last executing test programs: 1.038764835s ago: executing program 1 (id=351): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0) (async) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) (async) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0xc, 0x10, r1, 0xc2200000) (async) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) (async) ioctl$VHOST_SET_VRING_NUM(r2, 0x4008af10, &(0x7f00000001c0)={0x0, 0x1000}) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000080)=ANY=[]) (async) ioctl$KVM_SET_NESTED_STATE(r5, 0x4080aebf, &(0x7f0000000340)={{0x7, 0x0, 0x80, {0x8080000, 0xffff1000}}, "a9cbc4b723986beb2541731c8831607b6ee747534f2610e68420ac50bde6dad58d04aad3777f18b4f168b3950653ce1d7740b6225b60f102dea41282032f21c3f19760a59ad876506e4e939e80e92248edfd8137e41621c1a490cf3cbb0502fa6deb4cb0efa6bc813cca06ed4828bafa15d1afd8ac82b71d1a7b410eeac6a6f31e4995b05d3f93bf80a053ae74958ed42c6c4b4d0bcaa08d3e6025a166ac6f19973f974613e0d7ca52d6a648ed23fcce9f475faa3e49d697324fa1b2cdfef7deb66a190e9185a90f5c54c88895af1a61f8c0722f0c0bf9835d8910449682cc5551ec995aec222238bb28f41ba7f99f93b785dd2d48cf389f27da125b9c3ec7f716d6b6b696a93e625f0e17b4ff3bac5eec8e2dd837254c16d8c9b2a773ac70b8dc7216980fcf1db0cd885a6f3379dfcca516b0b5771d3dfb2212fd569b8f6003dcf8478390e14a5bf73eb1a61a12ce20ea3f5fbd6d9a56a4adf6043190cc7d559e7773668d0498f6c7438917d204ed2ec53da03cc744619be3785cd8cddb678f8e90965f22242bb62fa3590dde45cacad3852a54154a90d7495cc4cfbd7baacc19604efd864cc76a7e867cd7403301f45a3ad20ed8edf412e4aae5f279eada88ee43a436dd3b1f37098b7d81759aff2d81e5593535d44035fdcbae0f45a7163c06b8ed7da27a03e266947d7f11d9e1600f1a88b99643a0b99abad360b8137415f7800f8a5a16ba306778733d5493cc73d0aacebe1cc4618847bd620034cb617c55e47ff8d8000f52c25a6b3e9272c297e6b30bed370dda4c2b56278893a4faefb28a87c40229d3f80814e128eedb7050465e1e00547a1b77ebaef78355d9867ce521138d63f147ec3de6cac38d9eeb1d167494466e00d97a32701117bbe0f95304970e632b9cf8ded044b3f1c01326095b422678d798a9c5f8ab05f4e6549639186723aa3d38927ed4ca94a9e6de3c4f5ce99d090389473455cb366c7dfcb43ebe60271a3693e80ae4948291753007f5032f518ffc832f3e819f3bdac1085a80cdd494cdcac4a874a14818b9dae534559c2c5a542a12949a22fddb9060e8a400f96512aa8eaaa6659932dc8852f5709a808604c2fda229c79933646e36255948baec6e0c2d4fbe056628157ba456603e5cb45761b5aa97c0daceb3e6d7a192d109847057cb4322c9c5e62403c921e9cebeca77d12c3ed05f5e131e3c00d9070618872ea8a1f05e4598c98739d3a9245e537ed992aa4eb8a571e4c7c0dc797f91e3258835f9db1b6501edaaf38c9fd4d718c743d30b6f1e480ce9408aa6b894055768738e3df843301d99b476ba8d30f6483022ad7fd50493e600700ef1b70c72f607feb0df9898b61a38f4f59d23779b7af4a5b5a0e7379877d8c875d1e47a9ddbac19208cd22e05f729a9175b9bf1c96618d63585204eb5ea29e0a0f17c12219fd51bc462dcff6d3ff73b64d2a5f7ebe6ebdefd841698e909cf1018a88afefc1802fc97c22a240f20ce6938ae6b2224f7ca311622695577f3e4cb8f7e87bcf5bcdcc5311815bab1499465f687903b4da5693c83cbe13ba3d94f413bbdf9886241fc1f0b9ea00e7b2d1c2fe29d8921c56919bbfa091d4542c590a18848256b7eca92114c5542356bb15e1cd59b28a5d5b86bb92c30e88ea6edc6efd3c685a7e9b840b61f445bb57d670d3dbba61da442fcdabd4c14b9dd6543aafca5bea6ca16c00bbdc0999cec79272dfd1de86bea7d830ec2deaa339c2fc57d6490ee7cf3bb4e6cb4b8dcaa4279bef0af601f96dc25a3cf926eb6c5eb9529a266e1a9d96fbb5e0ffeb472d40e3853f42d69e725d2dd570b531779a09a5f945a2dce4ddd898be60b9d38f3c305f942f8f8a3ee992de01a0d6b3db1a4174b770681d2470edd2319a9b9d04d3cadd67583a313c071f809c89134b2b714cb2d7247d4d6b5d794302e9408e946bf1cadc767a8ae918a6608f7d2dbb2d825e949c823ac6bda0c46dea864c83222f3c7f7ec020f3a6445f3762dfaae5a28c3857053b2548d11c9b9f4af5366b43012e35d14ba139085493e95ad24bcc92b835f3c72ff762fcbe3d04ee2051e959a9e680f51425d5eeeedd99767fccda20b44bbbac6989e1d6f70f030c2530b83923fbf27fbf24f62ff7a5619b39b338e165dcf66faf6092edd19216fdacfb8eb80bd7d8a7767f538c3021e20f498c8e456bc32af1157b5988950caf1c478047f132c01f53c12929f030e9d78c284e64a521350d72748ef214c05f4c8d2e47384c3cd29c99a2df1abb2e8ff5a363a488feb119e8ad5e3c39a4f24449d00b3772090b499e2c65b50a3e6ce7f1e2f2bac0ae5e58147d1d6887617ca38d12b1cc9a5e3ee47539f40179136698acd9b9e20a4f85335dcb19d4ba4a05bcd84b27a9f1897ab8f67abf78ba3ce4d87b37c129562d33bb0836c8fe830c068e7c8b6728ed585258c7d82b5c407d0532bf5ba60cfb0a6e6f3aa44bdf3bb7ac389023c3db4395c3875a3496d85640d423775d8ac0c4c3ab1831bdd785a5ca0ba2073bdf6970e4b63718944603ab32b83d7c73af090c3a941561a76f08e2235e1ea8a0b721cd6a73466664c411c33fd1a3e46e580c77034cb09ac38b6d1824f642d3354e827b6ddc0ca15c3bd7192882eaece388d428282c859fed7d280e5d81cd0252c149154e2038a3f2535781dc81d7221278c21ee819fb913fc8d97e96f3dbbf0b2cd63a0ceeadec43fca7a760f45aa53de97597b4afb3abf5921125e9f148da377556e6de1a62aab6055b10c1698649515e62c572d62d901ae7fcd417b627db64785fbdc21f0e978eb143d7abb2771de9a912466fb6e6f55a12f209e131732d45a8293f1a36ddddfad54f857016e3ab7fceb97ddfde1a8c8569dfa972ec636e7c93e603d5e1d0e98d6f109dfa6df50ce987abfc291aba0e488ba8f0596fbd1bacd58862b611250a85cd34e7d100f785286d815281b62ef2dfeea5e8ba4ee4a019af0ff59b0f4f3049f8718d0fca57de1cf88763d13ad26c50cccec4faba99d899ef079c3400052d065cc0a44e8f73dc5bef5f8681015b29c96dacd026d920f369a2b0c341b8295f5268e2d9bf80df2d9ea1017b5b41ec2060c2fecc67c040e7c37521b6d6174c4d4ed4accc5479f6fc4ddc0e45a7f8030ff8e23f000315a3565498d07bd0cc6459f5cff23b40ffb80ace2f48fe0c1a337bb4f748bb8c057089de5cd727b278b45d84a8f7df9f898b3cef2ec319b032f888c4953bfe141c8e4b67ab3f95fa133790ea17b27be21c9478da70641265045e81e28229a4dc15f59c2f18b1b9c082d1154bc9565508fc9419912b48f3b1271609006399a844f6ccedb6323ada63d3e0b340fd07cf9e3b98b1d193bd76796c2a185366b25468017d28371d8792eb42304961bc9c1f4ef4025d2814837dacc9f1d777bfeddb30eca1cacd9f5b6619c4000252ecdabf7107dff264046c111c6f5767e3486c37ec175f52bd3460a7ad49e35bb729ba76e2fa5e117c49b750000005e0abf56340740b81ea37c5df26b7c885cc5da412cf4e9932e2561aa7945945dcba0677786c9ea9b9aee47d73454df82048f021b30a817606c96415c22e1e908316f84aae52e050e31176408d35ef33091618df7d38d22bd2b626dc138f423c32362878c8f6538dcf0b96c4298668d4bb35773c952bbebd4778c964b0eae8eac9bef3469ea5da890377c500ea027180f5308585cd7941c7e3305c32d610de49b5c1acce6c285d88a99dcebb2b5972a276d416abf25b44c1712a43d3e30005a1535553e779c0f72ff519d2407214c02e7020ca479e93c3fb2b867ad73e69ba10e92f329cd54c4c80d227d0710cf384fd9a39d4c4053afce6d1e93b47137843d149e888bd868b1b2179c1fdd8291d15724db10a756300209ae4a2ed91788fe9f980af1bb00d05a8fe1a020fe4bba91fb487c8ea674a6739067a0a86b7f2a4fc141f6c864f065fc6e5effdb5a1f1d063c6888626e13ced52f3669677dad96da1cfff7d700e9f6f74131b8ac0f4fb6c8d5fd675b1ed6001bba7dd0e95567a6d06fe28e756609821312f4725c5909c6353ad385e57fb162e2f65b5e2a0100aaa356a19b9c5c183d195d0134adb8bc8d03415daafd95f3a5e44f201741e22dd905dc12469664040ce714a5d9042f58db392d6c6af1eaa4c82cd9b4996252b44334be627708463ffe52a80d8d1c8a5b1a23f9c68144c4a6c6387e542b3cb9de7765faf05fda086986d3c6a1f0906b2ea0eba741abb9514ccd57f2d8ea1d67145c5d71749b560f85093ecc265a24239078253fa0bd39bf67f8e1d78f07e167c05d808771c7b0146af368e8859273ef76f9feedf7fc69640b5e95a25076c477338e31cc9a7348b8a31a0f8d4dd9e6c46f18126279c5d1192ddee08a7057195689954b26a19dcfd2a59febb6556c18c18abc85527372919196b29a737f8bb3b97bebaf3e6c43099064e067f12772c2333be19dd4e803289430a660d68963a26ff1b1c8c664c0318a2558dec140d984837a936651906ab960b6bff8bc8b32704f3e0769e6c85c9f5bd50270bc1030ea71f2db5c43116bd0641ed31ab6db12514aec68febe59e04d2b872c9fc2173017ee6e75a18d6832c9992d1ed2ead9452dce9b2efa01dc97ea31ee5c3f5743760f2589615f45738140d0f8c148f1858d0897094a34727493e607132bc1eefa0d0ff236f9ac5a2a0f0bf06719c1d5061846e427fa36138c808741ccbd10ad3f6f54470804e656a8ab1a9ee9a523bed87cb2fd4d6db8aa6d6b80d1e9886dc12b915665101b9094a22f44437918005356fed797ebd97ec6493bd681f69321f9735ae6d3d6822818c7cfb21c5f3a0f9d5b8ef070c916fe9ccbbf04128a27e7928e3572f125b986c52ec0de078b40135b922a2feb294b0349df06d1c3e2c9d2ed2ee88b7a1673423c6baedb51beb8f8cb1b3b986d1b9632fedfaec8e9a237311beb89cb0dd7efaa5b68537641d06b7cbfda581344c87452b4d3fe96cea6143378c4dd7586a9d55c666cce828ef91a35f3f0a5c9c369bd20c1bc7cc77fcf316a567fa21863b12c43faf3b9588dce4caa151937c6ee699cf49dba041775773ae062c69783758513a178bf46d2d40e24afe8975dd768a466755af2ffbb9fa728724a18fc9f427672ad5867a72ae8caca60fcc90cf817c291a2025b5243ae36e200b5e5c9ee4e90eac775c3b29fe1df8c35716f37d11961084fc28b0f8855376ec85d7741535f88db7977629dd832f06bb258e9a88cfc8671df2763fd9383a777f768c7aaecb9a7af9e76bb719767767c3d5178e2a10765c6b2ae80753f403125a9203ede6ed44eb96a1a010842f88f020dbb7f8df8bcbea0b60f1b99dd9b9aae2dbc995edc8ed82ec5e21e8d5e4d8d9fd0bfab342db38d12bb24c20c2a579069d74624db16bb9ec501312d8de0e653e9e74668d0ed05ccb0eb99db410c0000000fc246302635630b295ccf849e45944a25baa7f4651fa37f147e0fa977c0304e7cf25fa78260ca03abe8dc32cfb461f019f7d82194a98daae521ec4eaf3e138bb95b09d8ff2f106febcc126743abc8f8b707cd2cae1548c6fe54f64bf46c9ff03975e0c37eda3d485ff76ea5ae71fa5a2ca0d9293ea0cd4186e6e2e26fc2ba5e2cdde9400d9c1717058157a8410c9cd7ca4e679f41d8932576e7b292f28dfb9775b0ac5eb5788a8ddf797e32919e7a41c305af2e4e37eb4d5600", "1acd2077949cf1f27e1e764566e4cffaa168dcad09bfe7c84a06d9db78a4e8f0504116608cffa736ae4427d04f27d39e5de80f8935f281bc483252d1c4e0dff576831d8505d3cf34ddc4f4760b53ec5182b54b352dea1b5975eea9b6bffd5b66524559c7c3e9981d7a0ff5ffe6814c923871db66426d98286aec1debc56864a4b29ee5cb46989af08546d6d1a5d9da45db7d8abea1d392d0c668cc040da5d129ddbbe6a95a7d9e51a13328ea3fbd9ac81f03914ed9d1d2b72c234093a351f7294556996ca5459d796cb4127a9aed8e0cca398d1b5af6eae257d02db91a61d49a5677ee9c8caf1855edd2c25b9b3a9a5174d2193108e5e87d781780d9506a890687c80c429f3a46028ed71364c4b8d3b2380b38d2cf7e447dee058f556dcae2627e49dfd316d169d382f2b6775233157f57c7be54b105e2493e140ad97ecf9c12df8f0db9a973d0ef9197ebbdebc5e822ee06852a408560c7f19c65ab8527edc9ec1d6378f2c748f7e84d1d6e98de8abab3e0e42a866e1ec5d00822b124a98d77e9c8dbb3ac6648afe409b21e1cf2f5458a0588cd11af6887f552f6c16a801abf2594eb9a80e704b8053573f661dd29706e71060b630272037144b33d684f66128950510d4138785418f726eb7c7f84c7dda646b3647d673122f95ef89c863c3d4adec4477664cfe911683f19862cc918451f70a6a359dbc66b3599c0af91858ebe13c253a6e9a96758955fdfd1be103777812339e3786484a25b18994ba69b4275f26a64afb9be5219061d94d7c472236f1a20a9217d70abab15182c5f04c6080d535e34045d6497c1c8a2ea53fc022eb159d0d1be59a21f277ce441f3c5cb03ef0e7e1ac63177dfe567e2cb9055228f32c9ca6d38d99093fdc129951380cedafcca40712a2da5cc0af8d872d8f848ea5ff95210a52d2390e236da76fffce86cc8a78a8ea0e1e4464ceac9021556d29d7470ca19849b417aa6aee032f3bd437cb5c839c9f5fb20ec1367449abfb5e19f8365b7947bda60e34136e2eb53e0243766c2718d4bfe6eec77f8ca04d177cc17bad59d651a08349651de6d4dbf5856a6d42cc8cb2441ab7dfa9420d87d4a5aa5914f619b2478a0d68a98280231c8e7558d11eec87e80f2d039b5d6b287d9b3667b020dc45b999b162247bf38f5ac5fc99b5eb6ac5939d35d7d6e71b366f9553ada2784671aecdbdcaf42a2f254dc0289f7be9c6f0c045b30f63ae1a8fac778030f27e04e980bae66e474bc4f9572b8a0d8119ce13ea2ad1285b3397bc929ff26a2ba1ef2760c77e3e114d15742740b27796cb2fc84761db427cdf3c63be71fd6734ed2cb1300a8d5e2b1964f2a0320bfbad8e9bce0cd9329c8c41d79107d77f65c99f3c03813c1f0f5351869434c2ccb685f1863fac38a44ecf354ffde4926ae3cee90833db386633e6dba3585ec36f1aca6701d4d1fc13ac1c5d4cf2ae8c8c418da372bce96451dc2add28828e45ce3f6e35da3d49dcdb8ceb084a581b68fc5fcd4c45246e6b215ca98ae7239c317fe45404984292a83ac7e62614665bec4a5e80b055a0635003e93172e2045ec88144d9d7a2b50c45333720e2273b165147a0b1af77fe87089fe8c0fd32c4e950aedf6798c9007575dc86c02089414089527baf9bbbe5eaf4d58289de0987f8f310d7900ef2350daa438ac83ff255344a2bc814a3e7055269544310b0fe78b07eb0ee5f16899fc8bdf8e3cc47d27a44c93528885452195706091eaf15930f9df5874c19d0a1deedde0cbe9cda7f0618c378bc4ba6fbe911d546c7bc76954fcc6b5ef56c77d306421f9d24e0770cf8b578aaa6276bff4b98e9968e9a1f8c78c6d647d8c52a42d27ee8359840747913e0983e049ad77d87e35800eeeb19cd786a5edf6886e610f51b4d2290d959c7fe906dad2d3e2a5648c5ec0d48becaf209fbb6599d1b0d6299cb2b2fad3b3efac6ba0911a63ae399fa3f19adecc9b10533c99bba28bf9e37600db41c2b463c25b0602fb86ef043ee72aa26e7f102c3afe4073d1318671a514f8320dcbc699514792d5c90c34fe6809102cb6537a4e76530256cd997a1dba4a75b1578c7f12b409af040afa35c54001a4abf1c402f91413995ced6b64256684c34283e644246d235af905fa2edf8f802a65c1c1e0ba24ea656cb3b1f876b6f335aed27c3a6e8da53b1b9c283d299390310df6dc84e5569ad3ac1744824b329fc24cb8612c061b09440464c1168012dc40e8df788f9c708bde6bd4eb3f6111729b08796d0243b07a21ac542ae418f19ec3d7171197c8ca216b20f786784400f2834d98819a5fbbd909677f7d7309dca5c0e2cf74a8a53c1791c78488fec0520d3c71a9698e5040920acc5eb7764f4c295cb2f00b5a62d5fc1e1d0040c639886712ad4fece171739fbc0519b93c8bccac49f871a0e2f5ba97331be916aaae29b8cd646028629cc227b916d1d8b4729da3baffb0e39b533e039eb9f10073c156485902745ec60b8d281b2f84a8651fe4c533119bab8424bcecb28c067ffb1e03e05bcf9d6d44dfe0782e072934fc36e70b1acbf30387495618ac2729811aa6c2901b109b33a0010cfbe666fe9fcac86cc81023dda253863714e89c78265e219d00ba20b3c846368dd21816f699a6af20a290f075f4346b98ad40d69caaf2614856c0bdaa661907975679f5cb5afd3738ba811db58123922647476de50ccf17360393433b547bf0377b2115a7cd357699d043bd80981a2a28c638f7c2e725d85f9edd2fdcfea1f7e2bf02f9f0d4236c9d14c6d382dad99192125b219eea6a13b5685efcf34454d2a12537c5354dc5e34ecda968422cc472f0fec174b95cd298e89e7efbc164465dae45059a40e104b1a980ebc781848b0109ce9cec600b190a34dcf741dd6145d56c4ec27c983a7d6328130c122217bbbb33e2cffba1a352b6805dbd715772153b53051db7215f475ba8673b0dd59e2db414a658d3d262c5304d300b930921c7c0a9910eed96a705eea2c8657be193836a20f23fcbc8ef105ca25551626caf63c511d3c9dcffd9d485f27a63b6992e4b6fa26b02903a4da52fd7fa06397fe2883f9b6a4cac2ffb8ce1f476ec72bccaf0ec7b16e6f601e72f46e835d9bc2a82dccaa449728d22a7ff17772276f54073c66b184de0fa7f681823dcb7603a20aa94b76a9b7adb9f11f447b8764b2d719bea91ea32edbb4d340d18f18b3f53d1d07d0405facb202c30ac1ec145516e071cc71c59cc6205db061a8c19bb2d3ab463f6fea1c6d3b5a69d96e5b67ed569e1c04cff6c9f69ab9343e9a71bf6776d3b84b47de2ecf9a0d45515ef5a3b5c6d55f2c6543ef2bf0eb795219da3026ab06c9ba9bbdc30d5dc7c3782a9f58141a63f8d4683ad5c1d156c92c508cefd9702e9267263e34ff96800c425f768bd204466f4f9badabdfaf35e1a8096150e8afeea3a30586b89d1002f041612f8e81de4dcd268bf538307c4d28d1d2ae1af979f3b02017ebe942cdc8fa7964fe978254eb15fed7478e4200e381409486d37e0205c597b5ec19243ab547da051dee03f18e079af60dcb2095fe86f292a4b4bba8682ed8b220c0b48958882aaa7e93448bfecebfba6ca3ef28e0752080cbc9f752d6da814a9dc5bc552d9fe73b8a1df8eb0158df58810fce8719f11b04c4e157ac8ae3692f825a4569ff859273775c45eb999fff7a47ca461b2fda6edfe8ed8371ed29c4f7499448cfff0bc47ca1d8fc9eb35f79db389781c36e89541b686edc21f088463b2d26fd9b650eaf5ed1cda0f00040000000000009b0c527ba655252f77b77c2f4cc0f7741c52a57629fe511c5f9c17ee44fec35da363f5356343037b2705a393115062719e6bd87bbff2472a7833be6d2270fe5ff4cc9f0439a53adb91fe1520ff4841c120e80c99fcc2d0ee794fa8c91dc9c4227ef9f9ac784ce41abefa69b84acb285e385b74501ea137be765172d90738f201497cb7c992dcc2f17341c9b6a0ef3dcb14350669802e3295b5a133142df7bc5645bbf222d2da033ee4cc4f225f248ad88782945869c29943eb6498c87c2b125fb2d4067118c2b417308a1703fd9f48c48ee2a9c5af44df473e3b99b8a941fc4967060b4960864bc97e4f2bf53e7a5c2ec3d47e7bf8345b56a4df5f84d0523c1b6cf9399110e393474b3ece22c4923f531ff12242d5e2b293846a7ed06e3e7f062cb173431a2b680188fb46d2cb74d4a0d9dae59e2be485aabbb54c26406e6e77de3031e049bd8a49139fa62151716a665fb9f1966cf6c57f4185f7cffbbc43341f3b69a3ae0a4dcfd9b37f0035a69ac552830f0ca56069c8f69162280bced2ec30c6789f32cd38d7f97953f0989b65cf90f01206b20b0111a3d22f3d2f85104b03283f4fd7b80e53f20f1c91d5bf3b67aac25c4300b3191c1f5d7bb0fe112deac0f6acbea3b57c20c5d8f0bad48873a7e7347ead5a4d0b73041c86bdcd3b91d6cbe0ebb5824fb90cb4e74f439505074f236679c4ea4015fbdf0c44b4063b62cdced485cbca0eae2404da7158a974b7dc14c5207107d5424de14a35739f68f3f151c6de20d0ad19d06521baf26ab2cb7ff7e8f83d60a9f554367f99fa5c44910b886e1c9c2418a7a4b33f19fff9af4724c7c8251ffc24cc4464b8804b6704bc0572b23498ec92263d37bdb54490f3316087c5b192a20027ad6cf1a2c3fef8043e2847b8734fa8dc91ce992474796e3f71580841379279f8b10ab8e6766196fb5a9b2ff44cabece6930fb9f32e867047313410c13b11a8a788a29ad93a5b9ae1b960a46fd48fe5cdd7168815c67b267065453547cb60db74f37238b2f7f3c78abc249ffe118a1d3e7eb5cdd326ad0a07a50bd24a6be4b5e56fade7fb7c3b515b4d0b16884c9eee7ef9c82f2ea4d89113e950622cee8e63519a899da3ee83bcd369b01b373934bbed73d8f94e3312e72d82d3fb8b8e65b0f5580cffda633467fc3285023159c3ac7273a46275d874b87254df07ea15d0806f4b8312c4e95235cab31e015a3603906c188233db45dea658dcf694f5097a9e26aba8b58e248210fa5e12fa08cbbe0a01afa9b2c36d38d298dd180ee6e358d45397471bc064e2e8e51da189e98bf41cc30b50b0d937e8cbfc5b138dc66143716b27190689efebcaa5676c9eb370465f77803b219b0ee1f65f343d70b01435f9adc46979b121944e13a02cbdd47a9898b26d6cc5294a9358971bad37a6b01d8b2ee251e50b02acbd560bcd4a212124f308d87eca79d13c77b90510675989ffb70a9d5643df2db6067bd4e0fd21d0a40b84177279587777f763bb9e2fc99186402ff1905eb61b6ea3bef862beb10ede1fbca93f5b426f683bb72099ffc61c99d8a7527fe9167b13d786402864d2b4237fa47426f46b6d5e0911de793f73610b46de4e62b8a67aaed298a9a2d5b5c5b7936f8bcc62a8f9d64d8ff1470a386974b35f382f42ad1fb2c9de214b35aa0afcff7806d7601ab9142a0dade5c7a9e6b0c16027c4d0fc413ba5d16f0d4826b3f469afa6e5ce4a19e21d2a2c2c1e3055706d0ce371dee59a06e534887cf5e300bd118b7c5e8eee2a8fd4bf6ca96df566f49049bd25533c8ae08eb2334ba183529c041f3d9b45139173f3ee8b1b8f8633c9cb7caa735805d56b1e3119a97f3ce86ecd8f21256c0a5a54266cc00927c881ac18fef64f25704b3f01b4885a9c4053aec5bfe5be638563267548cacbad2a95c3c48e6a913bd87ec0c489c236214b650a17d27081ae8def0d27c0d6a25553601875192d11c9e3ef2a3273c1f9b079"}) (async) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000040)={0x0, 0x40}) (async) ioctl$KVM_CLEAR_DIRTY_LOG(r6, 0xc018aec0, 0x0) r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/oops_count', 0x32b000, 0x148) mmap$binder(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1, 0x11, r7, 0x0) (async) r8 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) syz_clone(0x802400, 0x0, 0x0, 0x0, 0x0, 0x0) (async) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000c, 0x13, r8, 0x293f000) (async) openat$rnullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x181181, 0x0) (async) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r11, 0x0) (async) ioctl$KVM_GET_SREGS(r11, 0x8138ae83, &(0x7f0000000200)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r12 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r12, 0xae60) 921.913556ms ago: executing program 1 (id=356): openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x8800, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000008704"]) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x13) r5 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000080)=0xa) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) r8 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) ioctl$UI_ABS_SETUP(r8, 0x401c5504, &(0x7f00000002c0)={0x3e}) ioctl$UI_SET_EVBIT(r8, 0x40045564, 0x3) write$uinput_user_dev(r8, &(0x7f0000001740)={'syz1\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x1]}, 0x45c) ioctl$UI_DEV_CREATE(r8, 0x5501) mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB='max=00000000000000000000001,stats=globCl,stats=global,max=00000000000000000000003,max=0000000000000000000001:,silent,rootcontext=']) ioctl$KVM_CAP_HYPERV_SYNIC2(r7, 0x4068aea3, &(0x7f00000000c0)) r9 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) ioctl$UI_SET_EVBIT(r9, 0x40045564, 0x3) ioctl$UI_SET_ABSBIT(r9, 0x40045567, 0x0) write$uinput_user_dev(r9, &(0x7f0000000840)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x10, 0x6, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xe, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x2, 0xfffffffe, 0x0, 0xbb057253, 0x2, 0x0, 0x3], [0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x3, 0x0, 0x4, 0x0, 0x7ff, 0x0, 0x5, 0x0, 0x0, 0x6], [0x1, 0x7fe6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x20], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc5, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xfffffffd, 0x0, 0x0, 0x8000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c) ioctl$UI_DEV_CREATE(r9, 0x5501) r10 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$UI_DEV_SETUP(r10, 0x405c5503, &(0x7f0000000240)={{0x5, 0x0, 0x3, 0x6}, 'syz0\x00', 0x3a}) ioctl$UI_DEV_CREATE(r10, 0x5501) ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000340)=ANY=[@ANYBLOB="010000000000000088ec00006a000000000000"]) r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x120) read$FUSE(r11, &(0x7f0000000dc0)={0x2020}, 0x2020) 752.973969ms ago: executing program 2 (id=361): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x103400, 0x0) read(r0, &(0x7f00000004c0)=""/92, 0x1001) (async) close(r0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs2\x00', 0x1ff) mount$binderfs(0x0, &(0x7f0000000040)='./binderfs2\x00', 0x0, 0x1000020, 0x0) (async) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000002000079000000000000000000000000200000"]) (async) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/custom0\x00', 0x2, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff77, 0x0, &(0x7f0000000140)={0x30, 0x30, 0x30}}, 0x1000}], 0x0, 0x0, 0x0}) 578.959082ms ago: executing program 2 (id=363): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000440)={{0x4000, 0x0, 0x43cb, 0x8}, 'syz0\x00', 0x22}) ioctl$UI_DEV_CREATE(r0, 0x5501) write$uinput_user_dev(r0, &(0x7f0000001940)={'syz0\x00', {0x7, 0x5, 0x7, 0x4}, 0x15, [0xfffffffe, 0x4, 0x7, 0x80, 0x9, 0x7, 0x1, 0x9, 0x8, 0x8, 0x80, 0x2, 0x0, 0x3, 0x9, 0x6, 0xa1, 0x1, 0x3, 0x8, 0x40, 0x3, 0xffff, 0x7, 0x101, 0x805, 0x6, 0x0, 0x1, 0x4, 0x40000006, 0x0, 0x6, 0x5, 0x9, 0x877, 0x5, 0x7, 0xf17, 0x870b, 0x10, 0xae, 0x1, 0x8, 0x4, 0xffffffee, 0x7fe0000, 0x200, 0x9, 0xc, 0x80000000, 0x54, 0x8, 0x2, 0x54c2, 0x7, 0x643e1dbc, 0x3d3, 0xeb2, 0xc, 0x10000, 0x1, 0x9f8b, 0x8], [0x4, 0x6, 0x7fffffff, 0xffffffff, 0x4, 0x1, 0x1, 0x6, 0x1, 0x6, 0x80000000, 0x3, 0x0, 0x4033, 0x6, 0x0, 0x8, 0x1, 0x0, 0x4, 0x2, 0x7, 0x1, 0x9, 0x2, 0x10, 0x100, 0x5, 0xac, 0xc, 0x1, 0x40, 0x6, 0x3, 0xfffffffe, 0x6, 0xf23, 0xe, 0x69, 0x9, 0x0, 0xfffffffb, 0x5, 0x1ff, 0x8, 0x401, 0x7ff, 0x7d, 0x1, 0x4, 0x2, 0xd218, 0xce, 0x6a8, 0x5d52cbeb, 0x5, 0x4, 0xfffffffd, 0x80, 0xc0, 0x4, 0x5, 0x2, 0x6], [0x10001, 0x4, 0x3, 0x7, 0x3, 0x6, 0x5, 0x2, 0x7ff, 0x7, 0x7, 0x9, 0xffff, 0x3, 0x0, 0x3, 0x5, 0x1, 0x7, 0x1, 0x4, 0x1, 0x0, 0x7, 0xb, 0x6, 0x6, 0x66c2, 0x8, 0x81, 0x1, 0xe4b6, 0x0, 0x0, 0x3, 0x8aa541a, 0x0, 0x16, 0x5, 0x20, 0x10, 0x6, 0x8001, 0x400, 0x7, 0x8, 0x7, 0xf68, 0x8000, 0x4, 0x2, 0x2, 0x8000, 0x7f, 0x7, 0x80, 0x2685, 0x9, 0x6, 0x7fffffff, 0x8000, 0x7a, 0x3ff, 0xc], [0x9, 0x3, 0x7ff, 0xe, 0x7f, 0x10, 0x6, 0xcd9, 0x2, 0x5, 0x10001, 0x3, 0x4, 0x8001, 0x1000, 0x40, 0x0, 0x5, 0x3ff, 0xa13, 0x1ff, 0x0, 0x2, 0x0, 0x2, 0xa9, 0x6, 0x0, 0x1, 0x7, 0x2, 0x1, 0x7, 0xb735, 0x100, 0xc78, 0x1, 0x888, 0x1, 0xdd9, 0x1ff, 0x0, 0x7f, 0x2, 0x9, 0x9, 0x3, 0x8, 0x7, 0xfffffff1, 0xfffffffa, 0x6, 0xffffff86, 0x7, 0x1, 0xffffffff, 0x6, 0x7f, 0x2, 0x2, 0x1000, 0x1, 0x7fff, 0x81]}, 0x45c) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BTRFS_IOC_LOGICAL_INO(r1, 0xc0389424, 0x0) 578.561671ms ago: executing program 0 (id=364): r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) write$tcp_congestion(r0, &(0x7f0000000080)='westwood\x00', 0x9) (async) mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB='max=00000000000000000000001,stats']) 565.886842ms ago: executing program 0 (id=365): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/binder1\x00', 0x800, 0x0) (async) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000040)={'\x00', 0xd4, 0x6, 0x1000, 0x5, 0x5, 0x0}) ioctl$BINDER_FREEZE(r0, 0x400c620e, &(0x7f00000000c0)={r1, 0x1, 0xe}) r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$BLKFRASET(r2, 0x1264, &(0x7f0000000140)=0x1) (async) mmap$binder(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x4) (async) ioctl$BINDER_GET_EXTENDED_ERROR(r0, 0xc00c6211, &(0x7f0000000180)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x5, 0x10, 0x2, 0x6, 0x5, 0x1000, 0x72, 0x80000001, 0x7ff, 0x7ff, 0xfffffffffffffffd, 0x69, 0xff, 0x5, 0x1, 0x6], 0xdddd1000, 0xe2000}) (async) r3 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) write$tcp_mem(r3, &(0x7f00000002c0)={0xff, 0x20, 0xff, 0x20, 0x1}, 0x48) write$cgroup_subtree(r3, &(0x7f0000000340)={[{0x2d, 'cpuset'}, {0x2b, 'net'}, {0x2b, 'hugetlb'}]}, 0x16) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000400)={0x4, 0x0, &(0x7f0000000380)=[@exit_looper], 0x4, 0x0, &(0x7f00000003c0)="91a2b91e"}) ioctl$BTRFS_IOC_SEND(r2, 0x40489426, &(0x7f0000000480)={{r2}, 0x8, &(0x7f0000000440)=[0x8001, 0x4, 0xd2f, 0xff, 0x1f29, 0x1, 0x401, 0x2], 0xfff, 0x2, 0x1}) ioctl$AUTOFS_IOC_PROTOSUBVER(0xffffffffffffffff, 0x80049367, &(0x7f0000000500)) (async) r4 = openat$cgroup_ro(r3, &(0x7f0000000540)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x0, 0x0) (async) r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000580), 0x115000, 0x0) ioctl$KVM_CAP_HYPERV_SEND_IPI(r5, 0x4068aea3, &(0x7f00000005c0)) (async) ioctl$EXT4_IOC_MIGRATE(r5, 0x6609) write$cgroup_pid(r3, &(0x7f0000000640)=r1, 0x12) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000680)='./binderfs2/binder0\x00', 0x2, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000001, 0x10010, r3, 0x623df000) (async) ioctl$int_in(r6, 0x5452, &(0x7f00000006c0)=0xd45ceb7) ioctl$IOC_PR_RESERVE(r4, 0x401070c9, &(0x7f0000000700)={0x7, 0x5, 0x1}) (async) ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000740)=0x1) (async) prctl$PR_SET_TSC(0x1a, 0x2) (async) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000780)={0x2}) ioctl$F2FS_IOC_FLUSH_DEVICE(r5, 0x4008f50a, &(0x7f00000007c0)={0x2, 0x1}) ioctl$BLKOPENZONE(r3, 0x40101286, &(0x7f0000000800)={0x8524}) prctl$PR_SET_TSC(0x1a, 0x1) write$UHID_CREATE(0xffffffffffffffff, &(0x7f00000008c0)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000880)=""/40, 0x28, 0x4, 0x4, 0x1, 0x0, 0xc6a}}, 0x120) 564.922942ms ago: executing program 0 (id=366): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/cpuinfo\x00', 0x0, 0x0) (async) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$ASHMEM_SET_NAME(r2, 0x41007701, &(0x7f0000000000)='#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a') r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000830000c028"]) (async) read$FUSE(r0, &(0x7f0000000180)={0x2020}, 0x2020) mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x128880, &(0x7f0000000180)=ANY=[]) 541.378542ms ago: executing program 1 (id=367): r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) write(r0, &(0x7f0000000100)='\r', 0x1) mount$binderfs(0x0, &(0x7f00000001c0)='./binderfs\x00', &(0x7f0000000280), 0x200000, &(0x7f0000000380)=ANY=[@ANYBLOB='max=00000000000000000000002,stats=global,stats=']) 532.898112ms ago: executing program 2 (id=368): r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000400), 0x1, 0x0) write(r0, &(0x7f0000001c80)="b12a42ebda0a", 0x6) (async) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0xa, 0x2}) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x52, 0x0, &(0x7f00000002c0)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f612948"}) 474.707313ms ago: executing program 1 (id=369): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) syz_clone(0x20002000, &(0x7f0000000140)="fa37b607c6a271e8c8e5b5a4a009d21dea77e188d867a937c5373caf8c24024a7298f95b1421a4d65791b90bf579bf45b19711903dd998a418077b1e2441e00a9117a3ff3597e7094fefd9612b1c09cf230602826a3201dfd9efe150b4be06390a65e80549d9e9611dc513963ff34e56ca8a683ae6ec9533fd3a5875af53fdf98c5850ee427b033ff14a00653f45fb1d0a8779bfb8430f15260669b17e8d4a1cf0c0", 0xa2, &(0x7f0000000040), &(0x7f0000000240), &(0x7f00000002c0)="c419eac037a5206f9c6526cd390fce3b92a82bf5e57837c5af3416895234eb3417ab2c8f6117a8") (async) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) (async) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000200)=0x1) close(0x3) (async) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x0, 0x3}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0}) (async, rerun: 32) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) (async, rerun: 32) r3 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/wakeup_count', 0x42, 0x0) write$cgroup_subtree(r3, &(0x7f0000000400)=ANY=[], 0x31) (async, rerun: 32) mount$binderfs(0x0, &(0x7f0000000280)='./binderfs\x00', 0x0, 0x2000063, 0x0) (rerun: 32) 474.454423ms ago: executing program 0 (id=370): openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x402, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCGSOFTCAR(r1, 0x5416, &(0x7f0000001100)) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_netprio_ifpriomap(r2, &(0x7f0000000040), 0x2, 0x0) close_range(r0, 0xffffffffffffffff, 0x2) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r3, 0x2000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r3, 0xc2a4a000) 469.368083ms ago: executing program 2 (id=372): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'pimreg0\x00', 0x1}) ioctl$TUNSETOFFLOAD(r0, 0x400454ce, 0xa) ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0xb) r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000080), 0x20e02, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x45809000) write(r1, &(0x7f0000000200)="bbdb99c61248df71810108f767558c13b44b5ad388fb9010bf5e6c172ba23e9923d36e85a61562641967f07350c5106cef2f5f7521480ed9bb21e3aad8044a0229fe79b5ebce0ec53ff51b7bb71c7ef63354a141a1175a5d73838de92212b50415851acc8cffa6d14d4982b957e8021f5eb8afd1a57f8fd33be3a7829ac14e2d19e069c73f6ff392d38c0174e2891c6c0ae8df5338d8", 0x96) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000000000005c0a2000"/24]) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000009700)='/sys/kernel/oops_count', 0x40, 0x2) ioctl$TUNATTACHFILTER(r5, 0x401054d5, &(0x7f00000002c0)={0x2, &(0x7f0000000100)=[{0x4, 0xfb, 0x2, 0xc}, {0x65b, 0x2, 0xfa, 0xce50}]}) prctl$PR_SET_MM_EXE_FILE(0x39, 0xd, r2) prctl$PR_MCE_KILL(0x21, 0x0, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000000380)=ANY=[]) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x0, 0x3000003, 0x30, r0, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000100)={0x10200, 0x1, 0x1000, 0x2000, &(0x7f0000d2b000/0x2000)=nil}) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f00000001c0)={0x10001, 0x0, 0x8000000, 0x1000, &(0x7f000010c000/0x1000)=nil}) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1457c3, 0x0) 436.933524ms ago: executing program 3 (id=373): ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000000)={0x3fd5, 0x2, 0x1}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x200, 0x169) ioctl$FITHAW(r0, 0xc0045878) ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000080)={0x3, 0x6e3e}) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) unlinkat(r0, &(0x7f00000000c0)='./file0\x00', 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0406618, &(0x7f0000000100)={@id={0x2, 0x0, @c}}) mkdirat(r0, &(0x7f0000000140)='./file0\x00', 0x396) mkdirat(r0, &(0x7f0000000180)='./file0/file0\x00', 0x101) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0) ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f0000000200)) ioctl$F2FS_IOC_COMPRESS_FILE(r0, 0xf518, 0x0) r2 = openat(r0, &(0x7f0000000240)='./file0/file0\x00', 0x1c1000, 0x182) r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x20101, 0x84) ioctl$RTC_VL_CLR(r3, 0x7014) ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f00000002c0)={0x1, r3, 'id0\x00'}) ioctl$KVM_CAP_HYPERV_SYNIC(r4, 0x4068aea3, &(0x7f0000000340)) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup/syz0\x00', 0x200002, 0x0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/custom1\x00', 0x2, 0x0) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000500)={0x10, 0x0, &(0x7f0000000440)=[@enter_looper, @acquire={0x40046305, 0x3}, @exit_looper], 0x58, 0x0, &(0x7f0000000480)="cac558f19a8147533e9a36bc43ce2c9857d1e7fa17c4e429dcf70c2a9f84d798d84960d9df82258ce27a5131b4112e0e140b9672bc85b837e4a58a00cb8869dbfe3854943f3c58b08aa31cd9cea161b7408aded365f311ea"}) mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file0/file0\x00', 0xb) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000580)={r5, 0x4, 0x1, 0x9}) ioctl$FS_IOC_FSSETXATTR(r7, 0x401c5820, &(0x7f00000005c0)={0x0, 0x1, 0x0, 0x2, 0x7}) ioctl$AUTOFS_IOC_EXPIRE(r7, 0x810c9365, &(0x7f0000000600)={{0x104, 0x9}, 0x100, './file0/file0\x00'}) ioctl$TIOCCBRK(r2, 0x5428) ioctl$KVM_REINJECT_CONTROL(r2, 0xae71, &(0x7f0000000740)={0xd3}) ioctl$RTC_VL_CLR(r6, 0x7014) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000780)={0x0, 0x0, 0x4, 0x0, '\x00', [{0x7, 0x2b, 0x3e42, 0x4, 0xc, 0x1}, {0x1, 0x5, 0xe248, 0x100, 0xc, 0x5}], ['\x00', '\x00', '\x00', '\x00']}) ioctl$UI_BEGIN_FF_ERASE(r4, 0xc00c55ca, &(0x7f0000000940)={0x1, 0xd7, 0x4}) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r4, 0x330f, 0x1) 402.450304ms ago: executing program 3 (id=374): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x161000, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x12, r1, 0x2000) ioctl$BLKREPORTZONE(r1, 0xc0101282, &(0x7f00000000c0)={0x8, 0x5, 0x0, [{0x2, 0x7, 0x8, 0xe3, 0x4, 0x10, 0x4, '\x00', 0x4}, {0x1, 0xfffffffffffffffd, 0x1, 0x1, 0xd, 0xa, 0x0, '\x00', 0x43b5}, {0x503, 0xb308, 0x6, 0x5, 0xd, 0xa, 0x6, '\x00', 0x8000}, {0x9, 0x43, 0x0, 0x4, 0x6, 0xe, 0x0, '\x00', 0x3}, {0x3, 0x9, 0x3, 0x21, 0x0, 0xd, 0x7, '\x00', 0x3d9}]}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) read(r0, &(0x7f0000000040)=""/106, 0x6a) close(r1) 342.857165ms ago: executing program 0 (id=375): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x68800, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000005080000024d564b"]) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x82000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x200) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r3, 0x4068aea3, &(0x7f0000000080)={0xbe, 0x0, 0x1}) r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0) ioctl$BLKSECTGET(r4, 0x1267, &(0x7f0000000140)) ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r7 = openat$cgroup_procs(r6, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r10, 0xae60) ioctl$KVM_SET_IRQCHIP(r10, 0xc208ae62, &(0x7f0000000600)={0x1, 0x0, @pic={0x11, 0x8, 0x5, 0x6, 0x80, 0x1, 0xf7, 0x6, 0x6, 0x80, 0x8, 0x5, 0xf, 0x2, 0x8, 0xf8}}) ioctl$BINDER_WRITE_READ(r8, 0xc018620c, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000004c0), 0x0, 0x0, 0x0}) write$cgroup_pid(r7, &(0x7f00000001c0), 0x12) r11 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) openat$cgroup_freezer_state(r6, &(0x7f0000000200), 0x2, 0x0) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r11, 0x4068aea3, &(0x7f0000000140)={0xbe, 0x0, 0x1}) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$BLKRRPART(r0, 0x125f, 0x0) 342.101025ms ago: executing program 1 (id=376): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_X86_SET_MCE(0xffffffffffffffff, 0x4040ae9e, &(0x7f0000000000)={0xf800000000000000, 0x2, 0x8100000008, 0x0, 0x2}) mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000000)=ANY=[@ANYBLOB='defcontext=\"']) 341.847935ms ago: executing program 3 (id=377): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x0, 0x3}) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x1015, 0x2}) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x100, 0x3}) 275.835156ms ago: executing program 3 (id=378): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xec) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000340)={0x18, 0x0, &(0x7f0000000040)=[@enter_looper, @acquire_done={0x40106309, 0x3}], 0x50, 0x0, &(0x7f00000002c0)="8a3e4b14485bef8901593175bfe04ac0baae7c5651ec6005649a06817a9203cff0f36f848684f4120d8c0faf025780d0819e642ae6cc84fec79002d8167fe3494aac7fd28e23c066793738f2fe6defcb"}) 238.890857ms ago: executing program 3 (id=379): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x880, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='io.stat\x00', 0x26e1, 0x0) close(r3) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0) ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x110c23003f) write$cgroup_devices(r3, &(0x7f0000000bc0)=ANY=[@ANYBLOB="80fd"], 0x5) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f00000001c0)) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r5, 0xc028ae92, &(0x7f0000000180)={0x5}) (async) mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2901826, &(0x7f00000000c0)=ANY=[]) (async) ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r5, 0x4068aea3, &(0x7f0000000000)) 166.760668ms ago: executing program 1 (id=380): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x62) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x400, 0x20) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) syz_clone(0x80001000, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$TUNGETDEVNETNS(r2, 0xff05, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0xa70, 0x0, 0x3}]}) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240}) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845}) ioctl$KVM_RUN(r7, 0xae80, 0x0) r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000005000000014d564b00000000af"]) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$NS_GET_PARENT(r3, 0xb702, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0x8008770b, 0x2) syz_clone(0x40220000, &(0x7f0000000000)="93b83c64d661b944c647728b25d8", 0xe, &(0x7f0000001080), &(0x7f00000010c0), &(0x7f0000001100)="74ca2cf0212f2fd2c2d9da479f8daa1e4f3d42be5ee578f962b5c9a14bcb3db548e887d4d65619a5c988ed20b1cc499cbd224d31ca38bc0a8e4dc8f4eb3e89f9920555b9a7acc869f7045b02a9e58af01a5fd51e4c94a26f9fb5da46063a017b6442c5cbca407a2ee8306fa95a82a236b5a12babaa51a71cbc950b646b839e2f580917442d62e73d04fdb4e17b5a067a022c82aa07655ae8e63122ca91f835063c3f3148501b03991966d191c2d1c6bb4f955be91555a157b38a941beca63488ccac8e944a3c8e40d5e3636f0c6a39f71561e7f4dfdf64e38a90da1c352d382671d27774b1c6678aff0ee210d99fbab86c3a037f1884775f2b686381fa610b8c658c8f5b54f0c8840ad4c97bbb503848b9fcaffbaa98be50a53c1c957bf141e2f121aaf2794e400ae79f3a7256a00856b8ddd40bb5b9cdf3c227bb2e9f3f65377ffe9da52c239297fd4b60a55f6a3b412a13406d40361822d5db0363dae74520f0068b188cc1ac54e468f6af58ab7a3785d3351886c5b50bb8c4bbaac901d3b80270b123c90aaea10ce21525af1d0c4b5a3934ae32978595dae973d05b375390142586bdc08cfd02bcb5eb0ea99906d1564ac0f3054c31d23004cd555f1746d597bf0c7181fee22fc1d8ae43a24c0d8f96fbc08982a6772fce92472a483b6626b28d31937de544cbb0e4e2cc451d0cf56813392a78e671a239b637af40358a6515395edc9ae24aceb5c23387ba00e13dc8721ebcf9648310cd92fcb2ad6d60a63f31e36ffd1604bb7758149b31031cb2a3f2f1156d7c819964d692f39ade319187f321c2fa5e04bfa8ad96357f044ef9f0bb627406e56758de70d7857eac4bb00b5703619c7008dafbb022a2f08405955d33c4eafe04bb0f09ae09417b9561c31f0ca80b6f9f6b7e94a6e56d77139d90db50a17c5c86143ceed4d7016338179f51b0f2db5bfb017d9935eb1db5e6286ef0e943d25263fb9db796fbf149ab146b141b158b337f7a1902a0ad27d7014dfb76c26bb7c3291b9fc4cc3d1ac6417b6698ad40edeb69e37b2d8373c2854eb66853343739f9d8cd2afdd3ae73c57b2349359a5c89467b808b080b48f98106f0dafa712373323c39fd5849dd202dee88ade9570668f987a459f33002081de76476072725c34f61fa8f4b52754ac96a298d841a67a3dcd40780a746e66c9254969dcb8b723a4671be30280b2e90978b90b4857f17b665cf6a722ca8eb92d6b6f405adbb52aef95bc0ae1718469e933266f7b708263e383e0fa2ae442060e184ec1aa1f3175ec43d932da64fd484addc4b1c8e79f5cd9fee1e12884e7a366b9f7941b2911d3212731dd7589d99c504fb0618747b02cf94feb8e005ae46539dc4e29a3f49349c50e88b33debd4a7728aaba506b28e635c171ca2782d9f2ec38d38cd69fcd5c738571febe64a054cffad9dfca8dd9f1f8c6f6da89e0e8e1570ccc4c7993f68d61d5784db090d660a811c8dc889a07e3a572156bfad6078c806c3b7e1fa9a9e0880e70b672eb3b5b4a44830d160439bba3a8932dab732e1fbb67d66091a0be45df894e774137dff527a11db9acd729680c1c914073f25c93e89078c85927a33b101ae8df3705295a99ff365d3436902a4fc4fd1637072bb478a1b0e509e9a91d93bbbad773794137ba3e1215740dc3b611bcc9fc3cdb3d855489fbd53bd8f1edfcb30746fc825fd4f9e2b64f8598b6f2baa21b4e19877b408a490a91644c396500d44f0ec28e0fefc2e9fe8801a6e755a33cbb671fd9c32bc28bc53b96a00da542bcd6adb8fc59da55254f72dd8691a8b76e86ee98f44fbd09b52247d0b4d1ac435cc2939220dbda2b0321376194a881c0e1509150513efd37aa5fc3534b06bea6ce8db430c7142153c1e7a117ccea97ccf2f2ece3f65efee199faeb614b3b73b47b75be2b7e21a1e4368b1f952cfd478b5b0ada804c7fd9772e92f7b31efa9d9a49568e98bccf7cc0d71926b2b02e0c3598bf41d2680731778064ad645c5c5479b1bf8c628a7c767de2ca3d6924514cfa68c23b7fb960adca0ed5b0e1ff7ffdfc837bf9254809cd1ce019af5bbbefa752cb1e7a73a56df2aaafd7bbfd41ea64ec1562c96532ce19d4bdaf01486c72789e3fe4f2bc06ae6fd146d61929f5be451ae0d0e90e6fae48d89ed7e1ca0f95db4430dae83606778f46f49e90256fa3c4ba2b8c5d47358e15c205bc3bbc4bb6a1404214a29940672f77f0e6bb76aac945d2a96c83700e9bb625e164af2e7c313c7f1898b4360ab90059274dbe40e4285d1d3df0b150844a2df8ba78c4793a3c3439ab56fe9f136079aeb08304b28bb95e1d03a9bb6a56ac27ea3f0a1a92bb02a00fafb45065a04950e9fc5538d05c90b71aa54f322c0dc45176fb8e7bb19e1700fc0ddf6aff90a938dd53425cdd286930d648df03725eaf874ee7c882870b688c1a8dc3eeec82dbf25e94a972d7fff700c23baa567f9c0006f1e10d0cf28e6c3a29e92c9ad091e646ba84a2b9ebf18a06335917576bfe3e69aee45c4a26ecabd002e3dd0cc44bf402d1d47413b9bbfc928f4c77d76a95da7072fc442429dc625e67d679a5e5c275185ecc962087f6b1b7759050d730a83029197678e7625eff6d818d118c5d33395d42eb1cfa4f3c2174f855c650b18fe50f26a8992b44d18de0cba32c88a5a04154e31b0148794ae78090fb3fe81f7aed8b7cd0e8e4995b0d7a3f6d95f90ca953e3d149035d669879a96e9c64e51879c19c11d19d6c05baf35ca90d9133288b0ba5eb70e7efc6ed11cc7b71cc0ae821328d6f6972d788da6ff58ce022604ff23827b5e1df7ca182a802d5701c5cabbcff9cc978bb5b23050b2c98817c7cbe87ce7787558e71694fe2e5ebe9768e244c07632885c10cde3c3d846ef5949611ccab097884943d4aa6eaa8537ddd0354ce1910e2eb84d0cea9634f5dadc6ea7cd78785204ab8416513414e73c99fdfd7b3dc49d60ecdde8dfa6e50f759830dddde180170ef8fa1dd20a41a4d52771ffb0b7c12fc19cde609e41765a5d23efc57281f2b04c539bf9be896470b580173be33b503599f56be9430ec27c3a59dd82986aa647c628b5e8f62a1df23abf10507a86079c536f832d997d5f9c106519aefd17a1bc35f8fde502e17109a99bee2b773b803606334602a03214b77d2706b1d489ae13df26e256341398cf8359b8db6fc1a2267bffb7137a322b7b28ac182fdf50ce8981fb18bb7b3bc26d2e7b3a98a83d9447315d04010804fdef3ca53761fcd84e5b76ae29f34486d13cd4ef907f5c153faf040061b49b2330435176cc98530c078a58b5e5bd0c6a9258a070346877cde79672d57abd0d14d6b389f646f70befa96cd78c8b9d01700a1aa0eb1ef0b1c47c7e5cc39b68e88f0a6fd2b5e3c6bf00d4de6712d87a20676a7b21ca9a8913298922848e9629cfd46fd1d85fee735344c14d0f0bfdeb446e761b8137ccd8159afc3dbf44aedbd8fd0226d35374e394106a264e231476efb0ccd4f8757022ad5e0a0c35d8ad3afdd0ee3b4c6226483f9c79b1f62acadab1184b246b6bb90e60bd417b126d7088171bc78fa8e2fa7360ae0ec6c6a1d620ab14c90541670d9fbbe911db9358bb646ab106534631bdc349528c4b45a05972d224dcb50c0d43b97525bf34e2a426a7aa33df9f3efae49fa2de908dbd0bca79df1b509755274188584cc8af060e78160dcf242a70684c2cd55f466cff59fc0fab2b73954ae2e89bc7822221c8f84a6f50e9c6e973ea5c3bbb726bf4b790a845c78304424db2fb30a8401f0386a42fc300555d4547807258019b8b8dde18a4f75dd4bb9c7bd65d59b127d22239dcf4cd82297dfbb3b205aac995b1fb36a96280e61a91d74e4553359b55303bc31c93b2c8660b19f8d83af2a4900e465fd1d26bc45251a3bb639e19739fd213b752041de97394757e38fe4169070507a3c84676b2250df24eb94374f9683a522649cf7fadfab0d97a5b15faa76d9557c4913dce45dbcaafff246d24fed998928e9ba2f9a4e6dc49dc02bf284313399e6bd4fa6acb330362f8f7c6546145050c8d742f34ac0a9679336d4710d916d64a9a2ec9e351c02c5295bb00e45a69a677ba036af404990ab03a7244e56405dd98dfe2eb8ee62216abd91469b850eb1170051955336907d665c91a4b5e3cbfda67c96c512c2da2adfdc58be8ea25e931fe5348c5a21c34884592b2cd69495a84b9beb569f64d9c441ed6d2b2c77f46140eced2024b0fe08a749d320c02367023a75e9b86b41a32d12ce483615e1c2dc292d4f5fb923024343a0399d6f15e44dcd12fa54d587c5f9f15bd4b1103ec6544b44c52a42f63b44bd155c39cd795639e78853ac0bf206acfb95efa7db348b179db3071dc3baf24170712156c9cc1789b8ebd49766401e01b37b585012fe5849e4bfbec5d017682b2ac45f36b36f2600bcbbe6394ca59751fd7e0310d0309faf279a35583249458236294537e4a46e6a4ec1803763d18e14e06cd8e3bca0b134ac04d068a85c2b5b155a6cda40c96e178de7bcf93345eb99f2b9d0a92a3aaf55ee07631726eeb51cd2e6601b8ce496c5631485f4870dd9fc9d3388b4e84eb6b8c5da1f914cad01485c7f9331e6e39db4acbaf6717d9ce1422c8279872b4524573ba4b7e5e9719777828bd56eb62f997bb90ab89fd5976fbc0a01050f39819306706be1472cf81fa5b52d7c2e5daa99e608b5dbed38a39f59b9a26a8f9383cc59f519518fd89153b84c88189ed12535707d9ad02dd909e00d7d27ab02ee02c938c42e0b1675fe796558970a3c67a36ea8c321432530f2684850165896864af3cc232158de332c50a5e8a32f63bb460af42c70ad113c9006f081296f1787d13ef793387cb0d2b23e52b2a197cb67edd44a1b695476155b8c628ba4d7d1205419bfe06529b044f3ee532c298d42b6bca714fe90f4024c43f17a462d976f61327efe40034b3535d09e85004457d60b29ac9045c309d880aecf6c05edc62fb6f595b4b4fe504aa70d19489ebd272e6bf642cbd3d16acaa8c39b7753db4a631015c2b861ed9613c198dff315352ddba4cf2adfa15cc281ac06bc60932358a8a6510bdad3f5d6ff9e37ab47a28dc22ab3fa8607cedfd1bdd07cbf668695be2e8094025e9ecdfa8a51db4c24adb7c41a17d250974abe82e19e3bf86bc02c491a7b2ef8b9ed884b851b6b37255eac502610dc83da5477cd63d13ad94b3ad84a0b98465ea8a8338d71cc2fd27662a38039e49e5bf6e367cfe3f0f0b3f2cd0af2aac9bf37b909d92f258e7e87b726eadb8a414655d67ac69f7655db45ecd130395d72556bceae33e8274c92c528a38b657b14d09dcdc0c13baf06c3e57ff1d9271477bd5e5994162cb134ac0ae5c672c706f8250c229c70f7838f93a60c016f6751681b4b30d337e990b95ddf6e5eb4f6d647a7da25cde6e11e209b957d269eea162a5a87efb9c1ee0e2fae4e18e026553e8b4305b795c966539c7f7ad8c91b15ed70d851c1ab86c4ba2e68f341f25b03755d1a0fbb68566ccf21c0975625b3c7fe9cabd9c1032c06afd9bde0ae983c5ba6c51414006fc8768429bbc4f1c7c83be3aadd3679f3a606a6f525f226d453771c31ceb7db427861667bac3d4f9d0da66f3baed71f24ef7e44e26a560c8ad8475a4d3767fada4dfe5f17f6c7d7cd7f8161d5341378f7d2a5d3a3a6812e900193f4a47c4a973e5c4525b75283475213a2ec4d52c830053d710e614516982089a48f014c0879c3e88d420cc10e95899d44e85b12e4ec88c5203c777d") r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) 162.278708ms ago: executing program 0 (id=381): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) (async) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000200)=0x1) (async) ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0x8000, 0x5, 0x7, 0x1, 0x9, 0x3, 0xbf, 0xb8, 0x3, 0xf, 0x5, 0x6}, {0x804, 0x5, 0x1, 0x5, 0xc, 0x2, 0xff, 0x5, 0x9, 0x4, 0xb, 0x7f, 0x3}, {0x4, 0x6, 0x38, 0x6, 0x84, 0x7, 0x0, 0x50, 0x2, 0x70, 0x3, 0xa, 0x400000000006}], 0xffffffff}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xea100, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe0000, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r7, 0x4068aea3, &(0x7f0000000240)={0x79, 0x0, 0x8000000000000}) (async) r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r8, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x0, 0xb, 0x0, 0x8, 0x0, 0x0, 0x2, 0xf7, 0x8, 0x9, 0x10}, {0x8080000, 0x0, 0xc, 0x0, 0x2, 0x0, 0x7, 0x0, 0x25, 0x7, 0x4, 0x4}, {0x2000, 0x5000, 0xc, 0x0, 0x6, 0x4, 0x0, 0x0, 0x2b, 0x0, 0x4, 0xfc}, {0x3000, 0xd000, 0x0, 0xff, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4}, {0xd000, 0xeeef0000, 0x8, 0x0, 0xfc, 0x4, 0x0, 0x0, 0x45, 0x3c}, {0x1, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xa, 0x2}, {0xeeee0000, 0x4000, 0xa, 0x5, 0x0, 0x0, 0x3, 0x0, 0x2, 0xf, 0x0, 0x1}, {0x10000, 0x0, 0x3, 0xfe, 0x0, 0xff, 0x0, 0x2b, 0x26}, {0x33328004}, {0xdddd1000, 0xfffc}, 0xddf8ffdb, 0x0, 0x0, 0x430, 0xfffffffffffffffc, 0x2501, 0x0, [0x100000, 0x0, 0x1]}) (async) ioctl$KVM_RUN(r8, 0xae80, 0x0) (async) ioctl$TUNSETLINK(r0, 0x400454cd, 0x308) (async) ioctl$KVM_SET_GUEST_DEBUG(r8, 0x4048ae9b, &(0x7f0000000100)={0x30003, 0x0, [0x7fffffff, 0x1, 0x4, 0x3, 0x9, 0x2, 0x4]}) (async) r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r9, 0x0) ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000380)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f00000001c0)={@flat=@binder={0x73622a85, 0x1, 0x2}, @flat=@weak_binder={0x77622a85, 0x1000, 0x3}, @flat=@weak_binder={0x77622a85, 0x100, 0x3}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0}) (async) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x8000000000000000, 0xfffffffd, 0x0, 0x20, 0x0, 0x0, 0x2004c9, 0x7000, 0x3fffffffe, 0x2, 0xfffffffffffffffb, 0x9, 0x1000000, 0x0, 0x4000000000000004, 0xfffffffffffffffe], 0xffff1000}) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) r10 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000002a40), 0x200, 0x0) r11 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async) ioctl$KVM_CAP_X2APIC_API(r2, 0x4068aea3, &(0x7f0000000300)={0x81, 0x0, 0x1}) (async) ioctl$BLKREPORTZONE(r10, 0xc0101282, 0x0) openat$ashmem(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) 96.532659ms ago: executing program 2 (id=382): mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0) (async) r1 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000240)=ANY=[@ANYBLOB='\n\n6'], 0x31) mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x0, &(0x7f0000001e40)={[{@stats}]}) openat$binderfs(0xffffffffffffff9c, &(0x7f0000002500)='./binderfs2/binder0\x00', 0x0, 0x0) (async) openat$binderfs(0xffffffffffffff9c, &(0x7f0000002500)='./binderfs2/binder0\x00', 0x0, 0x0) 2.77731ms ago: executing program 2 (id=383): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/custom0\x00', 0x800, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240), 0x2880c2, 0x0) ioctl$BINDER_THREAD_EXIT(r2, 0x40046208, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) (async) openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x101800, 0x10) (async) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_ALM_SET(r3, 0x40247007, &(0x7f0000000080)={0x19, 0x7, 0x14, 0x15, 0x5, 0x1, 0x1, 0x73, 0x1}) (async, rerun: 64) ioctl$BINDER_GET_FROZEN_INFO(r1, 0xc00c620f, 0x0) (async, rerun: 64) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0) write$cgroup_subtree(r5, &(0x7f0000000100)=ANY=[@ANYBLOB=',\n'], 0x6a) (async) mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (async) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/255, 0xff, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x31}}, &(0x7f0000000280)={0x9, 0x18, 0x40}}, 0x10}], 0x52, 0x0, &(0x7f0000000380)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f612948"}) 0s ago: executing program 3 (id=384): r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffa) mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0) read(r0, &(0x7f00000000c0)=""/179, 0xb3) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) (async) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffa) (async) mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0) (async) read(r0, &(0x7f00000000c0)=""/179, 0xb3) (async) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.10.29' (ED25519) to the list of known hosts. [ 23.980771][ T36] audit: type=1400 audit(1750385710.100:64): avc: denied { mounton } for pid=281 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 23.982446][ T281] cgroup: Unknown subsys name 'net' [ 24.008018][ T36] audit: type=1400 audit(1750385710.100:65): avc: denied { mount } for pid=281 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 24.041224][ T36] audit: type=1400 audit(1750385710.140:66): avc: denied { unmount } for pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 24.041504][ T281] cgroup: Unknown subsys name 'devices' [ 24.251736][ T281] cgroup: Unknown subsys name 'hugetlb' [ 24.259786][ T281] cgroup: Unknown subsys name 'rlimit' [ 24.423646][ T36] audit: type=1400 audit(1750385710.540:67): avc: denied { setattr } for pid=281 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 24.452333][ T36] audit: type=1400 audit(1750385710.540:68): avc: denied { mounton } for pid=281 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 24.471716][ T283] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 24.480600][ T36] audit: type=1400 audit(1750385710.540:69): avc: denied { mount } for pid=281 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 24.518464][ T36] audit: type=1400 audit(1750385710.620:70): avc: denied { relabelto } for pid=283 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 24.529231][ T281] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 24.553622][ T36] audit: type=1400 audit(1750385710.620:71): avc: denied { write } for pid=283 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 24.599992][ T36] audit: type=1400 audit(1750385710.650:72): avc: denied { read } for pid=281 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 24.630533][ T36] audit: type=1400 audit(1750385710.650:73): avc: denied { open } for pid=281 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 25.893018][ T288] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.901532][ T288] bridge0: port 1(bridge_slave_0) entered disabled state [ 25.909865][ T288] bridge_slave_0: entered allmulticast mode [ 25.917972][ T288] bridge_slave_0: entered promiscuous mode [ 25.928054][ T288] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.937246][ T288] bridge0: port 2(bridge_slave_1) entered disabled state [ 25.946627][ T288] bridge_slave_1: entered allmulticast mode [ 25.954323][ T288] bridge_slave_1: entered promiscuous mode [ 26.090609][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.098699][ T289] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.106871][ T289] bridge_slave_0: entered allmulticast mode [ 26.115740][ T289] bridge_slave_0: entered promiscuous mode [ 26.125831][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.135233][ T289] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.143415][ T289] bridge_slave_1: entered allmulticast mode [ 26.154553][ T289] bridge_slave_1: entered promiscuous mode [ 26.163635][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.172107][ T290] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.182366][ T290] bridge_slave_0: entered allmulticast mode [ 26.190331][ T290] bridge_slave_0: entered promiscuous mode [ 26.208896][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.218124][ T290] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.225757][ T290] bridge_slave_1: entered allmulticast mode [ 26.233654][ T290] bridge_slave_1: entered promiscuous mode [ 26.322786][ T294] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.331142][ T294] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.339847][ T294] bridge_slave_0: entered allmulticast mode [ 26.346691][ T294] bridge_slave_0: entered promiscuous mode [ 26.355533][ T294] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.363488][ T294] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.373517][ T294] bridge_slave_1: entered allmulticast mode [ 26.382471][ T294] bridge_slave_1: entered promiscuous mode [ 26.436343][ T288] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.445021][ T288] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.453940][ T288] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.464367][ T288] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.564970][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.574501][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.583266][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.593315][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.612691][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.620197][ T290] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.629864][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.637989][ T290] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.655048][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.664857][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.674282][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.683494][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.692230][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.715401][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.722955][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.792240][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.802725][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.825946][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.836947][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.850799][ T288] veth0_vlan: entered promiscuous mode [ 26.860856][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.870015][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.879703][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.888646][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.909259][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.917031][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.927496][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.937825][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.981457][ T288] veth1_macvtap: entered promiscuous mode [ 26.995412][ T294] veth0_vlan: entered promiscuous mode [ 27.031576][ T290] veth0_vlan: entered promiscuous mode [ 27.040561][ T289] veth0_vlan: entered promiscuous mode [ 27.056927][ T294] veth1_macvtap: entered promiscuous mode [ 27.087947][ T288] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 27.094857][ T289] veth1_macvtap: entered promiscuous mode [ 27.125467][ T290] veth1_macvtap: entered promiscuous mode [ 27.162925][ T308] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 27.217173][ T311] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 27.218168][ T311] rust_binder: Failed to allocate buffer. len:16, is_oneway:false [ 27.242257][ T308] syz.1.2 (308) used obsolete PPPIOCDETACH ioctl [ 27.268380][ T316] rust_binder: Write failure EFAULT in pid:2 [ 27.268811][ T316] binder: Unknown parameter 'defcontext01777777777777777777777' [ 27.350417][ T322] rust_binder: Error while translating object. [ 27.350522][ T322] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 27.360441][ T322] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:2 [ 27.432812][ T332] rust_binder: Write failure EFAULT in pid:7 [ 27.675566][ T353] rust_binder: Write failure EFAULT in pid:13 [ 27.715574][ T360] binder: Bad value for 'stats' [ 27.750848][ T363] input: syz1 as /devices/virtual/input/input4 [ 27.786542][ T363] rust_binder: Write failure EFAULT in pid:14 [ 27.825105][ T372] ======================================================= [ 27.825105][ T372] WARNING: The mand mount option has been deprecated and [ 27.825105][ T372] and is ignored by this kernel. Remove the mand [ 27.825105][ T372] option from the mount to silence this warning. [ 27.825105][ T372] ======================================================= [ 27.862842][ T367] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:18 [ 27.877927][ T367] rust_binder: Failure when writing BR_NOOP at beginning of buffer. [ 27.891177][ T367] rust_binder: Read failure Err(EFAULT) in pid:18 [ 27.936900][ T370] SELinux: policydb string does not match my string SE Linux [ 27.947394][ T370] SELinux: failed to load policy [ 28.044066][ T380] binder: Unknown parameter 'context' [ 28.156522][ T390] SELinux: Context system_u: is not valid (left unmapped). [ 28.184943][ T390] binder: Unknown parameter 'dont_hash' [ 28.234451][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.243382][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.252927][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.282056][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.291405][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.300872][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.311671][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.319929][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.333534][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.341561][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.371488][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.381838][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.390666][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.400081][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.410555][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.422353][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.422927][ T410] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 28.433540][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.457074][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.466459][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.478419][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.495360][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.504512][ T417] SELinux: security_context_str_to_sid () failed with errno=-22 [ 28.506064][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.524449][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.533204][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.543561][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.552677][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.561751][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.570526][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.592407][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.600758][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.608930][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.618836][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.627091][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.637092][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.646564][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.658348][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.668293][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.674037][ T425] binder: Unknown parameter '5ɘf.lE V"Y:^ۤg-AU9Oz z&;sY 䇋cX9;#NJ' [ 28.678747][ T426] binder: Unknown parameter '5ɘf.lE V"Y:^ۤg-AU9Oz z&;sY 䇋cX9;#NJ' [ 28.712006][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.721028][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.732003][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.740753][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.749916][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.761716][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.772962][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.781108][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.791140][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.800661][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.818334][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.833155][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.837637][ T437] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3 [ 28.846060][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.856685][ T437] rust_binder: Write failure EINVAL in pid:36 [ 28.862239][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.877736][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.888479][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.898362][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.917151][ T443] binder: Unknown parameter 'defcontext01777777777777777777777' [ 28.930908][ T440] rust_binder: Error in use_page_slow: ESRCH [ 28.930930][ T440] rust_binder: use_range failure ESRCH [ 28.945738][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.960131][ T440] rust_binder: Failed to allocate buffer. len:16, is_oneway:false [ 28.962841][ T440] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH } [ 28.966194][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 28.993176][ T440] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:39 [ 29.004313][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.025169][ T36] kauditd_printk_skb: 73 callbacks suppressed [ 29.025191][ T36] audit: type=1400 audit(1750385715.140:147): avc: denied { associate } for pid=449 comm="syz.0.48" name="42" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 29.057992][ T36] audit: type=1400 audit(1750385715.140:148): avc: denied { write } for pid=449 comm="syz.0.48" name="loop-control" dev="devtmpfs" ino=48 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 29.087478][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.096503][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.106111][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.115545][ T36] audit: type=1400 audit(1750385715.140:149): avc: denied { read } for pid=449 comm="syz.0.48" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 29.146884][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.157672][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.165800][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.174599][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.183237][ T36] audit: type=1400 audit(1750385715.140:150): avc: denied { open } for pid=449 comm="syz.0.48" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 29.215256][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.228675][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.248159][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.256130][ T36] audit: type=1400 audit(1750385715.140:151): avc: denied { ioctl } for pid=449 comm="syz.0.48" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 ioctlcmd=0xf509 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 29.285762][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.299048][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.307206][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.326252][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.338616][ T36] audit: type=1326 audit(1750385715.420:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f154598e929 code=0x7ffc0000 [ 29.365848][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.378899][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.393942][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.403118][ T36] audit: type=1326 audit(1750385715.420:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f154598e929 code=0x7ffc0000 [ 29.429947][ T452] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:43 [ 29.432883][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.458393][ T36] audit: type=1326 audit(1750385715.420:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f154598e929 code=0x7ffc0000 [ 29.485707][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.495688][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.507319][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.518361][ T36] audit: type=1326 audit(1750385715.420:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f154598e929 code=0x7ffc0000 [ 29.552045][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.561120][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.578727][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.590042][ T36] audit: type=1326 audit(1750385715.420:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f154598e929 code=0x7ffc0000 [ 29.621659][ T463] rust_binder: Write failure EINVAL in pid:42 [ 29.623924][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.642912][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.653673][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.664869][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.680357][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.700871][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.715569][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.724585][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.734444][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.778794][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.811287][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.838716][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.858063][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.869825][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.889311][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.897957][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.928768][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.938510][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.958630][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.967641][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.976936][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.988655][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 29.997486][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.006628][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.016552][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.025466][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.034351][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.045725][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.055159][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.064171][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.081195][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.104201][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.120763][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.129530][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.139751][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.147911][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.158025][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.166959][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.177016][ T487] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1 [ 30.178917][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.188680][ T487] rust_binder: Write failure EINVAL in pid:47 [ 30.194716][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.213905][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.224463][ T490] rust_binder: Write failure EFAULT in pid:56 [ 30.225050][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.242012][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.253011][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.264200][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.275537][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.283500][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.292311][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.303563][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.314235][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.323445][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.333078][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.343598][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.352806][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.360986][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.370408][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.381259][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.389277][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.397832][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.415219][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.423929][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.433100][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.441922][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.451042][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.461107][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.469593][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.478474][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.488022][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.506316][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.520796][ T289] cgroup: fork rejected by pids controller in /syz0 [ 30.528098][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.537235][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.548763][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.561560][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.577861][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.598658][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.607543][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.617110][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.627696][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.644087][ T505] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 30.645531][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.667312][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.680679][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.688794][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.698344][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.709181][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.717829][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.726407][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.735376][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.743804][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.753374][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.761916][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.769924][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.779499][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.787982][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.796733][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.806486][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.815556][ T330] hid-generic 00D5:0009:0003.0001: unknown main item tag 0x0 [ 30.828848][ T330] hid-generic 00D5:0009:0003.0001: hidraw0: HID v0.03 Device [syz1] on syz1 [ 30.852836][ T12] bridge_slave_1: left allmulticast mode [ 30.880130][ T12] bridge_slave_1: left promiscuous mode [ 30.891786][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.931433][ T12] bridge_slave_0: left allmulticast mode [ 30.948757][ T12] bridge_slave_0: left promiscuous mode [ 30.955650][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 31.136015][ T12] veth1_macvtap: left promiscuous mode [ 31.160016][ T12] veth0_vlan: left promiscuous mode [ 31.166034][ T516] input: syz1 as /devices/virtual/input/input6 [ 31.237833][ T518] fido_id[518]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 31.623837][ T531] bridge0: port 1(bridge_slave_0) entered blocking state [ 31.635564][ T531] bridge0: port 1(bridge_slave_0) entered disabled state [ 31.645014][ T531] bridge_slave_0: entered allmulticast mode [ 31.654426][ T531] bridge_slave_0: entered promiscuous mode [ 31.663594][ T531] bridge0: port 2(bridge_slave_1) entered blocking state [ 31.674942][ T531] bridge0: port 2(bridge_slave_1) entered disabled state [ 31.685073][ T531] bridge_slave_1: entered allmulticast mode [ 31.692720][ T531] bridge_slave_1: entered promiscuous mode [ 31.782500][ T544] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT } [ 31.782581][ T544] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:70 [ 31.794456][ T544] rust_binder: Failure when writing BR_NOOP at beginning of buffer. [ 31.813967][ T544] rust_binder: Read failure Err(EFAULT) in pid:70 [ 31.842635][ T546] SELinux: policydb version 1478585574 does not match my version range 15-33 [ 31.867999][ T546] SELinux: failed to load policy [ 31.909326][ T304] bridge0: port 1(bridge_slave_0) entered blocking state [ 31.917510][ T304] bridge0: port 1(bridge_slave_0) entered forwarding state [ 31.931347][ T304] bridge0: port 2(bridge_slave_1) entered blocking state [ 31.940822][ T304] bridge0: port 2(bridge_slave_1) entered forwarding state [ 31.968043][ T551] binder: Unknown parameter 'svAts' [ 32.003597][ T531] veth0_vlan: entered promiscuous mode [ 32.021032][ T553] input: syz0 as /devices/virtual/input/input7 [ 32.050311][ T531] veth1_macvtap: entered promiscuous mode [ 32.521014][ T584] binder: Bad value for 'stats' [ 32.668495][ T588] rust_binder: Write failure EFAULT in pid:14 [ 32.717989][ T595] input: syz1 as /devices/virtual/input/input8 [ 32.912702][ T614] rust_binder: Write failure EFAULT in pid:48 [ 32.983853][ T619] random: crng reseeded on system resumption [ 33.036249][ T619] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 33.094803][ T621] rust_binder: Write failure EFAULT in pid:79 [ 33.235959][ T625] rust_binder: Write failure EFAULT in pid:83 [ 33.260908][ T630] binder: Unknown parameter 'context' [ 33.432788][ T649] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:28 [ 33.484074][ T658] rust_binder: Write failure EINVAL in pid:28 [ 33.513090][ T657] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:89 [ 33.580208][ T666] rust_binder: Write failure EINVAL in pid:89 [ 33.827198][ T676] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 33.984736][ T691] rust_binder: Write failure EINVAL in pid:96 [ 34.070700][ T36] kauditd_printk_skb: 102 callbacks suppressed [ 34.070722][ T36] audit: type=1400 audit(1750385720.190:259): avc: denied { ioctl } for pid=694 comm="syz.2.119" path="/dev/uhid" dev="devtmpfs" ino=199 ioctlcmd=0x5460 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 34.298727][ T712] tun0: tun_chr_ioctl cmd 1074025675 [ 34.308592][ T712] tun0: persist enabled [ 34.314605][ T712] tun0: tun_chr_ioctl cmd 1074025675 [ 34.320342][ T712] tun0: persist enabled [ 34.344854][ T36] audit: type=1400 audit(1750385720.460:260): avc: denied { relabelfrom } for pid=717 comm="syz.0.126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 34.367712][ T36] audit: type=1400 audit(1750385720.460:261): avc: denied { relabelto } for pid=717 comm="syz.0.126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 34.466482][ T720] binder: Unknown parameter 'fscontext?}' [ 34.510248][ T36] audit: type=1326 audit(1750385720.630:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=723 comm="syz.2.130" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f507e38e929 code=0x0 [ 34.742976][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.756087][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.770529][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.782734][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.793812][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.804200][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.814685][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.825793][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.829070][ T749] rust_binder: Error in use_page_slow: ESRCH [ 34.837311][ T749] rust_binder: use_range failure ESRCH [ 34.838096][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.844943][ T749] rust_binder: Failed to allocate buffer. len:40, is_oneway:false [ 34.852787][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.862791][ T749] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH } [ 34.872019][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.882353][ T749] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:86 [ 34.892567][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.926480][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.936855][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.947278][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.957663][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.969402][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.981048][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 34.992689][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.005306][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.017362][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.027989][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.039256][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.049506][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.060578][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.071777][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.084450][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.096360][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.108453][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.119107][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.129660][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.140817][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.151039][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.162684][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.173249][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.185191][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.196831][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.208249][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.218983][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.230499][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.241378][ T36] audit: type=1400 audit(1750385721.350:263): avc: denied { ioctl } for pid=754 comm="syz.1.138" path="/30/cgroup.events" dev="tmpfs" ino=171 ioctlcmd=0x542c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:" [ 35.250746][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.282208][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.294533][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.305594][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.316217][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.326413][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.337825][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.350520][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.368400][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.379062][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.390722][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.401792][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.413147][ T734] rust_binder: Read failure Err(EFAULT) in pid:43 [ 35.413447][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.433327][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.443784][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.455497][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.467644][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.478952][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.489338][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.500266][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.511911][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.522419][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.533035][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.543991][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.553810][ T746] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 35.594855][ T764] binder: Bad value for 'max' [ 35.676493][ T775] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found [ 35.687011][ T775] rust_binder: Write failure EINVAL in pid:104 [ 35.831610][ T791] input: syz0 as /devices/virtual/input/input9 [ 35.841566][ T784] SELinux: Context \MZr})QN'd: is not valid (left unmapped). [ 35.842421][ T791] binder: Unknown parameter '00000000000000000003' [ 35.860667][ T784] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 35.860770][ T784] rust_binder: Failed to allocate buffer. len:16, is_oneway:false [ 35.870329][ T36] audit: type=1400 audit(1750385721.980:264): avc: denied { create } for pid=783 comm="syz.0.147" name="cgroup.events" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=A2D85CE6C04D5A02727D29519DCD4EA99884279C8564F9E08C3A [ 35.919850][ T36] audit: type=1400 audit(1750385721.980:265): avc: denied { associate } for pid=783 comm="syz.0.147" name="cgroup.events" scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon=A2D85CE6C04D5A02727D29519DCD4EA99884279C8564F9E08C3A [ 35.954553][ T798] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:106 [ 35.956221][ T36] audit: type=1400 audit(1750385721.980:266): avc: denied { read append open } for pid=783 comm="syz.0.147" path="/17/cgroup.events" dev="tmpfs" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=A2D85CE6C04D5A02727D29519DCD4EA99884279C8564F9E08C3A [ 35.969959][ T797] binder: Binderfs stats mode cannot be changed during a remount [ 36.012088][ T36] audit: type=1400 audit(1750385721.980:267): avc: denied { ioctl } for pid=783 comm="syz.0.147" path="/17/file0" dev="tmpfs" ino=113 ioctlcmd=0x7707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=A2D85CE6C04D5A02727D29519DCD4EA99884279C8564F9E08C3A [ 36.062680][ T304] Bluetooth: hci0: Frame reassembly failed (-84) [ 36.074697][ T36] audit: type=1400 audit(1750385722.190:268): avc: denied { ioctl } for pid=800 comm="syz.3.153" path="pid:[4026532390]" dev="nsfs" ino=4026532390 ioctlcmd=0xb706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 36.351166][ T820] kernel profiling enabled (shift: 8) [ 36.437829][ T827] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 168, size: 255) [ 36.437862][ T827] rust_binder: Error while translating object. [ 36.450646][ T827] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 36.457722][ T827] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:115 [ 36.470046][ T827] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 36.490952][ T824] rust_binder: Error in use_page_slow: ESRCH [ 36.490980][ T824] rust_binder: use_range failure ESRCH [ 36.491395][ T827] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM } [ 36.503052][ T824] rust_binder: Failed to allocate buffer. len:40, is_oneway:false [ 36.505686][ T827] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:115 [ 36.536403][ T824] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH } [ 36.549353][ T824] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:56 [ 36.613004][ T834] rust_binder: Error while translating object. [ 36.623691][ T834] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 36.640979][ T834] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:120 [ 36.802618][ T845] kvm: kvm [844]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010007) = 0x7 [ 37.111434][ T884] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:140 [ 37.191517][ T898] binder: Unknown parameter 'dont_hash' [ 37.253315][ T902] SELinux: security_context_str_to_sid (sytem_uGй :) failed with errno=-22 [ 37.266438][ T902] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 37.267907][ T902] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 37.276693][ T902] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:147 [ 37.296686][ T904] rust_binder: Write failure EFAULT in pid:153 [ 37.369797][ T914] __vm_enough_memory: pid: 914, comm: syz.3.191, bytes: 281474976845824 not enough memory for the allocation [ 37.433322][ T922] rust_binder: Failed to allocate buffer. len:40, is_oneway:false [ 37.540560][ T944] syz.3.201: attempt to access beyond end of device [ 37.540560][ T944] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 37.584469][ T944] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 37.654782][ T958] rust_binder: Error while translating object. [ 37.672928][ T958] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF } [ 37.680838][ T958] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:164 [ 37.772478][ T970] random: crng reseeded on system resumption [ 37.935351][ T991] rust_binder: validate_parent_fixup: fixup_min_offset=29, parent_offset=27 [ 37.935380][ T991] rust_binder: Error while translating object. [ 37.953685][ T991] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 37.962445][ T994] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89) [ 37.968823][ T991] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:167 [ 37.973313][ T994] rust_binder: Error while translating object. [ 38.001077][ T994] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 38.008246][ T994] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:165 [ 38.098977][ T802] Bluetooth: hci0: command 0x1003 tx timeout [ 38.099015][ T53] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 38.127755][ T1003] rust_binder: Error in use_page_slow: ESRCH [ 38.127775][ T1003] rust_binder: use_range failure ESRCH [ 38.135347][ T1003] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false [ 38.142727][ T1003] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH } [ 38.152557][ T1003] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:172 [ 38.243832][ T1008] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 38.254030][ T1008] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:171 [ 38.366340][ T1023] binder: Unknown parameter 'processor : 0 [ 38.366340][ T1023] vendor_id : GenuineIntel [ 38.366340][ T1023] cpu family : 6 [ 38.366340][ T1023] model : 79 [ 38.366340][ T1023] model name : Intel(R) Xeon(R) CPU @ 2.20GHz [ 38.366340][ T1023] stepping : 0 [ 38.366340][ T1023] microcode : 0xffffffff [ 38.366340][ T1023] cpu MHz : 2199.998 [ 38.366340][ T1023] cache size : 56320 KB [ 38.366340][ T1023] physical id : 0 [ 38.366340][ T1023] siblings : 2 [ 38.366340][ T1023] core id : 0 [ 38.366340][ T1023] cpu cores : 1 [ 38.366340][ T1023] apicid : 0 [ 38.366340][ T1023] initial apicid : 0 [ 38.366340][ T1023] fpu : yes [ 38.366340][ T1023] fpu_exception : yes [ 38.366340][ T1023] cpuid level : 13 [ 38.366340][ T1023] wp : yes [ 38.366340][ T1023] flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities [ 38.366340][ T1023] vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi [ 38.423762][ T1030] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:179 [ 38.606162][ T1024] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:179 [ 38.626765][ T1024] rust_binder: Failure when writing BR_NOOP at beginning of buffer. [ 38.639130][ T1024] rust_binder: Read failure Err(EFAULT) in pid:179 [ 38.660105][ T1036] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 38.667649][ T1036] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:115 [ 38.694995][ T1039] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT } [ 38.706076][ T1039] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:117 [ 39.088925][ T1053] rust_binder: Error while translating object. [ 39.088972][ T1053] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF } [ 39.096598][ T1053] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:122 [ 39.309016][ T1072] __vm_enough_memory: pid: 1072, comm: syz.2.245, bytes: 281474976845824 not enough memory for the allocation [ 39.344807][ T1074] random: crng reseeded on system resumption [ 39.468398][ T1078] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 39.478301][ T1078] kvm: requested 67047 ns i8254 timer period limited to 200000 ns [ 39.499248][ T36] kauditd_printk_skb: 12 callbacks suppressed [ 39.499269][ T36] audit: type=1400 audit(1750385725.610:281): avc: denied { write } for pid=1082 comm="syz.2.249" name="hwrng" dev="devtmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 39.599189][ T1086] SELinux: security_context_str_to_sid (ystem_u) failed with errno=-22 [ 39.920648][ T1095] rust_binder: Failed to allocate buffer. len:4216, is_oneway:false [ 39.921220][ T1107] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 39.976204][ T1102] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:202 [ 39.986022][ T36] audit: type=1400 audit(1750385726.090:282): avc: denied { map } for pid=1113 comm="syz.3.261" path="/dev/ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 40.008374][ T1102] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 40.026910][ T1102] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:202 [ 40.039671][ T36] audit: type=1400 audit(1750385726.090:283): avc: denied { execute } for pid=1113 comm="syz.3.261" path="/dev/ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 40.172154][ T1125] SELinux: security_context_str_to_sid () failed with errno=-22 [ 40.202924][ T36] audit: type=1326 audit(1750385726.310:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1128 comm="syz.1.264" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f542618e929 code=0x0 [ 40.242612][ T1137] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:142 [ 40.246775][ T1137] rust_binder: Error while translating object. [ 40.277923][ T1137] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 40.286070][ T1137] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:142 [ 40.345090][ T1149] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 40.373645][ T1149] rust_binder: Failed to allocate buffer. len:16, is_oneway:false [ 40.380985][ T1149] rust_binder: Failure when writing BR_NOOP at beginning of buffer. [ 40.390529][ T1149] rust_binder: Read failure Err(EFAULT) in pid:144 [ 40.462685][ T1157] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 40.462965][ T1157] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active [ 40.481924][ T1157] rust_binder: Write failure EINVAL in pid:144 [ 40.502844][ T1157] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:144 [ 40.517942][ T1152] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3 [ 40.537012][ T1152] rust_binder: Write failure EINVAL in pid:209 [ 40.570695][ T1159] rust_binder: Write failure EINVAL in pid:218 [ 40.971351][ T1179] rust_binder: Write failure EINVAL in pid:229 [ 41.046677][ T1187] rust_binder: Write failure EINVAL in pid:223 [ 41.139604][ T1189] rust_binder: Failure when writing BR_NOOP at beginning of buffer. [ 41.147481][ T1189] rust_binder: Read failure Err(EFAULT) in pid:200 [ 41.637094][ T1209] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 41.693528][ T1211] SELinux: failed to load policy [ 41.715445][ T1211] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 41.906373][ T36] audit: type=1400 audit(1750385728.020:285): avc: denied { execute } for pid=1215 comm="syz.3.287" path="/sys/kernel/uevent_helper" dev="sysfs" ino=1451 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=file permissive=1 [ 41.936692][ T36] audit: type=1400 audit(1750385728.020:286): avc: denied { execute } for pid=1215 comm="syz.3.287" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1 [ 42.023555][ T1224] rust_binder: Failed to allocate buffer. len:144, is_oneway:false [ 42.042219][ T1227] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false [ 42.200960][ T1247] __vm_enough_memory: pid: 1247, comm: syz.2.296, bytes: 281474976845824 not enough memory for the allocation [ 42.301594][ T1253] rust_binder: Error while translating object. [ 42.301646][ T1253] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF } [ 42.318987][ T1253] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:152 [ 42.347395][ T1258] SELinux: security_context_str_to_sid (syste_uGй :) failed with errno=-22 [ 42.645477][ T1270] rust_binder: Write failure EINVAL in pid:254 [ 42.645588][ T1270] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:254 [ 42.739182][ T1286] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 43.022793][ T1311] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 43.104423][ T1316] rust_binder: Failed to allocate buffer. len:16, is_oneway:false [ 43.151564][ T1296] rust_binder: Read failure Err(EFAULT) in pid:262 [ 43.517640][ T36] audit: type=1326 audit(1750385729.630:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1322 comm="syz.3.322" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f154598e929 code=0x0 [ 43.519116][ T1330] FAULT_INJECTION: forcing a failure. [ 43.519116][ T1330] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 43.594275][ T1330] CPU: 1 UID: 0 PID: 1330 Comm: syz.2.324 Not tainted 6.12.23-syzkaller-gf9fbc66f8444 #0 b8de21ba31122219d6c6778e419c74a11adc861d [ 43.594318][ T1330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 43.594342][ T1330] Call Trace: [ 43.594350][ T1330] [ 43.594360][ T1330] __dump_stack+0x21/0x30 [ 43.594392][ T1330] dump_stack_lvl+0x10c/0x190 [ 43.594419][ T1330] ? __cfi_dump_stack_lvl+0x10/0x10 [ 43.594447][ T1330] dump_stack+0x19/0x20 [ 43.594471][ T1330] should_fail_ex+0x3d9/0x530 [ 43.594497][ T1330] should_fail+0xf/0x20 [ 43.594519][ T1330] should_fail_usercopy+0x1e/0x30 [ 43.594545][ T1330] _copy_to_user+0x24/0xa0 [ 43.594575][ T1330] simple_read_from_buffer+0xed/0x160 [ 43.594610][ T1330] proc_fail_nth_read+0x19e/0x210 [ 43.594632][ T1330] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 43.594653][ T1330] ? bpf_lsm_file_permission+0xd/0x20 [ 43.594676][ T1330] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 43.594697][ T1330] vfs_read+0x278/0xb60 [ 43.594722][ T1330] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 43.594751][ T1330] ? __cfi_vfs_read+0x10/0x10 [ 43.594775][ T1330] ? __kasan_check_write+0x18/0x20 [ 43.594797][ T1330] ? mutex_lock+0x92/0x1c0 [ 43.594816][ T1330] ? __cfi_mutex_lock+0x10/0x10 [ 43.594835][ T1330] ? __fget_files+0x2c5/0x340 [ 43.594868][ T1330] ksys_read+0x141/0x250 [ 43.594893][ T1330] ? __cfi_ksys_read+0x10/0x10 [ 43.594919][ T1330] ? __kasan_check_read+0x15/0x20 [ 43.594944][ T1330] __x64_sys_read+0x7f/0x90 [ 43.594970][ T1330] x64_sys_call+0x2638/0x2ee0 [ 43.594999][ T1330] do_syscall_64+0x58/0xf0 [ 43.595028][ T1330] ? clear_bhb_loop+0x35/0x90 [ 43.595061][ T1330] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 43.595092][ T1330] RIP: 0033:0x7f507e38d33c [ 43.595132][ T1330] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 43.595151][ T1330] RSP: 002b:00007f507f18a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 43.595176][ T1330] RAX: ffffffffffffffda RBX: 00007f507e5b5fa0 RCX: 00007f507e38d33c [ 43.595193][ T1330] RDX: 000000000000000f RSI: 00007f507f18a0a0 RDI: 0000000000000007 [ 43.595207][ T1330] RBP: 00007f507f18a090 R08: 0000000000000000 R09: 0000000000000000 [ 43.595220][ T1330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 43.595233][ T1330] R13: 0000000000000000 R14: 00007f507e5b5fa0 R15: 00007fff44b5fda8 [ 43.595251][ T1330] [ 44.108412][ T1338] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 44.108447][ T1338] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 44.242066][ T1344] tap0: tun_chr_ioctl cmd 1074812118 [ 44.268950][ T1344] SELinux: security_context_str_to_sid (syte) failed with errno=-22 [ 44.278821][ T1350] binder: Unknown parameter 'context' [ 44.401116][ T1355] binder: Unknown parameter 'defcontext01777777777777777777777' [ 44.573008][ T1373] binder: Bad value for 'max' [ 44.591937][ T1376] binder: Bad value for 'stats' [ 44.592389][ T1375] binder: Bad value for 'stats' [ 44.667182][ T1381] rust_binder: Write failure EINVAL in pid:192 [ 44.667220][ T1381] rust_binder: Write failure EINVAL in pid:192 [ 44.668761][ T1383] binder: Unknown parameter 'w5T)`)YFnA@T<3ڂ$rcnHwC" -8/' [ 44.708084][ T1379] rust_binder: Error while translating object. [ 44.708120][ T1379] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF } [ 44.715854][ T1379] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:273 [ 44.758588][ T36] audit: type=1326 audit(1750385730.870:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1394 comm="syz.0.341" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff45958e929 code=0x0 [ 44.868124][ T1402] SELinux: security_context_str_to_sid () failed with errno=-22 [ 44.933263][ T1405] SELinux: policydb table sizes (0,0) do not match mine (8,7) [ 44.942452][ T1405] SELinux: failed to load policy [ 44.951182][ T1408] rust_binder: Read failure Err(EAGAIN) in pid:272 [ 45.064219][ T1414] binder: Bad value for 'defcontext' [ 45.102161][ T1419] kvm: kvm [1418]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x3032 [ 45.114197][ T1419] rust_binder: Error while translating object. [ 45.114235][ T1419] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF } [ 45.121736][ T1419] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:276 [ 45.154183][ T1421] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:279 [ 45.166994][ T36] audit: type=1400 audit(1750385731.280:289): avc: denied { append } for pid=1420 comm="syz.3.350" name="random" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 45.395484][ T1445] input: syz1 as /devices/virtual/input/input15 [ 45.407854][ T1445] SELinux: security_context_str_to_sid () failed with errno=-22 [ 45.418506][ T1445] input: syz1 as /devices/virtual/input/input16 [ 45.434979][ T1445] input: syz0 as /devices/virtual/input/input17 [ 45.452751][ T1448] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 45.498443][ T1455] SELinux: security_context_str_to_sid (system_uGй :) failed with errno=-22 [ 45.546092][ T36] audit: type=1400 audit(1750385731.660:290): avc: denied { remount } for pid=1456 comm="syz.2.361" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 45.677326][ T1466] binder: Bad value for 'stats' [ 45.682780][ T1465] input: syz0 as /devices/virtual/input/input18 [ 45.757252][ T1475] binder: Bad value for 'stats' [ 45.784001][ T1479] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 45.784088][ T1479] rust_binder: Failed to allocate buffer. len:16, is_oneway:false [ 45.965273][ T1499] SELinux: security_context_str_to_sid () failed with errno=-22 [ 45.987150][ T1500] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 45.987231][ T1500] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 46.033608][ T1502] rust_binder: Read failure Err(EAGAIN) in pid:308 [ 46.243646][ T850] ================================================================== [ 46.262145][ T850] BUG: KASAN: null-ptr-deref in down_write+0x83/0x2a0 [ 46.271213][ T850] Write of size 8 at addr 0000000000000098 by task kworker/1:3/850 [ 46.280736][ T850] [ 46.283558][ T850] CPU: 1 UID: 0 PID: 850 Comm: kworker/1:3 Not tainted 6.12.23-syzkaller-gf9fbc66f8444 #0 b8de21ba31122219d6c6778e419c74a11adc861d [ 46.283595][ T850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 46.283612][ T850] Workqueue: events _RNvXs6_NtCs43vyB533jt3_6kernel9workqueueINtNtNtB7_4sync3arc3ArcNtNtCshgDM7dBCdno_11rust_binder7process7ProcessEINtB5_15WorkItemPointerKy0_E3runB13_ [ 46.283673][ T850] Call Trace: [ 46.283681][ T850] [ 46.283690][ T850] __dump_stack+0x21/0x30 [ 46.283719][ T850] dump_stack_lvl+0x10c/0x190 [ 46.283746][ T850] ? __cfi_dump_stack_lvl+0x10/0x10 [ 46.283775][ T850] print_report+0x3d/0x70 [ 46.283796][ T850] kasan_report+0x163/0x1a0 [ 46.283827][ T850] ? down_write+0x83/0x2a0 [ 46.283851][ T850] ? down_write+0x83/0x2a0 [ 46.283875][ T850] kasan_check_range+0x299/0x2a0 [ 46.283907][ T850] __kasan_check_write+0x18/0x20 [ 46.283932][ T850] down_write+0x83/0x2a0 [ 46.283954][ T850] ? __cfi_down_write+0x10/0x10 [ 46.283978][ T850] ? _raw_spin_lock+0x8c/0x120 [ 46.284005][ T850] ? __cfi__raw_spin_lock+0x10/0x10 [ 46.284033][ T850] ? mutex_unlock+0x8b/0x240 [ 46.284053][ T850] ? __cfi_mutex_unlock+0x10/0x10 [ 46.284075][ T850] rust_binderfs_remove_file+0x6c/0x110 [ 46.284097][ T850] _RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x9d4/0x2860 [ 46.284133][ T850] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 46.284162][ T850] ? update_curr_dl_se+0x10c/0xb20 [ 46.284190][ T850] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 46.284225][ T850] ? update_curr+0x649/0xc60 [ 46.284266][ T850] ? __cfi__RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x10/0x10 [ 46.284302][ T850] ? update_load_avg+0x506/0x19a0 [ 46.284323][ T850] ? detach_entity_load_avg+0x7b0/0x7b0 [ 46.284351][ T850] ? __kasan_record_aux_stack+0xb2/0xd0 [ 46.284374][ T850] ? process_scheduled_works+0x7d2/0x1020 [ 46.284403][ T850] ? dequeue_entity+0x354/0x1750 [ 46.284427][ T850] ? calc_wheel_index+0xd2/0x8e0 [ 46.284455][ T850] ? __kasan_check_write+0x18/0x20 [ 46.284479][ T850] ? timer_update_keys+0xd0/0xd0 [ 46.284509][ T850] ? tg_unthrottle_up+0x980/0x980 [ 46.284549][ T850] ? kvm_sched_clock_read+0x15/0x30 [ 46.284571][ T850] ? sched_clock_noinstr+0xd/0x30 [ 46.284612][ T850] ? sched_clock+0x44/0x60 [ 46.284634][ T850] ? sched_clock_cpu+0x75/0x400 [ 46.284658][ T850] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 46.284682][ T850] ? __cfi_min_vruntime_cb_rotate+0x10/0x10 [ 46.284712][ T850] ? __cfi_sched_clock_cpu+0x10/0x10 [ 46.284737][ T850] ? __kasan_check_write+0x18/0x20 [ 46.284760][ T850] ? __switch_to+0xc7b/0x1310 [ 46.284785][ T850] ? psi_group_change+0xb44/0x1130 [ 46.284808][ T850] ? __cfi___switch_to+0x10/0x10 [ 46.284835][ T850] ? _raw_spin_unlock+0x45/0x60 [ 46.284863][ T850] ? __switch_to_asm+0x3d/0x70 [ 46.284891][ T850] ? __schedule+0x1463/0x1f10 [ 46.284922][ T850] ? kick_pool+0xad/0x550 [ 46.284953][ T850] process_scheduled_works+0x7d2/0x1020 [ 46.284983][ T850] worker_thread+0xc58/0x1250 [ 46.285010][ T850] kthread+0x2c7/0x370 [ 46.285039][ T850] ? __cfi_worker_thread+0x10/0x10 [ 46.285067][ T850] ? __cfi_kthread+0x10/0x10 [ 46.285096][ T850] ret_from_fork+0x64/0xa0 [ 46.285121][ T850] ? __cfi_kthread+0x10/0x10 [ 46.285152][ T850] ret_from_fork_asm+0x1a/0x30 [ 46.285183][ T850] [ 46.285192][ T850] ================================================================== [ 46.686729][ T850] Disabling lock debugging due to kernel taint [ 46.694565][ T850] BUG: kernel NULL pointer dereference, address: 0000000000000098 [ 46.703818][ T850] #PF: supervisor write access in kernel mode [ 46.712283][ T850] #PF: error_code(0x0002) - not-present page [ 46.719263][ T850] PGD 80000001159a0067 P4D 80000001159a0067 PUD 0 [ 46.726534][ T850] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI [ 46.734114][ T850] CPU: 1 UID: 0 PID: 850 Comm: kworker/1:3 Tainted: G B 6.12.23-syzkaller-gf9fbc66f8444 #0 b8de21ba31122219d6c6778e419c74a11adc861d [ 46.751533][ T850] Tainted: [B]=BAD_PAGE [ 46.756464][ T850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 46.768397][ T850] Workqueue: events _RNvXs6_NtCs43vyB533jt3_6kernel9workqueueINtNtNtB7_4sync3arc3ArcNtNtCshgDM7dBCdno_11rust_binder7process7ProcessEINtB5_15WorkItemPointerKy0_E3runB13_ [ 46.787641][ T850] RIP: 0010:down_write+0x9a/0x2a0 [ 46.794421][ T850] Code: 48 c7 44 24 20 00 00 00 00 be 08 00 00 00 e8 2d 34 55 fc 4c 89 f7 be 08 00 00 00 e8 20 34 55 fc 48 8b 44 24 20 b9 01 00 00 00 48 0f b1 0b 0f 85 a0 00 00 00 48 c7 c0 c0 b9 20 87 48 c1 e8 03 [ 46.819072][ T850] RSP: 0018:ffffc900010ef500 EFLAGS: 00010256 [ 46.829493][ T850] RAX: 0000000000000000 RBX: 0000000000000098 RCX: 0000000000000001 [ 46.840972][ T850] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc900010ef520 [ 46.852042][ T850] RBP: ffffc900010ef598 R08: ffffc900010ef527 R09: 1ffff9200021dea4 [ 46.862635][ T850] R10: dffffc0000000000 R11: fffff5200021dea5 R12: dffffc0000000000 [ 46.871632][ T850] R13: 1ffff9200021dea0 R14: ffffc900010ef520 R15: 0000000000000000 [ 46.881174][ T850] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 46.892173][ T850] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 46.900555][ T850] CR2: 0000000000000098 CR3: 0000000104662000 CR4: 00000000003526b0 [ 46.912923][ T850] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 46.921836][ T850] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 46.931006][ T850] Call Trace: [ 46.935987][ T850] [ 46.940302][ T850] ? __cfi_down_write+0x10/0x10 [ 46.946232][ T850] ? _raw_spin_lock+0x8c/0x120 [ 46.952227][ T850] ? __cfi__raw_spin_lock+0x10/0x10 [ 46.957834][ T850] ? mutex_unlock+0x8b/0x240 [ 46.963006][ T850] ? __cfi_mutex_unlock+0x10/0x10 [ 46.968263][ T850] rust_binderfs_remove_file+0x6c/0x110 [ 46.974878][ T850] _RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x9d4/0x2860 [ 46.989220][ T850] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 46.996748][ T850] ? update_curr_dl_se+0x10c/0xb20 [ 47.002015][ T850] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 47.010073][ T850] ? update_curr+0x649/0xc60 [ 47.015105][ T850] ? __cfi__RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x10/0x10 [ 47.030029][ T850] ? update_load_avg+0x506/0x19a0 [ 47.035615][ T850] ? detach_entity_load_avg+0x7b0/0x7b0 [ 47.042265][ T850] ? __kasan_record_aux_stack+0xb2/0xd0 [ 47.048656][ T850] ? process_scheduled_works+0x7d2/0x1020 [ 47.055491][ T850] ? dequeue_entity+0x354/0x1750 [ 47.060840][ T850] ? calc_wheel_index+0xd2/0x8e0 [ 47.066280][ T850] ? __kasan_check_write+0x18/0x20 [ 47.071536][ T850] ? timer_update_keys+0xd0/0xd0 [ 47.076919][ T850] ? tg_unthrottle_up+0x980/0x980 [ 47.082952][ T850] ? kvm_sched_clock_read+0x15/0x30 [ 47.088646][ T850] ? sched_clock_noinstr+0xd/0x30 [ 47.094247][ T850] ? sched_clock+0x44/0x60 [ 47.099285][ T850] ? sched_clock_cpu+0x75/0x400 [ 47.105234][ T850] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 47.113425][ T850] ? __cfi_min_vruntime_cb_rotate+0x10/0x10 [ 47.120238][ T850] ? __cfi_sched_clock_cpu+0x10/0x10 [ 47.125997][ T850] ? __kasan_check_write+0x18/0x20 [ 47.131762][ T850] ? __switch_to+0xc7b/0x1310 [ 47.137109][ T850] ? psi_group_change+0xb44/0x1130 [ 47.142895][ T850] ? __cfi___switch_to+0x10/0x10 [ 47.149032][ T850] ? _raw_spin_unlock+0x45/0x60 [ 47.154111][ T850] ? __switch_to_asm+0x3d/0x70 [ 47.159297][ T850] ? __schedule+0x1463/0x1f10 [ 47.164984][ T850] ? kick_pool+0xad/0x550 [ 47.171969][ T850] process_scheduled_works+0x7d2/0x1020 [ 47.178270][ T850] worker_thread+0xc58/0x1250 [ 47.183574][ T850] kthread+0x2c7/0x370 [ 47.188638][ T850] ? __cfi_worker_thread+0x10/0x10 [ 47.194327][ T850] ? __cfi_kthread+0x10/0x10 [ 47.199896][ T850] ret_from_fork+0x64/0xa0 [ 47.204793][ T850] ? __cfi_kthread+0x10/0x10 [ 47.210012][ T850] ret_from_fork_asm+0x1a/0x30 [ 47.215690][ T850] [ 47.219144][ T850] Modules linked in: [ 47.224027][ T850] CR2: 0000000000000098 [ 47.228689][ T850] ---[ end trace 0000000000000000 ]--- [ 47.234389][ T850] RIP: 0010:down_write+0x9a/0x2a0 [ 47.239737][ T850] Code: 48 c7 44 24 20 00 00 00 00 be 08 00 00 00 e8 2d 34 55 fc 4c 89 f7 be 08 00 00 00 e8 20 34 55 fc 48 8b 44 24 20 b9 01 00 00 00 48 0f b1 0b 0f 85 a0 00 00 00 48 c7 c0 c0 b9 20 87 48 c1 e8 03 [ 47.261652][ T850] RSP: 0018:ffffc900010ef500 EFLAGS: 00010256 [ 47.272621][ T850] RAX: 0000000000000000 RBX: 0000000000000098 RCX: 0000000000000001 [ 47.281434][ T850] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc900010ef520 [ 47.290951][ T850] RBP: ffffc900010ef598 R08: ffffc900010ef527 R09: 1ffff9200021dea4 [ 47.301057][ T850] R10: dffffc0000000000 R11: fffff5200021dea5 R12: dffffc0000000000 [ 47.310698][ T850] R13: 1ffff9200021dea0 R14: ffffc900010ef520 R15: 0000000000000000 [ 47.320351][ T850] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 47.332508][ T850] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.340497][ T850] CR2: 0000000000000098 CR3: 0000000104662000 CR4: 00000000003526b0 [ 47.350524][ T850] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.359873][ T850] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.368935][ T850] Kernel panic - not syncing: Fatal exception [ 47.376107][ T850] Kernel Offset: disabled [ 47.380547][ T850] Rebooting in 86400 seconds..