last executing test programs:

6.306418364s ago: executing program 2 (id=400):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x1a9d42, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000001000000000000000000000000000000001b0300ff"])
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008a04"])
r4 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r4, 0x0)
openat$selinux_context(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0xbc)
read(r0, &(0x7f0000000100)=""/92, 0x5c)
ioctl$HDIO_GETGEO(r4, 0x301, &(0x7f0000000040))

6.175610506s ago: executing program 2 (id=404):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x5)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000300)=ANY=[@ANYBLOB="020000a29ea8c877620040000000"])
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0)
read$FUSE(r5, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000001300)=ANY=[@ANYBLOB="01000000cd7ae7c6693429b64c00000000810400ac9a0000000c00000000000000"])
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r7, 0x4030582a, &(0x7f0000000300)={0x1100, 0x0, 0x0, 0x2a40})
ioctl$FS_IOC_RESVSP(r7, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2})
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000080)={0x1, 0x0, &(0x7f0000001100)=""/79, &(0x7f0000001180)=""/121, &(0x7f0000001200)=""/208, 0x4})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000001340)={[0x200, 0x9, 0x0, 0x8000, 0x4, 0x0, 0x8, 0x5, 0x10, 0x8, 0xac3e, 0xf, 0x0, 0x180, 0xd, 0x97], 0x1, 0x10c000})
ioctl$KVM_SET_XSAVE(r4, 0x5000aea5, &(0x7f0000000100)={[0xfffffff9, 0xe3, 0x1, 0x3, 0x81, 0xcb, 0x6, 0x9, 0x101, 0x1, 0x401, 0x9, 0x10000000, 0x5, 0x0, 0x4, 0x2, 0x8000, 0x7, 0x5, 0x700, 0x7fffffff, 0x1ff, 0xb, 0x1, 0x7, 0x80, 0xffffffff, 0x8, 0x2c2, 0x7, 0x7, 0x8, 0x10, 0xf4b, 0x8f2, 0x4, 0x1, 0x5, 0x1fb, 0x5, 0x81, 0xba, 0x2, 0x1, 0x2000, 0x9, 0x6, 0x1, 0x7, 0x601dad3a, 0x3, 0x7, 0xda6d, 0xffff0000, 0x3, 0x7, 0x4, 0x9, 0x9b, 0xe171, 0x401, 0xb0, 0x5782, 0x0, 0x1, 0xffffffff, 0xec, 0x7, 0x6a6, 0x0, 0xfffffffa, 0x4, 0xac5, 0x4, 0x7ff, 0x6daa, 0xfff, 0x0, 0x2, 0x8, 0x6, 0x4, 0x14000, 0x3, 0x200, 0x0, 0x4, 0xffff, 0x4, 0xa2b6, 0x8, 0x81, 0xff, 0x9, 0xb, 0x73f, 0x8, 0x3, 0x457d, 0x4, 0x80000000, 0xa, 0x5000, 0x101, 0xb4, 0x40000000, 0x8, 0x6, 0x80000000, 0x8, 0x5, 0x10000, 0x7ead, 0x80000000, 0x2, 0x6, 0x3, 0x230, 0x2, 0x40, 0x6, 0xfff, 0x8, 0x0, 0x1, 0x8, 0x6, 0x5, 0x7, 0x3, 0x0, 0x7fff, 0xd7, 0x1, 0x9, 0x872, 0x8, 0x4, 0x9, 0x1000, 0xe, 0xfffffda5, 0xfff, 0x0, 0xc54, 0x1, 0x15a4, 0xfffffffa, 0x9, 0x1, 0x2a, 0x6, 0x3, 0x5, 0x8, 0x8, 0x2, 0x9, 0x1, 0x5fdbda49, 0x0, 0x0, 0x5, 0xa, 0x8a6, 0x4, 0x800, 0xb0000000, 0x5, 0xce0, 0x10, 0x0, 0x5, 0x7, 0x9, 0x40, 0x202a1bd0, 0x5a, 0x4, 0x7, 0x0, 0x9, 0x2, 0x3e3, 0x2, 0xde, 0x3, 0x400, 0x0, 0x1, 0x5, 0x8, 0x1, 0xb, 0x0, 0x2, 0x8d, 0x8, 0x4, 0x8, 0xc, 0xfffffff8, 0x4, 0x5, 0x7, 0x8000, 0x9, 0x80000000, 0x6, 0x401, 0x1ff, 0x3, 0x0, 0x8000, 0x80000001, 0x8, 0x5, 0xb0d, 0x3, 0x4, 0x0, 0x5, 0xc8d5, 0xf, 0x4, 0x4, 0x0, 0x6a7, 0x7, 0x1, 0x501, 0x40, 0x8, 0x4, 0xffffffff, 0x6, 0x4, 0xfa, 0x1, 0x0, 0x7, 0xff, 0x3, 0x1, 0x5, 0xe17, 0x6, 0x1, 0x0, 0x6, 0x58, 0x9, 0x2, 0x189c, 0x2, 0x400, 0x5, 0xfffffffd, 0x2, 0x59da, 0x3, 0x6, 0x1, 0x400000, 0x592, 0x1c00000, 0x8, 0x3, 0x29, 0xe, 0x7, 0x81, 0x7f, 0x3, 0x40, 0x9, 0x3, 0xb, 0x0, 0x7, 0x3, 0x7, 0x8000, 0x9, 0x1, 0x2, 0x6, 0xafd6, 0x5, 0xe, 0x7fff, 0x6, 0x25, 0x4, 0x0, 0x1, 0x1, 0x2, 0x0, 0x5, 0x87, 0x1, 0x9, 0x1b2d, 0x3, 0x1, 0x8, 0x6, 0x4, 0x6, 0x4, 0x7ff, 0x8001, 0x2, 0x40, 0x4, 0x4, 0x24, 0x4, 0xa22, 0xa, 0x8000, 0x6, 0x7f, 0x7ff00, 0x10, 0xf, 0x7, 0x2, 0x1, 0x2, 0x8, 0xdf21, 0x1, 0x8000, 0xe, 0x8, 0x9, 0x7237b9fa, 0x1, 0x4, 0x6, 0x6, 0x5, 0xad, 0x0, 0x3, 0x4, 0x3ff, 0x1, 0x0, 0xffffffff, 0x6, 0x2, 0x68, 0xffffffff, 0x4, 0x7, 0x1, 0x62, 0x7ff, 0xb, 0x7, 0xffffff00, 0x401, 0x3ee, 0x6, 0xd8dd, 0x2, 0xa, 0x401, 0x5, 0x7, 0x8, 0x2, 0xffff, 0x101, 0xc84e, 0x200, 0xfe, 0x5, 0xfff, 0x7, 0x80000001, 0x9, 0x6, 0x5, 0x2, 0xbd, 0x2, 0x7, 0x0, 0x7ff, 0x7, 0xffff, 0x35, 0x80, 0xd, 0x3, 0x2307a894, 0x1, 0xfffffffc, 0x9f69, 0x2, 0xfffffffb, 0x1, 0x9, 0x5, 0x8000, 0x2, 0x3918, 0x3, 0x4, 0x81, 0x8001, 0xd59, 0x6, 0x8, 0x35, 0x4, 0x3, 0x5, 0x2, 0x1, 0x0, 0x10000, 0x1, 0x1, 0x6, 0x9, 0x9, 0x0, 0x2, 0x2, 0xd5, 0x3, 0x1, 0x9, 0xb6, 0x800, 0xc, 0x2, 0x2, 0xd, 0x7, 0x8, 0x88b2, 0xfffffffa, 0x3, 0x8ff, 0x0, 0x4, 0xa62, 0x8, 0x7b, 0xff, 0x6, 0x7fffffff, 0x9, 0x8, 0x2, 0x6, 0x2, 0x0, 0x7, 0x1, 0x7, 0xa, 0x1ff, 0xc, 0x2, 0x7, 0x7, 0x4, 0xff, 0x5, 0x6f8, 0x1, 0x4, 0xfffff8bd, 0x8, 0x5, 0xad23, 0x200, 0xc6, 0xa000, 0x5, 0x169, 0x7fffffff, 0xc6a5, 0x85c, 0x7, 0x4, 0x1, 0x1, 0x6, 0x5, 0x8, 0x5, 0x80000000, 0x7b55, 0x1, 0x400, 0x2, 0x8, 0xc0000000, 0x5828, 0x8, 0x8c, 0x4, 0xf4e, 0x800, 0x2, 0xfffffff6, 0x52, 0x0, 0x0, 0x9, 0xcb90, 0x0, 0x8b2, 0xfffffffb, 0x3, 0x101, 0x32d, 0x7, 0xfffffff7, 0x9e61, 0xd, 0xffffffb5, 0x2, 0x7, 0x9, 0x1, 0x3, 0x5, 0x2, 0x4, 0x7, 0x7, 0x9, 0x8, 0x90f, 0x7, 0x6, 0x80, 0x3d13, 0x7fff, 0x1, 0xffffffff, 0x7, 0xf1, 0x1ff, 0x9, 0x200, 0x8, 0x9, 0x80000001, 0x0, 0xfffffffe, 0x101, 0x3800, 0x6, 0xa, 0x4, 0x3, 0x7, 0xd, 0x8, 0x1, 0x9, 0xff, 0xc, 0x30000, 0x9a6, 0x20e5ac2d, 0x2, 0x9, 0x3, 0x480000, 0x5, 0xfffff193, 0x5, 0x1ff, 0x2, 0x6, 0x1000, 0x10, 0x3, 0x0, 0x1, 0x7, 0x6, 0x0, 0x200, 0x0, 0xfffffffb, 0x7f, 0x3, 0x883, 0x9a, 0x7fff, 0x7fff, 0xfffffffc, 0x9, 0x8000, 0xfffff800, 0x9, 0x2, 0x6974, 0x7, 0x1, 0x5, 0x37b, 0x7, 0x3, 0x2, 0x7, 0xfffffffe, 0x4, 0x8, 0xa08, 0x8, 0x0, 0x6, 0x8000, 0x51, 0x88ae, 0x5, 0x5, 0x2, 0xc47, 0x40000000, 0xfffff603, 0xdf, 0x8, 0x6, 0x9, 0xc4a, 0x60af, 0x7, 0x8d, 0x5, 0x5, 0x9, 0x4d, 0x491, 0x3, 0x58cb, 0x2, 0xa, 0xe, 0xc65, 0x10000, 0x1, 0x69fb, 0x0, 0x2, 0x9, 0x3, 0x6, 0x8, 0x7, 0x0, 0xfc2e, 0x1, 0x4, 0x5, 0xb8, 0x5, 0x40, 0x80000000, 0xffffffa5, 0x80000001, 0x80000000, 0x7, 0xa, 0x0, 0x6, 0x4d, 0xffffff80, 0x81, 0x8001, 0x8, 0x40, 0x5, 0x2, 0x5, 0x4, 0x7228, 0xbf, 0xffff, 0x9388, 0x4, 0xfffffff9, 0x7ff, 0x10, 0x6, 0x8, 0x5, 0x5, 0x3, 0x6, 0x8, 0x96, 0x2044, 0x63, 0x4, 0x401, 0x9, 0x3, 0x8000, 0x7, 0x98a, 0xff36, 0x8001, 0x2, 0xb807, 0x0, 0xd8e1, 0xef24, 0x6ab, 0x7, 0x6, 0x5, 0x9, 0x3, 0x8, 0x89, 0x1, 0x65cde225, 0xc4a0, 0x10001, 0x7f, 0x7, 0x9, 0x2, 0xfffffff6, 0x6, 0x9, 0x73, 0x7, 0x79283ca0, 0x1b8e8672, 0x9, 0xffffffff, 0x4, 0x9, 0x3, 0xfffffff6, 0x6, 0x4, 0x8, 0x1, 0x10000, 0x7fff, 0x8, 0xffff877e, 0xd5, 0x8, 0x0, 0x3, 0x1, 0x80000000, 0x9, 0x1, 0xb, 0x1, 0xc4, 0x0, 0x7ff, 0x0, 0x8, 0xffffffff, 0x8, 0x3, 0x4, 0x4, 0x2, 0x0, 0x8000, 0x6, 0x5a7f, 0x3, 0x2, 0x400, 0x0, 0x80000001, 0xb63, 0x4, 0x5d, 0x9, 0x6, 0x2, 0x2, 0x6, 0x8, 0x2, 0x100, 0x9, 0x401, 0x29, 0x6, 0x1, 0x8, 0xfffffffc, 0x3, 0x1, 0x1, 0xfffff800, 0x2, 0x8, 0x7, 0x9, 0x8, 0x7, 0x6, 0x3ff, 0x3, 0x3, 0x7, 0x3, 0x4, 0x6, 0x5, 0x6, 0x3, 0x80000000, 0x7, 0x8, 0x9, 0x0, 0x200, 0x5, 0x8, 0x3, 0x3, 0xd, 0x800, 0x800, 0x10000, 0x2, 0x3, 0xffffffff, 0xffffffff, 0x0, 0x3, 0xfffffffd, 0x6, 0x5, 0xc, 0x8, 0x2, 0x2, 0x1, 0x2, 0x1000, 0x3, 0x3, 0x3b2af2d1, 0x0, 0x7, 0x1000, 0x3, 0xffff0000, 0xff51, 0xa5, 0x7, 0x7, 0x2, 0x40, 0x5, 0x5, 0x0, 0x7, 0x40, 0x81, 0x0, 0x3ff, 0x5, 0x10001, 0x7, 0x1a7, 0x8000, 0x4, 0x7, 0x45, 0x0, 0x1, 0x4, 0xffffffff, 0xf, 0x5, 0x400, 0x10000, 0x0, 0xffff, 0x4, 0x5, 0x6, 0x3ff, 0x1062, 0x101, 0xffff, 0x9, 0x7eb79b58, 0x7, 0x10, 0x1ff, 0xb, 0x0, 0x7, 0x6, 0x3, 0x39, 0x7, 0x1, 0x9, 0x4, 0x8, 0x4, 0x5, 0x44, 0x0, 0x4, 0xfffffffa, 0x3, 0x4, 0x3, 0xe, 0x10, 0x9, 0x9, 0x7fffffff, 0x0, 0x8, 0x300, 0x2, 0x5, 0x7, 0x1000, 0xffffffff, 0x1, 0x3ff, 0xbcb, 0xe012, 0x2, 0x6, 0xae4, 0x7, 0x4e9, 0x81, 0x2, 0x0, 0x3c1, 0x6, 0x8000, 0xd0f7, 0x2, 0x656, 0x40, 0x5, 0x200, 0x4, 0x8, 0x2, 0x9, 0x4, 0x3, 0xffffffff, 0x2, 0x3, 0x10001, 0x4, 0x78, 0x0, 0x3ff, 0x1, 0x5, 0x9, 0x0, 0xffffd925, 0x3, 0x7fffffff, 0x9a, 0x3, 0x8, 0x3, 0x2, 0x4, 0x4, 0x0, 0x1, 0xc1, 0x6, 0x2, 0x6dc, 0x40, 0x7, 0xfffffff7, 0x6, 0xffff, 0x3fdd3fd0, 0x4, 0x6, 0xfffffffd, 0x1, 0x27, 0x4, 0x80, 0xfffff7c7, 0x2, 0x0, 0x6, 0x1, 0x0, 0x2, 0x2, 0x5, 0x8, 0x90000, 0xffff, 0x401]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40800, 0x0)

6.053073387s ago: executing program 2 (id=409):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000700)={0x10, 0x0, &(0x7f0000000540)=[@clear_death={0x400c630f, 0x3}], 0x0, 0x0, 0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000005000000014d564b00000000af"])
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x296000, 0x0)
ioctl$PPPIOCGFLAGS1(r5, 0x8004745a, &(0x7f0000000080))
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x6, 0x11, r2, 0x7f8f7000)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x5460, &(0x7f0000000540)={'veth0_macvtap\x00', @link_local})
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r7, 0xc0145401, &(0x7f0000000340)={0x3, 0x0, 0x1, 0x1, 0x7fffffff})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x720, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000180)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)

5.89144569s ago: executing program 2 (id=413):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x10000)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000001380), 0x101100, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='pids.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x82013, r3, 0x81c5e000) (async)
syz_clone3(&(0x7f00000013c0)={0x240040480, 0x0, 0x0, 0x0, {0x25}, 0x0, 0x0, 0x0, 0x0, 0x0, {r2}}, 0x58) (async)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r1, 0x0)

5.837632391s ago: executing program 2 (id=415):
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_NR_MMU_PAGES(r0, 0xae44, 0x6)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000040)=0x8000000)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x240000, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x115c00, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000000100)=""/79)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000180)={0x1fe, 0x8, 0x1000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000001c0)={0x2710, 0x5, 0x100000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r0, 0x4068aea3, &(0x7f0000000200))
ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f0000000280)={{0xeeef0000, 0xffff1000, 0xa, 0x4, 0x4d, 0x8, 0x2, 0x1, 0x10, 0x1, 0x1, 0x2}, {0xffff1000, 0xd000, 0x8, 0x4, 0x5, 0x4, 0x9, 0x1, 0x2, 0x3, 0xfc, 0x10}, {0x3000, 0xf000, 0x3, 0x4, 0x35, 0x8, 0x6, 0x8, 0x0, 0xed, 0x8, 0x7}, {0x80a0000, 0x2000, 0xa, 0x3, 0xfb, 0x81, 0x2, 0xfa, 0x68, 0x4, 0x4, 0x3}, {0x5000, 0x2, 0xc, 0x9, 0x3, 0x8, 0x7, 0x40, 0x3, 0x40, 0xd, 0x6}, {0xdddd0000, 0x1, 0xf, 0xe6, 0x0, 0x9, 0x0, 0xb0, 0x2, 0x7f, 0x4, 0x6}, {0x2, 0x5000, 0x0, 0xb8, 0x9a, 0x4, 0xd, 0xa, 0xcc, 0x3, 0x6, 0x5}, {0xeeee0000, 0x5000, 0xe, 0x78, 0x1a, 0x79, 0xb4, 0x8, 0x10, 0x9, 0xb4, 0xd}, {0x100000, 0x2}, {0x80a0000, 0xfff}, 0x25, 0x0, 0xdddd0000, 0x4, 0xa, 0x1001, 0x2000, [0x3, 0x0, 0xbad5, 0x100000000]})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x230c02, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000400)=""/154)
ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f00000004c0)=0x2)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000780)={0x1, 0x1, &(0x7f0000000540)=""/145, &(0x7f0000000600)=""/94, &(0x7f0000000680)=""/202, 0x1000})
ioctl$VHOST_VDPA_GET_VRING_NUM(r5, 0x8002af76, &(0x7f00000007c0))
ioctl(r2, 0xa, &(0x7f0000000800)="7d1edd47a5d4132fe975b68899fc1723ae3b5c4c311450546c12f840630330a6dd23da96be6f095aa9ac0f474e0493d16c68fe416a1d2699bf48af")
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f00000009c0)={0x3, 0x1, &(0x7f0000000840)=""/20, &(0x7f0000000880)=""/130, &(0x7f0000000940)=""/85, 0xf000})
ioctl$FUSE_DEV_IOC_BACKING_CLOSE(r0, 0x4004e502, &(0x7f0000000a00)=0x55)
ioctl$AUTOFS_IOC_ASKUMOUNT(r2, 0x80049370, &(0x7f0000000a40))
r6 = openat$cgroup_devices(r0, &(0x7f0000000a80)='devices.deny\x00', 0x2, 0x0)
ioctl$int_out(r6, 0x5460, &(0x7f0000000ac0))
r7 = openat$null(0xffffffffffffff9c, &(0x7f0000000b00), 0x20003, 0x0)
ioctl$BLKRRPART(r7, 0x125f, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)

5.784058842s ago: executing program 2 (id=417):
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB='max=0000001000000000000']) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000003940)={0x1, 0x0, [{0x20b}]}) (async)
r3 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0x4018aee3, &(0x7f0000000180)=""/216) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x181, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async, rerun: 64)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (rerun: 64)
mmap(&(0x7f0000215000/0x1000)=nil, 0x1000, 0x0, 0x6011, r3, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x5, 0x0, [{0x362, 0x0, 0x2b0}, {0x1ae, 0x0, 0x3ff}, {0x324, 0x0, 0x3}, {0x611, 0x0, 0x40001}, {0x0, 0x0, 0x10001}]}) (async)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000280)={0x7, 0x0, [{0x80000007, 0x2, 0x6, 0x9, 0x1, 0x1ff, 0x2645}, {0x51a70dbdfded52b5, 0xfffffff9, 0x6, 0xfffffff9, 0x5, 0xc, 0x3}, {0x80000008, 0x7, 0x1, 0x3ff, 0x2, 0x9, 0x6}, {0x40000001, 0xfffff000, 0x6, 0x0, 0x7, 0x7, 0x4}, {0x2, 0x3, 0x2, 0x80, 0x9, 0x7, 0xcdc}, {0x1, 0xc9f, 0x5, 0xb, 0xf6, 0x2, 0x7}, {0x6, 0xfff, 0x0, 0xd, 0x5, 0x7, 0x1}]})

2.685453909s ago: executing program 1 (id=476):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @fda={0x66646185, 0x8, 0x1, 0x18}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140), 0x101, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f0000000180)={0x30000, 0x0, [0x6ce, 0x8000, 0x3, 0xe, 0x0, 0x8, 0xfffffffffffffff8, 0x9]})

2.64256958s ago: executing program 1 (id=477):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) (async, rerun: 64)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (rerun: 64)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000010000000000000000000d000000000000000000ff"])
ioctl$KVM_SET_NESTED_STATE(r3, 0x4080aebf, &(0x7f0000000340)={{0x0, 0x0, 0x466, {0x8080000, 0x3000}}, "a9cbc4b723986beb2541731c8831607b6ee747534f2610e68420ac50bde6dad58d04aad3777f18b4f168b3950653ce1d7740b6225b60f102dea41282032f21c3f19760a59ad876506e4e939e80e92248edfd8137e41621c1a490cf3cbb0502fa6deb4cb0efa6bc813cca06ed4828bafa15d1afd8ac82b71d1a7b410eeac6a6f31e4995b05d3f93bf80a053ae74958ed42c6c4b4d0bcaa08d3e6025a166ac6f19973f974613e0d7ca52d6a648ed23fcce9f475faa3e49d697324fa1b2cdfef7deb66a190e9185a90f5c54c88895af1a61f8c0722f0c0bf9835d8910449682cc5551ec995aec222238bb28f41ba7f99f93b785dd2d48cf389f27da125b9c3ec7f716d6b6b696a93e625f0e17b4ff3bac5eec8e2dd837254c16d8c9b2a773ac70b8dc7216980fcf1db0cd885a6f3379dfcca516b0b5771d3dfb2212fd569b8f6003dcf8478390e14a5bf73eb1a61a12ce20ea3f5fbd6d9a56a4adf6043190cc7d559e7773668d0498f6c7438917d204ed2ec53da03cc744619be3785cd8cddb678f8e90965f22242bb62fa3590dde45cacad3852a54154a90d7495cc4cfbd7baacc19604efd864cc76a7e867cd7403301f45a3ad20ed8edf412e4aae5f279eada88ee43a436dd3b1f37098b7d81759aff2d81e5593535d44035fdcbae0f45a7163c06b8ed7da27a03e266947d7f11d9e1600f1a88b99643a0b99abad360b8137415f7800f8a5a16ba306778733d5493cc73d0aacebe1cc4618847bd620034cb617c55e47ff8d8000f52c25a6b3e9272c297e6b30bed370dda4c2b56278893a4faefb28a87c40229d3f80814e128eedb7050465e1e00547a1b77ebaef78355d9867ce521138d63f147ec3de6cac38d9eeb1d167494466e00d97a32701117bbe0f95304970e632b9cf8ded044b3f1c01326095b422678d798a9c5f8ab05f4e6549639186723aa3d38927ed4ca94a9e6de3c4f5ce99d090389473455cb366c7dfcb43ebe60271a3693e80ae4948291753007f5032f518ffc832f3e819f3bdac1085a80cdd494cdcac4a874a14818b9dae534559c2c5a542a12949a22fddb9060e8a400f96512aa8eaaa6659932dc8852f5709a808604c2fda229c79933646e36255948baec6e0c2d4fbe056628157ba456603e5cb45761b5aa97c0daceb3e6d7a192d109847057cb4322c9c5e62403c921e9cebeca77d12c3ed05f5e131e3c00d9070618872ea8a1f05e4598c98739d3a9245e537ed992aa4eb8a571e4c7c0dc797f91e3258835f9db1b6501edaaf38c9fd4d718c743d30b6f1e480ce9408aa6b894055768738e3df843301d99b476ba8d30f6483022ad7fd50493e600700ef1b70c72f607feb0df9898b61a38f4f59d23779b7af4a5b5a0e7379877d8c875d1e47a9ddbac19208cd22e05f729a9175b9bf1c96618d63585204eb5ea29e0a0f17c12219fd51bc462dcff6d3ff73b64d2a5f7ebe6ebdefd841698e909cf1018a88afefc1802fc97c22a240f20ce6938ae6b2224f7ca311622695577f3e4cb8f7e87bcf5bcdcc5311815bab1499465f687903b4da5693c83cbe13ba3d94f413bbdf9886241fc1f0b9ea00e7b2d1c2fe29d8921c56919bbfa091d4542c590a18848256b7eca92114c5542356bb15e1cd59b28a5d5b86bb92c30e88ea6edc6efd3c685a7e9b840b61f445bb57d670d3dbba61da442fcdabd4c14b9dd6543aafca5bea6ca16c00bbdc0999cec79272dfd1de86bea7d830ec2deaa339c2fc57d6490ee7cf3bb4e6cb4b8dcaa4279bef0af601f96dc25a3cf926eb6c5eb9529a266e1a9d96fbb5e0ffeb472d40e3853f42d69e725d2dd570b531779a09a5f945a2dce4ddd898be60b9d38f3c305f942f8f8a3ee992de01a0d6b3db1a4174b770681d2470edd2319a9b9d04d3cadd67583a313c071f809c89134b2b714cb2d7247d4d6b5d794302e9408e946bf1cadc767a8ae918a6608f7d2dbb2d825e949c823ac6bda0c46dea864c83222f3c7f7ec020f3a6445f3762dfaae5a28c3857053b2548d11c9b9f4af5366b43012e35d14ba139085493e95ad24bcc92b835f3c72ff762fcbe3d04ee2051e959a9e680f51425d5eeeedd99767fccda20b44bbbac6989e1d6f70f030c2530b83923fbf27fbf24f62ff7a5619b39b338e165dcf66faf6092edd19216fdacfb8eb80bd7d8a7767f538c3021e20f498c8e456bc32af1157b5988950caf1c478047f132c01f53c12929f030e9d78c284e64a521350d72748ef214c05f4c8d2e47384c3cd29c99a2df1abb2e8ff5a363a488feb119e8ad5e3c39a4f24449d00b3772090b499e2c65b50a3e6ce7f1e2f2bac0ae5e58147d1d6887617ca38d12b1cc9a5e3ee47539f40179136698acd9b9e20a4f85335dcb19d4ba4a05bcd84b27a9f1897ab8f67abf78ba3ce4d87b37c129562d33bb0836c8fe830c068e7c8b6728ed585258c7d82b5c407d0532bf5ba60cfb0a6e6f3aa44bdf3bb7ac389023c3db4395c3875a3496d85640d423775d8ac0c4c3ab1831bdd785a5ca0ba2073bdf6970e4b63718944603ab32b83d7c73af090c3a941561a76f08e2235e1ea8a0b721cd6a73466664c411c33fd1a3e46e580c77034cb09ac38b6d1824f642d3354e827b6ddc0ca15c3bd7192882eaece388d428282c859fed7d280e5d81cd0252c149154e2038a3f2535781dc81d7221278c21ee819fb913fc8d97e96f3dbbf0b2cd63a0ceeadec43fca7a760f45aa53de97597b4afb3abf5921125e9f148da377556e6de1a62aab6055b10c1698649515e62c572d62d901ae7fcd417b627db64785fbdc21f0e978eb143d7abb2771de9a912466fb6e6f55a12f209e131732d45a8293f1a36ddddfad54f857016e3ab7fceb97ddfde1a8c8569dfa972ec636e7c93e603d5e1d0e98d6f109dfa6df50ce987abfc291aba0e488ba8f0596fbd1bacd58862b611250a85cd34e7d100f785286d815281b62ef2dfeea5e8ba4ee4a019af0ff59b0f4f3049f8718d0fca57de1cf88763d13ad26c50cccec4faba99d899ef079c3400052d065cc0a44e8f73dc5bef5f8681015b29c96dacd026d920f369a2b0c341b8295f5268e2d9bf80df2d9ea1017b5b41ec2060c2fecc67c040e7c37521b6d6174c4d4ed4accc5479f6fc4ddc0e45a7f8030ff8e23f000315a3565498d07bd0cc6459f5cff23b40ffb80ace2f48fe0c1a337bb4f748bb8c057089de5cd727b278b45d84a8f7df9f898b3cef2ec319b032f888c4953bfe141c8e4b67ab3f95fa133790ea17b27be21c9478da70641265045e81e28229a4dc15f59c2f18b1b9c082d1154bc9565508fc9419912b48f3b1271609006399a844f6ccedb6323ada63d3e0b340fd07cf9e3b98b1d193bd76796c2a185366b25468017d28371d8792eb42304961bc9c1f4ef4025d2814837dacc9f1d777bfeddb30eca1cacd9f5b6619c4000252ecdabf7107dff264046c111c6f5767e3486c37ec175f52bd3460a7ad49e35bb729ba76e2fa5e117c49b750000005e0abf56340740b81ea37c5df26b7c885cc5da412cf4e9932e2561aa7945945dcba0677786c9ea9b9aee47d73454df82048f021b30a817606c96415c22e1e908316f84aae52e050e31176408d35ef33091618df7d38d22bd2b626dc138f423c32362878c8f6538dcf0b96c4298668d4bb35773c952bbebd4778c964b0eae8eac9bef3469ea5da890377c500ea027180f5308585cd7941c7e3305c32d610de49b5c1acce6c285d88a99dcebb2b5972a276d416abf25b44c1712a43d3e30005a1535553e779c0f72ff519d2407214c02e7020ca479e93c3fb2b867ad73e69ba10e92f329cd54c4c80d227d0710cf384fd9a39d4c4053afce6d1e93b47137843d149e888bd868b1b2179c1fdd8291d15724db10a756300209ae4a2ed91788fe9f980af1bb00d05a8fe1a020fe4bba91fb487c8ea674a6739067a0a86b7f2a4fc141f6c864f065fc6e5effdb5a1f1d063c6888626e13ced52f3669677dad96da1cfff7d700e9f6f74131b8ac0f4fb6c8d5fd675b1ed6001bba7dd0e95567a6d06fe28e756609821312f4725c5909c6353ad385e57fb162e2f65b5e2a0100aaa356a19b9c5c183d195d0134adb8bc8d03415daafd95f3a5e44f201741e22dd905dc12469664040ce714a5d9042f58db392d6c6af1eaa4c82cd9b4996252b44334be627708463ffe52a80d8d1c8a5b1a23f9c68144c4a6c6387e542b3cb9de7765faf05fda086986d3c6a1f0906b2ea0eba741abb9514ccd57f2d8ea1d67145c5d71749b560f85093ecc265a24239078253fa0bd39bf67f8e1d78f07e167c05d808771c7b0146af368e8859273ef76f9feedf7fc69640b5e95a25076c477338e31cc9a7348b8a31a0f8d4dd9e6c46f18126279c5d1192ddee08a7057195689954b26a19dcfd2a59febb6556c18c18abc85527372919196b29a737f8bb3b97bebaf3e6c43099064e067f12772c2333be19dd4e803289430a660d68963a26ff1b1c8c664c0318a2558dec140d984837a936651906ab960b6bff8bc8b32704f3e0769e6c85c9f5bd50270bc1030ea71f2db5c43116bd0641ed31ab6db12514aec68febe59e04d2b872c9fc2173017ee6e75a18d6832c9992d1ed2ead9452dce9b2efa01dc97ea31ee5c3f5743760f2589615f45738140d0f8c148f1858d0897094a34727493e607132bc1eefa0d0ff236f9ac5a2a0f0bf06719c1d5061846e427fa36138c808741ccbd10ad3f6f54470804e656a8ab1a9ee9a523bed87cb2fd4d6db8aa6d6b80d1e9886dc12b915665101b9094a22f44437918005356fed797ebd97ec6493bd681f69321f9735ae6d3d6822818c7cfb21c5f3a0f9d5b8ef070c916fe9ccbbf04128a27e7928e3572f125b986c52ec0de078b40135b922a2feb294b0349df06d1c3e2c9d2ed2ee88b7a1673423c6baedb51beb8f8cb1b3b986d1b9632fedfaec8e9a237311beb89cb0dd7efaa5b68537641d06b7cbfda581344c87452b4d3fe96cea6143378c4dd7586a9d55c666cce828ef91a35f3f0a5c9c369bd20c1bc7cc77fcf316a567fa21863b12c43faf3b9588dce4caa151937c6ee699cf49dba041775773ae062c69783758513a178bf46d2d40e24afe8975dd768a466755af2ffbb9fa728724a18fc9f427672ad5867a72ae8caca60fcc90cf817c291a2025b5243ae36e200b5e5c9ee4e90eac775c3b29fe1df8c35716f37d11961084fc28b0f8855376ec85d7741535f88db7977629dd832f06bb258e9a88cfc8671df2763fd9383a777f768c7aaecb9a7af9e76bb719767767c3d5178e2a10765c6b2ae80753f403125a9203ede6ed44eb96a1a010842f88f020dbb7f8df8bcbea0b60f1b99dd9b9aae2dbc995edc8ed82ec5e21e8d5e4d8d9fd0bfab342db38d12bb24c20c2a579069d74624db16bb9ec501312d8de0e653e9e74668d0ed05ccb0eb99db410c0000000fc246302635630b295ccf849e45944a25baa7f4651fa37f147e0fa977c0304e7cf25fa78260ca03abe8dc32cfb461f019f7d82194a98daae521ec4eaf3e138bb95b09d8ff2f106febcc126743abc8f8b707cd2cae1548c6fe54f64bf46c9ff03975e0c37eda3d485ff76ea5ae71fa5a2ca0d9293ea0cd4186e6e2e26fc2ba5e2cdde9400d9c1717058157a8410c9cd7ca4e679f41d8932576e7b292f28dfb9775b0ac5eb5788a8ddf797e32919e7a41c305af2e4e37eb4d5600", "1acd2077949cf1f27e1e764566e4cffaa168dcad09bfe7c84a06d9db78a4e8f0504116608cffa736ae4427d04f27d39e5de80f8935f281bc483252d1c4e0dff576831d8505d3cf34ddc4f4760b53ec5182b54b352dea1b5975eea9b6bffd5b66524559c7c3e9981d7a0ff5ffe6814c923871db66426d98286aec1debc56864a4b29ee5cb46989af08546d6d1a5d9da45db7d8abea1d392d0c668cc040da5d129ddbbe6a95a7d9e51a13328ea3fbd9ac81f03914ed9d1d2b72c234093a351f7294556996ca5459d796cb4127a9aed8e0cca398d1b5af6eae257d02db91a61d49a5677ee9c8caf1855edd2c25b9b3a9a5174d2193108e5e87d781780d9506a890687c80c429f3a46028ed71364c4b8d3b2380b38d2cf7e447dee058f556dcae2627e49dfd316d169d382f2b6775233157f57c7be54b105e2493e140ad97ecf9c12df8f0db9a973d0ef9197ebbdebc5e822ee06852a408560c7f19c65ab8527edc9ec1d6378f2c748f7e84d1d6e98de8abab3e0e42a866e1ec5d00822b124a98d77e9c8dbb3ac6648afe409b21e1cf2f5458a0588cd11af6887f552f6c16a801abf2594eb9a80e704b8053573f661dd29706e71060b630272037144b33d684f66128950510d4138785418f726eb7c7f84c7dda646b3647d673122f95ef89c863c3d4adec4477664cfe911683f19862cc918451f70a6a359dbc66b3599c0af91858ebe13c253a6e9a96758955fdfd1be103777812339e3786484a25b18994ba69b4275f26a64afb9be5219061d94d7c472236f1a20a9217d70abab15182c5f04c6080d535e34045d6497c1c8a2ea53fc022eb159d0d1be59a21f277ce441f3c5cb03ef0e7e1ac63177dfe567e2cb9055228f32c9ca6d38d99093fdc129951380cedafcca40712a2da5cc0af8d872d8f848ea5ff95210a52d2390e236da76fffce86cc8a78a8ea0e1e4464ceac9021556d29d7470ca19849b417aa6aee032f3bd437cb5c839c9f5fb20ec1367449abfb5e19f8365b7947bda60e34136e2eb53e0243766c2718d4bfe6eec77f8ca04d177cc17bad59d651a08349651de6d4dbf5856a6d42cc8cb2441ab7dfa9420d87d4a5aa5914f619b2478a0d68a98280231c8e7558d11eec87e80f2d039b5d6b287d9b3667b020dc45b999b162247bf38f5ac5fc99b5eb6ac5939d35d7d6e71b366f9553ada2784671aecdbdcaf42a2f254dc0289f7be9c6f0c045b30f63ae1a8fac778030f27e04e980bae66e474bc4f9572b8a0d8119ce13ea2ad1285b3397bc929ff26a2ba1ef2760c77e3e114d15742740b27796cb2fc84761db427cdf3c63be71fd6734ed2cb1300a8d5e2b1964f2a0320bfbad8e9bce0cd9329c8c41d79107d77f65c99f3c03813c1f0f5351869434c2ccb685f1863fac38a44ecf354ffde4926ae3cee90833db386633e6dba3585ec36f1aca6701d4d1fc13ac1c5d4cf2ae8c8c418da372bce96451dc2add28828e45ce3f6e35da3d49dcdb8ceb084a581b68fc5fcd4c45246e6b215ca98ae7239c317fe45404984292a83ac7e62614665bec4a5e80b055a0635003e93172e2045ec88144d9d7a2b50c45333720e2273b165147a0b1af77fe87089fe8c0fd32c4e950aedf6798c9007575dc86c02089414089527baf9bbbe5eaf4d58289de0987f8f310d7900ef2350daa438ac83ff255344a2bc814a3e7055269544310b0fe78b07eb0ee5f16899fc8bdf8e3cc47d27a44c93528885452195706091eaf15930f9df5874c19d0a1deedde0cbe9cda7f0618c378bc4ba6fbe911d546c7bc76954fcc6b5ef56c77d306421f9d24e0770cf8b578aaa6276bff4b98e9968e9a1f8c78c6d647d8c52a42d27ee8359840747913e0983e049ad77d87e35800eeeb19cd786a5edf6886e610f51b4d2290d959c7fe906dad2d3e2a5648c5ec0d48becaf209fbb6599d1b0d6299cb2b2fad3b3efac6ba0911a63ae399fa3f19adecc9b10533c99bba28bf9e37600db41c2b463c25b0602fb86ef043ee72aa26e7f102c3afe4073d1318671a514f8320dcbc699514792d5c90c34fe6809102cb6537a4e76530256cd997a1dba4a75b1578c7f12b409af040afa35c54001a4abf1c402f91413995ced6b64256684c34283e644246d235af905fa2edf8f802a65c1c1e0ba24ea656cb3b1f876b6f335aed27c3a6e8da53b1b9c283d299390310df6dc84e5569ad3ac1744824b329fc24cb8612c061b09440464c1168012dc40e8df788f9c708bde6bd4eb3f6111729b08796d0243b07a21ac542ae418f19ec3d7171197c8ca216b20f786784400f2834d98819a5fbbd909677f7d7309dca5c0e2cf74a8a53c1791c78488fec0520d3c71a9698e5040920acc5eb7764f4c295cb2f00b5a62d5fc1e1d0040c639886712ad4fece171739fbc0519b93c8bccac49f871a0e2f5ba97331be916aaae29b8cd646028629cc227b916d1d8b4729da3baffb0e39b533e039eb9f10073c156485902745ec60b8d281b2f84a8651fe4c533119bab8424bcecb28c067ffb1e03e05bcf9d6d44dfe0782e072934fc36e70b1acbf30387495618ac2729811aa6c2901b109b33a0010cfbe666fe9fcac86cc81023dda253863714e89c78265e219d00ba20b3c846368dd21816f699a6af20a290f075f4346b98ad40d69caaf2614856c0bdaa661907975679f5cb5afd3738ba811db58123922647476de50ccf17360393433b547bf0377b2115a7cd357699d043bd80981a2a28c638f7c2e725d85f9edd2fdcfea1f7e2bf02f9f0d4236c9d14c6d382dad99192125b219eea6a13b5685efcf34454d2a12537c5354dc5e34ecda968422cc472f0fec174b95cd298e89e7efbc164465dae45059a40e104b1a980ebc781848b0109ce9cec600b190a34dcf741dd6145d56c4ec27c983a7d6328130c122217bbbb33e2cffba1a352b6805dbd715772153b53051db7215f475ba8673b0dd59e2db414a658d3d262c5304d300b930921c7c0a9910eed96a705eea2c8657be193836a20f23fcbc8ef105ca25551626caf63c511d3c9dcffd9d485f27a63b6992e4b6fa26b02903a4da52fd7fa06397fe2883f9b6a4cac2ffb8ce1f476ec72bccaf0ec7b16e6f601e72f46e835d9bc2a82dccaa449728d22a7ff17772276f54073c66b184de0fa7f681823dcb7603a20aa94b76a9b7adb9f11f447b8764b2d719bea91ea32edbb4d340d18f18b3f53d1d07d0405facb202c30ac1ec145516e071cc71c59cc6205db061a8c19bb2d3ab463f6fea1c6d3b5a69d96e5b67ed569e1c04cff6c9f69ab9343e9a71bf6776d3b84b47de2ecf9a0d45515ef5a3b5c6d55f2c6543ef2bf0eb795219da3026ab06c9ba9bbdc30d5dc7c3782a9f58141a63f8d4683ad5c1d156c92c508cefd9702e9267263e34ff96800c425f768bd204466f4f9badabdfaf35e1a8096150e8afeea3a30586b89d1002f041612f8e81de4dcd268bf538307c4d28d1d2ae1af979f3b02017ebe942cdc8fa7964fe978254eb15fed7478e4200e381409486d37e0205c597b5ec19243ab547da051dee03f18e079af60dcb2095fe86f292a4b4bba8682ed8b220c0b48958882aaa7e93448bfecebfba6ca3ef28e0752080cbc9f752d6da814a9dc5bc552d9fe73b8a1df8eb0158df58810fce8719f11b04c4e157ac8ae3692f825a4569ff859273775c45eb999fff7a47ca461b2fda6edfe8ed8371ed29c4f7499448cfff0bc47ca1d8fc9eb35f79db389781c36e89541b686edc21f088463b2d26fd9b650eaf5ed1cda0f00040000000000009b0c527ba655252f77b77c2f4cc0f7741c52a57629fe511c5f9c17ee44fec35da363f5356343037b2705a393115062719e6bd87bbff2472a7833be6d2270fe5ff4cc9f0439a53adb91fe1520ff4841c120e80c99fcc2d0ee794fa8c91dc9c4227ef9f9ac784ce41abefa69b84acb285e385b74501ea137be765172d90738f201497cb7c992dcc2f17341c9b6a0ef3dcb14350669802e3295b5a133142df7bc5645bbf222d2da033ee4cc4f225f248ad88782945869c29943eb6498c87c2b125fb2d4067118c2b417308a1703fd9f48c48ee2a9c5af44df473e3b99b8a941fc4967060b4960864bc97e4f2bf53e7a5c2ec3d47e7bf8345b56a4df5f84d0523c1b6cf9399110e393474b3ece22c4923f531ff12242d5e2b293846a7ed06e3e7f062cb173431a2b680188fb46d2cb74d4a0d9dae59e2be485aabbb54c26406e6e77de3031e049bd8a49139fa62151716a665fb9f1966cf6c57f4185f7cffbbc43341f3b69a3ae0a4dcfd9b37f0035a69ac552830f0ca56069c8f69162280bced2ec30c6789f32cd38d7f97953f0989b65cf90f01206b20b0111a3d22f3d2f85104b03283f4fd7b80e53f20f1c91d5bf3b67aac25c4300b3191c1f5d7bb0fe112deac0f6acbea3b57c20c5d8f0bad48873a7e7347ead5a4d0b73041c86bdcd3b91d6cbe0ebb5824fb90cb4e74f439505074f236679c4ea4015fbdf0c44b4063b62cdced485cbca0eae2404da7158a974b7dc14c5207107d5424de14a35739f68f3f151c6de20d0ad19d06521baf26ab2cb7ff7e8f83d60a9f554367f99fa5c44910b886e1c9c2418a7a4b33f19fff9af4724c7c8251ffc24cc4464b8804b6704bc0572b23498ec92263d37bdb54490f3316087c5b192a20027ad6cf1a2c3fef8043e2847b8734fa8dc91ce992474796e3f71580841379279f8b10ab8e6766196fb5a9b2ff44cabece6930fb9f32e867047313410c13b11a8a788a29ad93a5b9ae1b960a46fd48fe5cdd7168815c67b267065453547cb60db74f37238b2f7f3c78abc249ffe118a1d3e7eb5cdd326ad0a07a50bd24a6be4b5e56fade7fb7c3b515b4d0b16884c9eee7ef9c82f2ea4d89113e950622cee8e63519a899da3ee83bcd369b01b373934bbed73d8f94e3312e72d82d3fb8b8e65b0f5580cffda633467fc3285023159c3ac7273a46275d874b87254df07ea15d0806f4b8312c4e95235cab31e015a3603906c188233db45dea658dcf694f5097a9e26aba8b58e248210fa5e12fa08cbbe0a01afa9b2c36d38d298dd180ee6e358d45397471bc064e2e8e51da189e98bf41cc30b50b0d937e8cbfc5b138dc66143716b27190689efebcaa5676c9eb370465f77803b219b0ee1f65f343d70b01435f9adc46979b121944e13a02cbdd47a9898b26d6cc5294a9358971bad37a6b01d8b2ee251e50b02acbd560bcd4a212124f308d87eca79d13c77b90510675989ffb70a9d5643df2db6067bd4e0fd21d0a40b84177279587777f763bb9e2fc99186402ff1905eb61b6ea3bef862beb10ede1fbca93f5b426f683bb72099ffc61c99d8a7527fe9167b13d786402864d2b4237fa47426f46b6d5e0911de793f73610b46de4e62b8a67aaed298a9a2d5b5c5b7936f8bcc62a8f9d64d8ff1470a386974b35f382f42ad1fb2c9de214b35aa0afcff7806d7601ab9142a0dade5c7a9e6b0c16027c4d0fc413ba5d16f0d4826b3f469afa6e5ce4a19e21d2a2c2c1e3055706d0ce371dee59a06e534887cf5e300bd118b7c5e8eee2a8fd4bf6ca96df566f49049bd25533c8ae08eb2334ba183529c041f3d9b45139173f3ee8b1b8f8633c9cb7caa735805d56b1e3119a97f3ce86ecd8f21256c0a5a54266cc00927c881ac18fef64f25704b3f01b4885a9c4053aec5bfe5be638563267548cacbad2a95c3c48e6a913bd87ec0c489c236214b650a17d27081ae8def0d27c0d6a25553601875192d11c9e3ef2a3273c1f9b079"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x4, 0x0, &(0x7f0000000000)=[@exit_looper], 0x0, 0x0, 0x0})

2.456040743s ago: executing program 1 (id=478):
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000440), 0x80, 0x0)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x10)
r2 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
openat$rnullb(0xffffffffffffff9c, &(0x7f00000002c0), 0x204800, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8d], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000007a80), 0x101000, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@binder={0x73622a85, 0x1101, 0x3}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x10}, @fda={0x66646185, 0x8, 0x1, 0x40}}, &(0x7f0000000280)={0x0, 0x18}}, 0x10}], 0x0, 0x0, 0x0})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x3002, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SMI(r9, 0xaeb7)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r10, 0x4068aea3, &(0x7f0000000000)={0xc9, 0x0, 0xc})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r0, 0x40046210, &(0x7f0000000040)=0x1)
ioctl$BTRFS_IOC_SEND(r1, 0x40489426, &(0x7f0000000240)={{r4}, 0x5, &(0x7f0000000000)=[0x9, 0x7, 0x9d2b, 0xfffffffffffffffd, 0xffffffffffffffff], 0x3, 0x0, 0x1})
r11 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r11, 0x4018620d, &(0x7f0000000100))
ioctl$BINDER_WRITE_READ(r11, 0xc0306201, &(0x7f00000003c0)={0xfffffffffffffeba, 0x0, &(0x7f0000000400)=[@increfs_done={0x40106308, 0x0, 0xfc}], 0x0, 0x0, 0x0})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})

2.176143067s ago: executing program 1 (id=481):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x1034c0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000003)
mmap(&(0x7f0000fec000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r0, 0x0)

2.175726437s ago: executing program 1 (id=482):
getpid() (async)
r0 = getpid()
openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) (async)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
read(r1, &(0x7f0000000080)=""/1, 0x1)
write$cgroup_pid(r1, &(0x7f00000000c0)=r0, 0x12)
close(r1)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0x2, 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/cpuset.cpus\x00', 0x2, 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/cpuset.cpus\x00', 0x2, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/cgroup.procs\x00', 0x1a400, 0x105)
openat(r2, &(0x7f0000000280)='./cgroup/cgroup.procs\x00', 0x400100, 0x10) (async)
openat(r2, &(0x7f0000000280)='./cgroup/cgroup.procs\x00', 0x400100, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000480)={0xa, 0x1, 0x7})
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100008781e65ecbcd887700000000000700000000000000"])
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/cgroup.procs\x00', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.net/devices.allow\x00', 0x1, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r8, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x3000, 0x4, 0x4, 0x8, 0x0, 0x1, 0x0, 0x20, 0x0, 0x4, 0x10}, {0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x6, 0x2}, {0xdddd1000, 0x5000, 0x3, 0x1, 0x7, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc}, {0x3000, 0xeeeed000, 0x0, 0x0, 0x2}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x75}, {0x0, 0x0, 0xa, 0x0, 0x0, 0x7, 0x2}, {0x10000, 0x5000, 0xc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0xfe, 0x0, 0x0, 0x10}, {0x1000}, {}, 0xfdfcffdf, 0x0, 0x2000, 0x302034, 0x0, 0x500, 0x0, [0x0, 0x0, 0x1, 0xfffffffffffffffd]})
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000c0000)=nil, 0x0, 0x1, 0x11, r9, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000100)={0xc, 0x0, &(0x7f0000000000)=[@free_buffer], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000100)={0xc, 0x0, &(0x7f0000000000)=[@free_buffer], 0x0, 0x0, 0x0})

2.015568369s ago: executing program 1 (id=483):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000080)=@x86={0x0, 0x5, 0x8, 0x0, 0x0, 0x0, 0x1, 0x8, 0xf, 0x6, 0x0, 0xfd, 0x0, 0x1, 0x5, 0x3, 0x9, 0xc0, 0x2, '\x00', 0x8, 0xfffffffffffffff2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close(r2)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r3, 0x400455c8, 0x4)
ioctl$TCFLSH(r3, 0x400455c8, 0x1000000004)
ioctl$TUNSETOFFLOAD(r2, 0x400454c9, 0x9)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x306)
openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x7})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4018aee2, &(0x7f0000000100))
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000580)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @ptr={0x70742a85, 0x0, &(0x7f00000002c0)=""/242, 0xf2, 0x0, 0x3}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/key-users\x00', 0x0, 0x0)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0x4b49, 0x2000000c)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200840, 0x0)
r10 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000140)={0x4, <r11=>0xffffffffffffffff})
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, r12, 0x4d9f880ba3ca8d4e, 0x12, r11, 0x0)
ioctl$SNDRV_TIMER_IOCTL_STOP(r6, 0x54a1)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000001c0)={0x24, 0x0, &(0x7f0000000040)=[@exit_looper, @clear_death, @clear_death={0x400c630f, 0x1}], 0x116, 0x0, &(0x7f0000000600)="86a26c9da618d909bce30b7cf1cd8e3cd67bebed2f51f050b192202dc79a841f2307e8a18d200c24f92523c2e73cd5d0392854de671d87310511c3173d65868163dae6dca81ce9330e7f8083114ca0336d334fce1f60203ec29a53e0f3109b5f95a1f5a20b1ee8f1d39b9660a40c44c98093ce8a73170e92de42b3d6635738d31f142a3cc29ae231a13c3312602d24a87dd2633985828593c874478e39167c53a2bf23e10e2c524ca001ce4959020a3701688d5e983a401c64fb492240181bfe977b918126e1bddc768f506683a0c996db2409b0e4b9ed9fdd943c38b0bc1a2cd5fc5e87d8686d44e589eb90f79243c7ebf19d74831f51945b2596b3d50933fbf6f46ef8e4526977e2164ec08a6ffbb7767971c10360"})

684.45656ms ago: executing program 3 (id=494):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
mmap(&(0x7f0000196000/0x1000)=nil, 0x1000, 0x0, 0x840000000000a132, 0xffffffffffffffff, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
read(r0, 0x0, 0xffffff24)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
mmap(&(0x7f00007d4000/0xd000)=nil, 0xd000, 0x2000006, 0x13, 0xffffffffffffffff, 0x25fed000)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, 0x11, r1, 0x8ae9b000)
ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x30, 0x1, 0x0, 0xfffff030}, {0x6, 0x0, 0x0, 0x40}]})
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r1, 0x0)

675.82571ms ago: executing program 3 (id=495):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000800), 0x3a9480, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x4018aebd, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r3, 0x40046205, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
ioctl$RTC_AIE_OFF(r2, 0x7002)
read(0xffffffffffffffff, &(0x7f0000000000)=""/175, 0xaf)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$random(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
read$FUSE(r6, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000140)={0x0, 0x1c0, 0x3c0, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x98bd, 0x800000000000009, 0x80000001, 0x4, 0x10000, 0x100, 0x1004, 0x0, 0x8, 0x5, 0x5, 0x9, 0x9, 0x5, 0x2, 0x9, 0x8, 0x7, 0xc1, 0x3, 0x2, 0x2, 0x6, 0x9, 0x96, 0xf0, 0xffffffff00000000, 0x4, 0x4, 0x7, 0x23b, 0x3, 0x2, 0x888f, 0xffffffff, 0x8, 0x6, 0x6, 0x3, 0x4, 0x20000000006, 0x8, 0x9, 0x400, 0x3, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x2, 0xe, 0x6, 0x4, 0xea, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x5, 0x1, 0x47bc, 0xd, 0x6, 0xbbdc, 0x80000000, 0xfffffffffffffc00, 0x1002, 0xb, 0x2, 0xcdc, 0x7, 0x2, 0x3, 0x2, 0x5, 0x2, 0x6, 0x1ff, 0x3403, 0xab6, 0x0, 0x4, 0x1, 0xffffffffffffff81, 0x9, 0xff, 0x6, 0x28000000, 0x5, 0x61d, 0x3, 0x7, 0xf6, 0x4, 0x6, 0x200, 0x7, 0xe53e, 0x2b, 0x8, 0x2293332f, 0x4, 0x5, 0x0, 0xd, 0x2, 0x80000001, 0x981, 0x2, 0x7, 0xdfd4, 0xfffd, 0x10, 0x5, 0x8, 0x1, 0x9, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0xcc, 0x8, 0x3]})
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000d80), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD64(r7, 0x400454a4, &(0x7f00000000c0))
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f0000000580)=ANY=[@ANYBLOB="010000c2c8acad00000000000000ad32490df19b97b6f47f72efaf5010f77531231a28e64ba32c5367430190203786c37fc375938b33d5b9b62e46bfe40e94eff34b24b8623c1dc4401b85a04af430f744186cdf0437becdc19a5f356c29ff01"])
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2080, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r11, 0xae9a)
ioctl$KVM_SET_REGS(r11, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x7, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r11, 0xae80, 0x0)

662.02475ms ago: executing program 0 (id=496):
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000280)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000003c0)=ANY=[@ANYBLOB="010000000000000096000040"])
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x2})
write$FUSE_DIRENTPLUS(r3, &(0x7f00000001c0)=ANY=[], 0xb0)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r4, 0x40187013, &(0x7f0000000140)={0x1, 0x0, {0x0, 0x0, 0x0, 0x4}})
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCGDEV(r5, 0x80045432, &(0x7f0000000140))
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$UI_END_FF_UPLOAD(r6, 0x406855c9, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000140)=ANY=[], 0x6)
ioctl$UI_SET_ABSBIT(r6, 0x40045567, 0x2000000000000006)
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB='max=00000000000000000000001,stats=globCl,stats=global,max=00000000000000000000003,max=0000000000000000000001:,silent,rootcontext='])
ioctl$KVM_GET_DEVICE_ATTR_vm(r7, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x52, 0x0, &(0x7f0000000000)=0x101})

460.690413ms ago: executing program 3 (id=497):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffa)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)
ioctl$ASHMEM_SET_NAME(r0, 0x40087708, &(0x7f00000007c0)='\x00\x00\x03\x06\x00\x00\x00\x1f\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\x87\xa3\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9f\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b^:4\xeb\xd37\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Hd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84\x1b\xdaR-\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~\x00\x00\x00\x00\x00\x00\x00')
ioctl$ASHMEM_SET_NAME(r0, 0x40087708, &(0x7f00000034c0)='\x00\x00\x03\x86\x00\x00\x00\x01\x00x\x92\x12\xbc\x00\x00\xbb\x0642\x9c\x1a\xd1\xcbx\xb0\xd6\x1e\x10gQ\xca\x0e;\xf7\'\x8c\x95\x83=\t7\x94\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcbzA\x8e\xf6\x89\xc2\'\xdfn\x054Y\xd4\x91s\x00\x00\x00-<\r\xd1?$\x8b\x17Bn\xe0\\\x98\xe1%\x1c\xf4\xd0\xf5\xd5\x80\xc4\xb4a \xac\xc4K\x03\xfa\x13Vz\xbf\xe3c\x8d \x0f\xb1\xe9\xf2oci(\xcb\x82\x05\xfe[H\xaf\x01\x18\xc8\x1b\x1e\xbe\xd8>\a\x00\x00\x00\xf7\xafd%\xf1\xdbjE\x01\xd1sD5hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\x851Y9OB\xdeB\xe1\x02-&\"1hS\x92\xe4$-\x02\x00\xe4\x8e\"\x85\xc9x\xef\x81E.r\x89\xe5\x00\x9e\x97\x96\xb8j\x81\xf0\xa5a\xfb\xa6\xff\xfbj\x11\x12\xc0\xbb\xfdq~#\xf7\xa8\"$,\xf4\x84|\x89o\x00<\xa6-\xb0\xd3\x80\xbe\xcf\a\x00\xfc\xa6\xb1\x05\x94\x84l\x05\x00\xeb\xd8\t\x00\x00\x00CvNx461\x04Nl\xedV\xcet\xaa~\x01j\x94\xec\x92\x86uY\xf6\xb5\t?,~\xa67\\\xb9\xc9K\xf8\x9d\x96\xc0\xb5\xc7wF\f\x00\x97T\x90.\x9c\xe3\x9a\xf1\xb9\x9c\x13\xbc\x19\xde/\xaahB\t\x97\a03\xcd\xb3\xc8\xd5l\x14!\xf9Xg\xc52\x1d\xeeB\xccT\x0e\xd8\xef\xc8\xe9\xb4\xf3l\xc3\x99f.\xeb\xe9\x05\xcbkz3+\xdd\xe1*8\x95@0t0\xad\xe3#\xd7\x19\xe7Q\xdfmI\xe5\x1e\xe4\x87\xc9\x8f\xa7\xe0\xd9v\xf6\x01\x9d\x8f`,\x1a8\x81I\x86l\x8f2\r:\xc1\x02\xdeZ%\xa7\x01\x00\x00\x00\x01\x00\x00\x00\xbe\x97\x1fGe\x94\xa6\xa3\xab\xdb\r\x17\xff[\xb1\x00\xff\x7f\x00\x00\x1c\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\"Y\xad\xaf\x83\xaf\x93\xdaHg\xd4\x8c\xee\x0f\x00\x1c/\x9a\xf83\';:q\x92\x010g\\Ym\xd8,\x8d\b\xab\x9dq\xed\xcc\xba\x06\x1ej\xb7s33\xe5\xec\xe90M\xd1\xfd\xbb\xdf\xedc\xd1\xbbI\xa3\xbdqU\x02\x00\x00\x00\x00\x00\x00\x00\xee\xb0\v\x84\xc7\xac\xec\x92t\x00\x00\x00\x92\x1a\f\xbbM\x1cG\xb8\xa4\x05\x16\x06\xb6\x1a\tL\xe3C$K~\xf7\xa1mt\x87E\xc4\xb6h\xf3\x8cG=&\xbd\xa16\xaa\xa2N\xac\xad,Q\x97\xd6\x15\xc46v\x9a\x97\xa6\xb9`\x03\x8ff,V\xe8\xeb\x8bJn\x12o\x8b\xe7K)+\xe0\x06\x8a\\\xfc\nw\xf8\x01\xc4\xd8\x97\xd2\x9cF\xda6F\xfa6I\x03o\xa7\x15&*\xf6Wn\xb9\x00~Y\x17:\x03\xef\xf9\x03\xe7\x8d\x16\\/\xe3\xfcV\x9d\xf2g\xbcFy\xca\x8a\x10*\xbdU#\x7f\xbb\'6\x9e\x1d\n\x19\xff[\x92n\xe1\x81q\xfe\x10\xfd\xa6pL\xc6\x0fN\x06&W\xa2\x9dPWp\x94r\xe2\x92X\x12\x87\xe5\x94\xb3Aa\xb1/\\\xde\x9c\x93\xf5(,u|\f`\x8e\x86\xeb\xcb\x18J+\xdcv\x894\x01\xd0\xc6\x95\xea^j(x\xa5\x9b\xd6f1\x9d\x8fcr\x18\x1fs%\x91~\x19@\x84!u\xc8u\x8aL\x021k\xb4\b\xbb_#A{dw<\xb9\x9dR\xef\xaf]\xe0\xca\xd9x\xdab7@\xfd\x0e\x94\xf8\xab\x8c\xf4\xf1\xb0\xd6\xbe\x8e,\xa2Y\x000F\xe6q\xe3~\xc9\xaa!\xf3\'UF\xf0\xc0\x11\x11\xc2\xc9\x93#K\xea\xc2c\xb9\xe7)\xa4\xd9X\xb9\xaay\xd1\xc7\xab\xe9F\xc6r5\xdf\xa0\'y\r\xbf\xbd\x97\x9d\x8aS\xdb\rF\x9e99\xb4\xf7\x8c\xf9\xca;\xef\xc7]\xa4\xdd<6wc5\xc6\xdeS\xe5*H\xed\xc8^a-\xe8\xb1\xc2\xca\xfa\t\xd0\\\xfc\xe9\x90\x83oj\xa9E\xfb\x8du\x94\x97\x1cF\x0f\xe9d\xf2\xe4\fc\xdf\xde\x1c\xd8u\x9b\xd7\x9c\x11\xbe\b\xb5\x1e\x04\xa0\xdc\xe1Oxu\xd7O#\n%\x89+\xcc\x9f\x8e\xb2:\xa0\xb0\xdc\xd1\xba\xbd@\xf4\x00\x00\xfd\aqn:\x83\x84N\x83K\xbf^\xd8&\xde\x14\x17\x9d\xcd\xed\x19\xd0\xc1$*K\b$\x12\xf3\x88#\xb1#\xb6RX\x11\x86X\x94\x84\x8e\xdd\x82b\x19b\x9fQ\x91\x98\x9e\xf7\xf6`\x03\xb3\x8a\x86\xf9\x00\x00\x00\x00\x00P\x00'/1066)
ioctl$ASHMEM_PURGE_ALL_CACHES(r0, 0x770a, 0x0)

460.331193ms ago: executing program 3 (id=498):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000200)={0x10002, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r3, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) (async)
r4 = openat$cgroup_ro(r3, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240))
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x18, 0x0, &(0x7f0000000340)=[@increfs, @request_death={0x400c630e, 0x3}], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x18, 0x0, &(0x7f0000000340)=[@increfs, @request_death={0x400c630e, 0x3}], 0x0, 0x0, 0x0})

460.002223ms ago: executing program 0 (id=499):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000002d00), 0x2000)
ioctl$INCFS_IOC_PERMIT_FILL(0xffffffffffffffff, 0x40046721, &(0x7f0000000040)={r0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0) (rerun: 32)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="0138a03767e25a2f1d0000400400000004004a0000000000"]) (async, rerun: 64)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (rerun: 64)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 64)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) (rerun: 64)
write$vga_arbiter(r4, &(0x7f0000000280)=ANY=[@ANYBLOB='tryl'], 0xc)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240}) (async, rerun: 64)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async, rerun: 64)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845}) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs\x00', &(0x7f00000000c0), 0x1ba1094, &(0x7f0000000200)=ANY=[]) (async)
mount$binderfs(&(0x7f0000000040), &(0x7f0000000080)='./binderfs\x00', &(0x7f0000000100), 0x0, &(0x7f0000000140)={[{@max={'max', 0x3d, 0x8}}, {@max={'max', 0x3d, 0x8000000000000001}}], [{@dont_measure}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@defcontext={'defcontext', 0x3d, 'root'}}]})

397.513454ms ago: executing program 3 (id=500):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
prctl$PR_GET_NO_NEW_PRIVS(0x27)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f00000000c0)={0x1, 0xaa4, 0x0, &(0x7f0000000100)})
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000180)={0x1, 0xaa4, 0x0, &(0x7f0000000340)})
ioctl$KVM_SET_CLOCK(r2, 0x4188aec6, &(0x7f0000000040)={0x0, 0x8})
close(0x4)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, &(0x7f0000000140)=0x3)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x51, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7"})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0)
syz_clone3(&(0x7f0000000280)={0x243012400, 0x0, 0x0, 0x0, {0x13}, 0x0, 0x0, 0x0, 0x0}, 0x58)

359.794984ms ago: executing program 0 (id=501):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x68800, 0x0) (async)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000005080000024d564b"]) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x82000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x200)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r3, 0x4068aea3, &(0x7f0000000080)={0xbe, 0x0, 0x1}) (async)
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0xfffffffffffffffe)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000002400)=ANY=[@ANYBLOB="0100000000f2ffff73000040"])
ioctl$BLKSECTGET(r4, 0x1267, &(0x7f0000000140))
ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)) (async, rerun: 32)
r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (rerun: 32)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) (async)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r10, 0xc018620c, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000004c0), 0x0, 0x0, 0x0}) (async)
ioctl$KVM_GET_SUPPORTED_CPUID(r5, 0xc008ae05, &(0x7f0000000680)=""/4096)
write$cgroup_pid(r9, &(0x7f00000001c0), 0x12)
r11 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
openat$cgroup_freezer_state(r8, &(0x7f0000000200), 0x2, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r11, 0x4068aea3, &(0x7f0000000140)={0xbe, 0x0, 0x1}) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) (async)
ioctl$BLKRRPART(r0, 0x125f, 0x0)

180.196717ms ago: executing program 0 (id=502):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000c0000)=nil, 0x0, 0x1, 0x11, r0, 0x6)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x4c, 0x0, &(0x7f0000000300)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r0}, @flat=@handle={0x73682a85, 0x1}, @fd={0x66642a85, 0x0, r0}}, &(0x7f00000002c0)={0x0, 0x18, 0x30}}}], 0x12, 0x0, &(0x7f0000000380)="bbcd2ab8ae1d24beb19e9880294f48681396"})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0xc008aec1, &(0x7f0000000d00)={"8858bde0d7f6311bf16c671fc9d87024dbe4bbb080be0900000000000016591b7390035985dcaa66a958a8a970391decb4b7d3e52996ff674f707cdf49c7381d2964c301f29e875ce36aa6b1930032da440a2e212da56797dfe5748aaaae9fbc3f7ffd29500ecab817a7350f98900200000000000000383692bf1b90d3c1bab243eb0d17151ba3e65431ac11adc58b77321481fd65569362b3a8bddbed39d885f990908ce1892580ee43159c1db62d59fe2c8208000000000000b8ee30aadea127f169312855440d9ec40deaf8215a2bdcc65fcbbd5e0b83d2f1e3ea96ef1c9946b76ab53dee477b7ade8550d47e5a3eea926f58efb6fb7f33064fb7b6951eae379648695b27505fa731a2454174592ef7a0227f59ac45d0ed37cccabee68ba44346135659abe531ca418b0841f5a8f285605fc1cfe77f0080a47277ed3f9cc1a9f8a7efd669ba9819c2db199a88aa87c399b7ada0ff033039d0d3a8b043b53335d15c275ea6ce63f3c34655761c1182bc26b1a590a8cb8667e764c3f74dc55dd44ca9e7c6a61c6376761acb0fd9fb1941caca01396905eeeead3e189fd11bd19137b214eecefa07116dc4b4b7ea423308ac9183ffc62c8dc69021249027b7b0929660135b3161d08e109a46b6fd1b7fc08a3bc0934ee2648df2b04716aff5342d9897218f91371f6c06666e0082b8a66e973930c219a568f1e0938a6a1681c7268147b1e0505c41da41a55877c32797bbfa11736d046b681bf70f376112a9094c5f23edd5d7d06014e72730b64d9e33412e3d423cf8213370fc4338e6f0d722dde3135706e615085bf76fa752bac824485910a6acc45b6552537fbbf0909a08d9b891ce78d11af59ca07eaf5bba689017f082dce61d3682695c75e6c2d0388412fe7f36823a0e74de0f91d4fc15397a14a831d37dc60d6bd3d455649347f6257d05cbbd9fc145e958955fd219d1ab60dbc021e874f265daed86f86e6356a782b305d5e2f6e1b190479e6376b4e6247c0f020e607e9468f48fa9a16e0770b05f6bcda150dc373437963a045e0ca1272848ae96fd7823f3eac82ae253a7d907b237ff231bbae89a93ac077db04197707ff3de99ca9191ed561e972fd60356654e89242b3ac8b112092d28e10759bb3e85cfab2ae11ce90b6b52f7d2be1fd3e6d9eaabe37a3083749c11f54c17b6402fc1b5353c1cd46565480faa910856106800ba90c26ccefc230296f498c1304abe91a8fb37eb7abda2072c686aae830cc5abd72b47dc87cb4e0105000000dc6ac2bee572bf601e02d9a51851877f1498d6e2ba3b5947d83d90072eaf0cefed3dceb9bf35b36cbca3f1feba2c3d0f16ce04e13237e8b78689b9599d33db4fe890f9e655ba57658bc1671878ab615bc37943f9c9b8e9d5069bf7de6aaa74b0470389f22935cedbb9e22523e400"})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000240)={@fda={0x66646185, 0x0, 0x0, 0x15}, @flat=@weak_handle={0x77682a85, 0x301, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000000000)=""/125, 0x7d, 0xfffffffffffffffe, 0x19}}, &(0x7f0000000080)={0x0, 0x20, 0x38}}}], 0x0, 0x0, 0x0})

160.381867ms ago: executing program 0 (id=503):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000700)=ANY=[@ANYBLOB='1-0:', @ANYRESDEC], 0x31)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x1ff)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCFLSH(r2, 0x80045439, 0x40bea7b87a0000)
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f0000000240)=ANY=[@ANYRES8=r1])

135.741128ms ago: executing program 0 (id=504):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x68800, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSBRKP(r3, 0x5425, 0x2000000)
r4 = openat$cgroup_procs(r2, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000001c0), 0x12)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x80401, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/vmstat\x00', 0x0, 0x0)
openat(r6, &(0x7f0000000100)='./file0\x00', 0x200000, 0x20)
ioctl$BLKRRPART(r5, 0x125f, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$BLKRRPART(r0, 0x125f, 0x0)

0s ago: executing program 3 (id=505):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000001380), 0x101100, 0x0)
syz_clone3(&(0x7f00000013c0)={0x240040480, 0x0, 0x0, 0x0, {0x25}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r2, 0x0)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
close(0x3)
r4 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
syz_clone(0x80001000, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r4, 0x40087703, 0xffffffffffffffff)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x9cc6d000)
r6 = ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0)
ioctl$NS_GET_USERNS(r6, 0xb701, 0x0)
ioctl$ASHMEM_PURGE_ALL_CACHES(r4, 0x770a, 0x0)

kernel console output (not intermixed with test programs):

cess permissive=1
[   13.923647][   T36] audit: type=1400 audit(1750369200.420:63): avc:  denied  { siginh } for  pid=231 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '10.128.10.21' (ED25519) to the list of known hosts.
[   21.684142][   T36] audit: type=1400 audit(1750369208.190:64): avc:  denied  { mounton } for  pid=281 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   21.685796][  T281] cgroup: Unknown subsys name 'net'
[   21.706831][   T36] audit: type=1400 audit(1750369208.190:65): avc:  denied  { mount } for  pid=281 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   21.734197][   T36] audit: type=1400 audit(1750369208.220:66): avc:  denied  { unmount } for  pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   21.734584][  T281] cgroup: Unknown subsys name 'devices'
[   21.903158][  T281] cgroup: Unknown subsys name 'hugetlb'
[   21.908803][  T281] cgroup: Unknown subsys name 'rlimit'
[   22.043443][   T36] audit: type=1400 audit(1750369208.550:67): avc:  denied  { setattr } for  pid=281 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   22.066657][   T36] audit: type=1400 audit(1750369208.550:68): avc:  denied  { mounton } for  pid=281 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   22.075325][  T283] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   22.091635][   T36] audit: type=1400 audit(1750369208.550:69): avc:  denied  { mount } for  pid=281 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   22.123108][   T36] audit: type=1400 audit(1750369208.600:70): avc:  denied  { relabelto } for  pid=283 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.148912][   T36] audit: type=1400 audit(1750369208.600:71): avc:  denied  { write } for  pid=283 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.178122][   T36] audit: type=1400 audit(1750369208.680:72): avc:  denied  { read } for  pid=281 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.203708][   T36] audit: type=1400 audit(1750369208.680:73): avc:  denied  { open } for  pid=281 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.203772][  T281] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   23.083834][  T289] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.091164][  T289] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.098248][  T289] bridge_slave_0: entered allmulticast mode
[   23.104648][  T289] bridge_slave_0: entered promiscuous mode
[   23.112601][  T289] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.119656][  T289] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.126770][  T289] bridge_slave_1: entered allmulticast mode
[   23.133119][  T289] bridge_slave_1: entered promiscuous mode
[   23.144378][  T288] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.151500][  T288] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.158635][  T288] bridge_slave_0: entered allmulticast mode
[   23.164947][  T288] bridge_slave_0: entered promiscuous mode
[   23.172672][  T288] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.179723][  T288] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.186862][  T288] bridge_slave_1: entered allmulticast mode
[   23.193246][  T288] bridge_slave_1: entered promiscuous mode
[   23.241840][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.248909][  T290] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.256023][  T290] bridge_slave_0: entered allmulticast mode
[   23.262328][  T290] bridge_slave_0: entered promiscuous mode
[   23.282146][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.289304][  T290] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.296414][  T290] bridge_slave_1: entered allmulticast mode
[   23.302740][  T290] bridge_slave_1: entered promiscuous mode
[   23.331515][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.338683][  T291] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.345931][  T291] bridge_slave_0: entered allmulticast mode
[   23.352232][  T291] bridge_slave_0: entered promiscuous mode
[   23.358733][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.365843][  T291] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.372991][  T291] bridge_slave_1: entered allmulticast mode
[   23.379246][  T291] bridge_slave_1: entered promiscuous mode
[   23.518281][  T289] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.525369][  T289] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.532728][  T289] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.539777][  T289] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.549851][  T288] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.556943][  T288] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.564286][  T288] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.571339][  T288] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.599273][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.606366][  T290] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.613679][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.620750][  T290] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.634928][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.642811][  T291] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.650109][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.657189][  T291] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.685762][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.693123][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.700440][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.707649][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.714939][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.722254][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.729459][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.736885][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.757225][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.764311][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.772053][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.779095][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.806214][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.813307][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.825624][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.832723][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.840866][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.847923][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.856759][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.863839][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.883428][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.890516][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.904082][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.911266][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.957079][  T291] veth0_vlan: entered promiscuous mode
[   23.973246][  T289] veth0_vlan: entered promiscuous mode
[   23.989659][  T288] veth0_vlan: entered promiscuous mode
[   24.002022][  T290] veth0_vlan: entered promiscuous mode
[   24.012676][  T288] veth1_macvtap: entered promiscuous mode
[   24.022628][  T289] veth1_macvtap: entered promiscuous mode
[   24.031857][  T291] veth1_macvtap: entered promiscuous mode
[   24.045758][  T290] veth1_macvtap: entered promiscuous mode
[   24.083336][  T288] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   24.164679][  T315] input input4: cannot allocate more than FF_MAX_EFFECTS effects
[   24.167669][  T316] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   24.188587][  T315] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 136, limit: 4232, size: 4103)
[   24.189377][  T315] rust_binder: Error while translating object.
[   24.205521][  T313] rust_binder: Error while translating object.
[   24.215213][  T315] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   24.222270][  T315] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:2
[   24.222807][  T313] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   24.231806][  T321] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[   24.252938][  T313] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:2
[   24.263349][  T321] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:2
[   24.284853][  T325] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[   24.297345][  T325] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:4
[   24.341865][  T333] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:5
[   24.405459][  T339] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   24.438739][  T342] binder: Bad value for 'defcontext'
[   24.448114][  T342] =======================================================
[   24.448114][  T342] WARNING: The mand mount option has been deprecated and
[   24.448114][  T342]          and is ignored by this kernel. Remove the mand
[   24.448114][  T342]          option from the mount to silence this warning.
[   24.448114][  T342] =======================================================
[   24.483801][  T342] binder: Unknown parameter 'fsuuid'
[   24.526299][  T347] binder: Unknown parameter 'coyBLV�"i5������ntext'
[   24.530823][  T344] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:13
[   24.607765][  T356] binder: Unknown parameter 'coyBLV�"i5������ntext'
[   24.659903][  T358] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0
[   24.673719][  T358] rust_binder: Write failure EINVAL in pid:9
[   24.719400][  T353] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[   24.727527][  T353] rust_binder: Write failure EFAULT in pid:13
[   24.817777][  T364] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[   24.832015][  T364] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:15
[   24.864396][  T366] binder: Unknown parameter 'smackfshat'
[   24.886491][  T370] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   24.912929][  T373] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   24.922796][  T373] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[   24.974479][  T379] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[   24.996870][  T379] rust_binder: Write failure EINVAL in pid:23
[   25.003068][  T382] input: syz0 as /devices/virtual/input/input7
[   25.191137][  T398] rust_binder: Write failure EFAULT in pid:27
[   25.249501][  T403] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[   25.263195][  T306] Bluetooth: hci0: Frame reassembly failed (-84)
[   25.363717][  T415] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   25.370928][  T415] rust_binder: Write failure EINVAL in pid:29
[   25.439042][  T420] input: syz0 as /devices/virtual/input/input8
[   25.579284][  T426] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:34
[   25.702941][  T431] binder: Unknown parameter 'nXI'
[   25.763251][  T436] input: syz1 as /devices/virtual/input/input9
[   25.770716][  T436] binder: Binderfs stats mode cannot be changed during a remount
[   25.779206][  T308] udevd[308]: setting owner of /dev/input/event3 to uid=0, gid=104 failed: No such file or directory
[   26.052332][  T451] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   26.052359][  T451] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   26.059069][  T451] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   26.065713][  T451] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   26.072387][  T451] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   26.078916][  T451] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   26.085502][  T451] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   26.092017][  T451] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   26.098539][  T451] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   26.105836][  T451] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   26.378098][  T472] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[   26.471628][  T474] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   26.471829][  T474] rust_binder: Write failure EINVAL in pid:44
[   26.478912][  T474] rust_binder: Failed to allocate buffer. len:88, is_oneway:true
[   26.486436][  T474] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   26.677636][  T488] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:49
[   26.687747][  T490] rust_binder: Write failure EINVAL in pid:49
[   26.808502][   T36] kauditd_printk_skb: 67 callbacks suppressed
[   26.808521][   T36] audit: type=1400 audit(1750369213.310:141): avc:  denied  { load_policy } for  pid=492 comm="syz.3.59" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   26.808537][  T493] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[   26.848330][  T493] SELinux: failed to load policy
[   26.925755][  T499] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:60
[   26.926173][   T36] audit: type=1400 audit(1750369213.430:142): avc:  denied  { setcheckreqprot } for  pid=498 comm="syz.3.62" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   26.926671][  T499] rust_binder: Error while translating object.
[   26.935673][   T36] audit: type=1400 audit(1750369213.430:143): avc:  denied  { transfer } for  pid=498 comm="syz.3.62" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   26.955878][  T499] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   26.980765][  T499] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:60
[   27.125395][  T506] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[   27.144758][  T506] SELinux: failed to load policy
[   27.194767][  T508] cgroup: fork rejected by pids controller in /syz0
[   27.250352][  T396] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   27.305822][  T615] can0: slcan on ptm0.
[   27.309903][   T36] audit: type=1400 audit(1750369213.810:144): avc:  denied  { read } for  pid=148 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[   27.351373][  T305] bridge_slave_1: left allmulticast mode
[   27.357231][  T305] bridge_slave_1: left promiscuous mode
[   27.365820][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.382556][   T36] audit: type=1400 audit(1750369213.870:145): avc:  denied  { getattr } for  pid=623 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=435 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   27.408648][  T624] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:33
[   27.410741][  T305] bridge_slave_0: left allmulticast mode
[   27.425542][  T305] bridge_slave_0: left promiscuous mode
[   27.431424][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.449519][   T36] audit: type=1400 audit(1750369213.950:146): avc:  denied  { read } for  pid=626 comm="sed" name="eth0.dhcp" dev="tmpfs" ino=435 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   27.479178][  T627] rust_binder: Write failure EINVAL in pid:33
[   27.489632][   T36] audit: type=1400 audit(1750369213.950:147): avc:  denied  { open } for  pid=626 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=435 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   27.569651][   T36] audit: type=1400 audit(1750369214.070:148): avc:  denied  { create } for  pid=619 comm="dhcpcd-run-hook" name="resolv.conf.can0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   27.597341][  T305] veth1_macvtap: left promiscuous mode
[   27.611531][  T305] veth0_vlan: left promiscuous mode
[   27.627170][   T36] audit: type=1400 audit(1750369214.070:149): avc:  denied  { write } for  pid=619 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.can0.link" dev="tmpfs" ino=876 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   27.656258][   T36] audit: type=1400 audit(1750369214.070:150): avc:  denied  { append } for  pid=619 comm="dhcpcd-run-hook" name="resolv.conf.can0.link" dev="tmpfs" ino=876 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   27.680428][  T615] can0 (unregistered): slcan off ptm0.
[   27.739729][  T647] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1222729745 (39127351840 ns) > initial count (25964891200 ns). Using initial count to start timer.
[   27.786799][  T657] rust_binder: Write failure EINVAL in pid:47
[   27.853594][  T643] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.861511][  T668] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   27.867905][  T668] rust_binder: Error in use_page_slow: ESRCH
[   27.871178][  T643] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.875280][  T668] rust_binder: use_range failure ESRCH
[   27.880664][  T643] bridge_slave_0: entered allmulticast mode
[   27.887933][  T668] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[   27.894615][  T643] bridge_slave_0: entered promiscuous mode
[   27.899171][  T668] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   27.908990][  T643] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.913560][  T668] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:53
[   27.931001][  T643] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.948224][  T643] bridge_slave_1: entered allmulticast mode
[   27.954807][  T643] bridge_slave_1: entered promiscuous mode
[   27.979064][  T673] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[   27.979063][  T672] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[   28.014004][  T678] binder: Bad value for 'defcontext'
[   28.037822][  T676] kvm: kvm [675]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x4000000000000001
[   28.063171][  T643] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.070290][  T643] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.077586][  T643] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.084661][  T643] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.110047][  T306] bridge0: port 1(bridge_slave_0) entered disabled state
[   28.117739][  T306] bridge0: port 2(bridge_slave_1) entered disabled state
[   28.128369][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.135457][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.147976][  T306] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.155174][  T306] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.181013][  T643] veth0_vlan: entered promiscuous mode
[   28.192149][  T643] veth1_macvtap: entered promiscuous mode
[   28.225344][  T687] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:2
[   28.229918][  T688] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   28.239089][  T688] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:2
[   28.464822][  T705] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   28.572976][  T721] SELinux: failed to load policy
[   28.602786][  T723] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:95
[   28.649334][  T727] rust_binder: Got transaction with invalid offset.
[   28.658543][  T727] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   28.665335][  T727] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:16
[   28.676406][  T728] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   28.933902][  T743] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[   28.951799][  T743] rust_binder: Write failure EINVAL in pid:48
[   28.982683][  T745] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   28.998659][  T745] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[   28.998683][  T745] rust_binder: Error while translating object.
[   29.016397][  T745] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   29.023697][  T745] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:50
[   29.204495][  T755] SELinux:  policydb magic number 0x3 does not match expected magic number 0xf97cff8c
[   29.223284][  T755] SELinux: failed to load policy
[   29.248928][  T757] rust_binder: Write failure EFAULT in pid:55
[   29.297274][  T767] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:32
[   29.332917][  T770] __vm_enough_memory: pid: 770, comm: syz.3.103, bytes: 281474976845824 not enough memory for the allocation
[   29.378562][  T770] __vm_enough_memory: pid: 770, comm: syz.3.103, bytes: 281474976845824 not enough memory for the allocation
[   29.389420][  T765] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:57
[   29.589519][  T785] rust_binder: Failed to allocate buffer. len:136, is_oneway:true
[   29.600680][  T785] binder: Unknown parameter 'coyBLV�"i5������ntext'
[   29.777597][  T790] block device autoloading is deprecated and will be removed.
[   29.785282][  T790] syz.0.111: attempt to access beyond end of device
[   29.785282][  T790] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   29.826929][  T795] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   29.827203][  T795] random: crng reseeded on system resumption
[   30.060983][  T813] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   30.061007][  T813] rust_binder: Read failure Err(EFAULT) in pid:80
[   30.085196][  T814] input: syz0 as /devices/virtual/input/input12
[   30.213182][  T830] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:45
[   30.331872][  T851] SELinux:  policydb version -689057466 does not match my version range 15-33
[   30.349156][  T845] rust_binder: Write failure EINVAL in pid:75
[   30.349903][  T851] SELinux: failed to load policy
[   30.367031][  T845] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:75
[   30.411647][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.411690][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.414008][  T854] random: crng reseeded on system resumption
[   30.431632][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.431659][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.438379][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.449557][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.467870][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.467903][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.479870][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.487800][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.501098][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.501123][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.518909][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.518944][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.519352][  T858] rust_binder: Error in use_page_slow: ESRCH
[   30.542464][  T858] rust_binder: use_range failure ESRCH
[   30.542487][  T858] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[   30.553752][  T858] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   30.557742][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.561986][  T858] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:52
[   30.574127][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.587238][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.595102][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.601950][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.608435][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.615716][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.622276][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.628823][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.635541][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.642501][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.646775][  T872] rust_binder: Read failure Err(EAGAIN) in pid:124
[   30.648983][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.649005][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.649023][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.649040][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.649058][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.649075][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.649090][  T856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.704560][  T872] rust_binder: Write failure EINVAL in pid:124
[   30.765255][  T883] serio: Serial port ttynull
[   30.789719][  T885] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.790060][  T886] rust_binder: Error in use_page_slow: ESRCH
[   30.796930][  T885] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[   30.803200][  T885] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   30.810402][  T886] rust_binder: use_range failure ESRCH
[   30.816671][  T885] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:115
[   30.821834][  T886] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[   30.835677][  T886] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   30.843937][  T886] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:115
[   31.053938][  T906] rust_binder: inc_ref_done called when no active inc_refs
[   31.063651][  T906] rust_binder: Write failure EFAULT in pid:121
[   31.210236][  T915] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   31.216659][  T915] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:126
[   31.226152][  T915] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   31.235393][  T915] rust_binder: Read failure Err(EFAULT) in pid:126
[   31.375366][  T926] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[   31.382213][  T926] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   31.390848][  T926] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:132
[   31.448281][  T930] SELinux: security_context_str_to_sid (18446744073709551615�U^��3?j�踸�I�!��q¤m5�܎��
�^�}�@���˅p�oj)v�ͱ�ֽ�u��b��c�bS�dk�4��#�����+hD���:ZoS%�MI�G��2x0>��v���	Z}J�S*�
[   31.448281][  T930] #�[pg���7E|´RW�(!=X ��X�$�h���׳�Å�D�m4�y� v����
[   31.448281][  T930] Ox����v�ڤ�-/�C��R~�Y��O�[Г%>����C�n���o+!2) failed with errno=-22
[   31.682323][  T955] rust_binder: Write failure EFAULT in pid:63
[   31.966806][  T970] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   31.973580][  T970] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[   31.984291][  T970] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[   31.992460][  T970] rust_binder: Error while translating object.
[   32.003831][  T970] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   32.010100][  T970] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:156
[   32.029330][  T970] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   32.039343][  T971] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   32.066910][  T979] rust_binder: Failed to allocate buffer. len:4240, is_oneway:false
[   32.090716][  T981] binder: Bad value for 'max'
[   32.115575][  T983] rust_binder: Read failure Err(EAGAIN) in pid:75
[   32.276458][  T989] binder: Bad value for 'max'
[   32.296016][   T36] kauditd_printk_skb: 36 callbacks suppressed
[   32.296033][   T36] audit: type=1400 audit(1750369218.800:187): avc:  denied  { unmount } for  pid=643 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   32.371082][  T940] rust_binder: Read failure Err(EFAULT) in pid:137
[   32.485437][ T1007] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   32.492108][ T1007] rust_binder: Read failure Err(EFAULT) in pid:88
[   32.604743][ T1021] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[   32.620682][ T1021] rust_binder: Write failure EINVAL in pid:176
[   32.751542][ T1038] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   32.757787][ T1038] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:92
[   32.875737][   T36] audit: type=1400 audit(1750369219.380:188): avc:  denied  { block_suspend } for  pid=1058 comm="syz.0.199" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   32.911734][ T1036] rust_binder: Read failure Err(EFAULT) in pid:179
[   33.022696][ T1064] binder: Unknown parameter 'processor	: 0
[   33.022696][ T1064] vendor_id	: GenuineIntel
[   33.022696][ T1064] cpu family	: 6
[   33.022696][ T1064] model		: 79
[   33.022696][ T1064] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[   33.022696][ T1064] stepping	: 0
[   33.022696][ T1064] microcode	: 0xffffffff
[   33.022696][ T1064] cpu MHz		: 2199.998
[   33.022696][ T1064] cache size	: 56320 KB
[   33.022696][ T1064] physical id	: 0
[   33.022696][ T1064] siblings	: 2
[   33.022696][ T1064] core id		: 0
[   33.022696][ T1064] cpu cores	: 1
[   33.022696][ T1064] apicid		: 0
[   33.022696][ T1064] 
'
[   33.171623][ T1066] input: syz0 as /devices/virtual/input/input14
[   33.406241][ T1094] binder: Unknown parameter 'defcontext01777777777777777777777'
[   33.460115][ T1100] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   33.526791][ T1107] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:109
[   33.526887][ T1107] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   33.529680][ T1112] rust_binder: Write failure EINVAL in pid:194
[   33.552425][ T1109] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   33.596811][ T1119] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   33.599493][ T1119] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   33.621346][ T1119] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   33.628171][ T1122] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   33.635711][ T1123] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   33.669938][ T1128] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:200
[   33.676500][ T1128] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   33.695947][ T1128] rust_binder: Read failure Err(EFAULT) in pid:200
[   33.705162][ T1129] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   33.706498][ T1128] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[   33.720355][ T1129] rust_binder: Read failure Err(EFAULT) in pid:111
[   33.727884][ T1128] SELinux: failed to load policy
[   34.047124][ T1156] binder: Bad value for 'max'
[   34.244664][ T1165] binder: Bad value for 'stats'
[   34.345600][   T36] audit: type=1400 audit(1750369220.850:189): avc:  denied  { setattr } for  pid=1168 comm="syz.2.236" path="/dev/ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   34.349228][   T63] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   34.371473][ T1167] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[   34.376380][ T1167] rust_binder: Error in use_page_slow: EBUSY
[   34.392537][   T63] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   34.400389][ T1167] rust_binder: use_range failure EBUSY
[   34.407328][ T1167] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   34.414036][   T63] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   34.422043][ T1167] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[   34.439604][ T1167] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[   34.449026][ T1167] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:214
[   34.450475][   T63] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   34.479748][   T63] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   34.494815][   T63] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   34.531200][ T1171] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   34.531312][ T1171] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   34.552548][ T1178] fido_id[1178]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   34.805447][ T1190] rust_binder: Write failure EFAULT in pid:188
[   34.942111][ T1203] rust_binder: Write failure EFAULT in pid:195
[   35.067679][ T1214] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   35.074491][   T36] audit: type=1400 audit(1750369221.580:190): avc:  denied  { append } for  pid=1213 comm="syz.0.251" name="pfkey" dev="proc" ino=4026532842 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   35.079126][ T1214] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:125
[   35.195531][   T36] audit: type=1400 audit(1750369221.700:191): avc:  denied  { setattr } for  pid=1220 comm="syz.0.253" path="/dev/fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   35.271501][    T9] hid-generic C98F:0003:0000.0002: unknown main item tag 0x0
[   35.278972][    T9] hid-generic C98F:0003:0000.0002: unknown main item tag 0x0
[   35.286446][ T1228] __vm_enough_memory: pid: 1228, comm: syz.3.257, bytes: 281474976845824 not enough memory for the allocation
[   35.299562][ T1230] SELinux: security_context_str_to_sid (system_u�Gй�:��) failed with errno=-22
[   35.311502][    T9] hid-generic C98F:0003:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   35.348983][ T1236] fido_id[1236]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   35.439546][ T1240] input: syz0 as /devices/virtual/input/input20
[   35.447296][ T1241] binder: Bad value for 'defcontext'
[   35.452971][ T1240] binder: Bad value for 'defcontext'
[   35.465403][ T1244] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   35.465432][ T1244] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   35.472402][ T1244] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   35.478964][ T1244] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   35.479398][  T291] cgroup: fork rejected by pids controller in 
[   35.485815][ T1244] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   35.493635][  T291] /syz2
[   35.498534][ T1244] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   35.513075][ T1244] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   35.525078][  T291] 
[   35.569609][ T1255] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 255)
[   35.569650][ T1255] rust_binder: Error while translating object.
[   35.579650][ T1254] binder: Unknown parameter '0x000000000000000b0x0000000000000000'
[   35.585447][ T1255] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   35.595516][ T1255] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:231
[   35.655490][  T305] bridge_slave_1: left allmulticast mode
[   35.670595][  T305] bridge_slave_1: left promiscuous mode
[   35.676286][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.690559][  T305] bridge_slave_0: left allmulticast mode
[   35.697448][  T305] bridge_slave_0: left promiscuous mode
[   35.703285][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.766865][ T1267] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[   35.777836][ T1267] SELinux: failed to load policy
[   35.818844][ T1262] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   35.826054][ T1267] rust_binder: Write failure EINVAL in pid:238
[   35.846479][  T305] veth1_macvtap: left promiscuous mode
[   35.867401][  T305] veth0_vlan: left promiscuous mode
[   35.872412][   T36] audit: type=1400 audit(1750369222.370:192): avc:  denied  { mounton } for  pid=1273 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   35.876579][ T1271] SELinux: failed to load policy
[   35.894263][ T1274] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   35.900202][ T1274] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[   35.983633][ T1273] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.998696][ T1273] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.005835][ T1273] bridge_slave_0: entered allmulticast mode
[   36.012305][ T1273] bridge_slave_0: entered promiscuous mode
[   36.031036][ T1273] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.038341][ T1273] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.045724][ T1273] bridge_slave_1: entered allmulticast mode
[   36.052816][ T1273] bridge_slave_1: entered promiscuous mode
[   36.109561][ T1273] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.116850][ T1273] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.117588][ T1281] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:240
[   36.124188][ T1273] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.140402][ T1273] bridge0: port 1(bridge_slave_0) entered forwarding state
[   36.166177][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.183436][  T306] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.190623][  T306] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.233414][ T1273] veth0_vlan: entered promiscuous mode
[   36.251446][ T1273] veth1_macvtap: entered promiscuous mode
[   36.257759][ T1294] binder: Unknown parameter 'fscontext?}'
[   36.277443][   T36] audit: type=1400 audit(1750369222.780:193): avc:  denied  { unmount } for  pid=1273 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   36.307419][ T1298] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:2
[   36.344988][ T1303] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 18446744073709551585)
[   36.354084][ T1303] rust_binder: Error while translating object.
[   36.366946][ T1303] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   36.373236][ T1303] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:7
[   36.382956][ T1303] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   36.413878][   T36] audit: type=1400 audit(1750369222.920:194): avc:  denied  { append } for  pid=1309 comm="syz.3.283" name="ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   36.569107][   T36] audit: type=1326 audit(1750369223.070:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1321 comm="syz.2.288" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f078318e929 code=0x0
[   36.636748][ T1330] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:255
[   36.680465][   T36] audit: type=1400 audit(1750369223.190:196): avc:  denied  { execute } for  pid=1339 comm="syz.3.294" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   36.972923][ T1351] input: syz1 as /devices/virtual/input/input21
[   37.019566][ T1356] rust_binder: Write failure EINVAL in pid:268
[   37.305271][ T1384] pim6reg0: tun_chr_ioctl cmd 1074025677
[   37.309369][ T1381] rust_binder: Write failure EINVAL in pid:271
[   37.311734][ T1384] pim6reg0: linktype set to 769
[   37.329374][ T1383] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   37.329406][ T1383] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:29
[   37.340055][ T1383] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   37.349886][ T1383] rust_binder: Read failure Err(EFAULT) in pid:29
[   37.350914][   T36] kauditd_printk_skb: 4 callbacks suppressed
[   37.350933][   T36] audit: type=1326 audit(1750369223.850:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1386 comm="syz.3.311" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd01eb8e929 code=0x0
[   37.484012][ T1391] random: crng reseeded on system resumption
[   37.621676][   T36] audit: type=1326 audit(1750369224.130:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1393 comm="syz.1.313" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f49eb38e929 code=0x0
[   37.755349][ T1397] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[   37.764388][ T1397] binder: Unknown parameter 'lN7�x��O�6��1��]>�!�V0�����	��'
[   38.153087][ T1410] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.153117][ T1410] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.159611][ T1410] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.166147][ T1410] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.173125][ T1410] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.179566][ T1410] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.189259][ T1410] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.199332][ T1410] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.206179][ T1410] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.213872][ T1413] binder: Unknown parameter '�'
[   38.226402][ T1413] binder: Unknown parameter '�'
[   38.278564][ T1424] rust_binder: Write failure EINVAL in pid:55
[   38.283745][ T1424] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   38.290123][ T1424] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:55
[   38.298474][ T1422] rust_binder: Write failure EFAULT in pid:152
[   38.375156][ T1432] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[   38.388881][ T1432] rust_binder: Write failure EINVAL in pid:60
[   38.504460][ T1446] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:155
[   38.512099][   T36] audit: type=1400 audit(1750369225.020:203): avc:  denied  { append } for  pid=1445 comm="syz.0.331" name="custom0" dev="binder" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   38.652822][ T1457] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[   38.681985][ T1468] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   38.682022][ T1468] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:64
[   38.892184][ T1495] PM: Enabling pm_trace changes system date and time during resume.
[   38.892184][ T1495] PM: Correct system time has to be restored manually after resume.
[   39.134174][ T1522] rust_binder: Error while translating object.
[   39.134217][ T1522] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   39.140765][ T1522] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:172
[   39.180520][ T1527] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   39.189746][ T1527] rust_binder: Read failure Err(EFAULT) in pid:176
[   39.214695][   T36] audit: type=1326 audit(1750369225.720:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1528 comm="" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f49eb38e929 code=0x0
[   39.269158][   T36] audit: type=1400 audit(1750369225.770:205): avc:  granted  { setsecparam } for  pid=1528 comm="syz.1.356" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   39.397265][ T1535] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:312
[   39.397440][ T1535] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:312
[   39.439786][ T1541] rust_binder: Write failure EINVAL in pid:183
[   39.461160][ T1543] rust_binder: Error while translating object.
[   39.467758][ T1543] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   39.468980][ T1547] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.478171][ T1543] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:69
[   39.580055][ T1556] binder: Unknown parameter 'r\'
[   39.645660][ T1562] rust_binder: Write failure EINVAL in pid:78
[   40.113500][ T1586] rust_binder: Write failure EINVAL in pid:210
[   40.307329][ T1598] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   40.313589][ T1598] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:318
[   40.383831][ T1615] binder: Unknown parameter 'fscontext?}'
[   40.427517][ T1617] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   40.430398][ T1617] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:225
[   40.476344][ T1630] rust_binder: Write failure EINVAL in pid:228
[   40.610576][ T1645] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   40.617413][ T1646] rust_binder: Error while translating object.
[   40.623979][ T1646] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   40.630432][ T1646] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:233
[   40.656650][ T1648] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   40.666250][ T1648] rust_binder: Error in use_page_slow: ESRCH
[   40.668650][ T1650] binder: Unknown parameter 'sJùtats���-ѡ'
[   40.673107][ T1648] rust_binder: use_range failure ESRCH
[   40.690289][ T1648] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[   40.695900][ T1648] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   40.706702][ T1648] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:236
[   40.727591][ T1648] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   40.738551][ T1660] tun0: tun_chr_ioctl cmd 1074025675
[   40.750677][ T1660] tun0: persist disabled
[   40.835589][ T1667] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   40.842887][ T1667] rust_binder: Write failure EINVAL in pid:241
[   40.858282][ T1670] binder: Bad value for 'max'
[   41.029439][ T1685] rust_binder: Write failure EINVAL in pid:97
[   41.053357][   T36] audit: type=1400 audit(1750369227.560:206): avc:  denied  { execute } for  pid=1684 comm="syz.2.409" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   41.103002][ T1678] rust_binder: Write failure EFAULT in pid:247
[   41.135327][ T1685] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   41.145289][ T1685] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:97
[   41.249427][   T36] audit: type=1326 audit(1750369227.750:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1703 comm="syz.1.416" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f49eb38e929 code=0x0
[   41.253869][ T1706] binder: Bad value for 'max'
[   41.301187][ T1709] binder: Bad value for 'context'
[   41.310888][   T36] audit: type=1326 audit(1750369227.820:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1703 comm="syz.1.416" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f49eb38e929 code=0x0
[   41.432164][ T1716] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[   41.448266][ T1719] rust_binder: Write failure EINVAL in pid:330
[   41.448694][ T1716] SELinux: failed to load policy
[   41.482608][ T1721] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   41.524621][ T1726] rust_binder: Write failure EFAULT in pid:255
[   41.618497][   T36] audit: type=1326 audit(1750369228.120:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1722 comm="syz.3.422" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd01eb8e929 code=0x0
[   41.769765][   T36] audit: type=1400 audit(1750369228.270:210): avc:  denied  { map } for  pid=1739 comm="syz.1.427" path="pipe:[1736]" dev="pipefs" ino=1736 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   42.019341][   T63] hid-generic 0000:0000:0000.0003: unknown main item tag 0x4
[   42.026929][   T63] hid-generic 0000:0000:0000.0003: unknown main item tag 0x2
[   42.034581][   T63] hid-generic 0000:0000:0000.0003: unknown main item tag 0x3
[   42.042732][   T63] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   42.074910][ T1753] fido_id[1753]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   42.372817][ T1772] binder: Bad value for 'max'
[   42.525636][ T1778] __vm_enough_memory: pid: 1778, comm: syz.1.438, bytes: 281474976845824 not enough memory for the allocation
[   42.526559][ T1777] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   42.537601][ T1777] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:338
[   42.548021][ T1778] __vm_enough_memory: pid: 1778, comm: syz.1.438, bytes: 281474976845824 not enough memory for the allocation
[   42.569868][ T1781] binder: Unknown parameter 'dont_hash'
[   42.584490][ T1782] binder: Unknown parameter 'dont_hash'
[   42.843910][ T1805] rust_binder: Write failure EINVAL in pid:353
[   42.844354][ T1805] rust_binder: Got transaction with invalid offset.
[   42.850938][ T1805] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   42.857657][ T1805] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:353
[   42.867574][ T1806] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   42.989263][ T1814] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[   42.989292][ T1814] rust_binder: Error while translating object.
[   43.000140][ T1814] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   43.006503][ T1814] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:360
[   43.279376][ T1826] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   43.288754][ T1826] rust_binder: Read failure Err(EFAULT) in pid:374
[   43.672992][ T1852] rust_binder: Write failure EINVAL in pid:389
[   43.828960][ T1862] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   43.862334][   T36] audit: type=1326 audit(1750369230.370:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1861 comm="syz.3.467" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd01eb8e929 code=0x0
[   44.202256][ T1873] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[   44.280015][ T1882] __vm_enough_memory: pid: 1882, comm: syz.1.474, bytes: 281474976845824 not enough memory for the allocation
[   44.384466][ T1887] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[   44.384484][ T1887] rust_binder: Error while translating object.
[   44.393231][ T1887] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   44.399466][ T1887] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:421
[   44.409682][   T36] audit: type=1400 audit(1750369230.910:212): avc:  denied  { write } for  pid=1886 comm="syz.1.476" name="hwrng" dev="devtmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   44.575214][ T1893] rust_binder: Got transaction with invalid offset.
[   44.575255][ T1893] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   44.581951][ T1893] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:427
[   44.598534][ T1893] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   44.608216][ T1893] rust_binder: Write failure EINVAL in pid:427
[   44.614877][ T1893] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   44.744263][ T1897] SELinux: ebitmap: truncated map
[   44.758216][ T1897] SELinux: failed to load policy
[   44.850786][ T1902] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   44.903969][ T1908] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:367
[   45.055127][  T305] Bluetooth: hci0: Frame reassembly failed (-84)
[   46.186824][ T1928] rust_binder: Write failure EFAULT in pid:386
[   46.414065][ T1943] SELinux: security_context_str_to_sid (渃x���6&O��FH_����BRax����6) failed with errno=-22
[   46.582851][ T1947] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   46.582912][ T1947] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   46.589655][ T1948] rust_binder: Write failure EINVAL in pid:403
[   46.596301][ T1947] rust_binder: Write failure EINVAL in pid:403
[   46.846779][ T1965] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:279
[   46.886583][ T1956] rust_binder: Read failure Err(EFAULT) in pid:406
[   46.910686][ T1967] binder: Unknown parameter ''
[   47.057610][ T1973] rust_kernel: panicked at /syzkaller/managers/ci2-android-6-12-rust/kernel/rust/kernel/page_size_compat.rs:60:5:
[   47.057610][ T1973] attempt to add with overflow
[   47.074563][ T1973] ------------[ cut here ]------------
[   47.080069][ T1973] kernel BUG at rust/helpers/bug.c:7!
[   47.085967][ T1973] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[   47.087802][   T36] audit: type=1400 audit(1750369233.590:213): avc:  denied  { read } for  pid=91 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   47.092956][ T1973] CPU: 0 UID: 0 PID: 1973 Comm: syz.3.505 Not tainted 6.12.23-syzkaller-gf9fbc66f8444 #0 b8de21ba31122219d6c6778e419c74a11adc861d
[   47.092988][ T1973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   47.138111][ T1973] RIP: 0010:rust_helper_BUG+0x8/0x10
[   47.143431][ T1973] Code: cc cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 65 f4 04 64 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 <0f> 0b 66 0f 1f 44 00 00 b8 2f 30 4d e8 90 90 90 90 90 90 90 90 90
[   47.163051][ T1973] RSP: 0018:ffffc90000ddf3f0 EFLAGS: 00010246
[   47.169138][ T1973] RAX: 000000000000008c RBX: 1ffff920001bbe80 RCX: 80906392dbbf9a00
[   47.177121][ T1973] RDX: ffffc90002625000 RSI: 0000000000003b4a RDI: 0000000000003b4b
[   47.185098][ T1973] RBP: ffffc90000ddf3f0 R08: ffffc90000ddf0e7 R09: 1ffff920001bbe1c
[   47.193081][ T1973] R10: dffffc0000000000 R11: fffff520001bbe1d R12: 0000000000000000
[   47.201063][ T1973] R13: dffffc0000000000 R14: ffffc90000ddf420 R15: ffffc90000ddf450
[   47.209044][ T1973] FS:  00007fd01d1f76c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   47.217984][ T1973] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   47.224571][ T1973] CR2: 00007fd01d1f79c8 CR3: 00000001197b6000 CR4: 00000000003526b0
[   47.232554][ T1973] DR0: 0000000000000007 DR1: 000000000000000b DR2: 0000000000000004
[   47.240627][ T1973] DR3: 0000000000000002 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   47.248610][ T1973] Call Trace:
[   47.251892][ T1973]  <TASK>
[   47.254832][ T1973]  _RNvCscSpY9Juk0HT_7___rustc17rust_begin_unwind+0x15b/0x160
[   47.262308][ T1973]  ? __cfi__RNvCscSpY9Juk0HT_7___rustc17rust_begin_unwind+0x10/0x10
[   47.270299][ T1973]  ? kernel_text_address+0xa9/0xe0
[   47.275419][ T1973]  ? __cfi__RNvXs1b_NtCs9jEwPDbx20M_4core3fmtRNtNtNtB8_5panic10panic_info9PanicInfoNtB6_7Display3fmtCs43vyB533jt3_6kernel+0x10/0x10
[   47.288976][ T1973]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[   47.295144][ T1973]  ? arch_stack_walk+0x10b/0x170
[   47.300108][ T1973]  _RNvNtCs9jEwPDbx20M_4core9panicking9panic_fmt+0x84/0x90
[   47.307328][ T1973]  ? __cfi__RNvNtCs9jEwPDbx20M_4core9panicking9panic_fmt+0x10/0x10
[   47.315235][ T1973]  _RNvNtNtCs9jEwPDbx20M_4core9panicking11panic_const24panic_const_add_overflow+0xb2/0xc0
[   47.325136][ T1973]  ? __cfi__RNvNtNtCs9jEwPDbx20M_4core9panicking11panic_const24panic_const_add_overflow+0x10/0x10
[   47.335735][ T1973]  _RNvXs1_CscPPBqWtAqum_11ashmem_rustNtB5_6AshmemNtNtCs43vyB533jt3_6kernel10miscdevice10MiscDevice4mmap+0xe44/0xfb0
[   47.347991][ T1973]  ? mas_wr_store_type+0x8eb/0x1ad0
[   47.353199][ T1973]  ? __cfi__RNvXs1_CscPPBqWtAqum_11ashmem_rustNtB5_6AshmemNtNtCs43vyB533jt3_6kernel10miscdevice10MiscDevice4mmap+0x10/0x10
[   47.365986][ T1973]  ? mas_preallocate+0x56e/0xc60
[   47.370960][ T1973]  ? __cfi_mas_preallocate+0x10/0x10
[   47.376348][ T1973]  ? kasan_save_alloc_info+0x40/0x50
[   47.381648][ T1973]  ? __asan_memset+0x39/0x50
[   47.386255][ T1973]  mmap_region+0x1371/0x1bd0
[   47.390857][ T1973]  ? __cfi_mmap_region+0x10/0x10
[   47.395799][ T1973]  ? __futex_queue+0x19a/0x340
[   47.400577][ T1973]  ? __kasan_check_read+0x15/0x20
[   47.405608][ T1973]  ? arch_get_unmapped_area_topdown+0x232/0x8d0
[   47.411880][ T1973]  ? file_mmap_ok+0x147/0x1a0
[   47.416588][ T1973]  do_mmap+0xb6d/0x13c0
[   47.420758][ T1973]  ? __cfi_do_mmap+0x10/0x10
[   47.425358][ T1973]  ? down_write_killable+0xe9/0x2d0
[   47.430568][ T1973]  ? __cfi_down_write_killable+0x10/0x10
[   47.436210][ T1973]  vm_mmap_pgoff+0x38f/0x4e0
[   47.440814][ T1973]  ? __cfi_vm_mmap_pgoff+0x10/0x10
[   47.445938][ T1973]  ? __fget_files+0x2c5/0x340
[   47.450627][ T1973]  ksys_mmap_pgoff+0x166/0x1e0
[   47.455405][ T1973]  __x64_sys_mmap+0x121/0x140
[   47.460089][ T1973]  x64_sys_call+0x13bf/0x2ee0
[   47.464780][ T1973]  do_syscall_64+0x58/0xf0
[   47.469382][ T1973]  ? clear_bhb_loop+0x35/0x90
[   47.474159][ T1973]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   47.480066][ T1973] RIP: 0033:0x7fd01eb8e929
[   47.484500][ T1973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.504112][ T1973] RSP: 002b:00007fd01d1f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   47.512624][ T1973] RAX: ffffffffffffffda RBX: 00007fd01edb5fa0 RCX: 00007fd01eb8e929
[   47.520603][ T1973] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000200000ffd000
[   47.528599][ T1973] RBP: 00007fd01ec10b39 R08: 0000000000000003 R09: 000000009cc6d000
[   47.536601][ T1973] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[   47.544577][ T1973] R13: 0000000000000000 R14: 00007fd01edb5fa0 R15: 00007ffe493500b8
[   47.552558][ T1973]  </TASK>
[   47.555583][ T1973] Modules linked in:
[   47.559789][ T1973] ---[ end trace 0000000000000000 ]---
[   47.566030][  T396] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   47.573045][   T36] audit: type=1400 audit(1750369233.590:214): avc:  denied  { search } for  pid=91 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   47.602972][ T1973] RIP: 0010:rust_helper_BUG+0x8/0x10
[   47.604262][   T36] audit: type=1400 audit(1750369233.590:215): avc:  denied  { write } for  pid=91 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   47.608399][ T1973] Code: cc cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 65 f4 04 64 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 <0f> 0b 66 0f 1f 44 00 00 b8 2f 30 4d e8 90 90 90 90 90 90 90 90 90
[   47.629963][   T36] audit: type=1400 audit(1750369233.590:216): avc:  denied  { add_name } for  pid=91 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   47.650123][ T1973] RSP: 0018:ffffc90000ddf3f0 EFLAGS: 00010246
[   47.670118][   T36] audit: type=1400 audit(1750369233.590:217): avc:  denied  { create } for  pid=91 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   47.675909][ T1973] RAX: 000000000000008c RBX: 1ffff920001bbe80 RCX: 80906392dbbf9a00
[   47.696644][   T36] audit: type=1400 audit(1750369233.590:218): avc:  denied  { append open } for  pid=91 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   47.704332][ T1973] RDX: ffffc90002625000 RSI: 0000000000003b4a RDI: 0000000000003b4b
[   47.727510][   T36] audit: type=1400 audit(1750369233.590:219): avc:  denied  { getattr } for  pid=91 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   47.735197][ T1973] RBP: ffffc90000ddf3f0 R08: ffffc90000ddf0e7 R09: 1ffff920001bbe1c
[   47.735217][ T1973] R10: dffffc0000000000 R11: fffff520001bbe1d R12: 0000000000000000
[   47.735233][ T1973] R13: dffffc0000000000 R14: ffffc90000ddf420 R15: ffffc90000ddf450
[   47.781885][ T1973] FS:  00007fd01d1f76c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[   47.792343][ T1973] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   47.799030][ T1973] CR2: 00007f49eb580ab8 CR3: 00000001197b6000 CR4: 00000000003526b0
[   47.807081][ T1973] DR0: 0000000000000007 DR1: 000000000000000b DR2: 0000000000000004
[   47.815166][ T1973] DR3: 0000000000000002 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   47.823191][ T1973] Kernel panic - not syncing: Fatal exception
[   47.829539][ T1973] Kernel Offset: disabled
[   47.833978][ T1973] Rebooting in 86400 seconds..