last executing test programs:

2.051897228s ago: executing program 2 (id=693):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3f)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0xc0000102, 0x0, 0x8000000000000002}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xc0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
r4 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x1000, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
mmap(&(0x7f0000196000/0x1000)=nil, 0x1000, 0x0, 0x840000000000a132, 0xffffffffffffffff, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r5, 0x4038ae7a, &(0x7f0000000080)={0x5fd75939, 0x9f1, &(0x7f0000000380)="5c39992e3542ff9f9cae572f3b5c51d33c31f0b5f1e8ca08fc2b2fb8c2a2bff36c961d2a6349c56f89927ba61908a530a6bfeda12a5858ce2c2e5ceeecff949eaee3817feba28c2b1f34bd7fcb2b8f0586fb348e3adb0bd8d9e7bcb987b2c8db2fb21c91cc77afb3c354d19a1119d163448e4944210dc8349d15c9a2af6cdb2c53855ac31cf40883d66979545392d23ab4d6d537dda97ca649a7043b0b0ad127b98c2c793a6edb47fd4e4e7406e934e25566f45d08041561335251dc938338f4aca14ba0b43415887bc84a38a3a013c0a6faf4b8674b76793e5ba636187156405c51c489d4b7028957bede0e2d36c8cc2f42f71417f39b4a82fb56c0cdbb2d2f753c915e96cbc2a22484bdca7bcfd0db6e0c4517a999a7aafb9b841192425e7bfa172fbcfb81c891d2fc4c721fa69b400e59bef2cd330f5209135aac5e3bca8ee02e554d83101e3b3499e8f91d0fdcb4f457e299f4e505d710411883e9209b9279a80cc78ab87fa66637b3e4abe95d5e16478bd19e85ce0efcb8af9cbdf7cd4a2425a45b868fdabc3abbfa862097092725c47494af339f021888c3fa0d9d4f7148460274228060de9b9c5c7f243366334d0a29fd4aff9acb67af39aa18163d2ab4874ec4af3943fb4d7fd266d303ecefc27950d86f19664a752d02ee16c4417816fdd63cea4c996d3494cff64d36bd7645f3dfdca15650fa353bd27ea691cf6636dd4b3a63a287d3520ace0f7668ae60ca126b2984c71bab896caa968eb3ced617fc4d047ca1565eccb6528667143e0762d3eb0d0c4951f94b387b2c78d028844a0e83507e2c7947435d2151c1596eeca276fde2b77b633360eb2cbe294a4d38ee8e8517dcf384a286677053e03af3d8c36a5dfdaf55c17cd295ef76866addcaf43472ef1b63f458a1775ec8a56228730a12c7ceb4df5d07ea97aae785b435b70aa64460363b5ebf36d5088f269ca3d56d7dd53d502d5939c65856e432ed0e96e66a9cf574f9b25d1f394a4bc3e97a81b8fecb6fd2776de110162182d2ae303f751d3d6dcc779c3db4ef825680e9fef64feb35b4e566f3e31438d0da001e5d7702726d194a7d9e4e4883b0d867da7325cd2a3a543e7903ba25a4e66293ae5d5a0216b21f5d9a509674d3a44e36a17375d10bb4b54ff31b94ba72ed6af7be549a59265dc0c50fd3a8b82a46a862409c58c641239a431a76fb429a1eee0cef88e32933d493ad7a1d87b71eb6a88df925bc4533a52fb0839e803d0b7903963eb6edf0f226597e78e693781e070f1d21abec23b2263f232ab6fe6cfc23bc036ff108a2605f4adfd31a92a0d290c8f662692a0fec4039463c136f004f59f2afc22e1c7e79445ff5d0d3c070793c01ce904b25de723b3a7a4308ae15cfd5074291349ea75d5952fead33a89c0b9d4219dbd65504eab1eda06c79b4c578ea8ff4d05b473c5160573546448e7f71b8f50d6752ab812b6fb718e44906fe812ec8efa50428ad1befe98d82745139f80ab9667f9e1fd452ee2138c4e4c5c476c2bb13781a8a72a7479e01e9604f2989693aa0b534998e3802ff17150a08e48ba9ed3932a7d335127c863ccbedc90511aa9557bb4f53f6945c595bc826a7f462b4445c5cd03cb8923722d006e26a368f91e017d44618c0dcff33a3d07232ccf34b7fe045a5f6faa703a56b9c72fa5b8d4de516715b937f9f4217c543067b7ecd91ba12449b57b894031c2dcbde9ad671a33a2da29af286dc77f3b5b64ca55560f0c26cab5a3f595061569d6f9ba92673977a6a6b053eb16e2c0e325cb41e3f47f223f74f93e0fc494ae828ff2cb08ace07102b97a5c8c4118eb0858f7f0be7d555eae21bfe38151d20e3b1ca41683f48cdf2b26927bd26788bc161fa6485675b7add6896bf143c12bfbb98d40298b446cc42a5126e6975a85c2d05f4cc7587fa646959fe2c360bfb514d7cb564528c946411c7ad5774fe6f67bbff4086126eec743d44b4165269a8b3baf4ab5f9a7a99b1ebe6d0d1a1486d478615eb9b9cdd23fa889e6b6f9f3f1d9cc54376782a5d139baec07c9e6c371d4147bfe297b5947a7c5ad49f5585c75432ef92e3cbbe9934761eb43800e08a5ec3b4a0cb4b1ca550743978e3908be4ad35f66c9b4ac5c45d700de418977ef280908481546d07a54a309aea5b73a79f10b80ce14dee54f1d00fe9856079a2cd3c8290243c6e2c00e3c0b6d35ab4234209718480584ff08423d7237b2e40ddaa51589b26b979563715500f83e708cf1a80cb8a6e94a20190059e94b93fecc3feeeff60271289c8109fd5c1130059abbbd500917349834ce640ef71d1aba9ae617ab36a31c5bb62d4bb5d54b6ccd50590ee59f43e7491c00a79a6dabce2d4eba457c9eb7fd87123103c55c463005a4449900c496f763bc426465e9b3ed305fdd7421cb3da4d7e5db60600d5e16750d37fb3a47e12acac9dc63e0fd31524f24c1924ae8eb7b88bbf214d78d27a8575b972c28093bb823681ac36318b0ebffc5167e4e1d8c6dece16b810dd50538a0e9126f625fc20f44ec995f32f470c46eff346e1287e4fe8c86d21828a222d20b83237d159af5b03d6459ea31eed596e4c3b00b9fd263bccfea55175e643ced56e9a2d0ca7f60ac263a0cacf90ba7a8826ba3d478efde623b3e148832895e34d1fe80c48d6285f54c2139618af0159b9c81ebc4a868521f3556a223b2ad28dd0e4becc825e6435722efbaba1ad10bede8afc7d1bafbaeea2f9f91c85560f717bf610fd641262c08171266add7ffad7d16ad0eca6bd113e3cebc3be8aafb8996b0910f9298f99683e9f0bf21b18c88239dc4e43e66fa4be98bf1a893b7b53882c765bf4cddea23a17520658d2385ea34c26bd26ba48967f561f13a5a6bfcff77e5e3b6e03aa244f3f092c2954be9ecdf1f746af673de5deb8a9e244124d03e662cbb64879d1ba621aa662a197a03f5a2e004390fa85fa7ba61f7b9513dc97d1e9f931e835af69c28692c202c282ca5b6654611abe91294a78ca08eafb697a16ee30c5caf6536f4bd577a4b1576caef55defed258fd9fa65cd80c2f757ce835b0ddc0a272ece06de70e4d98ef95fa500cead8f10251d851daec96610fbb130f7c7ada57c49a51e4f91a38afeba1a0f4e5e3ff5fffdc43a74494982c5409e93fa317c25a6ed38315bc189d203aefc816342196b8bac93c05f24a174c64f6fcf94583e6c3c9cdaad185059ca94301538365c171bb3beb85e7bac3b6343ad979c5ffe90704d3203b80cba1b45590341fda3fc7b367e8bb68471ce9cbf332a2aa0051dc576fa54e650928b55702054e56327d8aee5daf6078872edd9c7b01a6a1bc4cfe77305118e417cb128cbb2c69fea56ce3a6016ca0e7647919c4bd3df12d65469f87a5740bab11d98425ffc194276c005e276a6f275a258134398263c799acfae8f27be7f3f35fd3b131f65154527f1a849ddc424550ad3dc15354f743c2e7b6f69da9bb81b2847814f9335a0b52cb91d81ebec0a478c410272ec0d274ffe5d6d474c3ed525238e375ce09a7541f84cc250396f2c735924b02cab0d2e8189514801e6eeea10c8338d1f4c1673602dad1f54bc88ec57c94f12497550ea3f87b32d6d157fc62079dfecd2a541c2a76e6ec9ce7d160b4341f5f77ddad009bbdb68ac0d755f0d251fc311d98edb4bf2acd9e26c095d69f8a5e951a5dfab9ca86d909e34a3b2b99842a0c5f3329ae9780d67eb8d0d2d4ea70d989cc4cd7271969668b40aa963c0ee5db550bdc69f927de0c74cafa7e295259969c77b8671491d28d98cbc2aef77add8bdfe76e430c77bd4c8d0f11f214479bbdc1db7a83242ac1610ead93112738e1790659f18f8d13f9894d0d083992ce165a11289398f9f1bcc1beae34be23f7a9262b9a624437ad5455b4c5b6cdc17cf8bf10ffa543768f89d0529cd77683e3351c9088abaa56dd48158fed7110b0b702e77fcf33047c7a457f55bc4d0052d0ba65af39c482f6afa8de5f3226c12430195c2296e98e6e056a1a0eaef756a4e3c9f037ec98089cc8a1f1d82189921f3cd84436485a0de4a1a8704174ea9a6381611f5421b3a0fc1d4dec9a7b9e7616b1713eedb2936e03185d80bf85bdb403106b3c8b4e21dd1b46f3993e4eb88351a455f2b5210f0f0c93283fe8dc3aafbc9e5b724bf379bdb57ad450088719720f7001fc697c626fe9ae240a4af43f731b085f66c05e8696fd12d02e44b4af0fc20e9d5a92db072f70aa793028c4b27c453defffee3718553d115dcd1fd60893e58e2d2a6a551cc60bd14a5f3ea7319eb1b4dcdc6052f60697c90ea464e06919cbd49072edf3ed92ee29b50f1c1d973c92634b7afc79029d1fdf45e757647b0db4dba4da8cddfa96f7e6857fb2c3f614138678fcc1f09080d28d8a264f0245fa1dda7614f2f2ad7af0a56dc681f68068431bc001263b19c133e78c8a658d3d695fd0265233fb76b244e48880c37bd38ad81e4f700c1816af988a0f3a2da7572e68473fcab458eb2268d8fd8e6a0594b955a39087004e1eb3ce2760b656a962013f46ecf09ca9ee33783c53de3342b2350b93aa0e5bac9600f77a84a2b31bd7145d8bd1d9231d25bdb066896b7eef4aeb0ea7d9f2666f3500475eb6fe0b2332dbdeaed48c6796ae3cf71f9ef688d285001eb319fd11c898294dc91dc75e509955d65d629ea7eae61a31693a1d41f8018052ad5d96dcdf736ab6e7a2f20c145729fab8cd5ca39011fc8ecc90f4858c22af056df1c064ff2232345c4c3a456991b7911c3599fc773407106c5decb32678d9ed52f716ad9eacf44838cafda3f317311f46034fd0693f864b8966d236a29d904a1a35c59c087e7d61fdc2d7b2fa3d07cae16a7206e59674b502a40de914fe0c02323767b75c6187fb1acad5afe3a7b3e62df7d6df6a4bf3656697a22b4143c59290563122404aea40c628fe59d1c8c8f68cd287c0ef1aa92944fb342870dfea34c8c86d2754ea40f4b40fb7ba27629c8f649a9f13657e31a37f9e9fca35c2ff6a3a21207fd15453a7db6fa77d9244948020bf7369742881c761c368cb9dc3b45e35b432ed3e71d33d01977ec1e107c39ef007f071e40ef4152017cbb6be90ac67eaa8ab83bbf54f1dec89a0da9e20082d32985c2581c53e138eab7ad186f8437c6df8a5ece28ddbd01f00b2cd1c3044ae7dc5d51a9b219b1e0d37d70b4b2fb9946ac10fb8e2f64f558170ce36b1b0426beee4c2a396af6663e77d759bb90e408e33ee3c62a77678f23f28f3103f0f0be688573a6a54c7522d58d14ccc304beadfb63f2e11e92b8feae1e10d3f68ba9395b8f29a2c99029fdec946ec6a2d6c90e7360cde9fd78eb323388f28eb8f9f382164838cb612775319f23269cd5ee0c8402ffbaadd22293c691425f5493c46f246572abdda6e04dc900bb9a2fa2fd750282a3f0b100f85100c5c148674a2b21140301ee74012fc3249c66d066e0ccc166b78e26e6fa6f45652dc2e22eef99a6f4b4c67004231f8fc5eacd302835f9e4ecb472faa24cdab02f72155f9cb7aecdea0ef0c9080c30cbf350a2c52badeac92f20c14a2b49e05e872c0ff33eb62652a6261b7649fcaef851bf685f65a5950b5b05dbf49b1c5c8e3c2a021c2ef2d709f6cc3ddeab396be96e5501bdc199908fc6eddaef4c907491f8ae856854fe3616b20d3061f97417f771941c427afccf904bddb8e8e92ab16649d91a0f9e69725278241a813c4364c33b5d746683dd98ba17a68dc3ad9279a727de4c7e25d6502c6e637f6cb0529258ea300b651368cf1d", &(0x7f0000000180)="84d0e15585592b8fa0384b2f8cdecfab1fffa2ab8be6507804cf7448ce6ea089d363c3a53f0e6497e173dd0995b7b060805c3dde897c5e16be858a1f904996c6ce6e1a695a0c7ce5440a4d7f42e6f8aba992e4d4f7274ca8a21879f2f3b045511f9df02a649b0cc88ee33c2a23b82f9fc8686c3822b089a8ca5f27c0edd151b1d4b208519fd6195a760947a618df848b9d4cb76f3dc626e2af359e770ecfd5579badd31628eb5e602e8f849ddb76a24b2c98ffa92671cc2cf61c07f9d05d5f1d2bf028d90d4f88a0ff", 0x1000, 0xc9})
r6 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000215000/0x1000)=nil, 0x1000, 0x0, 0x6011, r7, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r7, 0xd1383000)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000007, 0x13, r6, 0x0)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r6, 0x0)

1.854666111s ago: executing program 1 (id=696):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) (async, rerun: 32)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async, rerun: 64)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2881, 0x0) (rerun: 64)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x4000009a}]}) (async, rerun: 64)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async, rerun: 64)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000200)={[0xfffffffffffffffc, 0x0, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x2004c8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8020000000, 0x6011, 0x0, 0x200000], 0x6000, 0x12002}) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async, rerun: 32)
ioctl$KVM_RUN(r6, 0x8090ae81, 0x0) (async, rerun: 32)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r12, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0xd90, 0x0, 0x5}]})
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f00000004c0)=ANY=[@ANYBLOB="090000000000000004000000000000000000000002000000040080000e0000000800f40000000000000000000000000000000000060000000000000000000000020000008bc040150500000000000000000000000000000001000000050000000a000000ff7f000008000000fdffffffffffff7f000000000000000000000000010000000300000001000000040000007f0000000000000081000000000000000000000000000000000000c0ff07000003000000ffffffff0600000001000000ff0f000000000000000000000000000006000000000000800a000000000000000000000000000000080000800000008007000000040000000700000000000000030000000000000000000000000000000200000000000000010000000101000004000000010000000100000000000000000000000000000000000040000000000700000004000000070000000000000000279098e42b1b04"])
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337) (async)
r13 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSTI(r13, 0x5412, &(0x7f0000000040)=0x13)
ioctl$TIOCSTI(r13, 0x5412, &(0x7f0000000100)=0x8) (async)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)

1.733410183s ago: executing program 0 (id=697):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x80401, 0x0)
close_range(r0, r0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_netprio_ifpriomap(r2, &(0x7f0000002000)=ANY=[@ANYBLOB='\t'], 0x1)
ioctl$BLKRRPART(r0, 0x125f, 0x0)

1.656116534s ago: executing program 0 (id=698):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000800), 0x161200, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x7fffffffffffffff)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0xc001, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x3, 0x0, 0xffff1000, 0x2000, &(0x7f0000895000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x3, 0x0, 0xffff1000, 0x2000, &(0x7f0000895000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r3 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x480, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000c80)=ANY=[@ANYBLOB="0100000000000031ff000040"])
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r4, 0xc004aea7, &(0x7f0000000000)=0x29ec)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000380)={0xfffffffffffffe9f, 0x0, &(0x7f0000000180)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000100)={@flat=@binder={0x73622a85, 0x1, 0x2}, @flat=@handle={0x73682a85, 0xa, 0x3}, @fda={0x66646185, 0x9, 0x2, 0x21}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000380)={0xfffffffffffffe9f, 0x0, &(0x7f0000000180)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000100)={@flat=@binder={0x73622a85, 0x1, 0x2}, @flat=@handle={0x73682a85, 0xa, 0x3}, @fda={0x66646185, 0x9, 0x2, 0x21}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})

1.627428174s ago: executing program 2 (id=699):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x3e0040, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000940), 0x0, 0x0)
ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f0000000980))
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r3, 0xc004ae02, &(0x7f0000001fc0)=ANY=[])
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000000)=0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000002, 0x40010, r1, 0xa3ccc000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000180), 0x153ac1, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x401c5820, &(0x7f0000000080)={'bridge_slave_1\x00', @remote})
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0800000000000000500b0000000000000500000000000000e20000009d00000000ffff0000000000009000000000000010001b000000000000000000002e0b0000000000000c00000000000000a40b0000000000000200000000000000f80b08000000000007000000000000001000000000dba4c5dbf90da8e3102061a38a97c400000000000000"])
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000200))
read$FUSE(r4, &(0x7f00000031c0)={0x2020}, 0x206f)
write$FUSE_INIT(r4, &(0x7f00000002c0)={0x50, 0xfffffffffffffff5, 0x0, {0x7, 0x2b, 0x4, 0x36000030, 0x5d47, 0x9, 0x8, 0x5, 0x0, 0x0, 0x100, 0x8}}, 0x50)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r2, 0x4008ae73, &(0x7f0000000040)={0xfffffffe, 0x8})
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
ioctl$BLKBSZGET(r5, 0x80081270, &(0x7f0000000000))
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80900, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r6, 0x4008ae48, &(0x7f0000000e40)=0x2)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_CREATE_PIT2(r8, 0x4040ae77, &(0x7f0000000040))

1.116014882s ago: executing program 3 (id=700):
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)=0x2000)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0xc, 0x0, &(0x7f00000002c0)=[@free_buffer={0x40086315}], 0x0, 0x0, 0x0})

1.115688572s ago: executing program 1 (id=701):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x200)
ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000000000)=0x3)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000003c0)={0x2, 0x0, @ioapic={0xeeee0000, 0xfc48, 0x0, 0xeffffdff, 0x0, [{0xc7, 0x80}, {0x19, 0x5, 0x0, '\x00', 0x10}, {0xfc, 0x4}, {0xfe, 0xff, 0x7f, '\x00', 0x2}, {0x8, 0x0, 0x5, '\x00', 0xb}, {}, {0x0, 0x81, 0xbc}, {0x0, 0xc8}, {0x0, 0x0, 0x0, '\x00', 0x7f}, {0x6, 0x6, 0xfe, '\x00', 0x2}, {0x0, 0x0, 0x0, '\x00', 0x2e}, {0x0, 0x50}, {0x7, 0x0, 0x4, '\x00', 0x3}, {0x3, 0x4e}, {0x2, 0x2, 0x4, '\x00', 0xfe}, {}, {0x1, 0x0, 0x0, '\x00', 0x18}, {0x0, 0x0, 0x0, '\x00', 0xfd}, {0x1, 0x4, 0xf, '\x00', 0x3}, {0x80, 0x9, 0x0, '\x00', 0x40}, {0x0, 0x8}, {0x5, 0x0, 0x0, '\x00', 0xfe}, {0x1, 0x0, 0x0, '\x00', 0xe}, {0xfc, 0x83, 0xe, '\x00', 0x2}]}})
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000280), 0x2, 0x0)
write$cgroup_freezer_state(r7, &(0x7f0000000300)='FREEZING\x00', 0x9)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000080))
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x20400, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r12, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000001000000000000000000000000000000001b0300ff"])
ioctl$KVM_SET_MSRS(r12, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008b04"])
ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f0000000100)={{0xeeef0000, 0xd000, 0x4, 0x3, 0xab, 0x7f, 0x89, 0x7, 0x1, 0x9, 0x9e, 0x40}, {0x5000, 0xffff1000, 0xd, 0x5, 0x80, 0xfe, 0x3, 0x3, 0x0, 0xe, 0x1}, {0xdddd0000, 0x100000, 0x10, 0xa6, 0x8, 0x5, 0x2e, 0xcf, 0x1, 0x2, 0x0, 0x3}, {0xdddd0000, 0x4000, 0x10, 0x22, 0xc, 0x7, 0x4, 0x7, 0x2, 0x6, 0x5, 0x9}, {0x4, 0xffff1000, 0xa, 0x5, 0x4, 0xf9, 0x3, 0x1, 0x5, 0x2, 0x8, 0x7}, {0x2, 0x8000000, 0x0, 0x6, 0xbd, 0x1, 0x1, 0x0, 0x8, 0x5b, 0x3, 0xe4}, {0x1, 0xdddd0000, 0x8, 0x4, 0x3, 0x15, 0x30, 0x4, 0x8, 0x10, 0x4c, 0xbc}, {0x4, 0xeeee8000, 0xa, 0xf9, 0x3, 0x47, 0x8, 0xff, 0x80, 0x2, 0x3, 0x42}, {0xeeef0000, 0x7ff}, {0xeeee8000, 0xa498}, 0x0, 0x0, 0xffff4004, 0x22000, 0x4, 0x6400, 0xd000, [0xfffffffffffffffb, 0x8, 0x66d8, 0x3]})
mmap$binder(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)
ioctl$KVM_CREATE_PIT2(r14, 0x4188aec6, &(0x7f0000000040))

1.096853613s ago: executing program 0 (id=702):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCCBRK(r0, 0x5428) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1, 0xe3852, r1, 0xfffff000)

1.092411803s ago: executing program 3 (id=703):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180))
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000080)={[{0x8001, 0x7, 0x0, 0x1c, 0x5, 0x2, 0xd, 0x2, 0xf9, 0x2, 0x80, 0x9, 0x1}, {0x6, 0x80, 0x8, 0xc4, 0x8, 0x7, 0x8, 0x9, 0x7, 0xff, 0x0, 0x81}, {0xe2a5, 0xd, 0x1, 0x9, 0x2, 0x6, 0x9, 0x8, 0x7f, 0x6, 0x56, 0x7, 0x100}], 0x4})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7fffffff], 0x80a0000})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000280)={0xa, 0x0, [{0x774, 0x0, 0x1}, {0xb4a, 0x0, 0x7}, {0x4b56449f, 0x0, 0x1ff}, {0x842, 0x0, 0x3}, {0x90e, 0x0, 0xfffffffffffff7d7}, {0xbab, 0x0, 0x1}, {0xaad, 0x0, 0x9}, {0x820, 0x0, 0x3}, {0x411, 0x0, 0x34e}, {0xc00002d4, 0x0, 0x3}]})
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000240)={0x1, 0x0, [{0x400000f2}]})
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB='max'])
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)

1.021913054s ago: executing program 2 (id=704):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000001c0)={0x73622a85, 0x1, 0x3})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000800)={0x10, 0x0, &(0x7f0000000600)=[@clear_death={0x400c630f, 0x1}], 0x51, 0x0, &(0x7f0000000700)="93ca2efc9445b68c079d41dcfff066e61c4d8f1021949c8c75c29113ed78c691e4a8ff01000004ab5b4c9c0cea97e979adb05f81276775d60f54e903eb87a57f7cbe1f97039cb9d611ffa16ca4582a68cd"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000200)={@flat=@weak_binder={0x77622a85, 0x90e, 0xfffffffffffffffc}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x3, 0x33}, @fda={0x66646185, 0x5, 0x0, 0xf}}, &(0x7f0000000080)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

1.021653184s ago: executing program 0 (id=705):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000180)={'vlan0\x00', 0x400})
ioctl$TUNATTACHFILTER(r0, 0x401054d6, 0x0)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000200)=0x1, 0x12)
write$cgroup_int(r4, &(0x7f00000000c0), 0x12)
ioctl$ASHMEM_PURGE_ALL_CACHES(r4, 0x770a, 0x0)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000500)={0x1, 0x0, [{0x40000003, 0x0, 0x1}]})
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_ro(r7, &(0x7f0000000040)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_int(r8, &(0x7f0000000200)=0x1, 0x12)
ioctl$ASHMEM_GET_SIZE(r1, 0x7704, 0x0)

958.183335ms ago: executing program 2 (id=706):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCGSID(r0, 0x5429, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x5b, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b418709844294623"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
ioctl$FIBMAP(r3, 0x1, &(0x7f0000000140)=0x3)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close(r2)
syz_clone(0x80201900, 0x0, 0xfffffec3, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$TUNGETDEVNETNS(r2, 0xff03, 0x0)
ioctl$NS_GET_USERNS(r4, 0xb701, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE(r2, 0x50009401, &(0x7f0000000500)={{r2}, "5a2c5cdf5deb2e3187611bca724a450de75efc138755fab8e77cd5d787c2463bc208462820baefd5acb78fd08db7d5b9648733f5d30eef1026f7bb19999eed0c9cc694fee2e71bad5680619a4b2e43382d86a5b5e2ff099149ffe63083754b6b541f45ca5728e9ea6c800dcc67f9d7f409efa72d387d443bca22a57b40a14ea22de51702162d6e798296f40e92e6e33fc8937f7f751a3802c5f6a52fee32186289cf7a5336a7191e66f53fa0340c0be7baceb4b7cefd5e0a05cf523e7bd56f7b1a38356598d772a40b65aaf9771bef86d4f2800eb608cfeedb327695e33374fdd6a58193f610718cbabe500c0d3a8698bffad0d280d59e860942c243fd60b771915febc2e165e6eae014d2534369db8704e786162fa84abbea5aac71241ca01d2b50612ae4f2385f5002446022ac16a2c49fe35d7d1ff0a016f0f432cd31e342c70757dab7c611267361424cac8e4db3d975780190885e6fbd7cf78619335560fe78c7f78f15c642dd0daa1ff69a79fe3c996e03c5536ec4af79a7ba878f895ed253d50e2fbc4488599cec8a4e7d5e7384372ba6a26d38de218ad8ed388c811b27191f9bc61917bf5f40d0d383e6cc323dee1db926aaf803edc54c3a93eed648f8e178b6418db614f69cd9cbac0c2de36b5531e76c272ff51f417d004cd0527da2bd7c72e73b378c2da906f501748d06a88b262357d6328711398d3453f9bfc38f1c79695c68d4acd0693411c896935ff0370886adbe561cc6b9e469e6a83ce4897dfafec0b7e117ebbd021b7b991fa68a11de6dc7916d6c042528294af3faeabf430176e39f0987bd822550dc65bd4b81d452573c6bf518c5ee999ff1d988a8df3554d5edbebae5d0d8476ad05e403dbffb8b4f4c89cdadbeb3e532e13cd53c0682c28ebdb5291b7c3f4934715c49eee60549a81d1fcd6b7f15b585293c89fb3a19350d8dbe1a8e5f8324241c7bc5afa1ccce029ad0ab61be45715448ce51205283b874e210946484fb91b4336ae2df38a00eb03385c881369b181a6cfbaf5ac882584815daa0b18c134f0fe6300f1a10223df18c203dfd83d3d8f5271ad716d622de5ccb71f4997c50d9c2405ee07a9244d44867bb72da7c23a8afe63811ad98259da05e1f62628170b35b85d52e10d70a8bb10690a5bc496153e54ff097f64c0ca4d57e381d282a55313563d18cb9e48f15814b812613ca80c522b094d64faa6d9734bd2356d62c9842dc08cd618c8f664b847e387aa4407d4a6b86717c6c8d2025704184e81eb0031307def7de9adbeae03faead563f0b70711665559f10f63de0006e2e4541cdc261621376ef6271b21bc596eb2dd80b56093e5872dcc32769c45e176112896f696467eec2cd8eb9c0867ec851d544de2bb51843bdc9b4320dae3d6d780e221d23266697cb6f3492f428fbb54eb9c23b6501889c684b363330bd030ba4df9c3e53a65cdbf34d1504f3db0506c374e25ec98b6cb017a6d85b0afa15d51dcf697655ee54bc141b7d03c90d0ac78d1582a3fe70002bd753d1cd537c73ec3e1dd2665056545adcf73f81722ffcabb0c02f61b889852f23941bd65ef972e91f2ef77dff928eb944f4c787b3f345f214401c901101288444b1ea098a640c3b604f65624398c504a617077d6c8eec01aef0ed44d82c5efbd9e19edddd60c3deb73413c130c04e7c23a020e548951d6c64460b2f6662533c9c1ece98c587088450d1feb152c0da9d99af9bbfb2b810e7e50fd13c549b46a3c4fed4107b4e4334f16c5183276027758dabafba7cb6cc5d3be48e37d3a84fa221c7a94dc702b6b9cfdd1845608a1e036117ed03023258d3b6059ee2afa7ee2b2d139f98bd68be159b28f9ddef7dbed793f6df786aba2d9b9d9f06048f705b506b6fe4005b1123e4683ea195f30e57303af163f30a450993293ba0a63f457e6f31f2cd6160cefb6ea04a3c803b7bcae30f9d265faaa6602d5cf9aa1a25ae78c6cbf18ced245451645577c18d436c86fdb25589f5953b6a9de01d99c6b528e7b69b9d631322410c251fd71b42760e902f8793c62ef35eab4505cbff94875371e353724b8d7d7c5340c23b73a471426b209d28ae34e3490641fff5117bfbbd474b1a053dbce422f995d004bfd4505b7a3d825edabef1bafcf08a3177c1f53ec57d149da1ed9a7d25fba37cb1519936bcc69183385c688d98a1e7a7e86e4f9ee290e0253e57c76049bae63f7507461795b1f8bbcd5f1f3b300feadf06249308c17ca04829ec27a828a6aabfbd292af50727bfa001d82957c6719e2b7a07977cabbf7c712493b10e50ad73c57af34c9b2072bc46f7c13d65d5bfe382a8050ba82be18ae8f9315ac07b7efdc67000097a6b8de148f456fa2e1cde79d71bc0fd43985d518322dd710828a8bab383ea1d0a83c4aeda1fd6421fedbde54f38d4ccfb3db3c4a26925276548ca73fc49fe26150cb5d71afafe81c26f6780dfcb85a699c6b0d288323999f084669165575513c0c2ee632183a94bd124a885bd489801ae56531f203cb71eb599b4259ef3a78243bae91e3583ea82b8e98a42afac17b3ec7258e5601cfde47111e973e5583a2f2a3c7b3f7ce4f10fd7482fc9b87bc9a38dba5ab0cccc48ae636f227b3b632e84bb7e4e284f02a5a2f405638a39f790d27a9829ee68edc8dadf11964fb671db91b5800dd66a7427c60ae206b312a7299b3bc64e865bdfb429fb7b70e7dc609883ca7fbfd86a6163ec885c191d03caff7064cad7fcc54950671e13841d1b6d0fcf5474d34fb5772d227b9c51e45b59c22f9c79b4b67c3c80a53e8e8e0822cf744f97df4d51eb0213cb8793a5c41e166ead9fdcd7a764071e53d226c4df426c0ff12d9779055b7dc875048d65832a2c0c7dfb775d8bc634a6eb58f6447fa100bea691dddee6e64f2f16c9fa9e8025327afbf4260e5b69c20067d5f8abc5b5531d5a1e0d0f819495ff47eab211de856153f8767556817c39c914086c1833888dcb251dca3db98a8abd03aa53fa53f2fc586c4a3892ebc93c9d22c7efa8df3c8a90c68f412aad26c456557381f83e3725c07a7445603215c13b8710c4c8452919ee4031ecbe0953bafef0590a6550ee01f4a144471f070156890b142e06d8da2df5f5788b8977fd9e72a72e90b1b09822058b7b14f1447449283c722910175e4fa55d500f35fbad3d79e67afd7111b028db1c7b786a354a1c5dd34705906b341e20e9182cbd209bba024d6fb1a09cfa0369528a8be8fd2838efd19dac481906144a1701bf2638ab9d77c6d916dc93b875cdbae445a180500b76955f946e9ac923599007a9fd28566844c2d63d798b913afab721cfdf98b3ce2fefcc50437635da7414ba64d8770426849a38b1f2d67c218e797c71ea5ef542a8729c5f7998479a7f9c273356c86eb4bf550b5131578c533d7d38e8278bc924a8c8675cf4de977254eab6ef85dc1706d013cf3f8d81c1f2bd7bfb8b9c8bd59c6861607b85a1b41c85af1f926f6f0aa6f97d1078b93fcf6b00708da17af265c57952b8c4df682174b4ba0b88ea5bb89b0f321e79dd22bf88eae1249e9590db62667461ebe54e7249aba69b3a50d496ad08e52f61239435338e84b3f0288369ec212061f4cfbc0909d3bec75dda9d74565b6a6def91a373c844e690b576a2742b42b554671efe632cc5649931968c8363d7fe2904598db138d1f96ddf51613074bb16e99b1cbcf7a02c274f9ad43b157b43337d32d36ea24258708c18f09facab12dd917d3194d73bc720575a58d0ad2559726d3be09fcac29573c2358fc08b6f1b954eb717e7aba9ae5c8a4869bb20c86b937a793a7a3feb6acb600d710215e01ad980e773160e8c18db463844271593a013b55acf779e0c89d0e8b27e38aca7c9c16cb858f5ca60318fb1b84ea0b7bc1becd3b102178de1ee28006bbaff1cf4221ff7e6bf063cadc91bcde3a8e94ada52c07ec73cd34f66ebefedbb41522a20b81d13363afdc12b2807103d672622dc934fb013a468de0e944ed2b8a24ee79d92ce937e06f0f3192695f5c5b123dfed11bdb3c679cf263e4940dd0367e1a9e0371f04b96f8dabd121ea252affed1c33c22ac88a3716bf61f3b7b23898fd74054de1e0c64bd983ec59592fb2509b3d2472ecf36d10e90aa4f5ac66f9dba8dc24bbb807dcd5a9c324539d1dc05de529cf32f2d3c743a822a561cf2b6ae01d894fb838e3beef7054b400252f398476289a7a538b73bef0379d06944c31973a6abe063c732ff217121da8b0033f7aeded6cfdd5139e10e44907dd6a78d94317c460848348c8909a89e1cca5188547d206ed08f25f856880f9f929c4a76a6e7d86b33cb23c0368f0f0d5160a825c2b4bf9249dc995cd760a68c29bb6a88a30cdec9b2e4c14907bc5dc93c99fd6bd135be9f6cfb04770a0c578ddfa4a338b568d85466273a89814eb18d1e4e47b2dd7fe8eb1c56780274da5c13a56d5da4eae69d93d53241f97464120921fba158cd60c53cf70bad0716abea2c7d3ea0fa555c5c77fdac654126b7416cf098edefd865f0cb322e4bc606987e1941dc07c6e228e5ae5e61b8eef833a494fccb16a00a5f699cd82366ab62c92b2ad248c3d20d931213b770cd0bc07952bffbe5defa502445fc331737853cfbddaa8906be59300065d09014b8c2a85bb8ef76468b3e19464e030f3fffc8242cf85f4ac2db289875db221c788dad29b760d11d470fdeb91841126c6f20d0c7b07fd79a5febd0195d7f3c2e50a82edc2406a9a524d6ef62be889078702fd17a709a7cbbcca0b91bd30500c15c7970677dd7342f9c72edb75a067d806e03ae46b645103c1d2a0bd80021e47ced99dba250fd1e94167134274d0466d8d0437c3ff2550b4e1f273b7dbbda9e59d0439d7625dd7c85dc9afc1c934b3d83c8d8dcde192b25f10e69245de2f4043d2269d2cee1458037e43eb7c5b3ec11c10aea5c606439c3d067fe902fd19fce6ae62fcb690b07f0c06543f8ebc165593276b79e1a5113a20ab2457ca4dde681a7b38504dfc92e12d45ad2b437829d58ffbd413cfd3a861f0c690d293ff1eb39968d7bdecf397848519dc663700b0f72d7552fc98c2d31414a621a19526fb4217633922ff238d24a629a93d38ef8244f197f8a892d20b484805ca26b20ef0490d8bcfca8eb130ea7371d5505363c31d58fe744cff8770d69d07a0319c59fb54a48a42e4a3d55c39670e442ecb097926bb1064a613c48dd16ca0e9f2430f606c74b9a295b388dcb81a54b7af8612c4b37996e575da9cda3ad1139054054e4f7b164ce525a1b8fa6397448c146a446ce006aa524eebd2af4faed9599199e5357c15412f46ec0826d6bcf81b0bc00e50e96ca17fd46674327753f616f9945483962f5a7b7de556bce043af8a21dd295a918bfe3899b9d4de27ffedc21b4ed1d20ebbaa8ac4970a1df72da13191778a99eb36cfd38dea7ea544a81157fd406822eb6f39450e032eedd2d27295c6a3d985be748adb8df1bcfd36b5110f3c3d3e4c8b453d24232e4e6002acb0b8acbb16ee213c0c87520d5d362597a1235fd7b016e5e5e1d847e7769481ab0d058cc3216a211b96984e5faad2d5df66cb46c3a3fd3b0cc6925269532e2823ba0ee01d2c9968f377b7b93cbc2fa775e460496cb762d1c9402debecb7101d3499416ccaa6b62781f686ca91060afe2569e549946c62b4afdf480d73faa3999016ec9c066a2ba2091a78f2461158dbb7ae6bd3e77eb8368670da5636c34cfbd41ca6d7c3c9085cd2bde7495f77091bf1"})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000300)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000000)={@ptr={0x70742a85, 0x4, &(0x7f00000001c0)=""/64, 0x40, 0x0, 0x32}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x0, 0x16}, @ptr={0x70742a85, 0xfffffffc, 0x0, 0x0, 0x1}}, &(0x7f00000004c0)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})

657.73937ms ago: executing program 0 (id=707):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000280)={0x1, 0x0, [{0xc0010004, 0x0, 0x3}]})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x5a3000, 0x0)
close(r3)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000001c0)={0x1, 0x0, [{0x319, 0x0, 0xe30}]})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000100)={0xa, 0x0, [{0xbb9, 0x0, 0x3}, {0x3b8, 0x0, 0x8}, {0x289, 0x0, 0x5}, {0x377, 0x0, 0x8}, {0x2f9, 0x0, 0x9}, {0x28c, 0x0, 0x9}, {0xac4, 0x0, 0x200}, {0x842, 0x0, 0x422c}, {0x38b, 0x0, 0x92}, {0x29e, 0x0, 0x8}]})

533.922151ms ago: executing program 0 (id=708):
openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x402, 0x0)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000040), 0x2, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'nr0\x00', 0xe43986f95b0e4309})
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r3, 0x545c, 0x7cb7562f2d67)
ioctl$TIOCMSET(r3, 0x5418, &(0x7f0000000140)=0xfffffdfb)
ioctl$TUNGETSNDBUF(r2, 0x400454dc, &(0x7f0000001700))
close_range(r0, 0xffffffffffffffff, 0x2)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x4220, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x8)
ioctl$PPPIOCSDEBUG(r4, 0x40047440, 0x0)
close(r6)
r8 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
openat$cgroup_netprio_ifpriomap(r1, &(0x7f00000001c0), 0x2, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r8, 0x2000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r8, 0xc2a4a000)
r9 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x8800, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r9, 0x40305829, &(0x7f0000000040)={0x1100, 0x0, 0xffffffffffffffff, 0x7fffffffffffffff})
read(r9, &(0x7f00000004c0)=""/92, 0x5c)

532.204152ms ago: executing program 3 (id=709):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x68800, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x8540, 0x0)
read$FUSE(r4, &(0x7f0000001300)={0x2020}, 0x2020)
write$cgroup_pid(r3, &(0x7f00000001c0), 0x12)
ioctl$BLKRRPART(r0, 0x125f, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000500)={0x44, 0x0, &(0x7f0000000400)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r6, 0x4068aea3, &(0x7f0000000140)={0xbe, 0x0, 0x1})
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$UI_SET_EVBIT(r7, 0x40045564, 0x12)
ioctl$UI_DEV_SETUP(r7, 0x405c5503, &(0x7f0000000280)={{0xfffe, 0x60}, 'syz0\x00', 0x19})
ioctl$UI_DEV_CREATE(r7, 0x5501)
write$uinput_user_dev(r7, &(0x7f0000000e80)={'syz0\x00', {0x3f, 0x9, 0x8, 0x6}, 0x200012, [0x3, 0x8, 0x76f, 0x3, 0x8001, 0x5, 0x63e, 0xfffffffd, 0x3, 0xc, 0x9, 0x1, 0x3, 0x9, 0x9, 0xb0c, 0x8, 0xa3d0, 0x7, 0x7b, 0x5, 0xbc2f, 0x4, 0x80000001, 0xfffffffe, 0x3, 0xa, 0xf, 0x8, 0xd2f1, 0x7, 0xffffffff, 0x3, 0xe, 0x3, 0x0, 0x1ff, 0x47f2, 0x80000000, 0x4, 0x0, 0x7, 0x5, 0x29e, 0x2, 0x2, 0x9, 0xdf26, 0x1, 0x40, 0x4, 0x8, 0x80, 0x3, 0x9, 0x1a, 0x3, 0x5, 0x5, 0x9, 0x8000, 0x80000000, 0xcd, 0xfff], [0x6, 0x227, 0x9, 0x7, 0x8, 0x5, 0x81, 0x45, 0xc322, 0x6000, 0x7, 0x2, 0xf0, 0x1, 0x90000, 0x798, 0x7ff, 0x7, 0xa, 0xb, 0x9e, 0xd1a, 0x0, 0x1, 0x2, 0xa, 0x0, 0x5, 0x2, 0x101, 0xfff, 0xfff, 0x1, 0x401, 0x5, 0x0, 0x1000, 0x5, 0x10, 0x4, 0x7fffffff, 0x3ea1, 0xfffffffa, 0x2, 0xfffffff9, 0x1, 0x6, 0x400, 0x2243ccfc, 0x8455, 0x0, 0xb, 0xffffffa8, 0xdc9b, 0x0, 0x4, 0xff, 0x5, 0x1, 0x4, 0x2, 0xd5c, 0x6, 0x6], [0x1, 0x7fff, 0x1, 0x6b, 0x9, 0x3, 0x8, 0x80000000, 0x2, 0x5, 0x6, 0x0, 0x4, 0x40, 0x7, 0x2, 0x6, 0x8, 0xe2, 0x80000001, 0x7fffffff, 0x8, 0x401, 0x4, 0xc7, 0x4, 0x2, 0x6, 0x2, 0x648, 0x1, 0x10001, 0x4f68, 0x5, 0x40, 0x1, 0xc, 0x3, 0xffff, 0x7, 0x9, 0x1, 0xc0c, 0xcd, 0x9, 0x2, 0x401, 0x0, 0xd, 0x9, 0x0, 0x10, 0x7ff, 0x0, 0x7, 0x8a, 0x5, 0x2, 0x3, 0x2, 0x5, 0x0, 0x3, 0x3], [0xc51, 0x2, 0x8, 0x1, 0x9, 0x3, 0x7fff, 0x10000, 0x1, 0x6, 0x200, 0x7, 0x5, 0x0, 0x9, 0x8, 0x3, 0x10, 0x6, 0xd2, 0x8, 0x1ff, 0x400, 0x4, 0xb, 0x9, 0xfbd, 0x9, 0x0, 0x2, 0x1, 0xed, 0x6, 0x2, 0x5, 0xfff, 0xe79, 0x20c, 0xe0, 0x2, 0x3ff, 0xfffffffe, 0x9, 0xa, 0x100, 0x9, 0x3ff, 0x8e6, 0x3, 0x200, 0x9, 0x2, 0x3, 0x0, 0xb7, 0xc, 0x0, 0x9, 0x4, 0x4, 0x3, 0xcd87, 0x8001, 0x9]}, 0x45c)
r8 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$BLKRRPART(r0, 0x125f, 0x0)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000300)={[0x832f, 0x17, 0x6, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffff7, 0x122, 0x0, 0x4, 0x3, 0x7, 0x7, 0x4, 0x5], 0xeeef0000, 0x44010})

368.358854ms ago: executing program 1 (id=710):
r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000001080)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
write$tcp_mem(r0, &(0x7f00000010c0), 0x3fffff)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc018620c, &(0x7f0000000100)={0x0, 0x2, 0x0, 0x0, 0x0, 0x0})

368.037974ms ago: executing program 3 (id=711):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1e1243, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x400000b0}]})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r5, 0x4068aea3, &(0x7f0000000080))
ioctl$KVM_SET_GSI_ROUTING(r5, 0x4008ae6a, &(0x7f0000000200)={0x1, 0x0, [{0x0, 0x5, 0x0, 0x0, @msi={0x6fb4}}]})
ioctl$BLKRRPART(r0, 0x125f, 0x0)

348.517374ms ago: executing program 1 (id=712):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x190e}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @fda={0x66646185, 0x7, 0x0, 0xf}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

300.504055ms ago: executing program 1 (id=713):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r4 = ioctl$TUNGETDEVNETNS(r3, 0x54e3, 0x0)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r4, 0x4018f50b, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xbc)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000010000040"])
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
r7 = mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r10, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="a6"])
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x800, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x501040, 0x0)
r12 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSIG(r12, 0x40045436, 0x0)
r13 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r7, @ANYRESHEX=r5, @ANYRES8=r1, @ANYRES8=r14])
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000001000)={0x80800, 0x206, &(0x7f0000000240)="23591363adf94c4a3525c373b8be3e8d2672540e4fff5fe79b18763b68b5c8cde0045f31e73285632c09da90f5451b7f64f1faee49a0d8fa57fb52ecde3cb94c60c97e8a9a4b9e8b8a625ef77381a7fed894b680d2bf18225baa8ac2279e4966b3bc0adb5332c5ecbc6c3da241c9215cfc3c563c3bc0291d5f45f8d56d583cff127e3373ade7df08cc06d94780975eeaf693ffb533a47e615651192042ea01b4f8ef2332d798ff7da5ad85ffcb7bf1c66705a1d0c2dded41131fbd3372527cd58da0761821c610c916e7126d0d9f38da2ea2df4048a4c222ffe5949556b16efbc4c824fda8e92f0647858a31f0cebc12f0a4e88ae8d5d6689e499301a23a6d4452da35cb0e51b1b9dd6be08b7e3430b77a1143db66bd7b77995b08262510df7aa578cb52ccae69b26f74ea7a2f5d38e0e49412165b94b6da07a4e82c25dea5ad36d9517e9b7152d01c9fbed0ff5dcd8a1ffbef5a2bddee07d7369e517b0d42d3815015334fe2e9e81c4c9b4e6215b236030bc9c4b806fa70175d7ce4268448e3599265549b96df63550df8bbc692c84ac97293998f3351766e93112904c8a80a5045d57e827b561127040a09b3025320a51965ce5c4ff115fa8ce879045cb290abe97641435585c7bb98be38985ea23e58d2ad96499a5f0842eee3c7a263ca47809ce99ef11208b7260ea0a3848634c82a47405e9075ea05098752817d682ae52df079d32116ee458586118ca243767cf986b3e89d6470df859f910256a723062a88441e992d2a9b9fa1dadaeac1c630dc17497404323653cb9a5355f88b6aa6fe714f0723b6938d7ebcac44fe717f0084bc34e5f86980520bad4e6ae4b173f1e4325f9c547828232c9aaa560fb99b6946d65f6532afca8501938703042be2933b633db1f63e692679f1ee71294204acd45480aff57491375fa7f9d7f880de291348fd2ee42dbfdbd8cc8b84aaacc6809e06c5a73e9a9db1bbb2c731a8fd6807ddb0f5b900213bae81372e2a4325b9aecc0125b2016c72e40db36d2c91d55eb5bc8c455b7e29a32c0f1b36645e004dc0db7f521c436f735e09402fe38d853a2db74d7a18f68ff28fb38e861efd6f2f92ebcfc13bb10e57026443ba84df1e18041d6f9fd4aead2e87c6980d9fa28e8251a809c88dc25b4f29813436318b59bc8bf80115f15e33387ed955cc4423b49d5a4ae6fb37ddfa1e31d712bd4e7f6cb5d2dbba874337aa235dbeeb38cd9f1469ee02270dc55acfefc27f35c0d067ef3341e111282c139c623af9eb0eb7613c0cc7284e7a9945ad1870cb621e1350cfef3a8526d21b214745aed61d78f834c60afe2403a3280bd2349612761d0692ed8048d1b33a158a2882bafd56012a465a336c12a675adbffa91530cfe1b55ae8b0813403256c148e0d0c7f1056f34be5a1f28275025d48fcf9f12bf21453b2c060a9d05b0fed49799809b631349e2e5e1a6e0461d1cd667e8a4ec1b9b088b7bb0ffda7b6110049036d6139a227c53e3825d71d6cb06e96f0eb67076aa5faf026cd603ee91a7ba9fcb13763721d7bbb7c021e7d2395fa566483942052bd74aac4e9acb4bc3ba1d4ecc3fa4b8e99f5f91f6e9ae598ea225a7a889a8fd50ed8e75c21a93764745a7f2846b8f63590fab912d1f10582a862d5e4af02dd44c410642cce20a3877559d4fd83b962d78a61c84cfcf74f6ba0ccb85a19a505b24875daaa7b7ee3083a0f7a034f66031bdcd2dbf2d56c61e30186dc555ad834d855a055529ee6ecf50586ceb29210b44fa704498b238dd68c1e14b36da172f6febdd67b49d833370247e0a024eab77de4aa5efe7f387a9a4cb573c6e344a3c4d2a45f1df4ee883913bd61cf7a39626244ac64cb0345fccdca1131171031be3c6084e0d2941371afd1c268512133ac68cac0ebdb0502db18340adea29132a1cb667056541f2edd8354d52563458d8ecd18c49d5b9dbe0859a0cff6c2ba5cfa4e8736e7e7eaafa061ef86351d3d52f50410aef8f1df813c29d3fd4080242adecc39a8b9b054eb818116d1ce46096c8c983a09164bbe0262df134af33986e0a12a9eac6268939a1ab2e7efd4376a8ff583b93f226711395b9163e49fbc790f67596f28d341cf36e37d7475c2b09278fa66f5b3cbb4161f017bc49e99d19039aed6d620dc01487ecbe043add02927b88ed4de8e3112ebf9ba837134d8adc36e4beeefc5037dc683b585cdee1e265f1ee47934f558c4c13bafb2a06e9951789f6a2243fa074d7b9489ffe32625cf141cb0ce9353c0c6849695f6a23f1b554b225f9e7d1e73bc4bbee326181144584aaae8e2f004aea46e8d334f65123b93fd945f487d917c485b8b65ce7aa1090a301b96ac664c65101db1bd1d224e1d25f8946a5faa0baf1fcf3fb015445f974d415b8e50e9b55435b26358b517112822d99d9cdf45aea3db255ab72f1ac51fd00d812c2fc484a581c72e8fa39d0a3a5ecff51fca9292267e98ca70b005be53b7f32205acfa59d1f623c03c6625d74ba76f95464f3b0617f87246c298e12e73876549ac765147f928fe3fce378100663a32ccbe312d5458db8e5aecc2bd70bedbfd397157bbc291065332e5988744ba63712753bcded54aab53b82894b8272d5be38943b9c948438271097b061e07e983709703af8c69df1aaeb7cda83e92df304002a03438dc0cf2e4b6492feb9be8379cee7fcb874f22a392e6b6470cc6d1b5dd500693e4d26c8f9e48492fdfabb8294bee57f721572ef9239f519eef9a9f4e59950d252095e6a4229a57e4202302388fe316f4d1300973549ff6bd8a3c747db0686aa5a3e30a41993db467ef0197da3cf7cfa356bc7c802177906f39d22777b1b4f930798b83f5ffc4f444ad564e87e2d1fe4f45a40a36e1b5515347f42d5513ec3d70584151d60ae515e5e3e467fa6816744b22c3a08cc318e2a6176547d0ca285067605fbb6a14e9fc40a74d2d27eb5492d0709f04603d36a05a0e4a055cdc7b9e5970aa9960ba6523fd234208cd95926029daa5498bf14ce9beb3fe31113bff7bd22dbd8ccb04593b3edd074092ae8be18ff94c59d376aa4c070e09b237568167a4b0d003e3df329966b5a6285a4547824a9dec2fd82428483c55f57adc35fcbcfb5af22da38fc98603cdfaffea70b9337a339442226305c06005747b4cd368c616f97fe467f087df5bcfc5d072120fa0d837103b65cd0efc2f08f81bc7e5c39435ffcbcc9a41ee94b2bd5708100c1c14a34c28ab5335bfea389444a38fe36132d7f4a9d9cc9a4a6a78646016f6f2a0cb832f0c2c8720c20430aaf3c4658b943648cfd84577ab42cc8fb051c407c5e9f2e2f996ce542485aa020f0b052059e0f18d3a5295383079acd63159f164f222bac96f98a30bb78d0e152b96d97e074208b171c3ce47cbcf747acf2a2873ddea30992686990b15e11bf8bf8be33ddc2fe3ad429a42ad065c32d35bc86d336eaa4e368a0b8b679c07c7419de2f21bd398f15b92d16e90e19f2e66343f88eb6349ac39553a0ccc6b5d61c4a69d3b3ffd10ed7c56408726e8ac25ac0bfdac182b53345d661c13775eb6deec22a17bbdd2189385baa39fc9be062ecbdac11157b64dcac58d1eb4f029a37d744d5c9551b51941353922dccded9da40a5b967513730a6604180e1d3e5c80f7f4a4e8edd75f5d466f66394dc5c4e529e33242ce016d4b479cf54c5876ff4bb1f651d7c975cccf1a7c7e8d9cce2918ca47684d92e7f258204731448986ed81dce4ca5eaf05512f93031ab16eadf0dd62e209839141847b8d2b7512508160be659be016faf2ac3e51a0e8e1f0bde51231c345dcb3ce926f00544c570a8fe3b6b6412d612549aefcf3bee1137c45dccff4ea9396a087ae33b2cbf0ec6d6fedcb5de2546540b4dadf2bd9f6d1f51125969c4ecbf73fd9bbee90e6b8a0240dd124b333a5ce34f29992f7f53d7a0ff2a9f81d84824afbc0f554532171ea8bb3e1f63274c1459d5744633925c7aac244b9bfb74b6f3d47060ae88374d97b553fc3adfda97ed6d3509c39115f740c760dc63becb7ba856affd700358d7f919f0ac4b10432eb5e0ab3c501713758b1d6aa6583fe7f5d59f7d591e172669519d0d27e03516e8c0bdd7659352024e11b0123c157fa4154e15591a61ca2c20f47489f6ff50e1de5cdf91cd5cac45cf3ca9a0bd42d3e25fda42ec0ec9f215b37b74615338f1430de5b0d1dbf83ec3ab6e19f3b09809cf79b1ed6176c59c66357842f23c2dad510816d14a7d9b6f5249fcf24393f62462d0c8ce92eaf0b7852509fed1b02419f4bdabf250c09af9be3710b4d3a6a03f81f0c12f193acd7d98200b8e1abfa7149ab677466df59e6bff602e08b6d53106c76b44a30f090e0ac9e6fd4772da22b745dd8aa7d3426f864d9c560a23ddbf95a09a72aef0ea3d096877b9773c4c495180f6926333d087a85e0211f6b4d10f38ceef3fca5c1019fc70e561db2004dd3084bcbe2bbbceed316ab8961e7ce60121dbcf5092f4070cf3948230e495da4c94caf3a32b8b4eefc7c18fb4d0d0d7499e83050b3cf56682d57b9995c31894786239ffdc729fb9ff70b9fd8c4856f3dfdd67c8e6142ff65dfcb2d7f40687ccce66557564a1427470f6cd124b6321ff125ccde9422ae992356d27a46f05094e7950e2634078f856d00bc6144414dd23d3404e5288e8db77b09f3e84a8b9b30e120551570215c9090a096ba957cfebe6bef5bdd42180c15131cb2b0d270506928a0f2c0ec050f0bdfbcbaa37064e59cc43e6a405518742922b7df2d89e96e73528f2d0fc7ec2d78a1abc5c3f17b9a2dbcd2299a5a64e738816bac07caacd35d4353784e248143fa244ac59ea918627bb0051e678912f8c6a57257f016de91ab6c5dcb9c93d859cb89822ebd44991c0f998170f73495229fb51479ebba8a57d1ce88ccc38e6b679457e964b07b6006971d45f570f", 0x0, 0xdb1})
r15 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r15, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @ioapic={0x1000, 0x8, 0x6, 0x1, 0x0, [{0x1, 0x3, 0x3, '\x00', 0x2}, {0x0, 0x5, 0x1, '\x00', 0x8}, {0x7, 0x2b, 0xf3, '\x00', 0x2}, {0x7, 0x2, 0x1c, '\x00', 0x7}, {0x0, 0x3, 0x4, '\x00', 0x58}, {0x7f, 0x2, 0xb, '\x00', 0x9}, {0x2, 0x7, 0x5, '\x00', 0x2}, {0x0, 0x83, 0x4, '\x00', 0x22}, {0x9, 0x9, 0x6, '\x00', 0x4}, {0x3, 0x58, 0x81, '\x00', 0x1}, {0x1, 0x5, 0x5, '\x00', 0xfa}, {0x1, 0x7f, 0x2, '\x00', 0x7f}, {0x2, 0x3, 0xff, '\x00', 0xa}, {0x7b, 0x1, 0x7, '\x00', 0x45}, {0x7f, 0x4, 0x6, '\x00', 0x6}, {0x1, 0x0, 0x9}, {0xa, 0x1, 0xff, '\x00', 0x7}, {0x3, 0x2, 0x4, '\x00', 0x1}, {0x82, 0x8, 0x6, '\x00', 0x2e}, {0x2, 0x8, 0x3, '\x00', 0x8}, {0x8, 0x41, 0xfe, '\x00', 0x6}, {0x1, 0x4, 0x7, '\x00', 0x8}, {0x0, 0x5, 0x2, '\x00', 0x3}, {0x1, 0x9, 0x6, '\x00', 0xc}]}})

119.373838ms ago: executing program 3 (id=714):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'nr0\x00', 0x2}) (async)
ioctl$TUNATTACHFILTER(r1, 0x401054d5, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpu.stat\x00', 0x7a05, 0x1700) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
ioctl$FICLONE(r3, 0x40049409, r2) (async)
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f00000002c0)={'veth0_to_batadv\x00', 0x600}) (async)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r3}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000240)=""/10, 0xa}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, &(0x7f00000002c0)}) (async)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

100.987518ms ago: executing program 2 (id=715):
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (async, rerun: 32)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) (async, rerun: 32)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1) (async)
syz_clone(0x80001000, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$TUNGETDEVNETNS(r1, 0xff0a, 0x0)
write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[], 0x9) (async, rerun: 64)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) (async, rerun: 64)
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs\x00', &(0x7f00000000c0), 0x4, 0x0) (async)
r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x2600, 0x0)
ioctl$ASHMEM_SET_NAME(r2, 0x40087708, 0x0)

74.106258ms ago: executing program 1 (id=716):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180), 0x32, 0x0, &(0x7f0000000080)="f3864755592396a05de6733faeeb64e8bb0da21aaacc3c84fa7386a67bc1fa99210223400fa8a4664aedb2f13538e649f86e"})
close(r0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000200)={[{0x7ff, 0xd3d, 0x8, 0x4, 0x8, 0x9, 0x9, 0xfa, 0x8, 0x4, 0xbb, 0xf8, 0x8}, {0x2d, 0x9, 0x0, 0x9, 0x2, 0x5, 0x7, 0x6, 0x8, 0x6, 0x7, 0x5, 0xca}, {0x5, 0x5, 0x6, 0x6, 0x0, 0x0, 0x80, 0x7, 0xf7, 0x8, 0x5, 0x1, 0x1}], 0x5})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000001c0))
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000140)={0x8, 0x0, &(0x7f0000000040)=[@acquire], 0x0, 0x0, 0x0})
prctl$PR_SET_MM_EXE_FILE(0x36, 0xd, 0xffffffffffffffff)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000e00)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000140)={0x5, 0x0, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r7, 0x4068aea3, &(0x7f0000000600)={0xbe, 0x0, 0x1})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000400)={0x4, 0x0, &(0x7f0000000380)=[@enter_looper], 0x50, 0x0, &(0x7f0000002040)="7797f473010e3c6f412193d01ca46e5d1fd37e1ff088862e47734ac7eb2e436321311317afe07822a299d63328f5c10a5f99166b47868f357ba1edd6b402c7022a1fe37f5f729dd812db18dad930f670"})

311.09µs ago: executing program 3 (id=717):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000380)={0x8f, 0x0, 0x10}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_TSC_KHZ(r5, 0xaea2, 0xfffffffffffff800)
ioctl$KVM_SET_TSC_KHZ(r5, 0xaea2, 0x3) (async, rerun: 64)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1181})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000140)={0x8, 0x0, &(0x7f0000000040)=[@acquire], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000e00)=[@request_death={0x400c6313}, @clear_death={0x400c6313}], 0x0, 0x0, 0x0})

0s ago: executing program 2 (id=718):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f00000aa000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000040)={[0x6, 0xffffffffffffffff, 0xf58a, 0x5, 0xce9, 0xfff, 0x6, 0x4, 0x80, 0x2, 0x5, 0xa, 0x26d9, 0x2d, 0xdd3, 0x2882], 0x10000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f00000002c0)='\x00', 0x68)
ioctl$BINDER_GET_EXTENDED_ERROR(r0, 0xc0046209, &(0x7f0000001340))

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.89' (ED25519) to the list of known hosts.
[   25.981260][   T36] audit: type=1400 audit(1750405208.430:64): avc:  denied  { mounton } for  pid=281 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   25.982921][  T281] cgroup: Unknown subsys name 'net'
[   26.007495][   T36] audit: type=1400 audit(1750405208.430:65): avc:  denied  { mount } for  pid=281 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   26.039211][   T36] audit: type=1400 audit(1750405208.470:66): avc:  denied  { unmount } for  pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   26.039523][  T281] cgroup: Unknown subsys name 'devices'
[   26.217102][  T281] cgroup: Unknown subsys name 'hugetlb'
[   26.224559][  T281] cgroup: Unknown subsys name 'rlimit'
[   26.338345][   T36] audit: type=1400 audit(1750405208.790:67): avc:  denied  { setattr } for  pid=281 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   26.364391][   T36] audit: type=1400 audit(1750405208.790:68): avc:  denied  { mounton } for  pid=281 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   26.381450][  T283] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   26.392914][   T36] audit: type=1400 audit(1750405208.790:69): avc:  denied  { mount } for  pid=281 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   26.428853][   T36] audit: type=1400 audit(1750405208.860:70): avc:  denied  { relabelto } for  pid=283 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   26.436902][  T281] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   26.460615][   T36] audit: type=1400 audit(1750405208.860:71): avc:  denied  { write } for  pid=283 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   26.503604][   T36] audit: type=1400 audit(1750405208.880:72): avc:  denied  { read } for  pid=281 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   26.533472][   T36] audit: type=1400 audit(1750405208.880:73): avc:  denied  { open } for  pid=281 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   27.391323][  T288] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.399079][  T288] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.411548][  T288] bridge_slave_0: entered allmulticast mode
[   27.420808][  T288] bridge_slave_0: entered promiscuous mode
[   27.430787][  T288] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.439239][  T288] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.453428][  T288] bridge_slave_1: entered allmulticast mode
[   27.461217][  T288] bridge_slave_1: entered promiscuous mode
[   27.572713][  T289] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.580529][  T289] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.590162][  T289] bridge_slave_0: entered allmulticast mode
[   27.597496][  T289] bridge_slave_0: entered promiscuous mode
[   27.605217][  T289] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.615484][  T289] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.624117][  T289] bridge_slave_1: entered allmulticast mode
[   27.631359][  T289] bridge_slave_1: entered promiscuous mode
[   27.692393][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.700696][  T293] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.709829][  T293] bridge_slave_0: entered allmulticast mode
[   27.717158][  T293] bridge_slave_0: entered promiscuous mode
[   27.731552][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.738881][  T293] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.746870][  T293] bridge_slave_1: entered allmulticast mode
[   27.754663][  T293] bridge_slave_1: entered promiscuous mode
[   27.798912][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.808183][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.816349][  T292] bridge_slave_0: entered allmulticast mode
[   27.824418][  T292] bridge_slave_0: entered promiscuous mode
[   27.839699][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.850679][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.860079][  T292] bridge_slave_1: entered allmulticast mode
[   27.867353][  T292] bridge_slave_1: entered promiscuous mode
[   27.977980][  T288] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.988450][  T288] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.997687][  T288] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.007272][  T288] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.058049][  T289] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.065782][  T289] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.074282][  T289] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.082200][  T289] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.126014][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.134497][  T293] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.143287][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.151089][  T293] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.165474][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.174423][  T292] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.182894][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.190827][  T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.226214][  T290] bridge0: port 1(bridge_slave_0) entered disabled state
[   28.234630][  T290] bridge0: port 2(bridge_slave_1) entered disabled state
[   28.244680][  T290] bridge0: port 1(bridge_slave_0) entered disabled state
[   28.252766][  T290] bridge0: port 2(bridge_slave_1) entered disabled state
[   28.261662][  T290] bridge0: port 1(bridge_slave_0) entered disabled state
[   28.271371][  T290] bridge0: port 2(bridge_slave_1) entered disabled state
[   28.281355][  T290] bridge0: port 1(bridge_slave_0) entered disabled state
[   28.289033][  T290] bridge0: port 2(bridge_slave_1) entered disabled state
[   28.308917][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.316617][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.326627][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.339590][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.396060][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.404659][  T290] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.413565][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.421912][  T290] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.432538][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.440574][  T290] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.449492][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.457266][  T290] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.467455][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.475268][  T290] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.485182][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.493290][  T290] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.542006][  T292] veth0_vlan: entered promiscuous mode
[   28.563584][  T288] veth0_vlan: entered promiscuous mode
[   28.570791][  T289] veth0_vlan: entered promiscuous mode
[   28.596006][  T293] veth0_vlan: entered promiscuous mode
[   28.604624][  T292] veth1_macvtap: entered promiscuous mode
[   28.616600][  T288] veth1_macvtap: entered promiscuous mode
[   28.627854][  T289] veth1_macvtap: entered promiscuous mode
[   28.656380][  T293] veth1_macvtap: entered promiscuous mode
[   28.720451][  T292] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   28.801358][  T309] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   28.827361][  T312] =======================================================
[   28.827361][  T312] WARNING: The mand mount option has been deprecated and
[   28.827361][  T312]          and is ignored by this kernel. Remove the mand
[   28.827361][  T312]          option from the mount to silence this warning.
[   28.827361][  T312] =======================================================
[   28.954046][  T315] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   29.031324][  T324] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:7
[   29.031379][  T324] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   29.041511][  T324] rust_binder: Read failure Err(EFAULT) in pid:7
[   29.166955][  T333] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[   29.208146][  T333] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   29.208208][  T333] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   29.215881][  T333] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[   29.626445][  T368] rust_binder: Error while translating object.
[   29.626524][  T368] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   29.634150][  T368] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:18
[   29.968654][  T395] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.046982][  T405] rust_binder: Write failure EFAULT in pid:30
[   30.143019][  T411] rust_binder: Write failure EFAULT in pid:22
[   30.176405][  T422] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:37
[   30.191395][  T427] rust_binder: Error while translating object.
[   30.197232][  T426] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   30.210838][  T427] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   30.219776][  T426] rust_binder: Read failure Err(EFAULT) in pid:36
[   30.226136][  T427] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:26
[   30.262468][  T426] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.273177][  T430] rust_binder: Error while translating object.
[   30.274392][  T426] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[   30.281221][  T430] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   30.307078][  T430] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:28
[   30.351019][  T437] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   30.367277][  T438] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   30.545653][  T445] binder: Bad value for 'stats'
[   30.631387][  T452] binder: Binderfs stats mode cannot be changed during a remount
[   30.648971][  T454] input: syz0 as /devices/virtual/input/input5
[   30.699141][  T462] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:42
[   30.770377][  T472] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:42
[   30.802355][  T477] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[   31.036750][  T495] rust_binder: Write failure EFAULT in pid:20
[   31.038093][  T497] rust_binder: Write failure EINVAL in pid:55
[   31.060521][   T36] kauditd_printk_skb: 67 callbacks suppressed
[   31.060544][   T36] audit: type=1400 audit(1750405213.510:141): avc:  denied  { write } for  pid=492 comm="syz.1.54" name="ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   31.130434][   T36] audit: type=1400 audit(1750405213.510:142): avc:  denied  { open } for  pid=492 comm="syz.1.54" path="/dev/ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   31.156372][   T36] audit: type=1400 audit(1750405213.510:143): avc:  denied  { ioctl } for  pid=492 comm="syz.1.54" path="/dev/ppp" dev="devtmpfs" ino=86 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   31.195690][   T36] audit: type=1400 audit(1750405213.640:144): avc:  denied  { map } for  pid=502 comm="syz.2.58" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   31.289254][   T36] audit: type=1400 audit(1750405213.740:145): avc:  denied  { read } for  pid=509 comm="syz.3.60" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   31.323536][   T36] audit: type=1400 audit(1750405213.740:146): avc:  denied  { open } for  pid=509 comm="syz.3.60" path="/dev/snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   31.384879][  T516] rust_binder: Failed copying remainder into alloc: EFAULT
[   31.384912][  T516] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[   31.407510][  T516] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   31.421552][  T519] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[   31.433376][   T36] audit: type=1400 audit(1750405213.880:147): avc:  denied  { ioctl } for  pid=517 comm="syz.1.64" path="/dev/fuse" dev="devtmpfs" ino=23 ioctlcmd=0xae80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   31.480812][  T516] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:24
[   31.496883][   T36] audit: type=1400 audit(1750405213.930:148): avc:  denied  { ioctl } for  pid=522 comm="syz.3.65" path="/dev/uhid" dev="devtmpfs" ino=199 ioctlcmd=0x9401 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   31.533880][  T529] rust_binder: Error while translating object.
[   31.534109][  T529] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   31.535516][   T36] audit: type=1400 audit(1750405213.930:149): avc:  denied  { append } for  pid=522 comm="syz.3.65" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   31.543865][  T529] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:74
[   31.614275][  T533] rust_binder: Read failure Err(EAGAIN) in pid:62
[   31.627999][  T533] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:62
[   31.636998][   T36] audit: type=1400 audit(1750405214.090:150): avc:  denied  { read } for  pid=532 comm="syz.1.68" name="ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   31.700989][  T538] binder: Bad value for 'max'
[   31.746491][  T545] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   31.746526][  T545] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:77
[   31.796287][  T548] rust_binder: Write failure EFAULT in pid:79
[   31.997821][  T565] input: syz1 as /devices/virtual/input/input6
[   32.033064][  T565] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   32.063309][  T573] rust_binder: Write failure EINVAL in pid:90
[   32.084311][  T565] input: syz0 as /devices/virtual/input/input7
[   32.106530][  T575] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[   32.124830][  T575] SELinux: failed to load policy
[   32.527789][  T586] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   32.527818][  T586] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:79
[   32.564342][  T588] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   32.577681][  T588] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:68
[   32.634727][  T592] rust_binder: Error in use_page_slow: ESRCH
[   32.634754][  T592] rust_binder: use_range failure ESRCH
[   32.641635][  T592] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[   32.648092][  T592] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   32.657640][  T592] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:70
[   32.858151][  T603] rust_binder: Write failure EFAULT in pid:73
[   32.865748][  T606] binder: Bad value for 'max'
[   32.898497][  T608] rust_binder: Failed to allocate buffer. len:64, is_oneway:false
[   33.066761][  T617] rust_binder: Error while translating object.
[   33.075246][  T617] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   33.082323][  T617] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:48
[   33.319580][  T632] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[   33.367130][  T634] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   33.424516][  T640] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:87
[   33.424889][  T640] rust_binder: Error while translating object.
[   33.435383][  T640] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   33.442301][  T640] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:87
[   33.453044][  T640] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   33.463578][  T640] rust_binder: Write failure EINVAL in pid:87
[   33.471544][  T641] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   33.580105][  T649] rust_binder: Write failure EFAULT in pid:95
[   33.593373][  T655] kvm: apic: phys broadcast and lowest prio
[   33.683253][  T667] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[   33.696016][  T670] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:95
[   33.701863][  T667] SELinux: failed to load policy
[   33.721620][  T667] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:112
[   33.729939][  T672] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:97
[   33.771098][  T675] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[   33.790656][  T675] rust_binder: Write failure EINVAL in pid:98
[   33.860580][  T679] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[   33.898397][  T691] SELinux: syz.0.118 (691) set checkreqprot to 1. This is no longer supported.
[   33.942587][  T691] kvm: kvm [688]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x40000007) = 0x0
[   33.955265][  T691] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:106
[   34.174862][  T711] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:109
[   34.266646][  T712] rust_binder: Failed to allocate buffer. len:152, is_oneway:true
[   34.281803][  T712] rust_binder: Write failure EINVAL in pid:109
[   34.300628][  T715] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   34.308115][  T715] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:112
[   34.359755][  T717] rust_binder: Write failure EINVAL in pid:126
[   34.361153][  T720] input: syz0 as /devices/virtual/input/input11
[   34.388650][  T721] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   34.441022][  T728] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   34.462835][  T731] rust_binder: Write failure EINVAL in pid:129
[   34.491539][  T735] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   34.511763][  T738] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   34.532613][  T738] rust_binder: Failed to allocate buffer. len:4240, is_oneway:false
[   34.546162][  T738] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   34.558352][  T738] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:131
[   34.606921][  T744] rust_binder: Write failure EFAULT in pid:62
[   34.614253][  T745] rust_binder: Write failure EFAULT in pid:62
[   34.757204][  T755] binder: Unknown parameter 'fscontext?}'
[   35.018620][  T767] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   35.028655][  T767] rust_binder: Write failure EINVAL in pid:68
[   35.179849][  T770] rust_binder: Write failure EINVAL in pid:113
[   35.282744][  T774] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   35.301134][  T774] kvm: requested 13409 ns i8254 timer period limited to 200000 ns
[   35.311452][  T774] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[   35.323413][  T778] SELinux:  policydb magic number 0x8 does not match expected magic number 0xf97cff8c
[   35.341659][  T774] binder: Bad value for 'max'
[   35.350664][  T778] SELinux: failed to load policy
[   35.362796][  T777] binder: Bad value for 'stats'
[   35.608118][  T790] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   35.624050][  T796] binder: Bad value for 'context'
[   35.650858][  T785] SELinux:  policydb version -40549364 does not match my version range 15-33
[   35.674380][  T785] SELinux: failed to load policy
[   35.929254][  T816] kvm: user requested TSC rate below hardware speed
[   35.963126][  T819] rust_binder: Read failure Err(EAGAIN) in pid:158
[   36.046400][  T828] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   36.095737][  T831] binfmt_misc: register: failed to install interpreter file ./cgroup
[   36.114630][  T831] input: syz0 as /devices/virtual/input/input13
[   36.122708][  T836] binder: Unknown parameter '����5xKr�zO��>'
[   36.150600][   T36] kauditd_printk_skb: 13 callbacks suppressed
[   36.150621][   T36] audit: type=1400 audit(1750405218.600:164): avc:  denied  { write } for  pid=837 comm="syz.0.169" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   36.155558][  T838] random: crng reseeded on system resumption
[   36.220375][  T842] binder: Bad value for 'max'
[   36.233144][   T36] audit: type=1400 audit(1750405218.680:165): avc:  denied  { execute } for  pid=840 comm="syz.1.170" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   36.306300][  T844] rust_binder: Write failure EFAULT in pid:87
[   36.330705][  T853] SELinux: failed to load policy
[   36.447907][  T871] input: syz1 as /devices/virtual/input/input14
[   36.479875][  T871] rust_binder: Write failure EFAULT in pid:173
[   36.501593][  T877] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   36.514579][  T877] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   36.529898][  T879] tap0: tun_chr_ioctl cmd 1074025678
[   36.554015][  T879] tap0: group set to 0
[   36.580898][  T881] rust_binder: Error while translating object.
[   36.580935][  T881] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   36.593746][  T886] rust_binder: Error while translating object.
[   36.604195][  T881] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:96
[   36.608682][  T886] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   36.626850][  T886] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:96
[   36.642393][  T879] SELinux:  policydb version 1869770773 does not match my version range 15-33
[   36.670930][  T879] SELinux: failed to load policy
[   36.676556][   T36] audit: type=1400 audit(1750405219.120:166): avc:  denied  { append } for  pid=884 comm="syz.0.186" name="ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   36.706233][  T892] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:142
[   36.724237][  T879] binder: Unknown parameter 'Sތ	'
[   36.779410][  T900] binder: Bad value for 'max'
[   36.799704][  T902] binder: Unknown parameter 'de�context'
[   36.807484][  T902] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   36.807520][  T902] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:153
[   36.826123][   T36] audit: type=1400 audit(1750405219.280:167): avc:  denied  { append } for  pid=901 comm="syz.1.191" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   36.877135][   T36] audit: type=1400 audit(1750405219.330:168): avc:  granted  { setsecparam } for  pid=901 comm="syz.1.191" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   36.918106][   T36] audit: type=1400 audit(1750405219.370:169): avc:  denied  { read open } for  pid=904 comm="syz.2.192" path="pid:[4026532390]" dev="nsfs" ino=4026532390 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   36.947320][   T36] audit: type=1400 audit(1750405219.370:170): avc:  denied  { ioctl } for  pid=904 comm="syz.2.192" path="pid:[4026532390]" dev="nsfs" ino=4026532390 ioctlcmd=0xb702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   36.984246][  T909] rust_binder: Error while translating object.
[   36.984291][  T909] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   36.994055][  T909] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:104
[   37.019109][  T914] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   37.035586][  T914] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:181
[   37.050548][  T917] binder: Unknown parameter 'smackfsdef'
[   37.078971][  T917] rust_binder: Error while translating object.
[   37.079025][  T917] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   37.087157][  T917] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:160
[   37.158998][  T916] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   37.290700][  T936] binder: Unknown parameter 'fsc'
[   37.317061][  T936] rust_binder: Write failure EINVAL in pid:164
[   37.317431][  T936] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:164
[   37.426852][   T36] audit: type=1400 audit(1750405219.880:171): avc:  denied  { mounton } for  pid=944 comm="syz.0.207" path="/syzcgroup/unified/syz0/cgroup.procs" dev="cgroup2" ino=58 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[   37.529333][   T36] audit: type=1400 audit(1750405219.980:172): avc:  denied  { map } for  pid=953 comm="syz.1.210" path="/dev/ptp0" dev="devtmpfs" ino=196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   37.532294][  T955] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   37.562935][  T954] rust_binder: Error while translating object.
[   37.570163][  T954] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   37.577254][  T954] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:169
[   37.593694][   T36] audit: type=1400 audit(1750405220.010:173): avc:  denied  { execute } for  pid=951 comm="syz.3.209" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   37.640286][  T959] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[   37.670083][  T963] binder: Unknown parameter 'fscontext?}'
[   37.761590][  T970] SELinux: security_context_str_to_sid () failed with errno=-22
[   37.967097][   T31] hid-generic 0007:0401:0813.0001: unknown main item tag 0x2
[   37.995067][   T31] hid-generic 0007:0401:0813.0001: unknown main item tag 0x6
[   38.023041][   T31] hid-generic 0007:0401:0813.0001: unknown main item tag 0xe
[   38.034316][   T31] hid-generic 0007:0401:0813.0001: item fetching failed at offset 14/43
[   38.046040][   T31] hid-generic 0007:0401:0813.0001: probe with driver hid-generic failed with error -22
[   38.147193][  T999] rust_binder: Error while translating object.
[   38.147241][  T999] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   38.163706][  T999] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:184
[   38.212986][ T1005] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:197
[   38.350490][ T1016] Bluetooth: hci0: Frame reassembly failed (-84)
[   38.368027][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   38.522434][ T1035] rust_binder: Write failure EFAULT in pid:143
[   38.523081][ T1035] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:143
[   38.530334][ T1035] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   38.541326][ T1035] rust_binder: Read failure Err(EFAULT) in pid:143
[   38.561269][ T1027] binder: Bad value for 'max'
[   38.748350][ T1045] SELinux: ebitmap: truncated map
[   38.758965][ T1045] SELinux: failed to load policy
[   38.772487][ T1045] rust_binder: Error in use_page_slow: ESRCH
[   38.772514][ T1045] rust_binder: use_range failure ESRCH
[   38.779049][ T1045] rust_binder: Failed to allocate buffer. len:1048, is_oneway:false
[   38.785309][ T1045] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   38.800606][ T1045] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:212
[   39.124327][ T1060] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   39.138162][ T1060] rust_binder: Read failure Err(EFAULT) in pid:218
[   39.160176][ T1060] rust_binder: Write failure EINVAL in pid:218
[   39.247972][ T1066] rust_binder: Write failure EINVAL in pid:221
[   39.255693][ T1065] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   39.262987][ T1065] rust_binder: Read failure Err(EFAULT) in pid:221
[   39.290163][ T1065] rust_binder: Write failure EINVAL in pid:221
[   39.304942][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.324178][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.350441][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.358527][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.368276][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.376370][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.384920][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.393343][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.403007][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.413671][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.423561][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.431955][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.442605][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.451583][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.460186][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.470015][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.479069][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.488122][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.497584][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.505539][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.514093][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.522959][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.532058][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.542799][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.551111][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.566648][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.575175][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.584399][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.595149][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.602153][ T1082] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   39.603314][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.622732][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.630582][   T12] Bluetooth: hci1: Frame reassembly failed (-90)
[   39.633219][   T31] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   39.648323][  T290] Bluetooth: hci1: Frame reassembly failed (-84)
[   39.656454][   T31] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   39.755051][ T1087] fido_id[1087]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   39.861999][ T1091] rust_binder: Write failure EINVAL in pid:226
[   40.045053][ T1100] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   40.062312][ T1100] rust_binder: Write failure EINVAL in pid:195
[   40.127260][ T1102] binder: Unknown parameter 'contextfs/binder0'
[   40.148824][ T1102] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 4097)
[   40.148847][ T1102] rust_binder: Error while translating object.
[   40.161136][ T1102] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   40.168474][ T1102] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:234
[   40.254217][ T1104] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:236
[   40.363712][ T1084] Bluetooth: hci0: command 0x1003 tx timeout
[   40.363780][   T53] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   40.432201][ T1108] __vm_enough_memory: pid: 1108, comm: syz.3.256, bytes: 281474976845824 not enough memory for the allocation
[   40.769223][ T1138] input: syz1 as /devices/virtual/input/input20
[   40.793168][ T1138] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   40.849748][ T1141] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:209
[   41.086856][ T1144] input input21: cannot allocate more than FF_MAX_EFFECTS effects
[   41.108787][ T1144] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[   41.122658][ T1146] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[   41.152640][ T1148] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   41.157593][ T1148] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   41.275186][ T1150] rust_binder: Write failure EFAULT in pid:263
[   41.437568][ T1152] rust_binder: Error while translating object.
[   41.444722][ T1152] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   41.451999][ T1152] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:265
[   41.563771][   T36] kauditd_printk_skb: 52 callbacks suppressed
[   41.563792][   T36] audit: type=1400 audit(1750405224.020:226): avc:  denied  { write } for  pid=1158 comm="syz.0.271" name="hwrng" dev="devtmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   41.643724][   T53] Bluetooth: hci1: command 0x1003 tx timeout
[   41.651110][ T1020] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   41.664841][   T36] audit: type=1400 audit(1750405224.120:227): avc:  denied  { execute } for  pid=1153 comm="syz.3.270" path="/87/cgroup.controllers" dev="tmpfs" ino=462 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   41.702911][   T36] audit: type=1400 audit(1750405224.120:228): avc:  denied  { validate_trans } for  pid=1162 comm="syz.2.272" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   41.723791][ T1167] rust_binder: Error while translating object.
[   41.730112][ T1167] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   41.738733][ T1167] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:170
[   41.812444][ T1172] input: syz1 as /devices/virtual/input/input24
[   41.824139][ T1177] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:213
[   41.831161][ T1174] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[   41.842973][ T1179] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[   41.855987][ T1172] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[   41.877509][ T1174] rust_binder: Write failure EINVAL in pid:174
[   41.952635][ T1189] input: syz1 as /devices/virtual/input/input25
[   41.993746][ T1192] kvm: apic: phys broadcast and lowest prio
[   42.154583][   T36] audit: type=1400 audit(1750405224.600:229): avc:  denied  { mounton } for  pid=1201 comm="syz.1.285" path="/76/memory.events" dev="tmpfs" ino=412 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   42.197503][   T36] audit: type=1326 audit(1750405224.650:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e4f8e929 code=0x7ffc0000
[   42.229037][   T36] audit: type=1326 audit(1750405224.650:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e4f8e929 code=0x7ffc0000
[   42.265559][   T36] audit: type=1326 audit(1750405224.650:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f23e4f8e929 code=0x7ffc0000
[   42.310099][   T36] audit: type=1326 audit(1750405224.650:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e4f8e929 code=0x7ffc0000
[   42.347123][   T36] audit: type=1326 audit(1750405224.650:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e4f8e929 code=0x7ffc0000
[   42.387503][   T36] audit: type=1326 audit(1750405224.650:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f23e4f8e929 code=0x7ffc0000
[   42.472282][ T1222] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   42.495794][ T1220] kvm: user requested TSC rate below hardware speed
[   42.568664][ T1234] rust_binder: Error while translating object.
[   42.568713][ T1234] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   42.583097][ T1234] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:282
[   42.937792][ T1253] SELinux:  Context system_u: is not valid (left unmapped).
[   43.010101][ T1254] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[   43.075866][ T1263] SELinux: failed to load policy
[   43.097730][ T1246] rust_binder: Read failure Err(EFAULT) in pid:290
[   43.106106][ T1263] rust_binder: Error while translating object.
[   43.115591][ T1263] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   43.128250][ T1263] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:199
[   43.247129][ T1268] rust_binder: Error while translating object.
[   43.249190][ T1270] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:296
[   43.257108][ T1268] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   43.274246][ T1268] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:222
[   43.389716][ T1278] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   43.404225][ T1278] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:224
[   43.471423][ T1294] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   43.492320][ T1296] binder: Bad value for 'defcontext'
[   43.514128][ T1292] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[   43.533048][ T1298] binder: Unknown parameter '00000000000000000000'
[   43.564560][ T1300] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   43.564596][ T1300] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:308
[   43.707751][ T1307] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[   43.721539][ T1307] rust_binder: Error in use_page_slow: EBUSY
[   43.749361][ T1307] rust_binder: use_range failure EBUSY
[   43.770519][ T1307] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   43.778393][ T1307] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[   43.794879][ T1307] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[   43.818241][ T1307] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:310
[   43.872122][ T1327] rust_binder: Write failure EFAULT in pid:249
[   43.980614][ T1331] SELinux: syz.1.324 (1331) set checkreqprot to 1. This is no longer supported.
[   44.608095][ T1371] rust_binder: Error while translating object.
[   44.608141][ T1371] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   44.623826][ T1371] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:219
[   44.778091][ T1375] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:274
[   44.778725][ T1375] rust_binder: Write failure EINVAL in pid:274
[   44.778776][ T1376] rust_binder: Write failure EINVAL in pid:274
[   44.788811][ T1373] rust_binder: Write failure EFAULT in pid:241
[   44.811979][ T1373] cgroup: fork rejected by pids controller in /syz0
[   44.825622][ T1379] rust_binder: Write failure EINVAL in pid:277
[   44.847951][ T1373] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:241
[   44.987818][   T12] bridge_slave_1: left allmulticast mode
[   45.006857][ T1391] rust_binder: Write failure EINVAL in pid:288
[   45.019924][   T12] bridge_slave_1: left promiscuous mode
[   45.033344][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.044607][   T12] bridge_slave_0: left allmulticast mode
[   45.055772][   T12] bridge_slave_0: left promiscuous mode
[   45.061850][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.213657][   T12] veth1_macvtap: left promiscuous mode
[   45.213685][ T1397] SELinux: failed to load policy
[   45.221337][   T12] veth0_vlan: left promiscuous mode
[   45.386504][ T1398] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.395443][ T1398] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.429374][ T1398] bridge_slave_0: entered allmulticast mode
[   45.438434][ T1398] bridge_slave_0: entered promiscuous mode
[   45.438542][ T1404] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[   45.446127][ T1398] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.467271][ T1398] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.476320][ T1398] bridge_slave_1: entered allmulticast mode
[   45.503144][ T1398] bridge_slave_1: entered promiscuous mode
[   45.623833][ T1416] rust_binder: Error while translating object.
[   45.623870][ T1416] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   45.644668][ T1416] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:224
[   45.669894][ T1419] rust_binder: Failed to allocate buffer. len:144, is_oneway:true
[   45.718616][ T1426] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   45.781602][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.798444][  T290] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.812470][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.822105][  T290] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.822913][ T1434] rust_binder: Write failure EINVAL in pid:228
[   45.863866][ T1398] veth0_vlan: entered promiscuous mode
[   45.890871][ T1398] veth1_macvtap: entered promiscuous mode
[   45.929824][ T1437] rust_binder: Write failure EINVAL in pid:2
[   45.929887][ T1436] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   45.937674][ T1436] rust_binder: Read failure Err(EFAULT) in pid:2
[   46.048210][ T1442] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   46.148064][ T1446] kvm: kvm [1445]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010005) = 0x1
[   46.207834][ T1451] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   46.207871][ T1451] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:338
[   46.221332][ T1451] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   46.232501][ T1451] rust_binder: Read failure Err(EFAULT) in pid:338
[   46.268391][ T1456] rust_binder: Write failure EINVAL in pid:340
[   46.328050][ T1464] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:340
[   46.416061][ T1474] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:237
[   46.511771][ T1478] rust_binder: Write failure EFAULT in pid:25
[   46.674949][ T1488] binder: Unknown parameter '�017777777777777777777770xffffffffffffffff01777777777777777777777��������'
[   46.715461][ T1490] rust_binder: Error while translating object.
[   46.715498][ T1490] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   46.722589][ T1490] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:314
[   46.817073][ T1492] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   46.827076][ T1492] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:240
[   47.111885][   T36] kauditd_printk_skb: 89 callbacks suppressed
[   47.111907][   T36] audit: type=1400 audit(1750405229.560:325): avc:  denied  { write } for  pid=1515 comm="syz.1.381" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[   47.146305][ T1516] input: syz0 as /devices/virtual/input/input30
[   47.161068][   T36] audit: type=1400 audit(1750405229.580:326): avc:  denied  { execute } for  pid=1517 comm="syz.2.382" path="/syzcgroup/unified/syz2/cgroup.procs" dev="cgroup2" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[   47.196045][   T36] audit: type=1400 audit(1750405229.620:327): avc:  denied  { read } for  pid=94 comm="acpid" name="event3" dev="devtmpfs" ino=459 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   47.222863][   T36] audit: type=1400 audit(1750405229.620:328): avc:  denied  { open } for  pid=94 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=459 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   47.254282][   T36] audit: type=1400 audit(1750405229.620:329): avc:  denied  { ioctl } for  pid=94 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=459 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   47.396365][ T1531] rust_binder: Write failure EFAULT in pid:344
[   47.398841][ T1531] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:344
[   47.442601][ T1537] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   47.467339][   T36] audit: type=1400 audit(1750405229.920:330): avc:  denied  { relabelfrom } for  pid=1538 comm="syz.1.387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   47.499525][   T36] audit: type=1400 audit(1750405229.920:331): avc:  denied  { relabelto } for  pid=1538 comm="syz.1.387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   47.578158][ T1544] rust_binder: Write failure EINVAL in pid:37
[   47.707496][ T1547] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[   47.715675][ T1547] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:39
[   47.819022][ T1552] rust_binder: Failed to allocate buffer. len:4216, is_oneway:false
[   47.843939][ T1554] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   47.853006][ T1554] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:47
[   47.869020][ T1556] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   47.896595][   T36] audit: type=1326 audit(1750405230.350:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.1.393" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe1da78e929 code=0x0
[   48.136029][ T1567] SELinux:  policydb version -845211227 does not match my version range 15-33
[   48.146537][ T1567] SELinux: failed to load policy
[   48.230298][ T1570] rust_binder: Write failure EINVAL in pid:347
[   48.230766][ T1571] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[   48.240145][ T1574] rust_binder: Failed to allocate buffer. len:65376, is_oneway:true
[   48.262454][ T1572] rust_binder: Error in use_page_slow: ESRCH
[   48.268870][ T1574] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   48.288665][ T1574] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:347
[   48.292069][ T1572] rust_binder: use_range failure ESRCH
[   48.304714][ T1572] rust_binder: Failed to allocate buffer. len:4216, is_oneway:false
[   48.310954][ T1572] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   48.334088][ T1572] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:253
[   48.347614][ T1580] kvm: kvm [1578]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010007) = 0x7
[   48.367393][ T1580] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   48.391260][ T1580] rust_binder: Error in use_page_slow: ESRCH
[   48.399269][ T1580] rust_binder: use_range failure ESRCH
[   48.405955][ T1580] rust_binder: Failed to allocate buffer. len:96, is_oneway:false
[   48.413069][ T1580] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   48.431035][ T1589] rust_binder: Write failure EINVAL in pid:57
[   48.453698][ T1580] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:352
[   48.720826][ T1599] binder: Unknown parameter 'context'
[   48.740054][ T1599] binder: Unknown parameter 'context'
[   48.746793][ T1599] binder: Unknown parameter 'context'
[   48.753385][ T1599] binder: Unknown parameter 'context'
[   48.759697][ T1599] binder: Unknown parameter 'context'
[   48.766929][ T1599] binder: Unknown parameter 'context'
[   48.773128][ T1599] binder: Unknown parameter 'context'
[   48.780393][ T1599] binder: Unknown parameter 'context'
[   48.804547][ T1599] binder: Unknown parameter 'context'
[   48.811034][ T1599] binder: Unknown parameter 'context'
[   48.818002][ T1599] binder: Unknown parameter 'context'
[   48.837496][ T1603] rust_binder: Write failure EFAULT in pid:270
[   48.840881][ T1599] binder: Unknown parameter 'context'
[   48.857492][   T36] audit: type=1400 audit(1750405231.290:333): avc:  denied  { execute } for  pid=1602 comm="syz.2.406" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   48.891023][ T1599] binder: Unknown parameter 'context'
[   48.898144][ T1599] binder: Unknown parameter 'context'
[   48.908351][ T1599] binder: Unknown parameter 'context'
[   48.914910][ T1599] binder: Unknown parameter 'context'
[   48.921394][ T1599] binder: Unknown parameter 'context'
[   48.927432][ T1599] binder: Unknown parameter 'context'
[   48.939848][ T1599] binder: Unknown parameter 'context'
[   48.966962][ T1599] binder: Unknown parameter 'context'
[   48.973407][ T1599] binder: Unknown parameter 'context'
[   48.986560][ T1599] binder: Unknown parameter 'context'
[   48.996383][ T1599] binder: Unknown parameter 'context'
[   49.002570][ T1599] binder: Unknown parameter 'context'
[   49.009256][ T1599] binder: Unknown parameter 'context'
[   49.017031][ T1599] binder: Unknown parameter 'context'
[   49.023838][ T1599] binder: Unknown parameter 'context'
[   49.031052][ T1599] binder: Unknown parameter 'context'
[   49.043481][ T1599] binder: Unknown parameter 'context'
[   49.050297][ T1607] rust_binder: Write failure EINVAL in pid:349
[   49.050752][ T1599] binder: Unknown parameter 'context'
[   49.058826][ T1599] binder: Unknown parameter 'context'
[   49.071114][ T1599] binder: Unknown parameter 'context'
[   49.078019][ T1599] binder: Unknown parameter 'context'
[   49.084693][   T36] audit: type=1400 audit(1750405231.540:334): avc:  denied  { map } for  pid=1604 comm="syz.2.407" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   49.086694][ T1599] binder: Unknown parameter 'context'
[   49.118004][ T1599] binder: Unknown parameter 'context'
[   49.128462][ T1599] binder: Unknown parameter 'context'
[   49.141158][ T1599] binder: Unknown parameter 'context'
[   49.147461][ T1599] binder: Unknown parameter 'context'
[   49.153533][ T1599] binder: Unknown parameter 'context'
[   49.160278][ T1599] binder: Unknown parameter 'context'
[   49.168259][ T1599] binder: Unknown parameter 'context'
[   49.174628][ T1599] binder: Unknown parameter 'context'
[   49.183352][ T1599] binder: Unknown parameter 'context'
[   49.189915][ T1599] binder: Unknown parameter 'context'
[   49.197132][ T1599] binder: Unknown parameter 'context'
[   49.206811][ T1599] binder: Unknown parameter 'context'
[   49.213364][ T1599] binder: Unknown parameter 'context'
[   49.223159][ T1599] binder: Unknown parameter 'context'
[   49.238226][ T1599] binder: Unknown parameter 'context'
[   49.244876][ T1599] binder: Unknown parameter 'context'
[   49.269656][ T1599] binder: Unknown parameter 'context'
[   49.284062][ T1599] binder: Unknown parameter 'context'
[   49.303084][ T1599] binder: Unknown parameter 'context'
[   49.309476][ T1599] binder: Unknown parameter 'context'
[   49.320058][ T1599] binder: Unknown parameter 'context'
[   49.332045][ T1599] binder: Unknown parameter 'context'
[   49.339545][ T1599] binder: Unknown parameter 'context'
[   49.346844][ T1599] binder: Unknown parameter 'context'
[   49.365797][ T1599] binder: Unknown parameter 'context'
[   49.373460][ T1599] binder: Unknown parameter 'context'
[   49.386225][ T1599] binder: Unknown parameter 'context'
[   49.402298][ T1599] binder: Unknown parameter 'context'
[   49.413077][ T1599] binder: Unknown parameter 'context'
[   49.432461][ T1599] binder: Unknown parameter 'context'
[   49.440638][ T1599] binder: Unknown parameter 'context'
[   49.465403][ T1629] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   49.465549][ T1629] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[   49.648319][ T1650] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:285
[   49.658078][ T1641] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[   49.700047][ T1655] rust_binder: Error in use_page_slow: ESRCH
[   49.700074][ T1655] rust_binder: use_range failure ESRCH
[   49.700082][ T1654] rust_binder: Write failure EINVAL in pid:285
[   49.707364][ T1655] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[   49.722320][ T1655] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   49.736190][ T1655] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:364
[   49.772896][ T1656] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[   49.785639][ T1656] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   49.795282][ T1656] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:72
[   49.798771][ T1660] rust_binder: Error while translating object.
[   49.824345][ T1660] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   49.833697][ T1660] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:368
[   50.183169][ T1682] rust_binder: Error in use_page_slow: ESRCH
[   50.183192][ T1682] rust_binder: use_range failure ESRCH
[   50.190745][ T1682] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[   50.197513][ T1682] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   50.207326][ T1682] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:376
[   50.266136][ T1687] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=220138064 (3522209024 ns) > initial count (16 ns). Using initial count to start timer.
[   50.444486][ T1695] rust_binder: validate_parent_fixup: fixup_min_offset=50, parent_offset=6
[   50.444516][ T1695] rust_binder: Error while translating object.
[   50.458673][ T1695] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   50.465790][ T1695] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:386
[   50.543138][ T1705] input: syz1 as /devices/virtual/input/input33
[   50.610558][ T1714] rust_binder: Write failure EINVAL in pid:384
[   50.685320][ T1726] binder: Unknown parameter 'stat�'
[   50.685824][ T1719] kvm: vcpu 0: requested 16 ns lapic timer period limited to 200000 ns
[   50.714839][ T1719] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=220138064 (3522209024 ns) > initial count (200000 ns). Using initial count to start timer.
[   50.737813][ T1719] rust_binder: Got transaction with invalid offset.
[   50.737871][ T1719] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   50.745594][ T1719] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:390
[   50.778442][ T1735] rust_binder: Write failure EINVAL in pid:401
[   50.954784][ T1750] rust_binder: Failed to allocate buffer. len:4144, is_oneway:false
[   50.963533][ T1750] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:89
[   51.001364][ T1752] rust_binder: Write failure EINVAL in pid:398
[   51.028332][ T1754] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:400
[   51.373266][ T1765] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   51.385375][ T1765] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:411
[   51.496395][ T1769] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[   51.508544][ T1769] rust_binder: Error in use_page_slow: EBUSY
[   51.520371][ T1769] rust_binder: use_range failure EBUSY
[   51.527790][ T1769] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   51.534376][ T1769] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[   51.544455][ T1769] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[   51.554941][ T1769] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:291
[   51.573086][ T1772] binder: Unknown parameter 'fscontext?}'
[   51.704165][ T1781] block device autoloading is deprecated and will be removed.
[   51.714899][ T1781] syz.1.462: attempt to access beyond end of device
[   51.714899][ T1781] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   51.747863][ T1786] rust_binder: Write failure EINVAL in pid:92
[   51.748405][ T1786] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   51.755206][ T1786] rust_binder: Read failure Err(EFAULT) in pid:92
[   51.765148][ T1786] rust_binder: Write failure EINVAL in pid:92
[   51.797533][ T1791] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:94
[   51.805449][ T1791] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 241)
[   51.816666][ T1791] rust_binder: Error while translating object.
[   51.828715][ T1791] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   51.837344][ T1791] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:94
[   51.889548][ T1799] __vm_enough_memory: pid: 1799, comm: syz.2.467, bytes: 281474976845824 not enough memory for the allocation
[   51.925401][ T1807] input: syz0 as /devices/virtual/input/input34
[   52.010108][ T1813] rust_binder: Failed to allocate buffer. len:136, is_oneway:true
[   52.013206][ T1814] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:101
[   52.161006][ T1825] rust_binder: Write failure EINVAL in pid:304
[   52.178265][ T1825] rust_binder: Write failure EFAULT in pid:304
[   52.195918][ T1825] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   52.203509][ T1825] rust_binder: Read failure Err(EFAULT) in pid:304
[   52.214045][ T1825] rust_binder: Write failure EINVAL in pid:304
[   52.233053][ T1828] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   52.241133][ T1828] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:432
[   52.330855][ T1836] binder: Unknown parameter 'ffconte���FvY�xt'
[   52.345434][ T1835] binder: Unknown parameter 'ffconte���FvY�xt'
[   52.471090][ T1840] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   52.503339][ T1847] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:440
[   52.519870][   T36] kauditd_printk_skb: 10 callbacks suppressed
[   52.519892][   T36] audit: type=1400 audit(1750405234.970:345): avc:  denied  { write } for  pid=1849 comm="syz.1.482" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   52.520050][ T1850] random: crng reseeded on system resumption
[   52.573919][   T36] audit: type=1400 audit(1750405234.970:346): avc:  denied  { open } for  pid=1849 comm="syz.1.482" path="/dev/snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   53.038370][   T36] audit: type=1400 audit(1750405235.490:347): avc:  denied  { read } for  pid=1874 comm="syz.1.490" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   53.057628][ T1881] rust_binder: Error while translating object.
[   53.064086][ T1881] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   53.071235][ T1881] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:424
[   53.090713][ T1882] rust_binder: Write failure EFAULT in pid:455
[   53.109999][   T36] audit: type=1400 audit(1750405235.560:348): avc:  denied  { execute } for  pid=1874 comm="syz.1.490" path="/selinux/user" dev="selinuxfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=file permissive=1
[   53.143132][ T1882] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:455
[   53.143191][ T1882] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   53.165065][ T1882] rust_binder: Read failure Err(EFAULT) in pid:455
[   53.193456][   T36] audit: type=1326 audit(1750405235.640:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1876 comm="syz.0.491" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f64def8e929 code=0x0
[   53.236983][ T1883] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[   53.365545][ T1897] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   53.365584][ T1897] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:433
[   53.383412][ T1896] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   53.404028][ T1896] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:433
[   53.445954][ T1913] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   53.463542][ T1913] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:466
[   53.478611][ T1915] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[   53.504257][ T1912] rust_binder: Write failure EFAULT in pid:437
[   53.512131][ T1918] rust_binder: Write failure EINVAL in pid:468
[   53.523680][ T1915] rust_binder: Write failure EINVAL in pid:327
[   53.612342][   T36] audit: type=1326 audit(1750405236.060:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1921 comm="syz.1.506" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe1da78e929 code=0x0
[   53.672911][ T1928] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:440
[   53.789209][   T36] audit: type=1400 audit(1750405236.240:351): avc:  denied  { ioctl } for  pid=1932 comm="syz.3.509" path="/dev/fuse" dev="devtmpfs" ino=23 ioctlcmd=0xe502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   53.845765][ T1933] rust_binder: Write failure EINVAL in pid:443
[   53.912759][ T1938] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:115
[   54.011766][ T1940] SELinux: failed to load policy
[   54.054542][ T1946] rust_binder: Error in use_page_slow: ESRCH
[   54.054570][ T1946] rust_binder: use_range failure ESRCH
[   54.077690][ T1946] rust_binder: Failed to allocate buffer. len:160, is_oneway:false
[   54.087677][ T1946] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   54.100312][ T1946] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:447
[   54.104584][ T1948] rust_binder: Write failure EFAULT in pid:478
[   54.159844][   T36] audit: type=1400 audit(1750405236.610:352): avc:  denied  { append } for  pid=1949 comm="syz.2.515" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   54.159858][ T1951] random: crng reseeded on system resumption
[   54.218877][   T36] audit: type=1400 audit(1750405236.670:353): avc:  denied  { append } for  pid=1956 comm="syz.0.518" name="pfkey" dev="proc" ino=4026532882 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   54.248559][ T1957] binder: Bad value for 'stats'
[   54.260501][ T1951] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   54.260743][ T1951] rust_binder: Write failure EINVAL in pid:332
[   54.292790][ T1952] Restarting kernel threads ... 
[   54.294361][   T36] audit: type=1400 audit(1750405236.740:354): avc:  denied  { ioctl } for  pid=1949 comm="syz.2.515" path="/dev/snapshot" dev="devtmpfs" ino=21 ioctlcmd=0x3305 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   54.313841][ T1952] done.
[   54.340743][ T1963] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[   54.349141][ T1961] rust_binder: Write failure EINVAL in pid:454
[   54.371395][ T1968] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   54.391339][ T1968] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:128
[   54.525116][ T1975] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:456
[   54.591514][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   54.770357][ T1989] rust_binder: Write failure EFAULT in pid:339
[   54.845337][ T1994] rust_binder: Error while translating object.
[   54.854027][ T1994] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   54.861443][ T1994] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:341
[   54.874427][ T1996] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:483
[   54.905211][ T1996] input: syz0 as /devices/virtual/input/input41
[   55.183484][ T2020] rust_binder: Error while translating object.
[   55.183511][ T2020] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   55.193292][ T2020] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:466
[   55.483177][ T2036] kvm: kvm [2035]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010001) = 0x200000000400
[   55.779515][ T2053] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   55.779690][ T2053] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:484
[   55.791046][ T2053] rust_binder: Failed to allocate buffer. len:160, is_oneway:false
[   55.802055][ T2053] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[   55.811220][ T2053] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:484
[   55.983186][ T2065] rust_binder: Write failure EFAULT in pid:359
[   56.024400][ T2067] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   56.032077][ T2068] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[   56.312613][ T2080] rust_binder: Write failure EINVAL in pid:371
[   56.508404][ T2102] rust_binder: Write failure EFAULT in pid:532
[   56.548400][ T2106] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:378
[   56.556498][ T2106] binder: Unknown parameter '�7(��[[�B;v�jؐ�Rvu'
[   56.603720][ T1020] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   56.612006][   T53] Bluetooth: hci0: command 0x1003 tx timeout
[   56.638008][ T2112] binder: Bad value for 'max'
[   56.792274][ T2123] binder: Unknown parameter 'non'
[   56.818631][ T2127] rust_binder: Failed to allocate buffer. len:4240, is_oneway:false
[   57.026831][ T2140] SELinux: syz.2.576 (2140) set checkreqprot to 1. This is no longer supported.
[   57.303289][ T2145] binder: Unknown parameter '00000000000000000003'
[   57.487367][ T2150] rust_binder: Write failure EINVAL in pid:499
[   57.650439][ T2152] binder: Bad value for 'max'
[   57.663374][ T2152] binder: Unknown parameter 'st)��ФDSu��4_��Zu�X����8��}N�'
[   57.690662][ T2154] rust_binder: Write failure EFAULT in pid:503
[   57.710861][ T2156] rust_binder: Write failure EINVAL in pid:505
[   57.827515][ T2161] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   57.836400][ T2161] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:386
[   57.849218][ T2161] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   57.861566][ T2161] rust_binder: Read failure Err(EFAULT) in pid:386
[   57.988086][ T2174] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[   57.995741][ T2174] rust_binder: Error in use_page_slow: EBUSY
[   58.008407][ T2174] rust_binder: use_range failure EBUSY
[   58.019599][ T2174] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   58.026199][ T2174] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[   58.036145][ T2174] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[   58.047365][ T2174] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:393
[   58.079146][ T2177] rust_binder: Read failure Err(EAGAIN) in pid:396
[   58.132525][ T2181] rust_binder: Write failure EINVAL in pid:510
[   58.147940][ T2184] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   58.170187][ T2188] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[   58.197674][ T2191] binder: Unknown parameter '�6g<l��B��`�e���X�(AԲ��!����r$�D��i^>��_���:�:��h�P���K�O���/���m��NJ����N�6�<�.$�0Q�Y�א��5�dH��C��1��\$����i�@�z�Riw������ء���D?��D���MX�</����<���贁�ۢsRk�K
Q����v'
[   58.224871][ T2188] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:402
[   58.387579][   T36] kauditd_printk_skb: 5 callbacks suppressed
[   58.387595][   T36] audit: type=1400 audit(1750405240.840:360): avc:  denied  { setattr } for  pid=2198 comm="syz.0.600" path="/dev/rtc0" dev="devtmpfs" ino=195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   58.432207][   T36] audit: type=1400 audit(1750405240.850:361): avc:  denied  { map } for  pid=2198 comm="syz.0.600" path="/dev/rtc0" dev="devtmpfs" ino=195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   58.458738][   T36] audit: type=1400 audit(1750405240.850:362): avc:  denied  { execute } for  pid=2198 comm="syz.0.600" path="/dev/rtc0" dev="devtmpfs" ino=195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   58.574524][ T2209] rust_binder: Write failure EFAULT in pid:521
[   58.594494][ T2212] input: syz1 as /devices/virtual/input/input43
[   58.639091][ T2216] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   58.639127][ T2216] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   58.646243][ T2216] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   58.662534][ T2216] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   59.053531][ T2235] rust_binder: Error while translating object.
[   59.053595][ T2235] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   59.072653][ T2235] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:528
[   59.152545][ T2251] binder: Bad value for 'defcontext'
[   59.206163][ T2261] rust_binder: Failed to allocate buffer. len:88, is_oneway:false
[   59.229552][ T2263] rust_binder: Write failure EFAULT in pid:428
[   59.250002][   T36] audit: type=1400 audit(1750405241.700:363): avc:  denied  { checkpoint_restore } for  pid=2264 comm="syz.1.621" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   59.303322][ T2270] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:430
[   59.327649][ T2278] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   59.344251][ T2275] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[   59.420538][ T2277] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:560
[   59.431321][ T2289] SELinux: failed to load policy
[   59.454551][ T2292] cgroup: fork rejected by pids controller in /syz1
[   59.487336][ T2351] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   59.495352][ T2351] rust_binder: Write failure EINVAL in pid:171
[   59.513707][   T36] audit: type=1400 audit(1750405241.960:364): avc:  denied  { associate } for  pid=2399 comm="syz.0.632" name="pfkey" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   59.527011][ T2400] rust_binder: Write failure EINVAL in pid:174
[   59.601785][ T2407] binder: Unknown parameter 'non'
[   59.607545][ T2408] rust_binder: Failed to allocate buffer. len:65376, is_oneway:true
[   59.617413][ T2408] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   59.633841][ T2408] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:177
[   59.648507][   T46] bridge_slave_1: left allmulticast mode
[   59.667237][   T46] bridge_slave_1: left promiscuous mode
[   59.678490][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.718093][   T46] bridge_slave_0: left allmulticast mode
[   59.729255][   T46] bridge_slave_0: left promiscuous mode
[   59.735915][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.788348][   T36] audit: type=1326 audit(1750405242.240:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2423 comm="syz.0.642" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f64def8e929 code=0x0
[   59.884611][   T36] audit: type=1400 audit(1750405242.340:366): avc:  denied  { append } for  pid=2423 comm="syz.0.642" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   59.971370][   T46] veth1_macvtap: left promiscuous mode
[   59.978793][ T2445] rust_binder: Write failure EFAULT in pid:569
[   59.979412][   T46] veth0_vlan: left promiscuous mode
[   60.043083][ T2456] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[   60.043113][ T2456] rust_binder: Error while translating object.
[   60.057127][ T2456] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   60.064228][ T2456] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:449
[   60.113041][   T36] audit: type=1326 audit(1750405242.560:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2457 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ce838e929 code=0x7ffc0000
[   60.125188][ T2458] rust_binder: Error while translating object.
[   60.165999][ T2458] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   60.167473][   T36] audit: type=1326 audit(1750405242.560:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2457 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f6ce838e929 code=0x7ffc0000
[   60.174629][ T2458] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:452
[   60.193257][   T36] audit: type=1326 audit(1750405242.560:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2459 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f6ce83c11e5 code=0x7ffc0000
[   60.260193][ T2439] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.269917][ T2439] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.288065][ T2439] bridge_slave_0: entered allmulticast mode
[   60.303243][ T2439] bridge_slave_0: entered promiscuous mode
[   60.312512][ T2439] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.321464][ T2439] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.321467][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   60.321515][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   60.330829][ T2439] bridge_slave_1: entered allmulticast mode
[   60.337943][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   60.346130][ T2439] bridge_slave_1: entered promiscuous mode
[   60.389211][ T2467] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[   60.425501][ T2464] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:455
[   60.425547][ T2464] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   60.449120][ T2464] rust_binder: Read failure Err(EFAULT) in pid:455
[   60.476954][ T2471] syzkaller0: tun_chr_ioctl cmd 2147767506
[   60.542608][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.550992][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.570806][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.579393][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.612435][ T2439] veth0_vlan: entered promiscuous mode
[   60.625935][ T2439] veth1_macvtap: entered promiscuous mode
[   60.678935][ T2476] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   60.678930][ T2475] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   60.678960][ T2475] rust_binder: Read failure Err(EFAULT) in pid:2
[   60.702174][ T2478] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   60.702209][ T2478] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:197
[   60.726815][ T2481] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:200
[   60.732345][ T2476] rust_binder: Read failure Err(EFAULT) in pid:2
[   60.957955][ T2491] rust_binder: Error while translating object.
[   60.965476][ T2491] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   60.972736][ T2491] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:5
[   60.981968][ T2496] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:212
[   61.010089][ T2498] rust_binder: inc_ref_done called when no active inc_refs
[   61.069233][ T2504] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   61.100141][ T2505] rust_binder: Write failure EFAULT in pid:219
[   61.121286][ T2507] random: crng reseeded on system resumption
[   61.590776][ T2512] rust_binder: Write failure EINVAL in pid:12
[   61.590851][ T2513] rust_binder: Write failure EINVAL in pid:12
[   61.777692][ T2518] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   61.841350][ T2518] binder: Unknown parameter 'fscontext?}��'
[   62.025397][ T2528] rust_binder: Error while translating object.
[   62.025441][ T2528] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   62.046748][ T2529] rust_binder: Error while translating object.
[   62.092566][ T2528] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:582
[   62.131177][ T2529] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
Stopping sshd: stopped /usr/sbin/sshd (pid 201)
OK
[   62.164503][ T2529] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:582
[   62.235051][ T2539] rust_binder: Write failure EINVAL in pid:223
[   62.332141][ T2549] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:26
[   62.363917][   T53] Bluetooth: hci0: command 0x1003 tx timeout
[   62.363918][ T1020] Bluetooth: hci0: Opcode 0x1003 failed: -110
Stopping crond: stopped /usr/sbin/crond (pid 193)
OK
Stopping dhcpcd...
stopped /sbin/dhcpcd (pid 147)
[   62.674641][ T2569] rust_binder: Error while translating object.
[   62.674695][ T2569] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
Stopping network: [   62.703291][ T2569] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:592
[   62.939958][ T2581] rust_binder: Read failure Err(EAGAIN) in pid:596
[   63.017184][ T2587] SELinux: failed to load policy
OK
[   63.066540][ T2590] rust_binder: Write failure EFAULT in pid:461
[   63.165323][ T2594] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
Stopping iptables: OK
[   63.183059][ T2594] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   63.233221][ T2594] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:600
Stopping system message bus: [   63.412043][ T2611] rust_binder: Write failure EINVAL in pid:607
done
[   63.525913][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   63.556204][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   63.557239][ T2618] rust_binder: Error in use_page_slow: ESRCH
[   63.603127][ T2618] rust_binder: use_range failure ESRCH
[   63.604062][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   63.626608][ T2618] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[   63.665292][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   63.685142][ T2618] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   63.711625][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   63.784434][ T2618] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:37
[   63.863801][ T2615] binder: Unknown parameter '00000000000000000004��������'
killall: can't kill pid 420: No such process
killall: can't kill pid 996: No such process
[   63.973504][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   64.030011][ T2615] binder: Unknown parameter '00000000000000000004��������'
Stopping klogd: [   64.082891][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   64.117058][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   64.146057][ T2615] binder: Unknown parameter '00000000000000000004��������'
OK
[   64.201563][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   64.225576][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   64.253482][ T2615] binder: Unknown parameter '00000000000000000004��������'
Stopping acpid: [   64.301192][   T36] kauditd_printk_skb: 29 callbacks suppressed
[   64.301215][   T36] audit: type=1400 audit(1750405246.750:399): avc:  denied  { write } for  pid=94 comm="acpid" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   64.348435][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   64.402589][   T36] audit: type=1400 audit(1750405246.750:400): avc:  denied  { remove_name } for  pid=94 comm="acpid" name="acpid.pid" dev="tmpfs" ino=7 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   64.430932][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   64.502350][   T36] audit: type=1400 audit(1750405246.750:401): avc:  denied  { unlink } for  pid=94 comm="acpid" name="acpid.pid" dev="tmpfs" ino=7 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   64.526465][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   64.601781][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   64.622258][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   64.642420][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   64.657976][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   64.677758][ T2615] binder: Unknown parameter '00000000000000000004��������'
[   64.734119][ T2663] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[   64.772579][ T2663] rust_binder: Write failure EINVAL in pid:614
[   64.818597][ T2670] rust_binder: Write failure EINVAL in pid:471
[   64.839811][ T2670] rust_binder: Error while translating object.
[   64.858686][ T2670] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   64.869942][ T2668] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   64.871701][ T2670] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:471
[   64.932609][ T2678] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   64.935269][ T2668] kvm: requested 13409 ns i8254 timer period limited to 200000 ns
[   64.977595][ T2679] binder: Bad value for 'max'
[   65.021465][ T2680] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[   65.230447][ T2682] kvm: kvm [2681]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010004) = 0x3
OK
[   65.369431][ T2686] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:621
[   65.382162][ T2686] input: syz0 as /devices/virtual/input/input45
Stopping syslogd: stopped /sbin/syslogd (pid 91)
OK
umount: can't remount debugfs read-only
umount: sysfs busy - remounted read-only
umount: devtmpfs busy - remounted read-only
umount: c[   65.863123][ T2716] rust_binder: Write failure EINVAL in pid:62
an't remount /de[   65.893788][   T36] audit: type=1400 audit(1750405248.330:402): avc:  denied  { write } for  pid=281 comm="syz-executor" path="pipe:[2480]" dev="pipefs" ino=2480 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
v/root read-only
The system is going down NOW!
Connection to 10.128.0.89 closed by remote host.
Sent SIGTERM to[   66.320173][   T46] bridge_slave_1: left allmulticast mode
[   66.326769][   T46] bridge_slave_1: left promiscuous mode
[   66.333879][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.343348][   T46] bridge_slave_0: left allmulticast mode
[   66.350234][   T46] bridge_slave_0: left promiscuous mode
[   66.356614][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.365377][   T46] bridge_slave_1: left allmulticast mode
[   66.371753][   T46] bridge_slave_1: left promiscuous mode
[   66.378751][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.387221][   T46] bridge_slave_0: left allmulticast mode
[   66.394785][   T46] bridge_slave_0: left promiscuous mode
[   66.401624][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.411190][   T46] bridge_slave_1: left allmulticast mode
[   66.418049][   T46] bridge_slave_1: left promiscuous mode
[   66.424511][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.432766][   T46] bridge_slave_0: left allmulticast mode
[   66.439754][   T46] bridge_slave_0: left promiscuous mode
[   66.446476][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.455266][   T46] bridge_slave_1: left allmulticast mode
[   66.461886][   T46] bridge_slave_1: left promiscuous mode
[   66.469170][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.477915][   T46] bridge_slave_0: left allmulticast mode
[   66.484618][   T46] bridge_slave_0: left promiscuous mode
[   66.491464][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.831424][   T46] veth1_macvtap: left promiscuous mode
[   66.837600][   T46] veth0_vlan: left promiscuous mode
[   66.843752][   T46] veth1_macvtap: left promiscuous mode
[   66.850008][   T46] veth0_vlan: left promiscuous mode
[   66.856643][   T46] veth1_macvtap: left promiscuous mode
[   66.862869][   T46] veth0_vlan: left promiscuous mode
[   66.868786][   T46] veth1_macvtap: left promiscuous mode
[   66.874390][   T46] veth0_vlan: left promiscuous mode
Sent SIGKILL to all processes
Requesting system poweroff
[   68.221345][ T2723] sd 0:0:1:0: [sda] Synchronizing SCSI cache
[   68.228308][ T2723] ACPI: PM: Preparing to enter system sleep state S5
[   68.235359][ T2723] kvm: exiting hardware virtualization
[   68.240983][ T2723] reboot: Power down
serialport: VM disconnected.