] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:68
[  127.036481][ T7283] rust_binder: Error while translating object.
[  127.045588][ T7283] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  127.051792][ T7283] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:68
[  127.078703][ T7289] rust_binder: validate_parent_fixup: fixup_min_offset=29, parent_offset=27
[  127.088329][ T7289] rust_binder: Error while translating object.
[  127.097092][ T7289] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  127.103311][ T7289] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:796
[  127.131091][ T7292] rust_binder: Write failure EINVAL in pid:633
[  127.141086][ T7291] rust_binder: Write failure EINVAL in pid:633
[  127.147645][   T36] kauditd_printk_skb: 53 callbacks suppressed
[  127.147660][   T36] audit: type=1400 audit(1750420419.570:812): avc:  denied  { validate_trans } for  pid=7293 comm="syz.1.2169" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  127.322549][  T304] bridge_slave_1: left allmulticast mode
[  127.330301][  T304] bridge_slave_1: left promiscuous mode
[  127.336056][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.345938][  T304] bridge_slave_0: left allmulticast mode
[  127.351824][  T304] bridge_slave_0: left promiscuous mode
[  127.357466][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.404970][ T7315] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  127.405005][ T7315] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:641
[  127.492562][  T304] veth1_macvtap: left promiscuous mode
[  127.523862][  T304] veth0_vlan: left promiscuous mode
[  127.529341][   T36] audit: type=1400 audit(1750420419.950:813): avc:  denied  { read } for  pid=7326 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  127.567258][   T36] audit: type=1400 audit(1750420419.950:814): avc:  denied  { open } for  pid=7326 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  127.606676][   T36] audit: type=1400 audit(1750420419.950:815): avc:  denied  { mounton } for  pid=7326 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  127.631098][   T36] audit: type=1400 audit(1750420419.990:816): avc:  denied  { sys_module } for  pid=7326 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  127.655520][   T36] audit: type=1400 audit(1750420419.990:817): avc:  denied  { read write } for  pid=7320 comm="syz.1.2178" name="vhost-vsock" dev="devtmpfs" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  127.680283][   T36] audit: type=1400 audit(1750420419.990:818): avc:  denied  { open } for  pid=7320 comm="syz.1.2178" path="/dev/vhost-vsock" dev="devtmpfs" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  127.707082][ T7328] rust_binder: Error while translating object.
[  127.707116][ T7328] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  127.713381][ T7328] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1002
[  127.728853][   T36] audit: type=1400 audit(1750420420.060:819): avc:  denied  { write } for  pid=7324 comm="syz.4.2180" name="hwrng" dev="devtmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  127.782188][ T7326] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.789910][ T7326] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.796944][ T7326] bridge_slave_0: entered allmulticast mode
[  127.803291][ T7326] bridge_slave_0: entered promiscuous mode
[  127.810018][ T7326] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.817116][ T7326] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.824195][ T7326] bridge_slave_1: entered allmulticast mode
[  127.830344][ T7326] bridge_slave_1: entered promiscuous mode
[  127.863053][   T36] audit: type=1400 audit(1750420420.290:820): avc:  denied  { create } for  pid=7326 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  127.868379][ T7326] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.884021][   T36] audit: type=1400 audit(1750420420.290:821): avc:  denied  { write } for  pid=7326 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  127.890950][ T7326] bridge0: port 2(bridge_slave_1) entered forwarding state
[  127.891065][ T7326] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.925864][ T7326] bridge0: port 1(bridge_slave_0) entered forwarding state
[  127.960867][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.971912][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.983747][ T4626] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.991016][ T4626] bridge0: port 1(bridge_slave_0) entered forwarding state
[  128.000118][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.007153][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  128.037602][ T7326] veth0_vlan: entered promiscuous mode
[  128.062588][ T7326] veth1_macvtap: entered promiscuous mode
[  128.107204][ T7352] rust_binder: Error while translating object.
[  128.107231][ T7352] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  128.114085][ T7352] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:7
[  128.144811][ T7354] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:10
[  128.353105][ T7369] input: syz0 as /devices/virtual/input/input131
[  128.374557][ T7371] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  128.374588][ T7371] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:12
[  128.393808][ T7369] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  128.403000][ T7369] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:664
[  128.431397][ T7373] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1010
[  128.440890][ T7373] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  128.450218][ T7330] rust_binder: Read failure Err(EFAULT) in pid:809
[  128.458479][ T7373] rust_binder: Read failure Err(EFAULT) in pid:1010
[  128.483701][ T7377] 
: tun_chr_ioctl cmd 1074025675
[  128.495536][ T7377] 
: persist disabled
[  128.726005][ T7381] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  128.726021][ T7381] rust_binder: Read failure Err(EFAULT) in pid:668
[  128.734336][ T7381] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:668
[  128.831802][ T7393] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:670
[  128.843706][ T7393] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:670
[  128.895408][ T7400] rust_binder: Write failure EINVAL in pid:672
[  128.988998][ T7408] SELinux: security_context_str_to_sid () failed with errno=-22
[  129.128649][ T7418] rust_binder: Write failure EFAULT in pid:27
[  129.253153][ T7432] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1036
[  129.478383][ T7437] __vm_enough_memory: pid: 7437, comm: syz.5.2216, bytes: 281474976845824 not enough memory for the allocation
[  129.503575][ T7437] kvm: kvm [7436]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0xa1a9
[  129.818413][ T7449] random: crng reseeded on system resumption
[  129.858350][ T7455] PM: Enabling pm_trace changes system date and time during resume.
[  129.858350][ T7455] PM: Correct system time has to be restored manually after resume.
[  129.875058][ T7455] rust_binder: Write failure EINVAL in pid:1045
[  129.996503][ T7475] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1055
[  130.002006][ T7472] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  130.016225][ T7472] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:40
[  130.049300][ T7482] rust_binder: Write failure EFAULT in pid:1062
[  130.127225][ T7486] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  130.142710][ T7485] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  130.155180][ T7486] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  130.175074][ T7486] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1064
[  130.436376][ T7499] rust_binder: Write failure EFAULT in pid:48
[  130.984411][ T7537] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  130.999314][ T7537] rust_binder: Write failure EINVAL in pid:689
[  131.454822][ T7573] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:73
[  131.461363][ T7574] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  131.489020][ T7576] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:852
[  131.508766][ T7580] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  131.526536][ T7578] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  131.560244][ T7578] kvm: vcpu 0: requested 16 ns lapic timer period limited to 200000 ns
[  131.576977][ T7578] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=220138064 (3522209024 ns) > initial count (200000 ns). Using initial count to start timer.
[  131.698619][ T7585] kvm: kvm [7584]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x186) = 0x3
[  131.707555][ T7585] rust_binder: Write failure EINVAL in pid:80
[  131.906020][ T7597] rust_binder: Write failure EFAULT in pid:1090
[  132.032063][ T7605] rust_binder: Error while translating object.
[  132.038486][ T7605] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  132.045539][ T7609] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.045791][ T7605] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1098
[  132.055883][ T7610] rust_binder: Write failure EINVAL in pid:697
[  132.124756][ T7625] rust_binder: Error while translating object.
[  132.131135][ T7625] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  132.137351][ T7625] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:706
[  132.186675][   T36] kauditd_printk_skb: 31 callbacks suppressed
[  132.186692][   T36] audit: type=1400 audit(1750420424.610:853): avc:  denied  { map } for  pid=7628 comm="syz.2.2275" path="pipe:[71595]" dev="pipefs" ino=71595 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  132.253134][ T7631] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:90
[  132.262304][   T36] audit: type=1400 audit(1750420424.680:854): avc:  denied  { relabelfrom } for  pid=7622 comm="syz.5.2272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  132.291547][   T36] audit: type=1400 audit(1750420424.680:855): avc:  denied  { relabelto } for  pid=7622 comm="syz.5.2272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  132.329420][ T7634] pim6reg0: tun_chr_ioctl cmd 1074025677
[  132.335155][ T7634] pim6reg0: linktype set to 769
[  132.340962][ T7634] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[  132.348323][ T7634] rust_binder: Write failure EINVAL in pid:708
[  132.518316][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.532575][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.540720][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.548533][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.557136][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.565775][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.573610][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.581392][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.589454][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.598373][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.608482][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.617326][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.625215][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.626821][ T7649] input: syz1 as /devices/virtual/input/input134
[  132.633202][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.649441][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.657284][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.662125][ T7651] __vm_enough_memory: pid: 7651, comm: syz.1.2282, bytes: 281474976845824 not enough memory for the allocation
[  132.667463][ T7647] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[  132.684412][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.684957][ T7649] rust_binder: Error while translating object.
[  132.692228][ T7647] rust_binder: Write failure EINVAL in pid:1105
[  132.693431][ T7649] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  132.698650][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.707509][ T7649] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:712
[  132.718658][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.739004][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.746887][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.754691][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.762577][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.770356][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.778095][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.785903][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.793662][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.802175][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.810404][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.818298][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.826139][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.835400][ T6646] hid-generic 0000:20000000:0000.000F: unknown main item tag 0x0
[  132.843853][ T6646] hid-generic 0000:20000000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  132.988938][   T36] audit: type=1326 audit(1750420425.410:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7664 comm="syz.1.2285" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fde24b8e929 code=0x0
[  133.114386][ T7678] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:721
[  133.127182][ T7683] rust_binder: Write failure EFAULT in pid:725
[  133.127486][ T7682] input: syz1 as /devices/virtual/input/input135
[  133.160625][ T7682] binder: Bad value for 'stats'
[  133.317838][ T7699] rust_binder: Write failure EINVAL in pid:739
[  133.403410][ T7708] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  133.410576][ T7708] rust_binder: Error while translating object.
[  133.417200][ T7708] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  133.423858][ T7708] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:103
[  133.433251][ T7710] rust_binder: Write failure EFAULT in pid:1111
[  133.458728][ T7713] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:744
[  133.465754][ T7713] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:744
[  133.539692][ T7722] rust_binder: Failed to allocate buffer. len:65376, is_oneway:true
[  133.539714][ T7722] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  133.547813][ T7722] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:106
[  133.573125][ T7724] random: crng reseeded on system resumption
[  133.608104][ T7726] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  133.927226][ T7739] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:876
[  134.141594][   T36] audit: type=1400 audit(1750420426.570:857): avc:  denied  { write } for  pid=7746 comm="syz.5.2312" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  134.154153][ T7757] rust_binder: Write failure EINVAL in pid:879
[  134.173876][ T7747] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:119
[  134.185170][   T36] audit: type=1400 audit(1750420426.570:858): avc:  denied  { remove_name } for  pid=7746 comm="syz.5.2312" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  134.219978][   T36] audit: type=1400 audit(1750420426.570:859): avc:  denied  { unlink } for  pid=7746 comm="syz.5.2312" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  134.248874][ T7769] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  134.248898][ T7769] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:764
[  134.348111][ T7773] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  134.357403][ T7773] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  134.366057][ T7773] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:766
[  134.494005][ T7781] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  134.643784][   T36] audit: type=1326 audit(1750420427.070:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7796 comm="syz.5.2328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad7b8e929 code=0x7ffc0000
[  134.646132][ T7794] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:894
[  134.668079][ T7797] binder: Unknown parameter 'context'
[  134.683101][   T36] audit: type=1326 audit(1750420427.070:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7796 comm="syz.5.2328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad7b8e929 code=0x7ffc0000
[  134.713930][   T36] audit: type=1326 audit(1750420427.100:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7796 comm="syz.5.2328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdad7b8e929 code=0x7ffc0000
[  134.779993][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.792132][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.802914][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.812495][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.821949][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.831270][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.841734][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.852312][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.852854][ T7813] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  134.861913][ T7813] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1121
[  134.863836][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.890120][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.899853][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.913917][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.923349][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.940072][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.949623][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.959489][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.968949][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  134.980417][ T7812] rust_binder: Write failure EINVAL in pid:773
[  134.980541][ T7821] binder: Unknown parameter 'non��]y��Q}�d0��N�vf�#'
[  134.996626][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.019273][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.029433][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.053048][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.067823][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.083633][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.093242][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.103196][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.124232][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.133675][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.143333][ T7840] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:156
[  135.176018][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.188811][ T7851] rust_binder: Error while translating object.
[  135.196325][ T7851] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  135.198177][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.203989][ T7851] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:777
[  135.213271][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.248347][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.255229][ T7856] input input137: cannot allocate more than FF_MAX_EFFECTS effects
[  135.258069][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.275110][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.284720][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.289486][ T7856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  135.294853][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.311029][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.320418][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.329888][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.347049][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.356330][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.367376][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.376786][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.409349][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.418662][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.433406][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.445472][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.463986][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.485215][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.504972][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.527378][ T7876] binder: Bad value for 'max'
[  135.532224][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.551788][ T7876] binder: Bad value for 'max'
[  135.556642][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.575638][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.585069][ T7876] binder: Bad value for 'max'
[  135.594181][ T7810] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  135.606974][ T7876] binder: Bad value for 'max'
[  135.630380][ T7876] binder: Bad value for 'max'
[  135.709217][ T7876] binder: Bad value for 'max'
[  135.727791][ T7876] binder: Bad value for 'max'
[  135.732704][ T7876] binder: Bad value for 'max'
[  135.759328][ T7876] binder: Bad value for 'max'
[  135.766494][ T7876] binder: Bad value for 'max'
[  135.787041][ T7876] binder: Bad value for 'max'
[  135.809228][ T7876] binder: Bad value for 'max'
[  135.814220][ T7876] binder: Bad value for 'max'
[  135.843563][ T7876] binder: Bad value for 'max'
[  135.876173][ T7876] binder: Bad value for 'max'
[  135.902529][ T7876] binder: Bad value for 'max'
[  135.930904][ T7876] binder: Bad value for 'max'
[  135.953282][ T7876] binder: Bad value for 'max'
[  135.971252][ T7876] binder: Bad value for 'max'
[  135.991296][ T7876] binder: Bad value for 'max'
[  135.992034][ T7910] input: syz0 as /devices/virtual/input/input138
[  136.008009][ T7876] binder: Bad value for 'max'
[  136.022326][ T7876] binder: Bad value for 'max'
[  136.069299][ T7876] binder: Bad value for 'max'
[  136.093707][ T7876] binder: Bad value for 'max'
[  136.102812][ T7915] input: syz0 as /devices/virtual/input/input139
[  136.111980][ T7915] input: failed to attach handler leds to device input139, error: -6
[  136.112193][ T7876] binder: Bad value for 'max'
[  136.145456][ T7915] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=320745794 (2565966352 ns) > initial count (325012024 ns). Using initial count to start timer.
[  136.153475][ T7876] binder: Bad value for 'max'
[  136.163561][ T7918] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:911
[  136.180027][ T7915] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  136.190727][ T7876] binder: Bad value for 'max'
[  136.203781][ T7915] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  136.204104][ T7915] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:172
[  136.226131][ T7876] binder: Bad value for 'max'
[  136.257484][ T7876] binder: Bad value for 'max'
[  136.262509][ T7876] binder: Bad value for 'max'
[  136.267837][ T7876] binder: Bad value for 'max'
[  136.272910][ T7876] binder: Bad value for 'max'
[  136.278212][ T7876] binder: Bad value for 'max'
[  136.383604][ T7930] binder: Unknown parameter 'context'
[  137.996005][ T7987] binder: Bad value for 'max'
[  138.264568][ T8022] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:934
[  138.276932][ T8025] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  138.287543][ T8025] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:936
[  138.289692][ T8026] tun0: tun_chr_ioctl cmd 1074025675
[  138.313066][ T8026] tun0: persist enabled
[  138.319714][ T8026] tun0: tun_chr_ioctl cmd 1074025675
[  138.325111][ T8026] tun0: persist enabled
[  138.326234][ T8029] rust_binder: Write failure EFAULT in pid:938
[  138.430586][ T8046] rust_binder: Error while translating object.
[  138.440950][ T8046] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  138.448430][ T8046] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:942
[  138.604628][   T36] kauditd_printk_skb: 51 callbacks suppressed
[  138.604648][   T36] audit: type=1400 audit(1750420431.030:914): avc:  denied  { map } for  pid=8055 comm="syz.1.2409" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  138.643087][   T36] audit: type=1400 audit(1750420431.080:915): avc:  denied  { execute } for  pid=8055 comm="syz.1.2409" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  138.675857][ T8056] rust_binder: Error in use_page_slow: ESRCH
[  138.675883][ T8056] rust_binder: use_range failure ESRCH
[  138.691610][ T8056] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  138.701208][ T8056] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  138.720871][ T8056] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:944
[  138.772755][ T8071] random: crng reseeded on system resumption
[  138.811422][ T8073] binder: Unknown parameter 'nXI'
[  138.930086][ T8089] binder: Bad value for 'max'
[  138.952084][   T36] audit: type=1326 audit(1750420431.380:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8088 comm="syz.4.2419" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f29c5d8e929 code=0x0
[  139.129580][ T8095] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  139.129599][ T8095] rust_binder: Read failure Err(EFAULT) in pid:955
[  139.138116][ T8097] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  139.151321][ T8096] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[  139.151341][ T8096] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  139.159524][ T8096] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:955
[  139.169153][ T8096] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  139.178292][ T8096] rust_binder: Read failure Err(EFAULT) in pid:955
[  139.296162][ T8101] rust_binder: Write failure EFAULT in pid:961
[  139.405472][ T8114] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:964
[  139.411870][ T8113] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:964
[  139.544012][ T8128] rust_binder: Write failure EFAULT in pid:972
[  139.698618][ T8139] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  139.705429][ T8139] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:250
[  139.715152][ T8139] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  139.719521][ T8141] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:978
[  139.724457][ T8139] rust_binder: Read failure Err(EFAULT) in pid:250
[  139.770745][   T36] audit: type=1400 audit(1750420432.200:917): avc:  denied  { setcheckreqprot } for  pid=8142 comm="syz.1.2436" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  139.807920][ T8146] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[  139.816130][ T8146] rust_binder: Write failure EINVAL in pid:252
[  140.034510][ T8166] input: syz0 as /devices/virtual/input/input143
[  140.637164][   T36] audit: type=1326 audit(1750420433.060:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8207 comm="syz.4.2458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29c5d8e929 code=0x7ffc0000
[  140.661714][   T36] audit: type=1326 audit(1750420433.070:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8207 comm="syz.4.2458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29c5d8e929 code=0x7ffc0000
[  140.669334][ T8208] binder: Unknown parameter 'context'
[  140.685431][   T36] audit: type=1326 audit(1750420433.100:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8207 comm="syz.4.2458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f29c5d8e929 code=0x7ffc0000
[  140.724329][   T36] audit: type=1326 audit(1750420433.150:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8207 comm="syz.4.2458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29c5d8e929 code=0x7ffc0000
[  140.753514][   T36] audit: type=1326 audit(1750420433.150:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8207 comm="syz.4.2458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29c5d8e929 code=0x7ffc0000
[  140.777140][   T36] audit: type=1326 audit(1750420433.180:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8207 comm="syz.4.2458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f29c5d8e929 code=0x7ffc0000
[  140.830886][ T8215] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  140.849275][ T8215] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  140.858356][ T8215] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  140.867830][ T8215] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  140.885185][ T8214] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  140.975689][ T8229] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  141.242057][ T8243] __vm_enough_memory: pid: 8243, comm: syz.1.2467, bytes: 281474976845824 not enough memory for the allocation
[  141.368383][ T8252] input: syz0 as /devices/virtual/input/input145
[  141.378825][  T413] udevd[413]: setting owner of /dev/input/event3 to uid=0, gid=104 failed: No such file or directory
[  141.647104][ T8268] binder: Bad value for 'max'
[  141.985609][ T8284] binfmt_misc: register: failed to install interpreter file ./file1
[  142.015980][ T8293] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  142.096339][ T8315] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:953
[  142.107601][ T8315] input: syz1 as /devices/virtual/input/input147
[  142.139322][ T8315] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 136, limit: 152, size: 89)
[  142.139389][ T8315] rust_binder: Error while translating object.
[  142.149903][ T8315] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  142.156066][ T8315] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:953
[  142.322366][ T8328] rust_binder: Write failure EFAULT in pid:961
[  142.769781][ T8349] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  142.769801][ T8349] rust_binder: Error while translating object.
[  142.778490][ T8349] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  142.784696][ T8349] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:978
[  142.860421][ T8351] SELinux: security_context_str_to_sid (sytem_u�Gй�:��F ) failed with errno=-22
[  142.984011][ T8364] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:983
[  143.206433][ T8375] rust_binder: Write failure EINVAL in pid:1155
[  143.215855][ T8375] rust_binder: Read failure Err(EAGAIN) in pid:1155
[  143.229489][ T8377] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  143.236174][ T8377] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:1157
[  143.246675][ T8379] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.280863][ T8384] binder: Unknown parameter 'contextm'
[  143.295724][ T8389] binder: Bad value for 'max'
[  143.322151][ T8391] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.322250][ T8391] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.536995][ T8399] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.616745][ T8412] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.836178][ T8420] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  143.849817][ T8420] rust_binder: Write failure EINVAL in pid:1036
[  143.951381][ T8427] rust_binder: Error while translating object.
[  143.957733][ T8427] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  143.964142][ T8427] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:988
[  143.997802][ T8429] rust_binder: Write failure EFAULT in pid:990
[  144.018841][ T8423] rust_binder: Read failure Err(EFAULT) in pid:1038
[  144.066150][ T8433] rust_binder: Write failure EFAULT in pid:994
[  144.112257][ T8435] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  144.118609][ T8435] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  144.179725][ T8449] binder: Unknown parameter ''
[  144.194424][   T36] kauditd_printk_skb: 13 callbacks suppressed
[  144.194444][   T36] audit: type=1400 audit(1750420436.630:937): avc:  denied  { append } for  pid=8438 comm="syz.4.2534" name="hwrng" dev="devtmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  144.365086][ T8471] input: syz0 as /devices/virtual/input/input149
[  144.392456][ T8465] rust_binder: Read failure Err(EFAULT) in pid:1051
[  144.408686][ T8482] binder: Unknown parameter '����'
[  144.523185][ T8500] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1058
[  144.527611][ T8500] rust_binder: Read failure Err(EFAULT) in pid:1058
[  144.603307][ T8512] binder: Bad value for 'stats'
[  144.723181][ T8521] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[  144.824944][   T36] audit: type=1400 audit(1750420437.250:938): avc:  denied  { execute } for  pid=8529 comm="syz.2.2561" path="/400/cgroup.stat" dev="tmpfs" ino=2081 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  144.904857][ T8537] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1197
[  144.953993][ T8539] rust_binder: Got transaction with invalid offset.
[  144.963342][ T8539] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  144.970204][ T8539] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1065
[  145.064759][ T8557] input: syz1 as /devices/virtual/input/input150
[  145.092812][   T36] audit: type=1400 audit(1750420437.520:939): avc:  denied  { attach_queue } for  pid=8556 comm="syz.2.2569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  145.197298][ T8565] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  145.269832][ T8574] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[  145.281026][   T36] audit: type=1400 audit(1750420437.700:940): avc:  denied  { load_policy } for  pid=8573 comm="syz.2.2575" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  145.300177][ T8574] SELinux: failed to load policy
[  145.315605][ T8574] random: crng reseeded on system resumption
[  145.322610][ T8578] rust_binder: Write failure EFAULT in pid:1017
[  145.494567][ T8592] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  145.521657][ T8592] rust_binder: Error in use_page_slow: ESRCH
[  145.528121][ T8592] rust_binder: use_range failure ESRCH
[  145.529376][ T8594] SELinux: failed to load policy
[  145.534515][ T8592] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  145.546090][ T8592] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  145.554374][ T8592] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1213
[  145.565920][ T8597] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1084
[  145.667583][ T8612] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1087
[  145.677140][ T8612] rust_binder: Error while translating object.
[  145.687019][ T8612] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  145.693422][ T8612] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1087
[  145.745184][ T8621] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  145.762294][ T8621] SELinux: failed to load policy
[  145.813276][ T8629] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  145.832278][ T8633] rust_binder: Write failure EFAULT in pid:1225
[  145.981772][ T8643] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.041451][ T8646] rust_binder: got new transaction with bad transaction stack
[  146.047883][ T8646] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1228
[  146.129773][ T8651] rust_binder: Write failure EINVAL in pid:1104
[  146.146784][ T8650] pim6reg0: tun_chr_ioctl cmd 1074025677
[  146.155063][ T8656] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  146.158907][ T8656] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  146.158959][ T8650] pim6reg0: linktype set to 769
[  146.167646][ T8656] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:1110
[  146.257079][ T8659] binder: Unknown parameter '0x000000000000000a'
[  146.386875][ T8664] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  146.654818][ T8676] rust_binder: Read failure Err(EAGAIN) in pid:1123
[  146.664655][ T8679] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.763425][ T8686] rust_binder: Write failure EINVAL in pid:1133
[  146.776339][ T8688] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  146.891495][ T8698] kvm: kvm [8697]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010001) = 0x200000000400
[  146.976702][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  146.976743][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  146.984155][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  146.994438][ T8701] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  147.002735][ T8701] rust_binder: Read failure Err(EFAULT) in pid:1235
[  147.002791][ T8704] rust_binder: Error while translating object.
[  147.011616][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.024744][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.026614][ T8704] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  147.031520][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.037484][ T8704] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1235
[  147.053484][ T8707] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  147.071082][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.071114][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.077404][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.083872][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.090245][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.097615][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.104450][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.110898][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.117268][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.135439][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.141964][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.148261][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.154816][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.161401][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.167956][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.174738][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.181594][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.188119][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.198228][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.205576][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.212362][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.218659][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.225357][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.231900][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.238219][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.244578][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.250941][ T8700] rust_binder: Write failure EINVAL in pid:1235
[  147.265884][ T8712] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.274602][   T36] audit: type=1326 audit(1750420439.700:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8711 comm="syz.2.2618" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f44a798e929 code=0x0
[  147.406705][ T8715] random: crng reseeded on system resumption
[  147.413732][   T36] audit: type=1400 audit(1750420439.830:942): avc:  denied  { append } for  pid=8714 comm="syz.5.2619" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  147.443202][ T8718] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 80)
[  147.443230][ T8718] rust_binder: Error while translating object.
[  147.454037][ T8718] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  147.459430][ T8715] Restarting kernel threads ... 
[  147.460865][ T8718] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1021
[  147.469912][ T8715] done.
[  147.539343][   T36] audit: type=1400 audit(1750420439.970:943): avc:  denied  { ioctl } for  pid=8721 comm="syz.4.2621" path="/dev/uhid" dev="devtmpfs" ino=199 ioctlcmd=0x5460 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  147.764100][ T8735] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.764131][ T8735] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.770748][ T8735] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.777254][ T8735] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.786518][ T8735] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.907111][ T8752] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  147.913611][ T8752] rust_binder: Read failure Err(EFAULT) in pid:445
[  147.936186][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  147.950774][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  147.958567][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  147.967991][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  147.975950][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  147.983817][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  147.992216][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.000176][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.008066][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.015950][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.023938][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.031893][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.039723][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.048165][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.049854][ T8746] rust_binder: Read failure Err(EFAULT) in pid:1034
[  148.058278][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.074854][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.087494][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.095428][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.103340][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.111229][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.127586][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.135849][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.144211][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.158138][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.166351][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.176763][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.186451][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.194363][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.202397][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.204869][ T8768] rust_binder: Write failure EINVAL in pid:1039
[  148.210767][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.225554][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.233420][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.241931][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.251999][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.265863][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.274228][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.282543][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.290731][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.301911][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.317506][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.325388][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.348665][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.351570][ T8776] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  148.356888][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.371231][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.379247][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.387598][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.396075][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.403995][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.412513][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.420366][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.428260][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.436109][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.444038][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.452129][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.461080][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.468922][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.477143][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.485168][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.491635][   T36] audit: type=1400 audit(1750420440.920:944): avc:  granted  { setsecparam } for  pid=8782 comm="syz.5.2640" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  148.493631][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.521371][   T36] audit: type=1400 audit(1750420440.950:945): avc:  granted  { setsecparam } for  pid=8782 comm="syz.5.2640" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  148.546828][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.554697][   T36] audit: type=1400 audit(1750420440.950:946): avc:  granted  { setsecparam } for  pid=8782 comm="syz.5.2640" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  148.580628][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.588997][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.596913][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.604966][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.612812][ T8755] binder: Binderfs stats mode cannot be changed during a remount
[  148.641345][ T8795] rust_binder: Write failure EFAULT in pid:466
[  148.668205][ T8791] SELinux: syz.1.2643 (8791) set checkreqprot to 1. This is no longer supported.
[  148.736725][ T8799] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  148.739501][ T8799] rust_binder: Error while translating object.
[  148.746047][ T8799] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  148.752674][ T8799] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1257
[  148.798133][ T8801] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[  148.896342][ T8803] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  148.919952][ T8806] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  148.926441][ T8806] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:469
[  148.935875][ T8805] kvm_intel: kvm [8804]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0xff
[  148.948230][ T8807] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1261
[  149.036719][ T8816] SELinux: failed to load policy
[  149.052137][ T8814] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  149.052159][ T8814] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  149.086960][ T8822] input: syz1 as /devices/virtual/input/input152
[  149.155160][ T8824] binder: Unknown parameter 'context'
[  149.183116][ T8826] rust_binder: Write failure EFAULT in pid:1051
[  149.217770][ T8830] rust_binder: Write failure EINVAL in pid:1153
[  149.229789][ T8832] rust_binder: Write failure EINVAL in pid:478
[  149.236538][ T8832] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  149.236542][ T8830] rust_binder: Write failure EINVAL in pid:1153
[  149.236559][ T8832] rust_binder: Read failure Err(EFAULT) in pid:478
[  149.257512][ T8830] rust_binder: Write failure EFAULT in pid:1153
[  149.331624][ T8836] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 136, limit: 136, size: 237)
[  149.338216][ T8836] rust_binder: Error while translating object.
[  149.348777][ T8836] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  149.354984][ T8836] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:480
[  149.470453][ T8837] Restarting kernel threads ... done.
[  149.537925][   T36] kauditd_printk_skb: 6 callbacks suppressed
[  149.537945][   T36] audit: type=1400 audit(1750420441.960:953): avc:  denied  { ioctl } for  pid=8843 comm="syz.4.2663" path="/dev/loop-control" dev="devtmpfs" ino=48 ioctlcmd=0x661b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  149.597830][ T8850] kvm_intel: kvm [8849]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x3
[  149.607426][ T8850] binder: Unknown parameter 'coyBLV�"i5������ntext'
[  149.755199][ T8868] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  149.755919][ T8868] rust_binder: Error while translating object.
[  149.762711][ T8868] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  149.769002][ T8868] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1173
[  149.796056][ T8875] binder: Bad value for 'context'
[  149.810842][ T8875] binder: Bad value for 'context'
[  149.998955][ T8894] rust_binder: Error in use_page_slow: ESRCH
[  149.998971][ T8894] rust_binder: use_range failure ESRCH
[  149.999184][ T8895] rust_binder: Error in use_page_slow: ESRCH
[  150.005206][ T8894] rust_binder: Failed to allocate buffer. len:144, is_oneway:true
[  150.016471][ T8895] rust_binder: use_range failure ESRCH
[  150.021110][ T8894] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  150.025859][ T8895] rust_binder: Failed to allocate buffer. len:144, is_oneway:true
[  150.030196][ T8894] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:487
[  150.039917][ T8895] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  150.056415][ T8895] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:487
[  150.109536][ T8902] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  150.120483][ T8908] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.120830][ T8908] rust_binder: Error in use_page_slow: ESRCH
[  150.135121][ T8905] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[  150.147042][ T8905] rust_binder: Write failure EINVAL in pid:1273
[  150.147533][ T8908] rust_binder: use_range failure ESRCH
[  150.163200][ T8908] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  150.163222][ T8908] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  150.171816][ T8908] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:492
[  150.216515][ T8913] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.217028][ T8913] rust_binder: Error while translating object.
[  150.223579][ T8913] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  150.229793][ T8913] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:497
[  150.302641][ T8921] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  150.312005][ T8921] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:499
[  150.327837][ T8921] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  150.336984][ T8921] rust_binder: Read failure Err(EFAULT) in pid:499
[  150.461010][ T8931] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1188
[  150.467755][ T8930] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.556120][ T8941] kvm: kvm [8939]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x4000002a) = 0x4
[  150.593514][ T8943] SELinux: syz.2.2695 (8943) set checkreqprot to 1. This is no longer supported.
[  150.603102][ T8943] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.603405][ T8943] rust_binder: Error in use_page_slow: ESRCH
[  150.609881][ T8943] rust_binder: use_range failure ESRCH
[  150.615958][ T8943] rust_binder: Failed to allocate buffer. len:4240, is_oneway:false
[  150.621426][ T8943] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  150.629909][ T8943] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1281
[  150.677612][ T8949] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.678331][   T36] audit: type=1400 audit(1750420443.100:954): avc:  denied  { write } for  pid=8945 comm="syz.1.2696" name="loop-control" dev="devtmpfs" ino=48 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  150.720744][ T8949] rust_binder: Error while translating object.
[  150.720800][ T8949] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  150.729323][ T8949] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1283
[  150.739153][ T8949] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.853285][ T8953] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  150.860202][ T8953] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  150.866808][ T8953] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1286
[  150.907595][ T8955] input: syz0 as /devices/virtual/input/input153
[  150.954307][ T8962] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  151.165678][ T8979] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  151.182890][ T8976] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  151.218441][ T8988] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  151.246281][   T36] audit: type=1400 audit(1750420443.670:955): avc:  denied  { mounton } for  pid=8989 comm="syz.5.2713" path="/162/memory.events" dev="tmpfs" ino=853 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  151.249157][ T8991] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1203
[  151.285844][ T8992] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1304
[  151.297509][ T8981] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  151.307127][ T8981] rust_binder: Error in use_page_slow: EBUSY
[  151.317590][ T8981] rust_binder: use_range failure EBUSY
[  151.323648][ T8981] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  151.329273][ T8981] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  151.336978][ T8981] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  151.346507][ T8981] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:1203
[  151.396821][ T8994] rust_binder: Error in use_page_slow: ESRCH
[  151.396839][ T8994] rust_binder: use_range failure ESRCH
[  151.403431][ T8994] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  151.408994][ T8994] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  151.427088][ T8994] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1089
[  151.462793][ T9003] input: syz1 as /devices/virtual/input/input154
[  151.615774][ T9005] binder: Bad value for 'max'
[  151.644425][ T9009] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[  151.644739][ T9011] rust_binder: Write failure EINVAL in pid:1209
[  151.672083][ T9015] rust_binder: Failed to allocate buffer. len:4216, is_oneway:false
[  151.780603][ T9019] rust_binder: Error while translating object.
[  151.788724][ T9019] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  151.795259][ T9019] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1101
[  151.809965][ T9019] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1101
[  151.844777][ T9036] rust_binder: Error while translating object.
[  151.854349][   T36] audit: type=1326 audit(1750420444.290:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9035 comm="syz.5.2731" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdad7b8e929 code=0x0
[  151.854460][ T9036] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  151.879347][ T9033] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  151.884176][ T9036] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1104
[  151.893103][ T9033] rust_binder: Error in use_page_slow: EBUSY
[  151.913726][ T9033] rust_binder: use_range failure EBUSY
[  151.919778][ T9033] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  151.925342][ T9033] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  151.932997][ T9033] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  151.942350][ T9033] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:1219
[  151.970818][ T9040] __vm_enough_memory: pid: 9040, comm: syz.4.2732, bytes: 281474976845824 not enough memory for the allocation
[  152.077615][   T36] audit: type=1326 audit(1750420444.500:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9051 comm="syz.1.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  152.101426][   T36] audit: type=1326 audit(1750420444.530:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9051 comm="syz.1.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  152.127213][   T36] audit: type=1326 audit(1750420444.530:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9051 comm="syz.1.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  152.150711][   T36] audit: type=1326 audit(1750420444.530:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9051 comm="syz.1.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  152.174135][   T36] audit: type=1326 audit(1750420444.530:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9051 comm="syz.1.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  152.197536][   T36] audit: type=1326 audit(1750420444.530:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9051 comm="syz.1.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde24b8e929 code=0x7ffc0000
[  152.198038][ T9052] binder: Unknown parameter 'context'
[  152.391455][ T9068] random: crng reseeded on system resumption
[  152.403409][ T9061] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1115
[  152.450573][ T9079] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  152.880630][ T9104] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  152.881040][ T9104] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 112, size: 5)
[  152.887565][ T9104] rust_binder: Error while translating object.
[  152.901763][ T9104] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  152.907973][ T9104] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1329
[  152.938102][ T9096] rust_binder: Read failure Err(EFAULT) in pid:1119
[  153.069001][ T9118] input: syz0 as /devices/virtual/input/input157
[  153.119306][ T9121] random: crng reseeded on system resumption
[  153.146013][ T9121] Restarting kernel threads ... done.
[  153.170580][ T9132] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1340
[  153.171199][ T9132] rust_binder: Read failure Err(EFAULT) in pid:1340
[  153.200127][ T9134] SELinux:  Context ��o���}
��xd is not valid (left unmapped).
[  153.229699][ T9141] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  153.237311][ T9141] kvm: apic: phys broadcast and lowest prio
[  153.250192][ T9141] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  153.250756][ T9141] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  153.257770][ T9141] rust_binder: Write failure EINVAL in pid:1130
[  153.266354][ T9141] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  153.273321][ T9141] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[  153.280271][ T9141] rust_binder: Failed to allocate buffer. len:18446744073709551216, is_oneway:false
[  153.295903][ T9144] random: crng reseeded on system resumption
[  153.370553][ T9153] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:531
[  153.465260][ T9168] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:535
[  153.466283][ T9170] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  153.545567][ T9170] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  153.552105][ T9170] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1354
[  153.594673][ T9183] SELinux: failed to load policy
[  153.653895][ T9185] rust_binder: Error while translating object.
[  153.653920][ T9185] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  153.660682][ T9185] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1137
[  153.701268][ T9196] input: syz0 as /devices/virtual/input/input158
[  153.758393][ T9207] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  153.761477][ T9206] rust_binder: Write failure EFAULT in pid:541
[  153.770207][ T9207] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  153.777582][ T9207] rust_binder: Error while translating object.
[  153.787325][ T9207] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  153.793646][ T9207] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1153
[  153.865020][ T9223] rust_binder: Write failure EFAULT in pid:1162
[  153.940320][ T9232] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1164
[  153.946849][ T9226] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  153.956684][ T9226] rust_binder: Error in use_page_slow: EBUSY
[  153.968373][ T9226] rust_binder: use_range failure EBUSY
[  153.974524][ T9226] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  153.981156][ T9226] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  153.987067][ T9230] kvm: Disabled LAPIC found during irq injection
[  153.988849][ T9226] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  153.988880][ T9226] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:1164
[  154.047564][ T9236] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  154.055986][ T9236] rust_binder: Error while translating object.
[  154.064804][ T9236] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  154.071090][ T9236] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1167
[  154.204228][ T9247] input: syz0 as /devices/virtual/input/input159
[  154.338064][ T9264] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[  154.338093][ T9264] rust_binder: Error while translating object.
[  154.349632][ T9264] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  154.355937][ T9264] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:558
[  154.589930][ T9300] kvm: vcpu 512: requested lapic timer restore with starting count register 0x390=1531215282 (3062430564 ns) > initial count (1473793136 ns). Using initial count to start timer.
[  154.684583][ T9313] rust_binder: Write failure EINVAL in pid:1181
[  154.728023][ T9318] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:570
[  154.830440][   T36] kauditd_printk_skb: 18 callbacks suppressed
[  154.830455][   T36] audit: type=1326 audit(1750420447.260:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9329 comm="syz.1.2837" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fde24b8e929 code=0x0
[  154.872580][ T9332] rust_binder: Error while translating object.
[  154.872617][ T9332] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  154.881906][ T9332] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1184
[  154.906498][ T9338] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1186
[  154.928385][ T9340] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  154.938484][ T9340] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1188
[  155.024814][ T9346] rust_binder: Write failure EFAULT in pid:585
[  155.029178][ T9347] rust_binder: Write failure EFAULT in pid:585
[  155.049145][ T9349] binder: Bad value for 'max'
[  155.153378][ T9358] rust_binder: Error while translating object.
[  155.153403][ T9358] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  155.159650][ T9358] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1199
[  155.419290][ T9373] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  155.428847][ T9373] rust_binder: Error while translating object.
[  155.435437][ T9373] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  155.441738][ T9373] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1366
[  155.799806][ T9392] input: syz1 as /devices/virtual/input/input161
[  155.816863][ T9390] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1328
[  155.830260][ T9392] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  155.860004][ T9392] rust_binder: Error while translating object.
[  155.867446][ T9392] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  155.877234][ T9395] rust_binder: Write failure EINVAL in pid:1211
[  155.877303][ T9392] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1372
[  155.912826][ T9397] binder: Unknown parameter 'coyBLV�"i5������ntext'
[  155.912916][ T9398] binder: Unknown parameter 'coyBLV�"i5������ntext'
[  155.997052][ T9406] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  156.029901][ T9408] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1219
[  156.069613][ T9414] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1221
[  156.111006][ T9417] rust_binder: Write failure EINVAL in pid:596
[  156.149545][ T9417] rust_binder: Read failure Err(EAGAIN) in pid:596
[  156.356970][ T9428] input: syz0 as /devices/virtual/input/input163
[  156.414310][   T36] audit: type=1326 audit(1750420448.840:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9432 comm="syz.5.2871" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdad7b8e929 code=0x0
[  156.936920][ T9437] rust_binder: Error while translating object.
[  156.936965][ T9437] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  156.944135][ T9437] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1223
[  157.070801][ T9439] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1225
[  157.291137][ T9450] rust_binder: Write failure EFAULT in pid:603
[  157.309276][ T9451] rust_binder: Write failure EINVAL in pid:603
[  157.593930][ T9485] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  157.600370][ T9485] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1239
[  157.844227][   T36] audit: type=1400 audit(1750420450.270:983): avc:  granted  { setsecparam } for  pid=9503 comm="syz.5.2893" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  158.021962][   T36] audit: type=1326 audit(1750420450.450:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9513 comm="syz.5.2897" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdad7b8e929 code=0x0
[  158.063801][ T9518] binder: Unknown parameter 'G�fscontext?}W�Ā\���4+���*'
[  158.096279][ T9521] binder: Unknown parameter 'dont_measure'
[  158.115689][ T9525] binder: Binderfs stats mode cannot be changed during a remount
[  158.123824][   T31] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  158.131262][   T31] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  158.138638][   T31] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  158.146715][   T31] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  158.154312][ T9527] binder: Binderfs stats mode cannot be changed during a remount
[  158.162143][   T31] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  158.170214][   T31] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  158.200356][ T9528] fido_id[9528]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  158.207272][ T9530] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  158.378465][ T9532] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1359
[  158.745701][ T9560] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1258
[  158.821692][ T9564] rust_binder: Write failure EINVAL in pid:1258
[  158.891496][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.897886][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.904200][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.910544][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.916895][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.923386][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.930062][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.938510][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.946989][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.953329][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.959668][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.966115][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.972588][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.978928][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.985246][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.991568][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  158.997804][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.004718][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.011058][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.019691][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.030184][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.036619][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.043123][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.053293][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.059921][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.066636][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.073472][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.080114][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.086721][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.093539][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.100147][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.106762][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.113612][ T9570] rust_binder: Write failure EFAULT in pid:1371
[  159.183689][   T36] audit: type=1400 audit(1750420451.610:985): avc:  denied  { map } for  pid=9578 comm="syz.5.2918" path="/dev/ttynull" dev="devtmpfs" ino=29 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  159.240294][ T9579] SELinux:  policydb version 1302994342 does not match my version range 15-33
[  159.240553][   T36] audit: type=1400 audit(1750420451.670:986): avc:  denied  { load_policy } for  pid=9578 comm="syz.5.2918" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  159.249601][ T9579] SELinux: failed to load policy
[  159.277194][   T36] audit: type=1400 audit(1750420451.700:987): avc:  denied  { read write } for  pid=9582 comm="syz.1.2920" name="ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  159.301725][   T36] audit: type=1400 audit(1750420451.700:988): avc:  denied  { read write open } for  pid=9582 comm="syz.1.2920" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  159.326226][   T36] audit: type=1400 audit(1750420451.730:989): avc:  denied  { ioctl } for  pid=9582 comm="syz.1.2920" path="/dev/ashmem" dev="devtmpfs" ino=201 ioctlcmd=0x7703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  159.351318][   T36] audit: type=1400 audit(1750420451.730:990): avc:  denied  { execmem } for  pid=9582 comm="syz.1.2920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  159.755109][ T9597] rust_binder: Error while translating object.
[  159.755150][ T9597] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  159.779245][ T9597] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1262
[  159.839363][   T36] kauditd_printk_skb: 52 callbacks suppressed
[  159.839379][   T36] audit: type=1400 audit(1750420452.270:1043): avc:  denied  { read } for  pid=9594 comm="syz.5.2924" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  159.893768][   T36] audit: type=1400 audit(1750420452.280:1044): avc:  denied  { ioctl } for  pid=9594 comm="syz.5.2924" path="/dev/ashmem" dev="devtmpfs" ino=201 ioctlcmd=0x7708 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  159.919146][   T36] audit: type=1400 audit(1750420452.280:1045): avc:  denied  { ioctl } for  pid=9594 comm="syz.5.2924" path="/dev/ashmem" dev="devtmpfs" ino=201 ioctlcmd=0x7707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  159.944100][   T36] audit: type=1400 audit(1750420452.290:1046): avc:  denied  { read } for  pid=9594 comm="syz.5.2924" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  159.967562][   T36] audit: type=1400 audit(1750420452.290:1047): avc:  denied  { read open } for  pid=9594 comm="syz.5.2924" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  160.006094][   T36] audit: type=1400 audit(1750420452.290:1048): avc:  denied  { ioctl } for  pid=9594 comm="syz.5.2924" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  160.030780][   T36] audit: type=1400 audit(1750420452.310:1049): avc:  denied  { read write } for  pid=9594 comm="syz.5.2924" name="ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  160.063254][   T36] audit: type=1400 audit(1750420452.310:1050): avc:  denied  { read write open } for  pid=9594 comm="syz.5.2924" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  160.110480][   T36] audit: type=1400 audit(1750420452.320:1051): avc:  denied  { map } for  pid=9594 comm="syz.5.2924" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  160.134454][   T36] audit: type=1400 audit(1750420452.320:1052): avc:  denied  { read } for  pid=9594 comm="syz.5.2924" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  160.169611][ T9605] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  160.453665][ T9613] binder: Binderfs stats mode cannot be changed during a remount
[  160.617624][ T9623] rust_binder: Failed to allocate buffer. len:65376, is_oneway:true
[  160.617653][ T9623] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  160.637807][ T9625] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  160.647358][ T9625] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:639
[  160.656902][ T9623] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:1271
[  160.813838][ T9632] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1273
[  160.984704][ T9644] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1275
[  160.989990][ T9635] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  161.007638][ T9646] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1433
[  161.037152][ T9635] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:1397
[  161.060855][ T9635] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  161.100776][ T9635] rust_binder: Read failure Err(EFAULT) in pid:1397
[  161.200713][ T9654] rust_binder: Error while translating object.
[  161.217023][ T9654] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  161.224656][ T9654] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1436
[  161.469272][ T9672] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1441
[  161.588776][ T9677] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1445
[  161.934199][ T9692] rust_binder: Error in use_page_slow: ESRCH
[  161.934217][ T9692] rust_binder: use_range failure ESRCH
[  161.976548][ T9692] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  161.976575][ T9692] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  162.021542][ T9692] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1449
[  162.114235][ T9705] rust_binder: Write failure EFAULT in pid:678
[  162.423367][ T9723] input: syz0 as /devices/virtual/input/input166
[  162.535022][ T9728] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  162.733019][ T9728] rust_binder: Write failure EINVAL in pid:1461
[  162.817424][ T9740] SELinux: security_context_str_to_sid (����) failed with errno=-22
[  162.846212][ T9739] SELinux: security_context_str_to_sid (����) failed with errno=-22
[  163.139324][ T9755] rust_binder: Failed to allocate buffer. len:4240, is_oneway:false
[  163.164547][ T9767] rust_binder: Failed to allocate buffer. len:24, is_oneway:false
[  163.179586][ T9761] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  163.379941][ T9775] SELinux:  policydb magic number 0x69662f2e does not match expected magic number 0xf97cff8c
[  163.407904][ T9775] SELinux: failed to load policy
[  163.413732][ T9776] SELinux:  policydb magic number 0x69662f2e does not match expected magic number 0xf97cff8c
[  163.423990][ T9776] SELinux: failed to load policy
[  163.433444][ T9776] binder: Unknown parameter '0624f7b0 I--Q---     2 perm 1f3f0000     0 65534 keyring   _uid.0: empty
[  163.433444][ T9776] 0a6f99a1 I------     1 perm 1f030000     0     0 asymme
'
[  163.562704][ T9787] SELinux: failed to load policy
[  163.568265][ T9787] ------------[ cut here ]------------
[  163.573774][ T9787] WARNING: CPU: 1 PID: 9787 at mm/page_alloc.c:5157 __alloc_pages_noprof+0xe4/0x6c0
[  163.583270][ T9787] Modules linked in:
[  163.587154][ T9787] CPU: 1 UID: 0 PID: 9787 Comm: syz.1.2983 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  163.600721][ T9787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  163.610807][ T9787] RIP: 0010:__alloc_pages_noprof+0xe4/0x6c0
[  163.616706][ T9787] Code: 0f 1f 44 00 00 41 83 fd 0b 72 28 b8 00 20 00 00 23 44 24 40 75 1d 80 3d a4 78 ee 05 00 0f 85 c4 00 00 00 c6 05 97 78 ee 05 01 <0f> 0b 31 c0 e9 b6 00 00 00 41 83 fd 0a 0f 87 aa 00 00 00 44 89 6c
[  163.636345][ T9787] RSP: 0018:ffffc9000bfc7680 EFLAGS: 00010246
[  163.642455][ T9787] RAX: 0000000000000000 RBX: 1ffff920017f8ed4 RCX: 0000000000000000
[  163.650437][ T9787] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000bfc7728
[  163.658464][ T9787] RBP: ffffc9000bfc77a8 R08: ffffc9000bfc7727 R09: 0000000000000000
[  163.666465][ T9787] R10: ffffc9000bfc7710 R11: fffff520017f8ee5 R12: ffffc9000bfc76c0
[  163.674538][ T9787] R13: 0000000000000015 R14: dffffc0000000000 R15: 0000000000000000
[  163.682519][ T9787] FS:  00007fde259866c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  163.691477][ T9787] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  163.698072][ T9787] CR2: 0000200000001000 CR3: 000000012169e000 CR4: 00000000003526b0
[  163.706076][ T9787] DR0: 0000000000000007 DR1: 000000000000009b DR2: 00040000ffffffff
[  163.714084][ T9787] DR3: 0000000000000009 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  163.722085][ T9787] Call Trace:
[  163.725363][ T9787]  <TASK>
[  163.728287][ T9787]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  163.734012][ T9787]  ? __kasan_slab_alloc+0x73/0x90
[  163.739038][ T9787]  ? hashtab_init+0xdb/0x1f0
[  163.743646][ T9787]  ___kmalloc_large_node+0x9c/0x1d0
[  163.748840][ T9787]  ? ebitmap_read+0x21d/0x990
[  163.753552][ T9787]  ? hashtab_init+0xdb/0x1f0
[  163.758141][ T9787]  __kmalloc_large_node_noprof+0x1e/0xe0
[  163.763788][ T9787]  ? hashtab_init+0xdb/0x1f0
[  163.768379][ T9787]  __kmalloc_noprof+0x26d/0x450
[  163.773273][ T9787]  hashtab_init+0xdb/0x1f0
[  163.777708][ T9787]  ? policydb_read+0x86f/0x28c0
[  163.782570][ T9787]  symtab_init+0x44/0x70
[  163.786811][ T9787]  policydb_read+0x8fe/0x28c0
[  163.791608][ T9787]  ? kasan_save_alloc_info+0x40/0x50
[  163.796889][ T9787]  ? __cfi_policydb_read+0x10/0x10
[  163.802030][ T9787]  ? security_load_policy+0x128/0x12f0
[  163.807540][ T9787]  security_load_policy+0x162/0x12f0
[  163.812870][ T9787]  ? __kasan_check_write+0x18/0x20
[  163.818046][ T9787]  ? _raw_spin_lock+0x8c/0x120
[  163.822848][ T9787]  ? __cfi__raw_spin_lock+0x10/0x10
[  163.828052][ T9787]  ? sel_write_load+0x226/0x5e0
[  163.832917][ T9787]  ? vmalloc_noprof+0xfd/0x1d0
[  163.837678][ T9787]  ? _raw_spin_unlock+0x45/0x60
[  163.842546][ T9787]  ? __cfi_security_load_policy+0x10/0x10
[  163.848367][ T9787]  ? __kasan_check_write+0x18/0x20
[  163.853579][ T9787]  sel_write_load+0x298/0x5e0
[  163.858263][ T9787]  ? futex_wait+0x288/0x540
[  163.862770][ T9787]  ? __cfi_sel_write_load+0x10/0x10
[  163.867964][ T9787]  ? __cfi_futex_wait+0x10/0x10
[  163.872832][ T9787]  ? bpf_lsm_file_permission+0xd/0x20
[  163.878204][ T9787]  ? __cfi_sel_write_load+0x10/0x10
[  163.883438][ T9787]  vfs_write+0x3c0/0xe80
[  163.887679][ T9787]  ? __cfi_vfs_write+0x10/0x10
[  163.892477][ T9787]  ? __kasan_check_write+0x18/0x20
[  163.897586][ T9787]  ? mutex_lock+0x92/0x1c0
[  163.902030][ T9787]  ? __cfi_mutex_lock+0x10/0x10
[  163.906890][ T9787]  ? __fget_files+0x2c5/0x340
[  163.911604][ T9787]  ksys_write+0x141/0x250
[  163.915942][ T9787]  ? xfd_validate_state+0x68/0x150
[  163.921127][ T9787]  ? __cfi_ksys_write+0x10/0x10
[  163.926020][ T9787]  ? __kasan_check_write+0x18/0x20
[  163.931210][ T9787]  ? fpregs_restore_userregs+0x11d/0x260
[  163.936872][ T9787]  __x64_sys_write+0x7f/0x90
[  163.941526][ T9787]  x64_sys_call+0x271c/0x2ee0
[  163.946222][ T9787]  do_syscall_64+0x58/0xf0
[  163.950672][ T9787]  ? clear_bhb_loop+0x35/0x90
[  163.955383][ T9787]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  163.961365][ T9787] RIP: 0033:0x7fde24b8e929
[  163.965804][ T9787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.985458][ T9787] RSP: 002b:00007fde25986038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  163.993906][ T9787] RAX: ffffffffffffffda RBX: 00007fde24db6080 RCX: 00007fde24b8e929
[  164.001929][ T9787] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000004
[  164.010120][ T9787] RBP: 00007fde24c10b39 R08: 0000000000000000 R09: 0000000000000000
[  164.018277][ T9787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  164.026257][ T9787] R13: 0000000000000000 R14: 00007fde24db6080 R15: 00007fff40a65e08
[  164.034256][ T9787]  </TASK>
[  164.037272][ T9787] ---[ end trace 0000000000000000 ]---
[  164.042982][ T9787] SELinux: failed to load policy