last executing test programs:

1m59.470998838s ago: executing program 1 (id=2654):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCGPTPEER(r1, 0x5441, 0x1) (async)
ioctl$TIOCGPTPEER(r1, 0x5441, 0x1)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r2, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000040)=0x5)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSBRKP(r3, 0x5425, 0x100000000)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, 0x18, &(0x7f0000000380)={@ptr={0x70742a85, 0x1, &(0x7f0000000240)=""/42, 0x2a, 0x42, 0x20000000000017}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x28, 0x40}}, 0x10}], 0x99, 0x0, &(0x7f0000000400)="8b0e8515ba4eea0ed3760e1b13237f3c784127e0ba4398dc33e6aa5ecd138d42d82cf27cfd495aa380cfbc3d129b46d04f7e67d53696444df89139e3477d28e60f7c275236df0ba52f89002e2671f22f279295d6554829150dbc537850a3044f31aaf315dae16bb296910ea24f0374dcfae5bcea6cb8f9ecfbb000f8a12cbf4d02dc0d23906e193d750943e12f8038048266accc34e968d54e"}) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, 0x18, &(0x7f0000000380)={@ptr={0x70742a85, 0x1, &(0x7f0000000240)=""/42, 0x2a, 0x42, 0x20000000000017}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x28, 0x40}}, 0x10}], 0x99, 0x0, &(0x7f0000000400)="8b0e8515ba4eea0ed3760e1b13237f3c784127e0ba4398dc33e6aa5ecd138d42d82cf27cfd495aa380cfbc3d129b46d04f7e67d53696444df89139e3477d28e60f7c275236df0ba52f89002e2671f22f279295d6554829150dbc537850a3044f31aaf315dae16bb296910ea24f0374dcfae5bcea6cb8f9ecfbb000f8a12cbf4d02dc0d23906e193d750943e12f8038048266accc34e968d54e"})

1m59.196898132s ago: executing program 1 (id=2659):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000000)={[{0x4, 0x1, 0x5, 0x6, 0x40, 0x81, 0x5, 0x9, 0xcf, 0x1, 0x9, 0xc, 0x2c}, {0x9, 0x3, 0x6, 0x5, 0x4, 0x1, 0x2, 0x7, 0x4, 0x5, 0x9, 0x4, 0x10000}, {0x0, 0x0, 0x5, 0x0, 0x40, 0x5f, 0x2, 0x3, 0xc7, 0x4, 0x4, 0x4a, 0x7f}], 0x81})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0x7000, 0xdddd1000, 0x0, 0x0, 0x8, 0x8, 0x0, 0x2, 0x0, 0x6, 0x9, 0x10}, {0x8080000, 0x0, 0xc, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, 0x0, 0xff}, {0x3000, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x100000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4}, {0xeeee8000, 0x3000, 0x9, 0x0, 0xff, 0x4, 0x0, 0xe, 0x0, 0x3c}, {0x0, 0x0, 0xd, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80}, {0x8080000, 0x0, 0xa, 0x6, 0x5, 0x0, 0x3}, {0x80a0000, 0xdddd0000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26}, {0x80a0000}, {0xeeef0000}, 0xfdfcffdb, 0x0, 0x0, 0x28, 0xb, 0xf801, 0x0, [0x0, 0x0, 0x1]})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder1\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r3, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3, 0x8032, 0xffffffffffffffff, 0x0)

1m59.015372805s ago: executing program 1 (id=2664):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x4, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x1, 0x2, 0x0})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000006c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f00000001c0)={0x2, &(0x7f0000000100)=[{0x94, 0x0, 0x0, 0xffffffff}, {0x6}]})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x5, 0x0, &(0x7f0000000140)=[@clear_death={0x400c630f, 0x2}], 0x0, 0x0, 0x0})

1m58.822424588s ago: executing program 1 (id=2666):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x8800, 0x0)
ioctl$BLKBSZSET(r0, 0x40081271, &(0x7f0000000000)=0x1000)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_debug_messages', 0x101, 0x0)
write$FUSE_DIRENT(r2, &(0x7f00000001c0)=ANY=[@ANYRESOCT], 0x200001d0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x0, 0x1, 0x11, r1, 0x5)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r5, 0x4004ae99, &(0x7f0000000040)=0x2)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000180)=@x86={0x0, 0x0, 0x3, 0x0, 0x5, 0x3, 0x40, 0x6, 0x6, 0x2, 0x6, 0xea, 0x0, 0x1, 0x9, 0x40, 0x9, 0x2b, 0x3, '\x00', 0xff, 0x5})
ioctl$BTRFS_IOC_SYNC(r5, 0x9408, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/255, 0xff, 0x0, 0x33}, @flat=@weak_binder={0x77622a85, 0x1, 0x2}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0xf2, 0x0, &(0x7f0000000400)="1920ff09b3471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f6129486032c2cbef37bdd5c8f105a49bb1860d0e517f985b62dd7dd349f717bf3a5a1b062ae63a31dea6ece0c7f5fc4d7a674a5db14bd1c1237f60f6ede3c41a24ddd0e5ac8142333e65962089c6c1db3e1f9ef018a240a15180cb5ed4263154da0b1cefa26e639743d4aec33f0cea2a2361206ad2f3010aa00eea78bd1217be3c2b801f397e0ec1634a78783c7060fb638370bbd0f0f770f90332ee9c0465d238ab"})
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x8800, 0x0) (async)
ioctl$BLKBSZSET(r0, 0x40081271, &(0x7f0000000000)=0x1000) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_debug_messages', 0x101, 0x0) (async)
write$FUSE_DIRENT(r2, &(0x7f00000001c0)=ANY=[@ANYRESOCT], 0x200001d0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x0, 0x1, 0x11, r1, 0x5) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) (async)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
ioctl$KVM_SET_MP_STATE(r5, 0x4004ae99, &(0x7f0000000040)=0x2) (async)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000180)=@x86={0x0, 0x0, 0x3, 0x0, 0x5, 0x3, 0x40, 0x6, 0x6, 0x2, 0x6, 0xea, 0x0, 0x1, 0x9, 0x40, 0x9, 0x2b, 0x3, '\x00', 0xff, 0x5}) (async)
ioctl$BTRFS_IOC_SYNC(r5, 0x9408, 0x0) (async)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/255, 0xff, 0x0, 0x33}, @flat=@weak_binder={0x77622a85, 0x1, 0x2}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0xf2, 0x0, &(0x7f0000000400)="1920ff09b3471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f6129486032c2cbef37bdd5c8f105a49bb1860d0e517f985b62dd7dd349f717bf3a5a1b062ae63a31dea6ece0c7f5fc4d7a674a5db14bd1c1237f60f6ede3c41a24ddd0e5ac8142333e65962089c6c1db3e1f9ef018a240a15180cb5ed4263154da0b1cefa26e639743d4aec33f0cea2a2361206ad2f3010aa00eea78bd1217be3c2b801f397e0ec1634a78783c7060fb638370bbd0f0f770f90332ee9c0465d238ab"}) (async)

1m58.400108574s ago: executing program 1 (id=2672):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x103000, 0x0)
ioctl$RTC_UIE_ON(r1, 0x7003)
ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f00000000c0)={0x1d, 0x9, 0x14, 0x80b, 0x5, 0xeb, 0x20001, 0xf5, 0x1})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000580)="55dd"})

1m58.261791766s ago: executing program 1 (id=2675):
openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) (async)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
syz_clone3(&(0x7f0000000140)={0x80080300, 0x0, 0x0, 0x0, {0xfff7fffd}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/binder0\x00', 0x802, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000480)={0xe, 0x1, 0x7}) (async)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="03000000000000007b01"])
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x12, r2, 0x56370000) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000200)={0x5, 0x3, 0x6000, 0x2000, &(0x7f0000a4d000/0x2000)=nil})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r9, 0x0)
r10 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
write$tcp_mem(r10, &(0x7f00000010c0), 0x3fffff) (async)
r11 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0x40000091}]})
r12 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1800001, 0x28011, r12, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x1000}) (async)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000280)={0x2})

1m43.149731438s ago: executing program 32 (id=2675):
openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) (async)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
syz_clone3(&(0x7f0000000140)={0x80080300, 0x0, 0x0, 0x0, {0xfff7fffd}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/binder0\x00', 0x802, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000480)={0xe, 0x1, 0x7}) (async)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="03000000000000007b01"])
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x12, r2, 0x56370000) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000200)={0x5, 0x3, 0x6000, 0x2000, &(0x7f0000a4d000/0x2000)=nil})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r9, 0x0)
r10 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
write$tcp_mem(r10, &(0x7f00000010c0), 0x3fffff) (async)
r11 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0x40000091}]})
r12 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1800001, 0x28011, r12, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x1000}) (async)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000280)={0x2})

1m37.11220927s ago: executing program 2 (id=2893):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1181}) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x8, 0x0, &(0x7f0000000040)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000e00)=[@request_death={0x400c6313}, @clear_death={0x400c6313}], 0x0, 0x0, 0x0})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async, rerun: 32)
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f0000000080), 0x400, &(0x7f00000000c0)=ANY=[@ANYBLOB='context']) (rerun: 32)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$VHOST_GET_VRING_ENDIAN(r2, 0x4008af14, &(0x7f0000000200)={0x0, 0x5})

1m36.251276113s ago: executing program 2 (id=2907):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000e00), 0x400, 0x0)
ioctl$TIOCCONS(r0, 0x541d) (async, rerun: 32)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32)
ioctl$KVM_CAP_X86_GUEST_MODE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040)) (async, rerun: 32)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x39, 0x7, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x7fffffffffffe, 0x5, 0x0, 0x9, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x120182}) (rerun: 32)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0xc003, 0x3, 0x5, 0x0, 0x4, 0x7, 0xd, 0xb9, 0x0, 0x1, 0x5, 0x204}, {0x5, 0x93ef, 0x4, 0xc2, 0x7, 0xff, 0x2, 0xff, 0x0, 0x4, 0x4, 0x7b, 0x20c}, {0x1, 0x3000, 0x18, 0x5, 0x80, 0xfd, 0x3, 0x2, 0xf6, 0x70, 0x4, 0x7}], 0x4}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0x5ffffffffff, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000003, 0x68ff, 0x5, 0x9, 0x3], 0x1, 0x202}) (async, rerun: 64)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000480)={[{0x9570000, 0x91, 0x0, 0x3, 0x85, 0x2, 0x1, 0x2, 0x53, 0x4, 0x7, 0xf, 0x1}, {0x9f83, 0x7, 0xe, 0x59, 0x1, 0x4, 0x7, 0x81, 0x7, 0x5, 0x6, 0x3, 0xffffffffffffffff}, {0x3, 0x5, 0x81, 0xa, 0x6, 0x46, 0x88, 0x4f, 0xc, 0x98, 0xf4, 0x1, 0x8}], 0x3}) (async, rerun: 64)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async, rerun: 64)
ioctl$BTRFS_IOC_SEND(r1, 0x40489426, &(0x7f0000000080)={{r1}, 0x8, &(0x7f0000000040)=[0x8000000000000001, 0x2, 0x7, 0x7, 0x80000000, 0xbccb, 0x1, 0x3], 0x8000000000000001, 0x2, 0x1}) (async, rerun: 64)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r5, 0x0) (async)
r6 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r6, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r7, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6}]}) (async)
ioctl$TUNDETACHFILTER(r7, 0x401054d6, 0x0) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) (async)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1800000, 0x50, r1, 0x9734f000)
ioctl$ASHMEM_GET_SIZE(r1, 0x40087705, 0x7)

1m35.80400627s ago: executing program 2 (id=2914):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000080)={0x9580000000000000, 0xf002, 0x3, 0x4, 0x14}) (async)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0) (async)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000300)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000180)={@ptr={0x70742a85, 0x0, &(0x7f0000000bc0)=""/4096, 0x1000, 0x1, 0x1a}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x0, 0x15}, @fda={0x66646185, 0x8, 0x0, 0x1b}}, &(0x7f00000004c0)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})

1m35.379810877s ago: executing program 2 (id=2920):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r0, 0xc038943b, &(0x7f0000000440)={0x2, 0x20, '\x00', 0x1, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0]}) (async)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0xfffffffa) (async)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x9cc6d000)
ioctl$ASHMEM_SET_NAME(r1, 0x40087708, &(0x7f0000000000)='\x00\x00\x03\x06\x00\x00\x00\x1f\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\x87\xa3\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9f\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b^:4\xeb\xd37\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Hd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\xadP\x1c2\xb8H\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&`<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84\x1b\xdaR-\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6#M\"\x87\x05W\f0b(p\xb4;\x0e\x18\xf7/A\xfd8\\\x99\xc7Dp\x98\xa4o\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12KL\xf2\xd5\b^[D~\x00\x00\x00\x00\x00\x00\x00\xfe\x8c\x87\x0f\x99\xc3E\xcfc\x8cX\xa3\xf5&}\a\xbf\xf8N\"C!\x1f\x96\xd7\xe9\xa5tw\'\x8f,_\xa0\xea\x90\"\x19i\f\xd5\x02\xe2+\xc1\x8e\xfb@\xc56\xb5\xe4\x91\xbc\xbf\xf7\xea\x01]\xd8\xf8.\x99\x82\x89\x9a\x97\x8b\xdd\xcf\xe6\xb4\xad\xda\x7f\xc8\xd0(Q\x8dP\xd9\xd8(){\xca\x84\xd3(\xb6\xd5\xd4\x94\xdf\xde\x05B\"\xa3L\xc9t\xd4]\x95.\x02\x97\xb5\xc5E\xc7H\x84d\xe6I\xd8\\&\xc6\x81t\xa38u\xc0\xa3\x9b\b,4-\x8a\x9fo:\x86J?\xac\xd1\xa8\x02\xb6\xc5m\x85,\x97\xbe\xba\x0eWnW\xdd,\x1eT\x9c\xde\x9e{;\xb2X\x89\xdc\xcfO6\xba\xcbK\xb5\xfbD\xc9\xc4D\x04BT\xe1\xe9]s\x18$F\x9b\xe9<\xdb\x03\b\xfc\xe9\x19E\x8b\x83\xa6\x84Y\xab\x85\xea\x1f^K\xd6I\x10G<@n\x9e\x81\xc6\x1d\xbc\x1a\xc1G')
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f00000010c0), 0x200, 0x0) (async)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000}) (async)
ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3314)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0xda6, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c1ae2008448e5750c3a3d5733b4a2486788550e6353e9b12cc09750d5b9dcd2aedba61d0520e99a51e880d3dd78a2b502029deac1860cf50885f8bf5119491c6b1e06492e98ca64e5e32afbb3b0630cb35b58640afc2188a232f77968c18d2d0e8f91c974edcb3198b4520f530acacb12017216338cc479de3651e8f15f1672397c730e3ca2a189ca4cc85f35dd46aeb67b6a2eb7268a653b190d8ba670490d50f761c1fa25f1954d8fe6bcb15dbc23698c945262b991e6245b9a25b12b13c87bf8a8a06f51784007abd06e01a0c03ee80b236fabb5b22ce797c4d8a739ac96dcf16c93f454463d3631c4cdd2dea6732a486015dc9937ee4e6efbfff46bdd8887094ca4bd94d995f411421c7ef07f949fcc10132f58b7c99a871780d92464594c930b80596baab77b0d68a05d71ca8a1888f3128f12aebac362c4d80870ab3d9f2e77d51f9af16472faff98dda1e0133c8bc2510345d5eb1d64bce64761f4cc39ac6655902338bf1335dc55393995af4447ed1aa4c50bfacd576842560abca3e6c74dcea6dd03d36f9e7f8bda2cf33e3b7da195fba79f5a60421e19910f1fef31b9fa52064ce9ee8c415746a3cab47a8ad8477e9f21e9ee804a85dc568439b95c01bbbc3fa16a8c26bd81b01b8849795b2370f591e2a8e175cd465a600a541839bc734271b4b3afb2303dc1cf12bee00080ad10658c97672ad023e89f23d9301b5dbf1a7ba6d6c2b8dbd300f05f36a095f188b56fd3ba8e871aaf22e2128696e7232cb22f4f5404a3d1256a11665caaead326faad340031cafb99edbceba7bac44c7d2720aedba9cb708dae55b192a1e31835fae8756f062c151f6778b1d93c2d1f8b479ae9bbe1255abcef9beaa95b558fbbc9a979d46580aa85b10f160b438bea64f23b8e605ce34d2b46bbf8bfbfa683b10f55b3d30c58675dd1a524495e5d42c7d02dc60b853e8b3ed2caf41cd24a8a1d044e27d48b2184bac00730f7c20a1ba2bb6b6a5381a3d359d8e721504bbbce18ee49031b48c278a5730f31fb83f6cf32ac98326b722d3e2d7b38a7b80b94a3eb2b69fb1aefc8c0bbe431191f0ed76141a8365621e4f7118dd4465b4642bdb0af21d30c8cfb1d5201852c0428b1983d91f706e814c1395888b1c2a3516ea20a93d868e27c3c9b68a9cda4befc389b57661a4ff37137628ec96bcb625fd10324625ac1589c2918c66f811a323a19ab30bcf28fc20b64176e319d58f74578093e32ba9f51b255693dda9514ff43f6ef6010143554305073e94be322daa024cb7efcf405ea4924bfa72633b766365fee1d59d1a94717450657ff3b72853785e91f94ca1502b129eafa718633bec1557fb1e0ae2887e6e8c0fdd9f3f99de03c0af7364781766520d90c15b0e2a4c43613089dbecc4dd68be74204809f0270370097642d54388ccbb54b58be8b5796eac48ef5f17752eaa7301f075faee593aae71ee0e0ca1f45a22e7cede3597f14a344796ceec33e98b3b89e031c0d757e83d5093322d9afc9898f80b2e9bb17bc8b2b164d048c1b912f6cd92979df629efcb94968cca6e65b9b078677698fa4937a2ec23edd00971a5505ecc65fe150d3d00a34e52cc64951937fc79014b0df8d2c9c35f06209f45556278fa7ecfc70a92eca165bbd493686fb4c0cd607cec994657149a61da2e09414944c557be54908197724174247194d435b25bf78ec4cc164a574662eb4d1e4d784a6ea0c71dd1a16e53a7b8a27fcec679346afe90a05e06b276fe972d5e1d3486e0452d0a9a1636ab9c517f371a0592ef34513a9a4e961cd79c86891f460becb57f41e22b2a72ae175e29344184cde0b2beae00f90a6a79dc689da4b4b1da0e9758854d404a9cbcf725c68b6f2de865b2b5e12124d09f8745208b5cc544522f7c8bcfceb907422502f1641b600a60a5aef28be5a92ff71755efaf29e23c8ca52ad945bbdc4d6e7502adee312ea8d9338a80671f36309026c0d9c2ceb14da0b8beb087853b8014d30372f0d58448530f1bed15c4caaf8a844853030aab1ba6de9891678a16a2d9b9889d4a367753f0aacda03ce6fae1f62b34a3317a704527e65b18dc3186f32c5caa2d82f058066274e145f3cfe0bb5d40a77f54fb0de584d5f50de29d1c3aa29acea2363ef5c1e0592ef94370936df0152871396c13a89e56086f381862edb6f4bec0d937e94a689a8c5c87a51e073fdaa935591bbccff359e0805ded9ac71e3b295fdd05bc2b03d7af58a393778c9dfdfd8101b3503c86a6d9e2fdeb215be40f90bb7360a04e111d743207a8742275ee7df2508b909ea4d3a7af7886d3f26aa58943edbbcbd686bf9cf9a78b43dd9792bca97cda6508340"}) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0) (async)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000080)={0x2020}, 0x2020)
ioctl$PPPIOCSNPMODE(r4, 0x4008744b, &(0x7f0000001580)={0x2f, 0x2}) (async)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001540)={0xa0, 0x0, &(0x7f0000001440)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000480)={@fda={0x66646185, 0x4, 0x2, 0x10}, @fda={0x66646185, 0x7, 0x1, 0x2f}, @fda={0x66646185, 0x5, 0x1, 0x2a}}, &(0x7f0000001340)={0x0, 0x20, 0x40}}}, @request_death, @transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x50, 0x18, &(0x7f0000001380)={@fda={0x66646185, 0x7, 0x0, 0x12}, @flat=@weak_handle={0x77682a85, 0x1000}, @fd={0x66642a85, 0x0, r1}}, &(0x7f0000001400)={0x0, 0x20, 0x38}}, 0x40}], 0x3c, 0x0, &(0x7f0000001500)="9c6cfe3e803ae6271ffb1c3cdf6ab7d5ae1d3d61455c60e6b817aa3e4d04bacdc35f1a9dc613bb1772b36827593670b713355d71a284262eeaef1e5b"}) (async)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r5, 0x40046208, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x940, 0x0) (async)
ioctl$BLKROTATIONAL(r2, 0x127e, &(0x7f0000001240))
ioctl$ASHMEM_PURGE_ALL_CACHES(r1, 0x770a, 0x0)

1m35.254357619s ago: executing program 2 (id=2923):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272})
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1)
close(0x3)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7902})
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
write$cgroup_devices(r0, &(0x7f0000000180)=ANY=[@ANYRESOCT], 0xffdd)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/binder0\x00', 0x802, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./cgroup/pids.max\x00', 0x402, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000340)=ANY=[@ANYBLOB='-', @ANYRESOCT], 0x6)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r7, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0xff}]})
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000440)={0x34, 0x0, &(0x7f0000000000)=[@acquire={0x40046305, 0x2}, @decrefs, @release={0x40046306, 0x3}, @release={0x40046306, 0x3}, @acquire_done={0x40106309, 0x1}], 0xfd, 0x0, &(0x7f0000000340)="54e42d650e78fc8731fedb8308f3bb09a2d00f8ae07df8fa983a6c87cdb0dfb7a6c12a6cef682db693fa3350e1295b56c582677288565c1a9bd3f87101edf598707f02462227baff38531b92efe04d91bd54ef49567b71471e16cb7c561b0ba17a5c2e1e77fb99f72644ed6bcac574698aff3cc23362f73f87db1ae3e15e55f4f67bb1ec2ea61017c9b4da019c2beb09aedcb3fe15161a583b3fc0734511b3101130e303e4fc2f01790c0de2bdf1837af82cce6a36db09eaf5d5352feb34f7ccf09d9f962367726b8274391da6511dd09349a4fcaffd0fd064f2de285a55ef7b8e68d50f8d8201c17ef9a38a1bf6af2cfedcdab74c29602d42a7cb688b"})
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r3, 0xc018620c, &(0x7f0000001180)={0x0, 0xe0ffff, 0x0, 0x0, 0x0, 0x3})

1m34.246326034s ago: executing program 2 (id=2937):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x10, 0x0, &(0x7f0000000140)=[@clear_death={0x400c630f, 0x5}], 0x0, 0x0, &(0x7f00000002c0)})

1m19.803895355s ago: executing program 0 (id=3065):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs2/custom0\x00', 0x800, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0xb, 0x0, 0x8})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x1000, 0x8000000001})
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f00000021c0)=ANY=[@ANYBLOB="3d8879"])
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$EXT4_IOC_GETSTATE(r4, 0x4008af25, &(0x7f0000000080))
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/custom1\x00', 0x800, 0x0)

1m19.49995937s ago: executing program 0 (id=3068):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f0000000240)={0x0, 0x107000})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xc001001b}]})
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r8, 0x4008ae90, &(0x7f0000000700)={0x1, 0x0, [{0x1, 0x7, 0x6, 0x5, 0x5, 0x80000001, 0x3}]})
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f0000000200)=ANY=[@ANYBLOB="636f6e746578743d73792274656d5f75dd47d0b9"])

1m19.123904276s ago: executing program 0 (id=3072):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0)
write$vga_arbiter(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="6465636f646573206d65ae"], 0xc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0xdd52d6c}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs\x00', &(0x7f00000000c0), 0x4, 0x0)
ioctl$KVM_TRANSLATE(0xffffffffffffffff, 0xc018ae85, &(0x7f0000000000)={0xeeee0000, 0x3000, 0x6, 0xff, 0xff})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000140)={0x10020, 0x8000, 0x0, 0x2471})
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB='max'])
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x101100, 0x0)
ioctl$TIOCMGET(r6, 0x5415, &(0x7f0000000040))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x6, 0xd7, 0x9, 0x5}, {0x7fff, 0x9e, 0x5, 0x8}]})

1m19.122659706s ago: executing program 33 (id=2937):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x10, 0x0, &(0x7f0000000140)=[@clear_death={0x400c630f, 0x5}], 0x0, 0x0, &(0x7f00000002c0)})

1m19.004568998s ago: executing program 0 (id=3076):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100), 0x120501, 0x0)
write$rfkill(r0, &(0x7f0000000000)={0x80, 0x3, 0x0, 0x0, 0x1}, 0x8)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r1, 0x5460, 0x1000000000000)
close(r0)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x2000, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454da, &(0x7f0000000080)={'batadv0\x00'})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
ioctl$KVM_CAP_X86_DISABLE_EXITS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xdc, 0x0, 0x4})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f00000001c0)={0xbe, 0x0, 0x1})
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x4000002a, 0x0, 0x4}]})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240})
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x103442, 0x0)
ioctl$TUNSETIFF(r7, 0x400454da, &(0x7f00000000c0)={'bridge_slave_1\x00', 0x8000})
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000100)={'pimreg0\x00', 0x1})
close(r7)
read(r2, &(0x7f0000000080)=""/93, 0xffffff6c)

1m17.771874907s ago: executing program 0 (id=3087):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000280)=0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f00000000c0)='system_u:object_r:printer_device_t:s0\x00', 0x9)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r3, 0x4068aea3, &(0x7f0000000380)={0xa3, 0x0, &(0x7f0000000340)})
ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r4, 0x4068aea3, &(0x7f0000000180)={0xa3, 0x0, &(0x7f0000000140)})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r3, 0x4008ae48, &(0x7f0000000240)=0x3000)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r5, 0x5420, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f00000002c0)={@fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @ptr={0x70742a85, 0x0, &(0x7f0000000200)=""/45, 0x2d, 0x1, 0x35}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

1m17.55198943s ago: executing program 0 (id=3091):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) (async)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) (async)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3) (async)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) (async, rerun: 32)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) (async, rerun: 32)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_NAME(r1, 0x81007702, 0x0)

1m12.618763266s ago: executing program 3 (id=3127):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4602, 0x0)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f00000000c0)={0xfff, 0x0, 0x6, 0xafa, 0x0, "e32401186a9ed9a9"})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0xd)
ioctl$BLKRRPART(r0, 0x125f, 0x0)

1m12.423524089s ago: executing program 3 (id=3129):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r0, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x3ff, 0x0, &(0x7f0000000000)=0x9})
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000000080)={0x0, "3bdf6f3cc9bd4beb033d2c75119ef839"})
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/partitions\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f00000010c0)={0x3, 0x5873f819, 0x3, 0x0, 0x2})
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000001140), 0x2, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001180)={"514c570a4bb6ce473e2b12e59143264ce20a1c0c9b4ce388be840276492ee28711f02f37b08c50742fde927693ae45e99fdc8a2b3b8161f1cec9e1425af2d4a9ad342fcba75ecb348402c5b18837a30c3c7d941d7840baa27221ca7943c3085074c4ce1728f250b12078fad22b03b35a8d8a2a8a86498a7ef6dae382934b687e2c1bb7b7862132b200c29b26b40848e3681a7c067e982f59a004d2650de7ec407f58f4725eef62841afef4811c1f3876c543564d2bcc967ed066112abef3ea9380b24fefdc485ccd4c14baeadd5be730dfc18ec4a695b76f5b4755adb4b429f4a621bdd308a73b5560523beecddfbadeaf7e6ae46eb19251b5211d185c34ff57116f2febccda3197310f3599d4d7c1dde85d20545cf83bb444948f4c04e7e134d2771f511a3754aada568a46f8aad0f426b340af326a85ecc04a32bbbf9ceabd77a9d39363ca330a8786af030b73f909a9a2bfdbd880bfe74dd86dcb82159fb20799c302ad83514cc68e080617a004ea82f082341c5b0cdfde12f2e6f7d71853395b19a7c1e5bdb7c4d81391973859472ad8ff713504e0d4d84ba67b182f3baae71d317bab99a00ff7dfd59c31a39ba0436ebcb1d79a1e0cb0708d86f102a053bd6f96fd722ab46c4f179c55d482713512844139ca7e96aa11826f591831be804fb4256de0df3c37c6cf448bf7036ac5e46312d15be72ae6f5781b7c6baf1f6e39a0a66f7fae0ecd31255de7d6a72002943ee5418ac4131d8e68b1114bfbe210072074270fc54f22c3dd29536de7ce598215e5be4a4682b46a2c02b46929c14e0529b3572214181b5067f3be424c46d40178a11ecd9abb6a634e83674d859d4a5601ad0a91a6c8fd1360bdff0ea96181bc23a55f4e910c0fd0c9055134f92716dab22733c06cd03cbd718986943dc1b72fc386552923d68b80a51b6d836be1077b5aa3a7cf013864d79dfd2fb3bb3c77277b3ba9bc653c1330c159185f3af310651186e4a3284b3f84ab43b889a45c2ddde8f91d46fda9aa47329a30a13d009d50c93bc75afc31976daca823616014279bcbbba3050f39dd3b98345273e444e91ed9d571c0be6b45e5eaf9379ca425e4b290eed13b152cde34424f1cdac03ba0b5e32dc189e791603248528e6c322cc2d195e51abdc734ab69198bdd0897dc747a40e8ee66869ce206a61acf93240771cd6f0d2209b466ce3d6e804ff241a4584430646df9ff31ed7998e7583f0e6385a876550903cc5a0c92a2acc2e6efde33f9dc74c096a23be6665b0ffdfc05ee4eca1a615a9e45599086ef2c48237ffa38610356ea1f5c2d5e122fa926e17c758baa3b367b288ee8863d44698044526d4310eb7de82d0db102a138c871b864247600e746a23faf072a5277913a90a1f79688f78fba0204b46d835ac33169fb842b76503a71cb3bd109e31328c1539c0bfb"})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000001580)={[0x7, 0x6, 0x8, 0xffff, 0xffff, 0x7fff, 0x500000000000, 0x80, 0x7, 0x6, 0x8, 0x20000, 0x8000000000000000, 0x7, 0x25f583b5, 0xa], 0x3000, 0x40})
ioctl$KVM_KVMCLOCK_CTRL(r3, 0xaead)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000001640)=@x86={0x3, 0x5, 0x7, 0x0, 0x6, 0x2d, 0xf8, 0x9, 0x6, 0x3, 0xc, 0x6, 0x0, 0x4, 0x1, 0x7f, 0x81, 0x0, 0x8, '\x00', 0x9, 0x5})
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000001680)={0x0, 0x0, @ioapic={0x100000, 0x7, 0x9, 0x4, 0x0, [{0x8, 0x2, 0x81, '\x00', 0xe}, {0x80, 0x6b, 0x7, '\x00', 0xb5}, {0x2, 0x5, 0x5, '\x00', 0xb}, {0x80, 0x3, 0xe, '\x00', 0x5}, {0x6, 0x0, 0x4, '\x00', 0x6b}, {0x1, 0x6f, 0x7, '\x00', 0x10}, {0x5, 0x92, 0x2, '\x00', 0x7}, {0xe7, 0xfa, 0xe, '\x00', 0x6}, {0x4, 0x6, 0x9, '\x00', 0x8}, {0x3, 0x1, 0x3, '\x00', 0x9}, {0x8, 0x7f, 0x45, '\x00', 0xc}, {0x4, 0xf2, 0x1, '\x00', 0x5}, {0x0, 0x6, 0x1, '\x00', 0x7}, {0xf9, 0x2, 0x3, '\x00', 0x95}, {0x3, 0x3, 0x7, '\x00', 0x7}, {0x4, 0x2d, 0xe}, {0x2, 0x4, 0x2, '\x00', 0x1}, {0x5, 0x9b, 0x84, '\x00', 0x7}, {0x76, 0x3, 0x4, '\x00', 0xd}, {0x9, 0x5, 0x2, '\x00', 0x87}, {0xff, 0xc, 0x2, '\x00', 0x9}, {0x5, 0x0, 0xd8, '\x00', 0x6b}, {0x9, 0xa, 0x6f, '\x00', 0x5}, {0x7f, 0x4, 0x5, '\x00', 0x7}]}})
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f00000018c0)=@x86={0x5, 0x6, 0x58, 0x0, 0x7151, 0xb, 0xf, 0x4, 0x5, 0x5, 0x1, 0x1, 0x0, 0xae, 0x5, 0xe3, 0x4, 0x3, 0x9, '\x00', 0x6, 0x6})
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r2, 0x8008f513, &(0x7f0000001900))
r5 = openat$cgroup(r2, &(0x7f0000001940)='syz0\x00', 0x200002, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r5, 0xf504, 0x0)
ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f0000001980)={0xf000, 0xffff1000, 0x100, 0x0, 0xe})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000019c0)={0x5, 0x5, 0x8080000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$TIOCGWINSZ(r2, 0x5413, &(0x7f0000001a00))
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000001a80)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000001a40)=0x100000001})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001ac0), 0x2500, 0x0)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r6, 0x8010671f, &(0x7f0000001b40)={&(0x7f0000001b00)=""/37, 0x25})
read$FUSE(r2, &(0x7f0000001b80)={0x2020, 0x0, <r7=>0x0}, 0x2020)
ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f0000003bc0)=<r8=>0x0)
read$FUSE(r1, &(0x7f0000003c00)={0x2020, 0x0, <r9=>0x0, 0x0, <r10=>0x0}, 0x2020)
write$FUSE_STATX(r2, &(0x7f0000005c40)={0x130, 0x0, r7, {0x8, 0x7, 0x0, '\x00', {0x100, 0x7d, 0x93, 0x8, r8, r10, 0x4000, '\x00', 0xb4, 0x2, 0x4, 0x101, {0x9c4, 0xffffff7f}, {0x9, 0x3}, {0x1bfd, 0x7}, {0x4, 0x7}, 0x1000, 0x1, 0x462, 0x58875c51}}}, 0x130)
write$FUSE_STATFS(r1, &(0x7f0000005d80)={0x60, 0x0, r9, {{0x9, 0x7, 0x9, 0xa8, 0x2, 0x0, 0x5, 0x1}}}, 0x60)
mount$binderfs(&(0x7f0000005e00), &(0x7f0000005e40)='./binderfs2\x00', &(0x7f0000005e80), 0x82, &(0x7f0000005ec0)={[{@max={'max', 0x3d, 0x77}}, {@max={'max', 0x3d, 0x523}}, {@max={'max', 0x3d, 0x8}}, {@max={'max', 0x3d, 0x7000000000000}}, {@max={'max', 0x3d, 0x3}}], [{@dont_hash}, {@appraise_type}]})

1m12.239887952s ago: executing program 3 (id=3131):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x10a}]})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000380)=ANY=[@ANYBLOB="0100000000000000064d564b", @ANYBLOB="6103332529d83c"])
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000540)={0x8, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313, 0x400}], 0x0, 0x1000000, 0x0})

1m11.854130917s ago: executing program 3 (id=3135):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x45, 0x0, 0x1, 0xfffffffc}, {}, {0x6}]})
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x5, 0x0, &(0x7f0000000140)=[@request_death], 0x0, 0x0, 0x0})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x3398c1, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x27)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r4, 0x8004e500, &(0x7f0000000180)=r3)
read(r1, &(0x7f0000000040)=""/106, 0x6a)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/key-users\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f00000034c0)={0x2020}, 0x2020)
read$FUSE(r5, &(0x7f0000000480)={0x2020}, 0x2020)
mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x5)

1m10.823901543s ago: executing program 3 (id=3140):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000000000001b"])
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x10, 0x0, &(0x7f0000000040)=[@request_death={0x400c630e, 0x2}], 0x58, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b418709844"})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f00000003c0)={0x2, 0x0, [{0x0, 0x2, 0x0, 0x0, @irqchip={0x6, 0x3}}, {0x4, 0x3, 0x0, 0x0, @irqchip={0x9, 0xbfd9}}]})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000280)=0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x1, 0x0, 0x1000000})
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1800, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/custom1\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1, 0x11, r7, 0x8)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_ro(r8, &(0x7f0000000040)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_int(r9, &(0x7f0000000200)=0x1, 0x12)
write$selinux_load(r9, &(0x7f0000000140)={0xf97cff8c, 0x8, 'SE Linux', "c2db0920920cfea30f28df118a867a8941eac4979a25fd07de81eeb0f5f87a283870af0e8a26dc79892c28dc9e07"}, 0x3e)

1m10.483972458s ago: executing program 3 (id=3142):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x2, &(0x7f0000000000)=[{0x44, 0x6, 0x0, 0x2}, {0x6, 0x1, 0x4}]})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='pids.events\x00', 0x275a, 0x0)
ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, &(0x7f0000000140)={0x3, &(0x7f00000000c0)=[{0x2, 0x9, 0x3, 0x1}, {0xb, 0x25, 0x1, 0x7}, {0xf, 0xbe, 0x6, 0x58}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x200500, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000018010040"])
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x0, 0x0, @pic={0x4, 0x8, 0x1e, 0x7f, 0x4, 0x2f, 0x9e, 0xf3, 0x1, 0xd4, 0x9, 0x3, 0xd, 0x6, 0x14}})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x50, r0, 0x81c5e000)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0)
r4 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
write$selinux_attr(r4, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r6, 0xaf01, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r6, 0x4004af61, &(0x7f0000000180))
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000040)={0x8024005, 0x107000})
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
close(0x4)

1m2.548299079s ago: executing program 34 (id=3091):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) (async)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) (async)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3) (async)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) (async, rerun: 32)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) (async, rerun: 32)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_NAME(r1, 0x81007702, 0x0)

55.34587431s ago: executing program 35 (id=3142):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x2, &(0x7f0000000000)=[{0x44, 0x6, 0x0, 0x2}, {0x6, 0x1, 0x4}]})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='pids.events\x00', 0x275a, 0x0)
ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, &(0x7f0000000140)={0x3, &(0x7f00000000c0)=[{0x2, 0x9, 0x3, 0x1}, {0xb, 0x25, 0x1, 0x7}, {0xf, 0xbe, 0x6, 0x58}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x200500, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000018010040"])
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x0, 0x0, @pic={0x4, 0x8, 0x1e, 0x7f, 0x4, 0x2f, 0x9e, 0xf3, 0x1, 0xd4, 0x9, 0x3, 0xd, 0x6, 0x14}})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x50, r0, 0x81c5e000)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0)
r4 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
write$selinux_attr(r4, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r6, 0xaf01, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r6, 0x4004af61, &(0x7f0000000180))
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000040)={0x8024005, 0x107000})
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
close(0x4)

32.879608385s ago: executing program 5 (id=3539):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0xb03cdf087638818c, 0x3})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x14, 0x0, &(0x7f00000002c0)=[@acquire_done={0x40106309, 0x3}], 0x0, 0x0, 0x0})
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)

32.762348656s ago: executing program 5 (id=3541):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x204441, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0xf504, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/address_bits', 0x4803, 0x9f)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) (async)
r3 = openat$cgroup_ro(r1, &(0x7f00000000c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
write$vga_arbiter(r1, &(0x7f0000000100)=@target={'target ', {'PCI:', '6', ':', 'd', ':', '5', '.', '16'}}, 0x14) (async)
write$selinux_load(r3, &(0x7f0000000140)={0xf97cff8c, 0x8, 'SE Linux', "6838088ee564045cad923c1052b01ee5737fa97504bf0b937db48d925300876b2855b9ff20e57ca2742f2c07b3f95af4de9638c592a892afc34069aec6e41f702ccc554b183347b7873713375d7b7dba4c29735a7f4385552a390ba610e47911d697"}, 0x72) (async)
ioctl$EXT4_IOC_GET_ES_CACHE(r2, 0xc020662a, &(0x7f00000001c0)={0x7fffffff, 0x3, 0x4, 0x1, 0x8, 0x0, [{0x5dce, 0xab4, 0x29e}, {0x1f9a, 0x9, 0x9, '\x00', 0x904}, {0x0, 0x5, 0xdc7a, '\x00', 0x884}, {0x6, 0x8, 0x6, '\x00', 0x4}, {0x5, 0x3c, 0x8000000000000000, '\x00', 0x1003}, {0x4, 0x8, 0x7fff, '\x00', 0x110c}, {0x100, 0x80, 0x0, '\x00', 0x309}, {0xd28, 0x3ff, 0x7fffffff, '\x00', 0x1006}]})
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x11, r3, 0x3a27f000) (async)
r4 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f00000003c0), 0x1, 0x0)
write$khugepaged_scan(r4, &(0x7f0000000440), 0x8) (async, rerun: 32)
ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000480)={"dfcf651c9471fc39b05d226f461c33592ff27d82e459f6ca95438f4f3d7707e782c5f95b1ee5c04747d38a58c8e7c097cfd22b2d1c78efc011b9a4d58fb71f886736be6ea7eccb059d444b564e7771ff0198637763c5ccd026e6509a0893e2c72518aac8ebf65982592d21ed38be1663ab31b343f4bb34d39ccddbc0db77da417cd6a13ed081486595afbc0e60ccc5cb6f874487fa8c88a955cac09768f5f9340b6dce06d18e7520f40c3a58ee013affaa301b2021edd88b0f5fd8dc013e1974cdce27f1a09476aced97e9dbeaf531d5b509e99cdb7b1eccc578d82788ea6c9f70dd82bba1d5a377d82cff7d6e57ecca9d649c8daec8f56d309c84d63e599504840f20ecced6ed3008de33c96987f3ee44baf99cb1749b1089c375d52aa1c7740387a62e1d66d59b3d3e01d20b823c49b2dd4d03970166501f0da098a58af2566c02eb03cbd034a564c894944615814eb461e15b03e7cc2df19e5d61b821a3d4f11310d7958719e1002675117ddaf60cbe0f8c2843c9841998ea8cf90080c71590d109bd69ba05f6f9508cbc52cbe08e2b9d4b0903890604f82ebfdcf57e0c3c65d7f5acb34f54ca1679dcf2d4278e05121cee4794922344862422ff1c49834be9cf8b5fa912af920c57ead762669079a93df9881251fb67af562fac20ed4dd9ef0eaabe9ecccd626f0fb0886726ebd0ba46732093ccbc6950c8e2f829889d188911f24d55e7273661991f197baf665898f8fb26cf28c4fdadbb736ffb1f5881356d6648b3c940b8f4d2b6267c37691147fce81223ce5be22a8ee00373bdec592db75301c1a7b6851aaa2385d329ca7d202e98b64aebf498c7579aa3cef306611d197e75cd00207d8a130ea37eec7ad2c76e96f5318b51af249076b38884c178d1b76aaa0e0410ccec224354e1c01796e7bcfe2535597a17af9e261c74725448c4ea0bf3f6cf8ea34944850e53667e0ed4c84f597280207bb16613e485b7efb41ebde4d93eed157c72a7115bbe33ac2f7c9d137f1adee64c5fe718c54f3ca70d504a7bca095bb791176c659079e6b9bd613495a54a2676222d30a6197e615bf73e894c44ae08ecb0758b21d0fa64874749a432143a2e7336963975215894243327c0ea9bba45d5b19496965e652df50e8a1f0942c3d1960530cdfa3e11e8d7d9eecab88ae8c646330f2a0c4f5b608789bec94402cab715e7229e8062de692e4f8c401a678d381cfd76fb20042bc2e14b1b16b630ea6810aa4100e8394545617e596d9db35b06278fee26628135c5cd74551ebb01ab755530da8dbbe8ded4178399d2bfcaf569fededf44326c31f5c108a9a6450fdac3fd7f42a6a53d2ff63b6f21e5a0e4e08c6120a1277791bf7cc3adc3abe528a3c307ad67fea012db86483c01855a7d3a20d4df9ceca46b9130cad3aa9c547f530f5fafc0d6485a0f86221e"}) (async, rerun: 32)
write$khugepaged_scan(r3, &(0x7f0000000880), 0x8) (async)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f00000008c0)={"d14d73d5988b3e197daf7117d404db26eac07f8e8011d787e80ecd702048fcedb6ac8508c343b74bb306e41d35dea80e90340514e1566265fcb9922062ea4b56a42f97fcf12236d7f978119ab0179ae9f1ee768041b7fc1144c1c6488867e98f5135c9b8ea6b1c23844317b8825e69fa2a21057df7266570ae57a97b4280c082b6e9511dcf2ad63f211ffb2ba9207da962fa6fdafd128f12a95138b232890ab6ea02c6367ae7005f3856df22281b130ffb4087935049242aaac902deb8dad170323c86b018da001581f495652e55f32cb38ff4d0aa5281d3f21d30f8ffab8fd6b437847ec20819dee5788fbdb68f4a4ee2b3a8f445e59bc08d94f7e6e4b053c9141aa3f3afeea93230c0862bf8050fcfec4ebf1ae7f44971c5ad2b0e2a541eb90c362067a64660132ff55f17eceb5258a448c3f16d54bc9d05706718b3da29ce85b26236bafad4c4c0f4f71b6ca799544355a5221ec21c9a5e41c1b5ccc551c85c2784aff66210903578e8873224212f6503c9604f48d0491892cd36c2c4223a902f52d27736384d4888467333cc6886c9eaf87b2a1e8636c7abddc470abea35be491d0d5b5ff0f840f8dd78cc991642d2e779c1567f13c2418372f6d858067c1fa581887c8a8f6a8c2923707b6b36d897c12bac139a10c6e3f54ab32130016981e369818c923056ea76b602b8caa1f9d59317c8b02f3a0e9fed223603c56a0d4b62f54e9a831492fcfdb6dd86c990df2a35bcca6a40ad25f5de84311121a8d2d69ab6bdbbfacfd0ba02aeb168a78e3f8eecd20c0c11d791de02a0fb6c6b3f61b754089a39c76342c02305bef9fccec8c0114e6b59353be12b2e0723ec4e7e6ba2b62b3dad5cdb9a49cf5896b9a8eb3b89dcb505c1cee9f89f02e909cf2f11d8dcea0c8da40694834ffdaf02156ad3b36f96443329da9b3406daa8a85e7f220db560e7e99e60f57fafd8468edc0b95db2334ca5ec5577035ba074166e0b62968779ba0632d72a29705583cf5554252309d252279aee1fa3dc135a465f03beeecc1e9dffad7ead932e6de20f4d49fd96464f1bd66931ba4daa72229e88cc2808bfc9bca92b0b18f72657f104a5117d4654ed3f54698beadbf5cffdb6eb7583ac31bb1e6d4a56b562e198b43b287054e5c62ca6a60103dcdc2edebfaae5df87e4377126a951525efbd096ec0578bb6ba211560484d7fd488f0d7b80ae96e4dc5e3e36304fe5a02686ba2b15a0029fc1d6bba61d01231f7cea14875de83ead861f872a9445c4b22e118eefe1ad6f52287b620a0db79e161a499f4b71662dd3e395966d1ccfe2efe9e5b28fdf6154ff8d366625b8205abbbfa54c0718e12542dd3f203a8e4c1c1d5e7a6aea38e738a02e68e6b41fcefacfdbcbb29d38ffeba777de260eff79aafe72e43c608a9d73259c2b7d7b96409195d21a1ddc3a391a0bed498"}) (async)
r5 = openat$cgroup_type(r3, &(0x7f0000000cc0), 0x2, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000d00)=0x10000) (async)
write$cgroup_subtree(r3, &(0x7f0000000d40)={[{0x2b, 'net_prio'}, {0x7781543a3362abb4, 'rlimit'}, {0x2b, 'memory'}]}, 0x1a)
ioctl$KVM_GET_MP_STATE(r3, 0x8004ae98, &(0x7f0000000d80)) (async)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x3000002, 0x100010, r1, 0x1623b000)
r6 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000dc0), 0x40000, 0x0)
write(r6, &(0x7f0000000e00)="5e4926e36b21d2cff305701f8c0d01c789a3f627462b7917f0e444b6516d23b3c01b8ff986413483", 0x28)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, r7, 0x1, 0x13, r3, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000000e40)={{<r8=>0x0, 0x8, 0x0, 0x9, 0x58, 0x25f, 0x2, 0x1, 0x5, 0x7ff, 0x5, 0x8001, 0x81, 0x3, 0xd}})
ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0xd0009411, &(0x7f0000001e40)={{r8, 0xfffffffffffffffd, 0x1, 0x1, 0xd, 0x5, 0x10000, 0xbc1f734, 0x1, 0x1ff, 0x5, 0x6, 0x3, 0x5, 0x8000000000000001}}) (async)
ioctl$BINDER_THREAD_EXIT(r2, 0x40046208, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000002e40)={0x73622a85, 0xa, 0x1}) (async, rerun: 32)
r9 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000002e80), 0x92400, 0x0) (rerun: 32)
write$khugepaged_scan(r9, &(0x7f0000002ec0), 0x8)

32.572070429s ago: executing program 5 (id=3542):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f00000001c0)={0xbe, 0x0, 0x1})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000004"])
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0xfffffffc, 0x0, &(0x7f0000001600)=""/78, 0x0})
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
mount$binderfs(&(0x7f0000000000), &(0x7f00000000c0)='./binderfs\x00', 0x0, 0x1002000, 0x0)
r4 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000900), 0x10, 0x0)
read(r4, &(0x7f0000000100)=""/84, 0x74)
read(r4, &(0x7f0000001940)=""/4096, 0x1000)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000240))
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000040)={0x1, 0x0, 0x0, &(0x7f0000000440)=""/190, &(0x7f0000000140)=""/83, 0x3000})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x6, 0x0, 0x400000002], 0x8080000})
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x9, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0xfffffffffffffffe, 0x8000000000000000, 0xff], 0x0, 0x41845})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000340)=0x1)
mount$binderfs(0x0, &(0x7f0000000280)='./binderfs\x00', 0x0, 0x2000063, 0x0)

32.354121032s ago: executing program 5 (id=3547):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000002d00), 0x2000) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x800000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_NESTED_STATE(r5, 0x4080aebf, &(0x7f00000002c0)={{0x0, 0x0, 0x80, {0xd000, 0x0, 0x5}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96252d59e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f700010000e4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156fb4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c4ad8c81d77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b589cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d475bd5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03cd9e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641f9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc245e748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33dff5ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc1016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a145509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"})
ioctl$KVM_CAP_X86_DISABLE_EXITS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xdc, 0x0, 0x4}) (async, rerun: 64)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (rerun: 64)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0) (async)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f00000001c0)={0xbe, 0x0, 0x1})
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x4000002a, 0x0, 0x4}]}) (async)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r9, 0xc040aed5, &(0x7f0000000000)={0xffff1000, 0x1000, 0x2000000}) (async)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1, 0x11, r10, 0x6)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r10, 0xc018620c, 0x0)

31.976073818s ago: executing program 5 (id=3552):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/custom1\x00', 0x2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x145480, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000280)=0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})

31.572095174s ago: executing program 5 (id=3555):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x2400, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f0000000240)={0x79, 0x0, 0x7cd})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000000000021000040"])
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap(&(0x7f0000797000/0x2000)=nil, 0x2000, 0x3000001, 0x22052, r0, 0x2000)

17.134295672s ago: executing program 4 (id=3694):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000006c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000001c0)={{0x3}})
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0x80585414, &(0x7f0000000080))
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r3, 0xaea3, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000580)={0x0, 0x4000001, 0x0, 0x0, 0x0, 0x4000})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
ioctl$BLKTRACESTOP(r6, 0x1275, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'dvmrp1\x00', 0x2})
ioctl$TUNSETCARRIER(r5, 0x400454e2, &(0x7f0000000000)=0x3d)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x0, 0x3})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x1015, 0x2})
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x100400, 0x0)
read(r7, &(0x7f00000001c0)=""/219, 0xdb)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000dc0)=0x7)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000300)={0x73622a85, 0x100, 0x200000000000001})

16.857387326s ago: executing program 4 (id=3697):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
mount$binderfs(0x0, &(0x7f00000000c0)='./binderfs\x00', &(0x7f0000000100), 0x0, &(0x7f00000001c0)={[{}]})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000140)=ANY=[@ANYBLOB="0100000000000000014d564b00000000ff"])
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000003)
mmap(&(0x7f0000fec000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r0, 0x0)

16.56804953s ago: executing program 4 (id=3700):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000800), 0x161200, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x7fffffffffffffff) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x8800, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000000000007300004000000000ff0ffefffbff0000abf42339ee96b70d154e34c76ad038b67d21467ade3fd038a006d0d1dbe378736cdca5dc431fd84bd7700ee38a00a8455003eb5f882f4dd2e5f4dd33581e"]) (async)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f00000002c0)={"f8a1af750a52d100df20da710eb2b246997ce3481df22c4ef520b3612fdb537611222ee595fecda81a109b3356f6538426e00eea4e40f888c3671b1457e9b66b83e665dfe862b949fe24540f60ac5126fcdb6031025efaa5fe1274ccbd95f3f83c127334823b3e96fc2658299aa3832ece6f812a4e5329ebdb9f84bd39e517ab3819d9d6fb2295ef2eed934e564be1f027b46dc044c415b5b1ac6867979820e97e129ec69eeadb02b54e71dc77b9be2307afbfe6f2180dfe8ecaf225d7ca47a4b0c4f41b8f65d7ac9b606a5f38338ed794c6b0bb00d70dc338a712dc66194820dd932c98b04da8ec8caa9fc0b253232a2fe90e11c128d3cb451a21851f75cbb01122df594d540e92226f403b839a7278414997ad8d64513465d024b482626cc9907b25bc0cf0242a00a375e34c014405bc6358455f91473a9082c1c80c7eccaca7bdfa5016d7b0dcf28098b961e3f15cd860f5aca02a5a6820f8678109dec81a0c5edc00fc62c4fc62195a7d3bcfd003bd6683b7399baee217581ed9ca60e0f6f93d8d27fe9d2873d639819e661bcf26f83b293f8c7216047a95dd48c0c9f24b3dd6e42331fb2c12a64ad2baf76821e65ebc950470e347eee334690fef48e4e6fd992a29a518ed00ea0b583215f69eabdaf4fb3523109c615f1bb2de1c441713f616c6aa55791f8cf1b49946927c77a17b102ac3595304de364055b08fa7c9f64f2a721b3990441cabfdd29ddd5236244e34cbda6cd08c0c8fcf5a256c14df724d33d50d51a99beef5630163f3976a60a6d390f80e6b90b566dde28ea35f3d3f115c90e928f087153b32c6923b63e82f516b1167b668a49dd023850e38de44eafe88d5ffff722a3a89fb6a7533bc256197f0a6f9f229b0ba1c157b89588f46e125eb4b19b50643c9f2b38b75d01ee406d70827db68f625ebdbf14dd8881c87520c5e1a12a246bb1528cfa43df512efef269e07e6812ca02b241b178f4feb615df8d1f0173fae7943153b5d03b37376b2557ec4787dcf04c99f6ec892172da1d7c4b3cbf658b900cb4ef36a0829fe343fc863d60b6f6a2fd0385a1b30dfb266f5b41ad6c8ad3556ba2da71dcd6a4ecad1a60f116434468fd3e79d23a96725f7e6e8424f5b3f447c286df92f9258fbec7439feefd6e45f6dd4960740687d3bb748f4d36c4045b6571c5f059d95e1c7896d28206e5211fbbccd2f5cb8e5080614f95131c45ebbc4fbc70d115f08a8aa5786339536636350a68f0aaeafecd8a086b5ddbdadb3ea1753b15d92f9c88a9c9402457e31aaaafd41d44bb37c98f39cca8cc4d1593eb318d3186b73aaaebc79795fb2020abb3cfcafdc0d9050ae1bbe2cfc4d039e0448452802457e98535f1fef1ec37b882ab3ee90919c34152864936970efe3a6c216a542da02210d2eade6539a12eef357686ebd7a602c3c2bd21c4a72"}) (async)
read(r1, &(0x7f0000000080)=""/93, 0xffffff6c)

16.5675835s ago: executing program 36 (id=3555):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x2400, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f0000000240)={0x79, 0x0, 0x7cd})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000000000021000040"])
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap(&(0x7f0000797000/0x2000)=nil, 0x2000, 0x3000001, 0x22052, r0, 0x2000)

16.379303423s ago: executing program 4 (id=3702):
r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$VT_ACTIVATE(r0, 0x5606, 0x1ff)
ioctl$KDMKTONE(r0, 0x4b30, 0x4) (async)
ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000040)={0xae2, 0xe8b})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000080)={{<r1=>0x0, 0xdf, 0xfffffffffffeffff, 0x3ff, 0x10000, 0xfff, 0x3, 0x2, 0x4, 0x0, 0x14e, 0x5, 0x9, 0x80, 0x9}})
ioctl$BTRFS_IOC_INO_LOOKUP(r0, 0xd0009412, &(0x7f0000001080)={r1, 0x81})
write$selinux_load(r0, &(0x7f0000002080)={0xf97cff8c, 0x8, 'SE Linux', "f00a12ff27c1fd869e46412433ea85e23508714592e9886041b51e20cd6ec5b4e86797990b0ca5aa8a415d73d1d7bcd31a5ebab74da11c82aeea4621cbf7d6d3df6a8593d70966285d2511cac917c4527a13ac7700747b6e2c73b5c4e7"}, 0x6d)
ioctl$TIOCL_SETVESABLANK(r0, 0x541c, &(0x7f0000002100))
r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000002140), 0x28402, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000002180)) (async)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000002380)={[{0x1000, 0x6, 0x6, 0x4, 0x6, 0x4, 0x0, 0xfc, 0x7, 0xf, 0x3, 0x5}, {0x6, 0x5, 0x7, 0x8, 0x8, 0x3, 0x5, 0x33, 0x3, 0x7, 0x1, 0x7, 0x9}, {0xfffffeff, 0x9, 0x2, 0x7, 0x2, 0x1, 0x6, 0xe8, 0xe, 0x3, 0xe2, 0x0, 0x79}], 0x1800}) (async)
ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x0) (async)
ioctl$PIO_FONTX(r0, 0x4b6c, &(0x7f0000002800)={0x6b, 0x0, &(0x7f0000002400)="6a2edfd0e6010988ea9d0413638576f71089c431314cf51c12618e4e827ef8ad0d3e6199e3aaa2559b996b72b7473306aed70263190f64e9734368063e5a15b3178862c9c58160eba33e6beabbac4e15b5ddf50fb0146c832f72e9ea414df401507864f0849e599bd54ad3818ce9f01cff9ed3bdcca167261270adf5e560ab16bfd8d3aad0055be0b3fcd2f31ce419c43989c096a88c62a8aef35c44ed2e2bf0c73c6984fa5331f2f982059541be0fd1cb8cf35e2a8be1b3882dd0cb5347e5323dd7cbc3d745336c2cc651b4fb11ee0455b9164aae6b688da646428884e58dc2692dbb334d600e4fbcd9a4a1b79c41ece495780fa46dfad385fc04aea668b2a452c0b6deb8fa8d9b19947a223643b9e07d3e0e4a5579d912ee13fb2a242d4f8ebc6303d8dda94d6998818d0103476642307b12d2e8c0168d7413ec48c0bee12e7af0e61cab9b7ee3221229bad9334968af7ff740f479b0000116e08830e8a402e656297cc36ff0c035439d349393fd33d77c635ae4a2964923cc4e37064651fbc46f6dc506115e3b80d9451a998f6deeecd4349aa2401958b59533fe2f7ba97f550de9da4f02a599218a7b603a83705ab73e65cd6a5abbe90d40e223d329e954d1b12a67df90e5a8acddd9789ff71dbddbbd7c1cfedf0ecabe65fbaf05e60610507e7a7ae8e7c738aa3d63993079c37e7526f7c8366e76f9ddfb74a6c17ce4abb24b567448310b990e5703605197233162a7404cfdca3df810066d48088ee51506bcda7b8b21239ab63056bc83fc119a14e73f1f5443ddc6cd831a0975816647d2d889e6c2afa06907e15ce2298e54cdcafaee285da59890ae5a024aa7c2d9b4978f4fde42fd019a9e062a430da7dfb48caa875ac8b88b0221c39120b28c410b723816470487f732e38f3f067f394dffd2c7d287d46bfbd17ee8df8474af4285764f9ef91b032cbc972180efaa7e915f5d4a1c99eebb86d40b0b75bdad2f85c0d21c2fe96bc3f59134e1c26e0cc345e8f2a56ff60847b7f7185ad2bed94b0edd96af674d2159bfc2c7905918931eab3f9a101422074a90762b078151c75c6a8bbbdeaaf21b68606f7be291b665d14eaf37a5aa81ff2ae494c7de2357a837c960082d6a1892313669bf62bb695af6923ace1d0788e7f3aecae0f8b8daa111be7bc7d01b8c7f639299a07225d1a5b66e4add4be72e54bc8226660b8f024adb32a68d81d9a723eb41b124287d398e60a357f2a5d9a5581b0fefad99304f705c359b188f82650316222383afc5956719ce7287850bfe071b146c45d0d8ffc46167c7efb8e47d23524f1de4a8a2b9b7be17f2046e909272cc032ed377aab1d74f8178b586c7e009de7cbc17a83f0850ab625c3d3676138b010d195e8219c8b55dbe0a58606a7608678237d15d746c4e4739fbb2ca490a8e3bb17558fb8e88933d9d01"}) (async)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000002840)=0x4)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000002880)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) (async)
ioctl$KDGKBLED(0xffffffffffffffff, 0x4b64, &(0x7f0000002ac0)) (async)
ioctl$PIO_CMAP(r2, 0x4b71, &(0x7f0000002b00)={0x28d2, 0xfe5, 0x7, 0x2e, 0x7, 0x3})
write(r2, &(0x7f0000002b40)="fbf65c70941519e64e8961209633bf305f6056907e6a6ce09a6e0c944dcecdd77260e451b7927185c87476aa14cc2064c67bb5c51f0456b44c82f64a8257aed7a8e1ddf0a79db83a16cd61a04a106bcdad", 0x51) (async)
read$FUSE(r0, &(0x7f0000002c80)={0x2020, 0x0, 0x0, <r3=>0x0}, 0x2020) (async)
read$FUSE(r0, &(0x7f0000004cc0)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
mount$binderfs(&(0x7f0000002bc0), &(0x7f0000002c00)='./binderfs2\x00', &(0x7f0000002c40), 0x40, &(0x7f0000006d00)={[{@stats}], [{@obj_user={'obj_user', 0x3d, '\x00'}}, {@uid_eq={'uid', 0x3d, r3}}, {@euid_eq={'euid', 0x3d, r4}}, {@hash}]})
write$FUSE_NOTIFY_POLL(r0, &(0x7f0000006d80)={0x18, 0x1, 0x0, {0x800}}, 0x18) (async)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000006dc0)={'veth0_virt_wifi\x00', @local}) (async)
ioctl$BTRFS_IOC_TREE_SEARCH(r2, 0xd0009411, &(0x7f0000006e00)={{<r5=>r1, 0x4, 0x1, 0x3, 0x6, 0x1, 0x423c, 0x2, 0x2, 0x1, 0x1, 0x4, 0x5, 0x5, 0x1}})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000007e00)={{r5, 0x1, 0xc, 0xfa, 0xffff, 0x4, 0x8, 0x3, 0x400, 0x5, 0x3, 0x5, 0xbc75, 0x4, 0xc}, 0x8, [0x0]}) (async)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) (async)
ioctl$VHOST_GET_VRING_ENDIAN(r0, 0x4008af14, &(0x7f0000007e80)={0x1, 0x400}) (async)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000007ec0)={0x95, 0xfffffffb, 0xfffffe01, 0x3, 0x9, "a73283d11fdae3373110e8cbc14189c289889d", 0x7fffffff, 0xfffffffa}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000007f00)={0x0, 0x3, 0x2000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)

16.280228405s ago: executing program 4 (id=3703):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000000e40)=0x2)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000d00)=[@transaction_sg={0x400c6313, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40}], 0x0, 0x0, 0x0})
prctl$PR_MCE_KILL(0x35, 0x0, 0x8)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000280)=0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_CREATE_PIT2(r8, 0x4040ae77, &(0x7f0000000180))
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_PIT(r8, 0x8048ae66, &(0x7f0000000080)={[{0x8001, 0x7, 0x0, 0x1c, 0x5, 0x2, 0x4, 0xaa, 0xf9, 0x3, 0x80, 0x9, 0x1}, {0x6, 0x80, 0x8, 0xc4, 0x8, 0x7, 0x8, 0x9, 0x7, 0xff, 0x0, 0x4}, {0xe2a5, 0xd, 0x1, 0x9, 0x2, 0x6, 0x9, 0x8, 0x7f, 0x9, 0x56, 0xc, 0x100}], 0x4})
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$KVM_SET_REGS(r9, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7fffffff], 0x80a0000})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$FICLONERANGE(r6, 0x4020940d, &(0x7f0000000080)={{}, 0x2, 0x1, 0x4})
prctl$PR_MCE_KILL(0x35, 0x0, 0x10)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x1})
prctl$PR_SET_IO_FLUSHER(0x39, 0x0)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(0xffffffffffffffff, 0x80089419, &(0x7f0000000000))
ioctl$GIO_SCRNMAP(0xffffffffffffffff, 0x4b40, &(0x7f0000000d80)=""/4096)

15.514272866s ago: executing program 4 (id=3708):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xc000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f00000000c0), 0x12)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_GET_PIT2(r4, 0x8070ae9f, &(0x7f00000001c0))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000200)={0x4376ea830d56d49d})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_NMI(r6, 0xae9a)
r7 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x0, 0x0)
r8 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x161000, 0x0)
ioctl$BLKFLSBUF(r8, 0x1261, 0x0)
ioctl$BINDER_CTL_ADD(r7, 0x541b, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x100000001, 0x0, 0x0, 0x100000, 0x10001, 0x401, 0x8000000, 0x7, 0x0, 0xfffffffffffffffe, 0x200, 0x2, 0x3], 0x0, 0x200})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x0, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r11, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @pic={0xfb, 0x8, 0x8, 0x2, 0x4, 0x8, 0xf8, 0x7, 0x9, 0x0, 0x6, 0x7, 0x5, 0x9, 0x0, 0x57}})
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000000)={0x5, 0x0, &(0x7f0000000140)=[@request_death], 0x0, 0x0, 0x0})

2.620890281s ago: executing program 7 (id=3819):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@binder={0x73622a85, 0x1101, 0x3}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x10}, @fda={0x66646185, 0x8, 0x0, 0x40}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

2.408963274s ago: executing program 8 (id=3822):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f00000000c0)={0x0, 0x0, 0xfffd, 0x0, 0x0, "e872185081e6c67e"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000004540), 0x0, 0x0)
ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000004580))
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000000400)={0x1, 0x5, {0x2, @struct={0x9, 0x13f00}, <r2=>0x0, 0x4c66, 0x6, 0x7, 0x4, 0xfce, 0x4f8, @struct={0x2, 0x4}, 0xa, 0xd3, [0x2, 0xc25, 0xfffffffffffffffc, 0x7, 0x3, 0xd9]}, {0x3, @usage=0x3, 0x0, 0x80000000, 0x2, 0x0, 0x3, 0x9, 0x40, @usage=0x7, 0x9, 0x401, [0x3ff, 0xff80000000000000, 0x8001, 0x3ff, 0x5, 0x101]}, {0x6, @usage=0x3, 0x0, 0xd305, 0x0, 0xffffffffffffffde, 0x0, 0x3, 0x0, @usage=0x7fffffff, 0x10000, 0x8, [0x6, 0x93, 0x8000000000000000, 0x8, 0x7, 0x9]}, {0x0, 0x4, 0x1400000}})
ioctl$BTRFS_IOC_DEV_REPLACE(r1, 0xca289435, &(0x7f0000000800)={0x7737fbb333b0f555, 0x200, @start={r2, 0x1, "c7a879bf20e70992545025ea5567c9d6c710d3fd615b74bf28ec5c0fbb05ca228f87062290c9fafef4965872f6de2f16c1ac0a042e6747158132bb735ca5d0ab123607f704b88fa422c36a14cc85383c653d901d9e3779e35922bd6e9b5d78df89744129d276f344f08535f734f71d779d4a5dca6b2bbdd3c3a2a140d7f304854aa187fdc0aa483823979f2c98ef1581c461e41370f25a77d67da87a9f0c3183cd5a60184ea0863c9fc88b4918777f19259108190d7e63d5caa2ee217a340cb681826bba69bc7c22e73e4431a6c777af11898d6411cfdae69a33af719b317fa48d332435f8f7a36a3d938395426e6f9d9bf4fa286aecd296ffdcdfcb48cb708bcbab161a161f371d0638a9b7acff703faeb39929930a373a4823d365b85038989c20c272b7964ee5a7129960649b2a4afd833afcef7a51d2f7d4328414771a8b511a42c5eeb8f97bb5a5ebf883f2f05a2c23ccf680f0e6950649daff8900561566aebaf0886156fdc05cde1a94ded37dd10b390aa07973ccde49133e3d2824183cda1589ab9011c21f40ade944743ad559c08d78bce4f312088261aed822d9803bc65a8b854b40601e39cf1093e36368c5b8b0e63002e2e0f79fb16d442765dfed0b16ec3fbbc226762ef7171e02ca366fedb115f0b917eeb39f658a4a43a1abc39dcc38fc6b9ed206007670d12450590641f93b5d43582b84aed0ef9d232f8b920547b3547549e7372060da33c493ca337ab8fdee64b264b8b4eaa2c0b1d07d7f4328cecb54655bb22159b2afa4d5716bedbde0b84c05e706ae0a7e6fbc2fa925adc49a5ae7e9288c2e332011510d8f4e106365424509e209bda6c293978fb703a5e3ecde89833ae62c332f6752d61d253aab1c4cfc217fe91c6b991f5f006204d82dcad49a78686337bc091d6c3ee6c446de43f1f3a593f5dab40a8e141f4c0b61b791304b8815d573962e33115e3fbdcce4f9c3fe2f9a83dba76b6e0bc3eddd07e2835d2346d2652d96e664619f02294bd68118fd8e85c9186fcf0b238814d8f6ea71c038f23a8652cbfe7a5fc5650da8b13c2a56e37550ae7a157d03a71db4675a47dce380f7f410f8e8671c3d551c9a1f5532b84a148a2541da0f407a154d9e3522ba6a879aa2fde6906a3760e2070ca7399da53aff8f6192f4e32f4963a48f22b6d75cb6427b8a444deddf5aca9e1fd52e872c7ee9046cf97cec81ddd83b652b79857962101ab27553c103d63e6b9ccf76f616c4cc5eb991eb809fea723de7ad63b39be2c991837dcf354aa9fde63ed51d44256d6f3d96bbd18137f89000070ccdfbeb6e5a39e1d237fc7e6f4c70d858388217e18f5eb0721f2e8a26c5ed78bd6c5a1afbeff661f63c4a418895f9161282fdd1f0251c796bd30e897adbdc3fd581112ac0aec67701b34345f9e2d4656ea655b34bfabde701a42153df002c", "886bb701ae20be0df9e16b6dd6654e8b49bec47897a57d3c10ccfc2b6132875e10f4dfc143813c60ddd977e902ffb425dbd1593a39088730d40be3247fd344a3a53c7740ff05d2641834884fa49ecb7ffa30883bf14b7ae1701d6aecd0e5d32aa3d014b50965472d40804c1053f46219de37de1bc40455350492815681946a9acb5b7276edb76b419056115660fbc765afb882e9779c01ec8c64f3ceabaad82f052e4ef99e70b6cc238ec747a1636d4f1205cd7818dfa466cf8c3673f154c536c20552c7bb92e0da7204a84b00999409697c99e50c62fb159b4ba38d6d27e0e61c753a545cd88289404d6f3e22ba83c775b7bdb6887a8190c8639204438cf79ef2dec9216d531535b580939dcc1061f735b8053add558c2d19bcce4875b8e8abae90902aa52e8ce29eafce257637b4a05c9f7aa9d9b250488466ee4fdfed70745ece0cdf8d0507018f9971f1cc31106ffa88b1c8ef7a1b4f67c0513db7ffe6a7637a287c4be933e2feae728787ef3b05e3eee59eda4b3f566dbb969aaf88161d8465d18118aa95c06d6575886228cd083f055b02d87fac4f71d9b9b5e582b29fc266fbfe74bce9efcbe62f92ee81d85f5c8317526698eda24e006703acccddf2c97515e72a8e32666aa6caa20fc0cbbb4d86d1b1814d7e61795d77e533adfc47a54b452b688a31316044498acb4244240c8ae577ea17aa03c039dd70462f887fb2e312f6975bb17d0f37af02dd9cc579b6d36d28d1e07343bfdc4581158a7cbc1231a7fb9cd392d66ea251c85e873ae57d9fb5ada311029b6b188bab654bb9c6ca1c4d4020da66948d7d48c3b44d93c628a9c8c9c78eaa29556f9a9d59006899dab28a5fe8ae871430d32d28a2058b2f6527f2c022c82643aefad9d3ba0e4e4bfac3af282017ac1c30e4a4989a63aef2eedd9f0b8aa0da69cc5189f55ba7cc7344b7465a07aae3c583f9295e54b102acd04aa1ec49ee9d5a0c36d2ff77c1ac7c30713921b7adc52d239b11baf70fe6bb2aa791daec80c337f9ebfc4b367a5a9617c0fdbe68ed8f0eb78ab3d7e1fb12abff2734bdc76a76be955412f434a47249525a8383e8a1e4cd9288807ed3b37e9b847f5c2bd63bc1810a45aaa156a2d3887f099a28bab2bae6486727461aa993e638ab17b45d98e92d21122fbfef3f6e575bb7f31286259a43e8da57ae66e8122e7d88d2d6baa16a2ef720828c50acec86a4f1ca361ddcc45fa9e80c66adbbf89e51dfed67b574dba0d0ff1ba3e08bb13ac0f65298eeaeabc4f37d1f4f0b6eafaaeb746c88db706030831e3384860ad80cc0fbbc2c1191a16a023d4356266c16c7fbf67f35d522f94b85d536e05e3a586626f8c7edd67dd09b087ebe5aefb2c78f6a1510146df70433e8b936c1430e2d6a21fb28a9858140319c6e735f740483999b73c2d63e153c00e77140995a939ad412"}, [0x8, 0x4, 0x6, 0x6, 0x0, 0x7, 0x3fb, 0x7fffffffffffffff, 0x7fc000, 0xa84, 0xb, 0xe2a, 0x5a33, 0x100, 0x3, 0x337, 0x9, 0xffffffff00000000, 0x3, 0x6, 0x1ff, 0x9, 0x4, 0x80, 0x10001, 0x1, 0x2, 0x8000000000000001, 0xa5, 0xffffffff7fffffff, 0x0, 0xffffffff, 0xfffffffffffffff8, 0x4, 0x2, 0x2000000, 0xffffffffffff8000, 0x6, 0x4, 0xb, 0x513ed8d5, 0x200, 0x4, 0x3, 0x5, 0x6, 0x1400000000, 0xba7d, 0x6, 0xc, 0x0, 0x2, 0x76000000000, 0x1, 0x2, 0x3, 0x10000, 0xb, 0x9, 0x200, 0x0, 0x800, 0x100000001, 0x10001]})
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0xfffffd00, &(0x7f0000000000)='}\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, &(0x7f00000000c0)='/dev/uinput\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000000000000000004000"])
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000040)=@x86={0x8, 0x4, 0x9, 0x0, 0x8, 0x9, 0x4, 0x2, 0x9, 0x1, 0x5, 0x3, 0x0, 0x7, 0x0, 0x2, 0xf4, 0xd, 0x3, '\x00', 0xb, 0x5})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0xb03cdf087638818c, 0x3})
r7 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000002600), 0x2, 0x0)
write$selinux_load(r7, &(0x7f0000000100)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75780c2bfa35b9cb849e27df91af09b62055cc884df219a773dfab34e6f7f47fe376dde441e88f0936e77f91717bec6fb007b1f0397536a40fee43a9fc99527ebc01244f64103e9200c5bbfc72a66e90a11a438295dd41957514e2c4bba5df0ee67116e80ad85981b620a53b59303a5bec4953df425b69042f43e9166e96e98f729c32df3ac9195229acbce9ec0d0dbce524ded3f61c2a8f95212d55edbb8ec7e79531308d03e77724b0d7dc08d7c80a54b3e1da5f8f4f3d396da15d5c5a68fc3c8a2012"], 0x20)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000240)={0x14, 0x0, &(0x7f00000002c0)=[@acquire_done={0x40106309, 0x3}], 0x0, 0x0, 0x0})

2.403366864s ago: executing program 7 (id=3823):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/custom0\x00', 0x802, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000280)={0x1, 0x0, [{0x4b564d07, 0x0, 0x5}]})
r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x101002, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/mdstat\x00', 0x0, 0x0)
write$vga_arbiter(r5, &(0x7f00000000c0)=@other={'trylock', ' ', 'io+mem'}, 0xf)
write$UHID_CREATE(r4, &(0x7f00000001c0)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000040)=""/80, 0x50, 0xff89, 0x4, 0x2, 0x4}}, 0x120)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x4, 0x0, &(0x7f0000000380)=[@enter_looper], 0x50, 0x0, &(0x7f0000002040)="7797f473010e3c6f412193d01ca46e5d1fd37e1ff088862e47734ac7eb2e436321311317afe07822a299d63328f5c10a5f99166b47868f357ba1edd6b402c7022a1fe37f5f729dd812db18dad930f670"})

2.080032409s ago: executing program 8 (id=3824):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0xa, 0x2})
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x1001, &(0x7f0000000400)={@ptr={0x70742a85, 0x0, &(0x7f0000000340)=""/89, 0x59, 0x2, 0x2}, @fd, @fda={0x66646185, 0x2, 0x1, 0x3f}}, &(0x7f0000000240)={0x0, 0x28, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

1.968781721s ago: executing program 8 (id=3826):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r0, &(0x7f0000001180)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000000100)={{0xffff0000, 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0xff, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe}, {0x5002, 0x0, 0x0, 0x8, 0x0, 0x0, 0x81, 0x0, 0x44, 0xe, 0x0, 0x3}, {0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x11000, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1a}, {0x100000, 0xd000, 0x0, 0x0, 0x0, 0x8f, 0xa, 0x0, 0x0, 0x0, 0x84}, {0xeeee8000, 0x0, 0x9}, {0x0, 0x4000, 0x0, 0x82}, {0x6000}, {0x1, 0xfffe}, 0xa0010012, 0x0, 0x0, 0x30020, 0x0, 0x0, 0x900, [0x0, 0x0, 0x0, 0x3]})
r5 = openat$cgroup_ro(r1, &(0x7f0000000280)='cgroup.freeze\x00', 0x275a, 0x0)
read$FUSE(r5, &(0x7f00000002c0)={0x2020}, 0x2020) (async)
write$cgroup_subtree(r5, &(0x7f0000000040)=ANY=[@ANYBLOB='-8'], 0x27) (async, rerun: 32)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 32)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1181}) (async, rerun: 32)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) (rerun: 32)
read$FUSE(r7, &(0x7f0000000340)={0x2020}, 0x2020) (async)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000140)={0x8, 0x0, &(0x7f0000000040)=[@acquire], 0x0, 0x0, 0x0})

1.747852414s ago: executing program 6 (id=3828):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xea100, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xea100, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x8000000000000000, 0x100000000, 0x0, 0x7, 0x0, 0x0, 0x2004c9, 0x7000, 0x0, 0x0, 0xfffffffffffffffb, 0x8, 0x0, 0x0, 0x4000000000000004, 0x2], 0xffff1000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000100)={0xffff1000, 0x4000, 0x1}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000100)={0xffff1000, 0x4000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000080)={0x2000, 0x10000})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0) (async)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, &(0x7f0000000280)=ANY=[@ANYBLOB="01"])
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_CPUID(r7, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="01"])
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000000180)={0x2, 0x5834d4dbb6893c4c}) (async)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000000180)={0x2, 0x5834d4dbb6893c4c})
r8 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r8, 0x0)

1.686771395s ago: executing program 8 (id=3829):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x35}, {0x6}]})
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
close(r1)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000340)='./binderfs2/custom0\x00', 0x0, 0x0)
ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f0000000080)=[@enter_looper], 0x50, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x14, 0x0, &(0x7f0000000300)=[@register_looper, @enter_looper, @dead_binder_done], 0x4, 0x0, &(0x7f0000000380)="20f65a13"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000980)='/sys/power/pm_trace', 0x0, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
read$FUSE(r6, &(0x7f00000009c0)={0x2020}, 0x2020)
ioctl$BTRFS_IOC_DEV_INFO(r4, 0xd000941e, &(0x7f0000000740)={<r7=>0x0, "bef8e032b4a93c28d78d57ef9cd68922"})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r4, 0xc400941d, &(0x7f0000001740)={r7, 0x4, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000440)={0x1, 0x4, 0x1, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r8, 0x4138ae84, &(0x7f0000000100)={{0x7000, 0xdddd1000, 0x0, 0x0, 0x8, 0xb, 0x0, 0x2, 0x0, 0x6, 0x9, 0x10}, {0x8080000, 0x4, 0x10, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, 0x0, 0xff}, {0x3000, 0xeeee8000, 0xc, 0x0, 0x7, 0x4, 0x5, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x10000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xf7, 0xdd, 0x8, 0x0, 0x4}, {0x2000, 0xdddd0000, 0x8, 0x6, 0xff, 0x4, 0x0, 0xe, 0x0, 0x3c, 0x7d}, {0x0, 0x5000, 0xd, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0x40}, {0xdddd0000, 0x0, 0xa, 0x6, 0x5, 0x0, 0xe8}, {0x0, 0xdddd0000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xc, 0x26, 0x3, 0x10}, {0xf000}, {0xeeef0000}, 0xfdfcffdb, 0x0, 0x0, 0x28, 0xb, 0xf801, 0x0, [0x0, 0x0, 0x7aa]})
r9 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000006c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r9, 0xc0145401, &(0x7f0000000700)={0xffffffffffffffff, 0x3, 0x3, 0x0, 0x7})
ioctl$KVM_TRANSLATE(r8, 0xc018ae85, &(0x7f0000000080)={0xeeee0000, 0x2000, 0x6, 0x7e, 0xff})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x4c, 0x0, &(0x7f00000003c0)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f00000001c0)={@flat=@binder={0x73622a85, 0x1, 0x2}, @flat=@handle={0x73682a85, 0xa, 0x3}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})

1.390229509s ago: executing program 6 (id=3830):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c81, 0xfffffffffffffffc) (async)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c81, 0xfffffffffffffffc)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0x40000107}]})
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0xffffffc1) (async)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0xffffffc1)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r1, 0x0)
prctl$PR_MCE_KILL(0x21, 0x1, 0x0)
prctl$PR_MCE_KILL_GET(0x22) (async)
prctl$PR_MCE_KILL_GET(0x22)
ioctl$ASHMEM_SET_NAME(r1, 0x40087708, &(0x7f0000002600)='\x00\x00\x03\x06\x00\x00\x00\x05\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80`4/\xe9\x15\x9a\x9f\xf0:\xfd$\xad\xbb\x9a|c\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\x16\\n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84\x04;\xc5[\nja\xb9\'\xc9#\xfcx\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~~\x84\\\xe4\x00B\x05\xd4\xea\xea\x7f=\xc6:\\N\xc3\xb7Vw\xc6\x9c\x96s\xaaHL\x96\xc72\n\x18Ynj\xceTS\xfbl\x0f\x9f8M\f\x89\xa1\xd2Hs`\x8bp\x8a\xc4%\xf8\x1d3\nV\x9a\xaf\x1f\xf96^\x93\xc1\xaf)\rg\x86\xd6\xea\xa9\x0f\x9a\xf1V\x1b\xbf\x8b\'-\xab\x8e\t7\xd3\xf7\xa9v\xfbY\xe6\x9b^d\x8c\xb1\xdd')
ioctl$ASHMEM_SET_NAME(r1, 0x40087707, &(0x7f0000000300)='\x00\x00\x00\x06\x00\x00\x00\x01\x00x\x92\x12\xbc\x00\x00\xbb\x0642\x9c\x1a\xd1\xcbx\xb0\xd6\x1e\x10gQ\xca\x0e;\xf7\'\x8c\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn\x05\x00\x00\x00-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \xac\xc4K\x03\xfa\x13Vz\xbf\xe3c\x8d \x0f\xb1\xe9\xf2oci(\xcb\x82\x05\xfe[H\xaf\x01\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafd%\xf1\xdbjE\x01\xd1sD5hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\x851Y9OB\xdeB\xe1\x02-&\"1hS\x92\xe4$-\x02\x00\xe4\x8e\"\x85\xc9x\xef\x81E.r\x89\xe5\x00\x9e\x97\x96\xb8j\x81\xf0\xdca\xfb\xa6\xff\xff\xff\xff\x00\x00\x00\x00d\xf0\xf1j\x11\x12\xc0\xbb\xfdq~#\xf7\xa8\"$,\xf4\x84|\x89o\x00<\xa6-\xb0\xd3\x80\xbe\xcf\a\x00\xfc\xa6\xb1\x05\x94\x84l\xbfA\xeb\xd8\t\x00\x00\x00CvNhx461\x04N<\xedV\xcet\xaa~\xf3j\x94\xec\x92\x86uY\xf6\xb5\t?,~\xa67\\\xb9\xc9K\xf8\x9d\x96\xc0\xb5\xc7wF\x99\x12\x97T\x90.\x9c\xe3\x9a\xf1\xb9\x9c\x13\xbc\x19\xde/\xaahB\t\x97\a03\xcd\xb3\xc8\xd5l\x14!\xf9Xg2\x1d\xeeB\xccT\x0e\xd8\xef\xc8\xe9\xb4\xf3l\xc3\xf2\x998\xc8\xc2|2\xee\xb4W\x99f.\xeb\xe9\x05\xcbkz3+\xdd\xe1*8\x95@0t0\xad\xe3#\xd7\x19\xe7Q\xdfmI\xe5\x1e\xe4\x87\xc9\x8f\xa7\xe0\xd9v\xf6\x01\x9d\x8f`,\x1a8\x81I\x86l\x8f2\r:\xc1\x02\xd6Z%\xa7Ks\x8bUolS\x05\xbe\x97\x1fGe\x94\xa6\xa3\xab\xdb\r\x17\xff[\xb1\x00\xff\x7f\x00\x00\x00\x00')

1.30794841s ago: executing program 7 (id=3831):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000080), 0x20e02, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x45809000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000cf0800008c04"])
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1)
r3 = openat$cgroup_int(r2, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000140)=ANY=[@ANYBLOB='1-0\n', @ANYRESOCT], 0x31)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
ioctl$VHOST_SET_LOG_BASE(r4, 0x4008af04, &(0x7f0000000300)=&(0x7f0000000240))
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/67, 0x0, 0xdddd0000})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f00000007c0)={0x8, 0x0, [{0x5000, 0x62, &(0x7f0000000340)=""/98}, {0x4, 0x39, &(0x7f0000000040)=""/57}, {0x0, 0xe5, &(0x7f00000003c0)=""/229}, {0xfbdabcbce4b2dbcd, 0x35, &(0x7f0000000200)=""/53}, {0x8000000, 0xd7, &(0x7f00000004c0)=""/215}, {0x10000, 0xbc, &(0x7f00000005c0)=""/188}, {0x3000, 0xd1, &(0x7f00000006c0)=""/209}, {0x1000, 0x23, &(0x7f00000002c0)=""/35}]})
ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000080)={0x9, 0x3, 0x0, 0x7ff, 0x0, "03880a17f2cd8bad"})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0x8000000000, 0x1, 0x1, 0x8, 0x4002004c5, 0x1000, 0x1, 0x0, 0x7, 0xe, 0x0, 0x6, 0x0, 0x49], 0xdddd1000, 0x1c7056})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0, 0xeeee0000})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x1)

1.168004933s ago: executing program 6 (id=3832):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000}) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f00000004c0)={0x79, 0x0, 0x3}) (async)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f00000004c0)={0x79, 0x0, 0x3})
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000030000000400000000000000000000df00020e"]) (async)
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000030000000400000000000000000000df00020e"])
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000040), 0x8ae, 0x0, &(0x7f00000013c0)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfeae79fe756381d6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c1ae2008448e5750c3a3d5733b4a2486788550e6353e9b12cc09750d5b9dcd2aedba61d0520e99a51e880d3dd78a2b502029deac1860cf50885f8bf5119491c6b1e06492e98ca64e5e32afbb3b0630cb35b58640afc2188a232f77968c18d2d0e8f91c974edcb3198b4520f530acacb12017216338cc479de3651e8f15f1672397c730e3ca2a189ca4cc85f35dd46aeb67b6a2eb7268a653b190d8ba670490d50f761c1fa25f1954d8fe6bcb15dbc23698c945262b991e6245b9a25b12b13c87bf8a8a06f51784007abd06e01a0c03ee80b236fabb5b22ce797c4d8a739ac96dcf16c93f454463d3631c4cdd2dea6732a486015dc9937ee4e6efbfff46bdd8887094ca4bd94d995f411421c7ef07f949fcc10132f58b7c99a871780d92464594c930b80596baab77b0d68a05d71ca8a1888f3128f12aebac362c4d80870ab3d9f2e77d51f9af16472faff98dda1e0133c8bc2510345d5eb1d64bce64761f4cc39ac6655902338bf1335dc55393995af4447ed1aa4c50bfacd576842560abca3e6c74dcea6dd03d36f9e7f8bda2cf33e3b7da195fba79f5a60421e19910f1fef31b9fa52064ce9ee8c415746a3cab47a8ad8477e9f21e9ee804a85dc568439b95c01bbbc3fa16a8c26bd81b01b8849795b2370f591e2a8e175cd465a600a541839bc734271b4b3afb2303dc1cf12bee00080ad10658c97672ad023e89f23d9301b5dbf1a7ba6d6c2b8dbd300f05f36a095f188b56fd3ba8e871aaf22e2128696e7232cb22f4f5404a3d1256a11665caaead326faad340031cafb99edbceba7bac44c7d2720aedba9cb708dae55b192a1e31835fae8756f062c151f6778b1d93c2d1f8b479ae9bbe1255abcef9beaa95b558fbbc9a979d46580aa85b10f160b438bea64f23b8e605ce34d2b46bbf8bfbfa683b10f55b3d30c58675dd1a524495e5d42c7d02dc60b853e8b3ed2caf41cd24a8a1d044e27d48b2184bac00730f7c20a1ba2bb6b6a5381a3d359d8e721504bbbce18ee49031b48c278a5730f31fb83f6cf32ac98326b722d3e2d7b38a7b8060000002b69fb1aefc8c0bbe431191f0ed76141a8365621e4f7118dd4465b4642bdb0af21d30c8cfb1d5201852c0428b1983d91f706e814c1395888b1c2a3516ea20a93d868e27c3c9b68a9cda4befc389b57661a4ff37137628ec96bcb625fd10324625ac1589c2918c66f811a323a19ab30bcf28fc20b64176e319d58f74578093e32ba9f51b255693dda9514ff43f6ef6010143554305073e94be322daa024cb7efcf405ea4924bfa72633b766365fee1d59d1a94717450657ff3b72853785e91f94ca1502b129eafa718633bec1557fb1e0ae2887e6e8c0fdd9f3f99de03c0af7364781766520d90c15b0e2a4c43613089dbecc4dd68be74204809f0270370097642d54388ccbb54b58be8b5796eac48ef5f17752eaa7301f075faee593aae71ee0e0ca1f45a22e7cede3597f14a344796ceec33e98b3b89e031c0d757e83d5093322d9afc9898f80b2e9bb17bc8b2b164d048c1b912f6cd92979df629efcb94968cca6e65b9b078677698fa4937a2ec23edd00971a5505ecc65fe150d3d00a34e52cc64951937fc79014b0df8d2c9c35f06209f45556278fa7ecfc70a92eca165bbd493686fb4c0cd607cec994657149a61da2e09414944c557be54908197724174247194d435b25bf78ec4cc164a574662eb4d1e4d784a6ea0c71dd1a16e53a7b8a27fcec679346afe90a05e06b276fe972d5e1d3486e0452d0a9a1636ab9c517f371a0592ef34513a9a4e961cd79c86891f460becb57f41e22b2a72ae175e29344184cde0b2beae00f90a6a79dc689da4b4b1da0e9758854d404a9cbcf725c68b6f2de865b2b5e12124d09f8745208b5cc544522f7c8bcfceb907422502f1641b600a60a5aef28be5a92ff71755efaf29e23c8ca52ad945bbdc4d6e7502adee312ea8d9338a80671f36309026c0d9c2ceb14da0b8beb087853b8014d30372f0d58448530f1bed15c4caaf8a844853030aab1ba6de9891678a16a2d9b9889d4a367753f0aacda03ce6fae1f62b34a3317a704527e65b18dc3186f32c5caa2d82f058066274e145f3cfe0bb5d40a77f54fb0de584d5f50de29d1c3aa29acea2363ef5c1e0592ef94370936df0152871396c13a89e56086f381862edb6f4bec0d937e94a689a8c5c87a51e073fdaa935591bbccff359e0805ded9ac71e3b295fdd05bc2b03d7af58a393778c9dfdfd8101b3503c86a6d9e2fdeb215be40f90bb7360a04e111d743207a8742275ee7df2508b909ea4d3a7af7886d3f26aa58943edbbcbd686bf9cf9a78b43dd9792bca97cda65083404bd7ab227f68e18cd87541bf069bde649a0b9ef1346a748d794685339973d6b59dcbe74a3caf48f4628eedfcd6900c56746f017f0845fea8c95ac7b2a4ff90940f98a163afc082ef6de72f5fddf056e5fe2d42a173f7fd5f6100933a38fad63a9ce3e79cf905626bd80fedcb08281a37adadbe9fe5d4b1525bd20b66e64b0b6ed4486b2f54c7c58e1128d7d3c619486c62b904cb2220dcd55efcd1b16e26f8ba82846868f988eb2a2e480299370f9679e09212612816dedd6ba1c2822caf017c595e9b287967f5652f4a777177bffcccb00b8b3ac757cd958c77c0f01c92e07d8fbd2163347b9f05a6d73f5bb8fb175e1a8c39c2c71af8dea7a81a9d53ac0ccda17de77c0b76246ca1bb9d2d11ffd36c7794d8dc0518b1ad46def9929e147c76f39e3eaf42a357a5e3eb60c749b99e8ca01cfd844747928a1d27939b84ce7bbfb0a5f18ffe9fc0246a227c98"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x2000, &(0x7f000000b000/0x2000)=nil})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

1.078449264s ago: executing program 7 (id=3833):
mount$binderfs(0x0, &(0x7f0000002200)='./binderfs\x00', &(0x7f0000002240), 0x10, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x28000, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/pm_test', 0xa0042, 0x182)
write$tcp_mem(r3, &(0x7f0000000280)={0x7, 0x2d, 0xffffffffffffffff, 0x3a, 0x0, 0x2c}, 0x48)
write$selinux_load(r3, &(0x7f0000000180)={0xf97cff8c, 0x8, 'SE Linux', "98bacfede33676e831508ffb"}, 0x1c)
ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0xfffffffe)
ioctl$ASHMEM_SET_NAME(r2, 0x41007701, &(0x7f0000000000)='\x00')
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r2, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0xc0000080, 0x0, 0x400}]})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r6 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000080)={[0xaa, 0x3, 0xa, 0x8000, 0x4, 0x8, 0x100, 0x797, 0x6839, 0x5, 0xc668, 0x6, 0xe, 0x2, 0x9, 0x8], 0x2, 0x2})
openat$urandom(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)

651.971431ms ago: executing program 8 (id=3834):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
prctl$PR_SET_PDEATHSIG(0x1, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/custom0\x00', 0x800, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r1, 0x40046205, &(0x7f00000002c0)=0x400)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000340), 0x400100, 0x0)
ioctl$RTC_AIE_OFF(r2, 0x7002)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000100)=[@decrefs, @register_looper], 0x13d, 0x0, &(0x7f0000000400)="a89aff67520a7335b849b4f88a6db06e45e3f5e648a65b8003975be8a982d5135e161a783d3d01fddcbd838bac308358a7e349f333e620505e4ce234f097808a933ec5f1982c991b516a9e26b6bb537c85f5ad467697f0d78bb80fb828e53580957e7ca3fad40820d05c3dbd6bb0f9f1208eeb651d2a65c33878f1e7ab151c954f22d6faef59a13ebf1653ffdaf1fe54cef21f0f34e897b9c643e0eb91a0ff2e096931f59aec962753219c2dad9f02687a169f5118154a1ae5ce08d4f5a539aac67c180111fc3cdd7ec11ae56304b651ecf90417cc0fdb5ab9465d4d64c2cc754cc54b2aa9e0b70695ecadcca2090caeaa0085f27883eb4df22df5c3e4fc08e7400346e01bdac41f24d97b09d09145f64f0fe6caec8adf1096ce75521767b507911a1372c5b619987141bbc15c363cd966f4d5036f5ea04d1953f73862"})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x3d)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0x40000072, 0x0, 0x7f}]})
ioctl$KVM_CAP_X86_GUEST_MODE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$KVM_CREATE_PIT2(r5, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x1000000035, 0x4, 0x2, 0x180, 0x4, 0x7ff, 0xf1, 0x2, 0x8000000000002, 0x2, 0x0, 0x9, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x120182})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r5, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0xc003, 0x3, 0x5, 0x0, 0x4, 0x7, 0xd, 0xb9, 0x0, 0xe, 0x5, 0x204}, {0x804, 0x1, 0x4, 0x45, 0x7, 0xff, 0x2, 0xff, 0x0, 0x4, 0x4, 0x7b, 0x20c}, {0x1, 0x6, 0x18, 0x5, 0x80, 0xfd, 0x3, 0x2, 0x0, 0x70, 0x4, 0x7}], 0xfbffffff})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_PIT(r5, 0x8048ae66, &(0x7f00000002c0)={[{0x3ff, 0x8, 0xb, 0xa, 0xd, 0x2, 0x6, 0x4, 0x2, 0x5, 0x10, 0xf7, 0xffffffffffff0000}, {0x960f, 0x7, 0x1, 0x0, 0x6, 0xfc, 0x0, 0x9, 0x2, 0xe, 0x1, 0x24, 0x100}, {0x6, 0x2, 0x3, 0x8, 0x4, 0x50, 0x9, 0x8, 0x8, 0xf4, 0x3, 0x5, 0x3}], 0x3})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000003c0)={[0x60000000000, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x3], 0x1, 0x202})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
syz_clone3(&(0x7f00000029c0)={0x0, 0x0, 0x0, 0x0, {0x4}, 0x0, 0x0, 0x0, &(0x7f0000002980)=[0x0], 0x1}, 0x58)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000040), 0x12)

564.983941ms ago: executing program 7 (id=3835):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000}) (async)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x58, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b418709844"}) (async, rerun: 64)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) (async, rerun: 64)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) (async)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000200)={0x0, &(0x7f00000002c0)}) (async)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 32)
ioctl$KVM_NMI(r6, 0xae9a) (async, rerun: 32)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000380)={[0x3, 0x100000000, 0x0, 0xfffffffffffffff8, 0x100000, 0x0, 0x202004c8, 0x8000003, 0x7, 0x1, 0xfffffffffffffffe, 0x2000000000], 0x1000, 0x4000}) (async)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x40881, 0x0) (async, rerun: 32)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (rerun: 32)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901}) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async, rerun: 32)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) (rerun: 32)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x8000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0x4b564d00, 0x0, 0x9}]})
write$vga_arbiter(r3, &(0x7f0000000280)=ANY=[@ANYBLOB='trylock me'], 0xc) (async)
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @flat=@binder={0x73622a85, 0x3000, 0x2}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

330.178105ms ago: executing program 6 (id=3836):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x37) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000100)=[@acquire={0x40046305, 0x1}, @register_looper], 0x50, 0x0, &(0x7f0000000340)="a89aff67520a7335b849b4f88a6db06e45e3f5e648a65b8003975be8a982d5135e161a783d3d01fddcbd838bac308358a7e349f333e620505e4cf1982c991b516a9e26b6bb537c85f5ad467697f0d78b"}) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0}) (async)
syz_clone3(&(0x7f00000029c0)={0x0, 0x0, 0x0, 0x0, {0x4}, 0x0, 0x0, 0x0, &(0x7f0000002980)=[0x0], 0x1}, 0x58)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$uinput_user_dev(r2, &(0x7f0000000a80)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_RELBIT(r2, 0x40045566, 0xe) (async)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x2) (async)
ioctl$UI_DEV_CREATE(r2, 0x5501)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000040), 0x12)

302.573316ms ago: executing program 37 (id=3708):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xc000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f00000000c0), 0x12)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_GET_PIT2(r4, 0x8070ae9f, &(0x7f00000001c0))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000200)={0x4376ea830d56d49d})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_NMI(r6, 0xae9a)
r7 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x0, 0x0)
r8 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x161000, 0x0)
ioctl$BLKFLSBUF(r8, 0x1261, 0x0)
ioctl$BINDER_CTL_ADD(r7, 0x541b, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x100000001, 0x0, 0x0, 0x100000, 0x10001, 0x401, 0x8000000, 0x7, 0x0, 0xfffffffffffffffe, 0x200, 0x2, 0x3], 0x0, 0x200})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x0, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r11, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @pic={0xfb, 0x8, 0x8, 0x2, 0x4, 0x8, 0xf8, 0x7, 0x9, 0x0, 0x6, 0x7, 0x5, 0x9, 0x0, 0x57}})
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000000)={0x5, 0x0, &(0x7f0000000140)=[@request_death], 0x0, 0x0, 0x0})

259.883476ms ago: executing program 7 (id=3838):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000300)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000180)={@ptr={0x70742a85, 0x0, &(0x7f0000000bc0)=""/4096, 0x1000, 0x1, 0x1a}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x0, 0x15}, @fda={0x66646185, 0x8, 0x0, 0x1b}}, &(0x7f00000004c0)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_X86_NOTIFY_VMEXIT(r4, 0x4068aea3, &(0x7f0000000080)={0xdb, 0x0, 0x6})
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x4, 0x0, 0x3, 0x2, 0x8000], 0x10000, 0x202})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="cf00000000555c0000000000000000a79200000000080000ccf7ae7d55"])
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f0000000100)=ANY=[@ANYBLOB="020000000000000ef3fd5f5c76c2954e69001809000000000000040000000000000070080000000000000800000000000000"])
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001500)={0x44, 0x0, &(0x7f0000001380)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x39, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

194.535337ms ago: executing program 6 (id=3839):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x54, 0x0, &(0x7f0000000300)=[@increfs, @transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB='max=00000000000000000000001'])

94.270529ms ago: executing program 8 (id=3840):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x484, 0x0, 0x4}]}) (async, rerun: 64)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (rerun: 64)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_X2APIC_API(r7, 0x4068aea3, &(0x7f0000000000)={0x81, 0x0, 0x2})
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xffff1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async, rerun: 32)
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (rerun: 32)

0s ago: executing program 6 (id=3841):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x68800, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f00000001c0), 0x12)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r5 = openat$cgroup_int(r2, &(0x7f0000000080)='io.latency\x00', 0x2, 0x0)
write$cgroup_int(r5, &(0x7f00000000c0)=0xa, 0x12)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r4, 0x4068aea3, &(0x7f0000000140)={0xbe, 0x0, 0x1})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$BLKRRPART(r0, 0x125f, 0x0)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x68800, 0x0) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
openat$cgroup_procs(r2, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) (async)
write$cgroup_pid(r3, &(0x7f00000001c0), 0x12) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
openat$cgroup_int(r2, &(0x7f0000000080)='io.latency\x00', 0x2, 0x0) (async)
write$cgroup_int(r5, &(0x7f00000000c0)=0xa, 0x12) (async)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r4, 0x4068aea3, &(0x7f0000000140)={0xbe, 0x0, 0x1}) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) (async)
ioctl$BLKRRPART(r0, 0x125f, 0x0) (async)

kernel console output (not intermixed with test programs):

st_binder: Write failure EINVAL in pid:92
[  215.727799][ T7123] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  215.850393][ T7124] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  215.956044][ T7126] binder: Bad value for 'defcontext'
[  216.013637][ T7129] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 120, limit: 160, size: 18446744073709551490)
[  216.013674][ T7129] rust_binder: Error while translating object.
[  216.043818][ T7129] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  216.052250][ T7129] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:104
[  216.160515][ T7133] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  216.199896][ T7133] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  216.208614][ T7133] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  216.209082][ T7133] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  216.225018][ T7133] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  216.459518][ T7142] kvm: apic: phys broadcast and lowest prio
[  216.729191][ T7157] rust_binder: Write failure EFAULT in pid:573
[  216.939025][ T7169] rust_binder: Error in use_page_slow: ESRCH
[  216.939044][ T7169] rust_binder: use_range failure ESRCH
[  216.970696][ T7169] rust_binder: Failed to allocate buffer. len:160, is_oneway:false
[  216.970725][ T7169] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  216.985140][ T7169] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:578
[  217.051271][ T7173] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  217.076470][ T7173] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:270
[  217.313804][ T7187] rust_binder: Write failure EINVAL in pid:130
[  217.436304][ T7189] binder: Bad value for 'context'
[  217.627731][   T36] kauditd_printk_skb: 2602 callbacks suppressed
[  217.627755][   T36] audit: type=1400 audit(1750408372.890:38640): avc:  denied  { setattr } for  pid=5123 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  217.701997][   T36] audit: type=1400 audit(1750408372.930:38641): avc:  denied  { setattr } for  pid=5123 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  217.798959][   T36] audit: type=1400 audit(1750408372.930:38642): avc:  denied  { setattr } for  pid=5123 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  217.804969][ T5123] audit: audit_backlog=65 > audit_backlog_limit=64
[  217.831614][ T7202] audit: audit_backlog=65 > audit_backlog_limit=64
[  217.848994][ T7202] audit: audit_lost=228 audit_rate_limit=0 audit_backlog_limit=64
[  217.859787][ T7202] audit: backlog limit exceeded
[  217.864946][ T7202] audit: audit_backlog=65 > audit_backlog_limit=64
[  217.880425][   T36] audit: type=1400 audit(1750408372.930:38643): avc:  denied  { setattr } for  pid=5123 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  217.885932][ T7204] audit: audit_backlog=65 > audit_backlog_limit=64
[  218.536270][ T7211] binder: Unknown parameter 'sK���tѷ�]v-~�0t+	����c]�É���\������b��$
[  218.536270][ T7211] T;}h��x-m'�m<R��7��D'
[  218.732524][ T7224] input: syz0 as /devices/virtual/input/input124
[  219.089279][ T7228] binder: Unknown parameter 'context'
[  219.619691][ T7235] binder: Bad value for 'max'
[  219.699418][ T7237] SELinux:  policydb string  does not match my string SE Linux
[  219.707069][ T7237] SELinux: failed to load policy
[  219.753619][ T7237] input: syz0 as /devices/virtual/input/input125
[  219.772315][ T7237] input: failed to attach handler leds to device input125, error: -6
[  219.822087][ T7237] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:279
[  220.002959][ T7241] rust_binder: Got transaction with invalid offset.
[  220.027386][ T7241] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  220.059047][ T7241] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:282
[  220.079984][ T7242] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  220.133483][ T7242] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:151
[  220.540626][ T7246] rust_binder: Write failure EFAULT in pid:286
[  220.565377][ T7250] KVM: debugfs: duplicate directory 7250-6
[  220.631395][ T7250] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  220.631430][ T7250] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  220.669085][ T7250] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:611
[  220.816995][ T7260] rust_binder: Write failure EINVAL in pid:289
[  220.860461][ T7260] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:289
[  220.881672][ T7260] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  220.985392][ T7264] binder: Unknown parameter 'processor	: 0
[  220.985392][ T7264] vendor_id	: GenuineIntel
[  220.985392][ T7264] cpu family	: 6
[  220.985392][ T7264] model		: 79
[  220.985392][ T7264] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[  220.985392][ T7264] stepping	: 0
[  220.985392][ T7264] microcode	: 0xffffffff
[  220.985392][ T7264] cpu MHz		: 2199.998
[  220.985392][ T7264] cache size	: 56320 KB
[  220.985392][ T7264] physical id	: 0
[  220.985392][ T7264] siblings	: 2
[  220.985392][ T7264] core id		: 0
[  220.985392][ T7264] cpu cores	: 1
[  220.985392][ T7264] apicid		: 0
[  220.985392][ T7264] initial apicid	: 0
[  220.985392][ T7264] fpu		: yes
[  220.985392][ T7264] fpu_exception	: yes
[  220.985392][ T7264] cpuid level	: 13
[  220.985392][ T7264] wp		: yes
[  220.985392][ T7264] flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities
[  220.985392][ T7264] vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi
[  221.181328][ T7266] rust_binder: Error while translating object.
[  221.397088][ T7266] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  221.427404][ T7266] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:160
[  221.720778][ T7279] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  221.741311][ T7279] rust_binder: Error in use_page_slow: EBUSY
[  221.765572][ T7279] rust_binder: use_range failure EBUSY
[  221.772032][ T7279] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  221.777696][ T7279] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  221.793616][ T7279] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  221.822312][ T7279] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:301
[  222.189097][ T7295] input: syz0 as /devices/virtual/input/input126
[  222.340912][ T7296] rust_binder: Error in use_page_slow: ESRCH
[  222.340942][ T7296] rust_binder: use_range failure ESRCH
[  222.347117][ T7296] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  222.359339][ T7296] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  222.390957][ T7296] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:307
[  222.520241][ T7298] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  222.549017][ T7298] rust_binder: Error while translating object.
[  222.563883][ T7298] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  222.578990][ T7298] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:624
[  222.631029][   T36] kauditd_printk_skb: 2431 callbacks suppressed
[  222.631054][   T36] audit: type=1400 audit(1750408377.900:40979): avc:  denied  { setattr } for  pid=5123 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  222.698342][ T5123] audit: audit_backlog=65 > audit_backlog_limit=64
[  222.705522][   T36] audit: type=1400 audit(1750408377.900:40980): avc:  denied  { setattr } for  pid=5123 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  222.728742][ T5123] audit: audit_lost=262 audit_rate_limit=0 audit_backlog_limit=64
[  222.730977][   T36] audit: type=1400 audit(1750408377.900:40981): avc:  denied  { setattr } for  pid=5123 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  222.737672][ T5123] audit: backlog limit exceeded
[  222.766456][   T36] audit: type=1400 audit(1750408377.900:40982): avc:  denied  { setattr } for  pid=5123 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  222.771901][ T5123] audit: audit_backlog=65 > audit_backlog_limit=64
[  222.792685][   T36] audit: type=1400 audit(1750408377.900:40983): avc:  denied  { setattr } for  pid=5123 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  222.799034][ T5123] audit: audit_lost=263 audit_rate_limit=0 audit_backlog_limit=64
[  222.916858][ T7300] input: syz1 as /devices/virtual/input/input127
[  222.937991][ T7302] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  222.967605][ T7302] kvm: kvm [7301]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010003) = 0x3072
[  222.987738][ T7302] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  223.411718][ T7311] binder: Bad value for 'stats'
[  223.649210][ T7326] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:312
[  223.652626][ T7327] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:633
[  223.686121][ T7320] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  223.718882][ T7320] rust_binder: Error in use_page_slow: EBUSY
[  223.743344][ T7320] rust_binder: use_range failure EBUSY
[  223.758331][ T7320] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  223.773967][ T7320] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  223.791166][ T7329] input: syz1 as /devices/virtual/input/input128
[  223.791186][ T7320] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  223.828183][ T7320] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:633
[  224.020663][ T7332] KVM: debugfs: duplicate directory 7332-5
[  224.120961][ T7332] rust_binder: Write failure EINVAL in pid:637
[  224.271587][ T7334] rust_binder: Error while translating object.
[  224.293975][ T7334] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  224.319974][ T7334] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:181
[  224.580020][ T7339] rust_binder: got new transaction with bad transaction stack
[  224.598976][ T7339] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:318
[  224.789744][ T7344] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  224.828951][ T7344] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:185
[  224.891880][ T7351] Restarting kernel threads ... done.
[  224.925823][ T7351] rust_binder: Write failure EINVAL in pid:322
[  225.046516][ T7357] rust_binder: Failed copying remainder into alloc: EFAULT
[  225.076741][ T7357] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[  225.085673][ T7357] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  225.094452][ T7357] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:187
[  225.429671][ T7363] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  225.488549][ T7363] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:326
[  225.702447][ T7374] binder: Unknown parameter '00000000000000000000003'
[  225.995673][ T7382] rust_binder: Write failure EINVAL in pid:661
[  226.363085][ T7390] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  226.442378][ T7396] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:198
[  226.662711][ T7408] SELinux: security_context_str_to_sid () failed with errno=-22
[  226.794239][ T7412] binder: Unknown parameter 'defcontext01777777777777777777777'
[  226.938220][ T7414] __vm_enough_memory: pid: 7414, comm: syz.0.3044, bytes: 281474976845824 not enough memory for the allocation
[  227.043016][ T7418] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:208
[  227.381394][ T7431] rust_binder: Write failure EFAULT in pid:344
[  227.642730][   T36] kauditd_printk_skb: 2709 callbacks suppressed
[  227.642756][   T36] audit: type=1400 audit(1750408382.910:43692): avc:  denied  { read write } for  pid=4958 comm="syz-executor" name="loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  227.749454][   T36] audit: type=1400 audit(1750408382.910:43693): avc:  denied  { read write open } for  pid=4958 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  227.779547][ T7440] audit: audit_backlog=66 > audit_backlog_limit=64
[  227.780051][ T5123] audit: audit_backlog=66 > audit_backlog_limit=64
[  227.789911][ T7443] audit: audit_backlog=66 > audit_backlog_limit=64
[  227.793138][ T5123] audit: audit_lost=264 audit_rate_limit=0 audit_backlog_limit=64
[  227.809498][ T7440] audit: audit_lost=265 audit_rate_limit=0 audit_backlog_limit=64
[  227.817554][ T7440] audit: backlog limit exceeded
[  227.839410][ T5123] audit: backlog limit exceeded
[  227.839475][ T7443] audit: audit_lost=266 audit_rate_limit=0 audit_backlog_limit=64
[  227.885887][ T7450] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  227.889728][ T7440] rust_binder: Error while translating object.
[  227.893979][ T7450] rust_binder: Write failure EINVAL in pid:682
[  227.913966][ T7440] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  227.928977][ T7440] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:216
[  228.083364][ T7452] rust_binder: Write failure EFAULT in pid:351
[  228.218776][ T7459] binder: Unknown parameter 'coyBLV�"i5������ntext'
[  228.257908][ T7459] binder: Unknown parameter 'max0000'
[  228.395389][ T7464] rust_binder: Write failure EFAULT in pid:691
[  228.445609][ T7466] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  228.464183][ T7466] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:353
[  228.536189][ T7470] binder: Unknown parameter 'uid'
[  228.663813][ T7473] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 120, limit: 120, size: 235)
[  228.663847][ T7473] rust_binder: Error while translating object.
[  228.689981][ T7476] binder: Unknown parameter 'hash'
[  228.704394][ T7473] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  228.704434][ T7473] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:693
[  228.758246][ T7477] kvm: kvm [7475]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010003) = 0x3072
[  228.819725][ T7477] rust_binder: Write failure EFAULT in pid:226
[  229.276023][ T7490] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  229.901742][ T7529] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  229.942310][ T7535] SELinux: failed to load policy
[  229.989127][  T292] bridge_slave_1: left allmulticast mode
[  229.994934][  T292] bridge_slave_1: left promiscuous mode
[  230.000814][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.022125][  T292] bridge_slave_0: left allmulticast mode
[  230.027951][  T292] bridge_slave_0: left promiscuous mode
[  230.050368][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.162221][ T7539] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  230.193275][ T7542] binder: Binderfs stats mode cannot be changed during a remount
[  230.281167][  T292] veth1_macvtap: left promiscuous mode
[  230.287352][  T292] veth0_vlan: left promiscuous mode
[  230.317061][ T7544] rust_binder: Error in use_page_slow: ESRCH
[  230.317088][ T7544] rust_binder: use_range failure ESRCH
[  230.339236][ T7544] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  230.345365][ T7544] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  230.361873][ T7544] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:247
[  230.389822][ T7546] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:725
[  230.417565][ T7546] binder: Unknown parameter 'max0xffffffffffffffff'
[  230.652857][ T7528] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.664999][ T7528] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.679964][ T7528] bridge_slave_0: entered allmulticast mode
[  230.689606][ T7528] bridge_slave_0: entered promiscuous mode
[  230.697845][ T7528] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.705284][ T7528] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.713039][ T7528] bridge_slave_1: entered allmulticast mode
[  230.719916][ T7528] bridge_slave_1: entered promiscuous mode
[  230.911676][ T7564] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 45)
[  230.911710][ T7564] rust_binder: Error while translating object.
[  230.938996][ T7564] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  230.956060][ T7564] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:373
[  231.035337][ T7570] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  231.079538][ T7570] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:733
[  231.188495][ T7571] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:256
[  231.201927][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.218616][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.220383][ T7571] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:256
[  231.241990][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.258819][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.365213][ T7528] veth0_vlan: entered promiscuous mode
[  231.416736][ T7528] veth1_macvtap: entered promiscuous mode
[  231.571265][ T7573] input: syz1 as /devices/virtual/input/input131
[  231.586221][ T7573] binfmt_misc: register: failed to install interpreter file ./file0
[  231.598415][ T7573] rust_binder: Write failure EFAULT in pid:2
[  231.964226][ T7580] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  232.006590][ T7580] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:737
[  232.329283][ T7590] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  232.651832][   T36] kauditd_printk_skb: 2218 callbacks suppressed
[  232.651856][   T36] audit: type=1400 audit(1750408387.920:45878): avc:  denied  { setattr } for  pid=6244 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  232.758969][   T36] audit: type=1400 audit(1750408387.920:45879): avc:  denied  { setattr } for  pid=6244 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  232.800713][   T36] audit: type=1400 audit(1750408387.920:45880): avc:  denied  { setattr } for  pid=6244 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  232.815973][ T6244] audit: audit_backlog=65 > audit_backlog_limit=64
[  232.842251][ T7528] audit: audit_backlog=65 > audit_backlog_limit=64
[  232.848979][   T36] audit: type=1400 audit(1750408387.920:45881): avc:  denied  { setattr } for  pid=6244 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  232.866388][ T6244] audit: audit_lost=278 audit_rate_limit=0 audit_backlog_limit=64
[  232.880250][ T7528] audit: audit_lost=279 audit_rate_limit=0 audit_backlog_limit=64
[  232.888665][   T36] audit: type=1400 audit(1750408387.920:45882): avc:  denied  { setattr } for  pid=6244 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  232.899001][ T6244] audit: backlog limit exceeded
[  233.025513][ T7607] rust_binder: Error while translating object.
[  233.025575][ T7607] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  233.055391][ T7607] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:269
[  233.270208][ T7618] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  233.352364][ T7618] rust_binder: Write failure EINVAL in pid:749
[  233.606763][ T7628] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  233.625625][ T7628] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:755
[  233.641787][ T7622] binder: Unknown parameter ''
[  233.679061][ T7628] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  233.679095][ T7628] rust_binder: Read failure Err(EFAULT) in pid:755
[  233.688283][ T7630] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[  233.748997][ T7630] rust_binder: Write failure EINVAL in pid:755
[  234.391020][ T7645] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  234.710682][ T7654] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  235.069896][ T7669] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  235.483270][ T7675] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  235.514297][ T7675] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  235.554445][ T7675] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:768
[  236.004906][ T7683] rust_binder: Error while translating object.
[  236.039051][ T7683] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  236.045332][ T7683] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:299
[  236.361946][ T7696] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  236.533808][ T7699] rust_binder: Write failure EFAULT in pid:779
[  237.018832][ T7722] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  237.025332][ T7722] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:316
[  237.236139][ T7724] binder: Bad value for 'stats'
[  237.303467][ T7724] input: syz0 as /devices/virtual/input/input133
[  237.659885][   T36] kauditd_printk_skb: 2328 callbacks suppressed
[  237.659908][   T36] audit: type=1400 audit(1750408392.920:48174): avc:  denied  { setattr } for  pid=6244 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  237.749005][   T36] audit: type=1400 audit(1750408392.970:48175): avc:  denied  { setattr } for  pid=6244 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  237.822949][ T6244] audit: audit_backlog=65 > audit_backlog_limit=64
[  237.829859][   T36] audit: type=1400 audit(1750408392.970:48176): avc:  denied  { setattr } for  pid=6244 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  237.840750][ T7728] audit: audit_backlog=65 > audit_backlog_limit=64
[  237.866593][ T6244] audit: audit_lost=292 audit_rate_limit=0 audit_backlog_limit=64
[  237.878940][ T6244] audit: backlog limit exceeded
[  237.885019][ T7728] audit: audit_lost=293 audit_rate_limit=0 audit_backlog_limit=64
[  237.885149][ T6244] audit: audit_backlog=65 > audit_backlog_limit=64
[  237.903353][ T7728] audit: backlog limit exceeded
[  237.952458][ T7728] rust_binder: Write failure EINVAL in pid:784
[  237.959504][ T7728] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  237.982960][ T7728] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:784
[  238.051046][ T7731] rust_binder: Error while translating object.
[  238.072311][ T7731] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  238.078748][ T7731] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:319
[  238.494541][ T7741] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  238.537556][ T7741] rust_binder: Write failure EINVAL in pid:325
[  238.975814][ T7747] can0: slcan on ttyS3.
[  239.381609][ T7746] can0 (unregistered): slcan off ttyS3.
[  239.741439][ T7763] binder: Binderfs stats mode cannot be changed during a remount
[  239.749335][ T7766] binder: Bad value for 'defcontext'
[  240.459447][ T7779] kvm: Disabled LAPIC found during irq injection
[  240.480946][ T7781] SELinux: failed to load policy
[  240.555447][ T7781] rust_binder: Write failure EINVAL in pid:338
[  241.094348][ T7798] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:343
[  241.119321][ T7798] rust_binder: Read failure Err(EFAULT) in pid:343
[  241.358054][ T7810] rust_binder: Write failure EINVAL in pid:345
[  242.669257][   T36] kauditd_printk_skb: 4248 callbacks suppressed
[  242.669281][   T36] audit: type=1400 audit(1750408397.940:52423): avc:  denied  { setattr } for  pid=4958 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  242.708125][ T7850] binder: Bad value for 'max'
[  242.723198][ T7850] input: syz1 as /devices/virtual/input/input134
[  242.771457][   T36] audit: type=1400 audit(1750408397.940:52424): avc:  denied  { read write } for  pid=7848 comm="syz.5.3173" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  242.773469][ T6244] audit: audit_backlog=65 > audit_backlog_limit=64
[  242.795206][   T36] audit: type=1400 audit(1750408397.940:52425): avc:  denied  { read open } for  pid=7848 comm="syz.5.3173" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  242.807786][ T4958] audit: audit_backlog=65 > audit_backlog_limit=64
[  242.827965][   T36] audit: type=1400 audit(1750408397.940:52426): avc:  denied  { read } for  pid=7848 comm="syz.5.3173" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  242.856696][ T6244] audit: audit_lost=295 audit_rate_limit=0 audit_backlog_limit=64
[  242.860448][   T36] audit: type=1400 audit(1750408397.940:52427): avc:  denied  { read open } for  pid=7848 comm="syz.5.3173" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  242.891119][ T4958] audit: audit_lost=296 audit_rate_limit=0 audit_backlog_limit=64
[  242.900782][   T36] audit: type=1400 audit(1750408397.940:52428): avc:  denied  { ioctl } for  pid=7848 comm="syz.5.3173" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xaee3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  243.480534][ T7861] rust_binder: Write failure EINVAL in pid:370
[  243.480901][ T7860] rust_binder: Write failure EINVAL in pid:370
[  243.499316][ T7861] rust_binder: Write failure EINVAL in pid:370
[  243.714512][ T7864] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  243.714852][ T7864] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  243.759260][ T7864] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  243.759569][ T7864] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  243.766851][ T7864] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  243.944857][ T7869] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  243.944904][ T7869] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:379
[  245.097044][ T7882] PM: Enabling pm_trace changes system date and time during resume.
[  245.097044][ T7882] PM: Correct system time has to be restored manually after resume.
[  245.201233][ T7882] kvm: apic: phys broadcast and lowest prio
[  245.406434][ T7885] binder: Unknown parameter 'processor	: 0
[  245.406434][ T7885] vendor_id	: GenuineIntel
[  245.406434][ T7885] cpu family	: 6
[  245.406434][ T7885] model		: 79
[  245.406434][ T7885] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[  245.406434][ T7885] stepping	: 0
[  245.406434][ T7885] microcode	: 0xffffffff
[  245.406434][ T7885] cpu MHz		: 2199.998
[  245.406434][ T7885] cache size	: 56320 KB
[  245.406434][ T7885] physical id	: 0
[  245.406434][ T7885] siblings	: 2
[  245.406434][ T7885] core id		: 0
[  245.406434][ T7885] cpu cores	: 1
[  245.406434][ T7885] apicid		: 0
[  245.406434][ T7885] initial apicid	: 0
[  245.406434][ T7885] fpu		: yes
[  245.406434][ T7885] fpu_exception	: yes
[  245.406434][ T7885] cpuid level	: 13
[  245.406434][ T7885] wp		: yes
[  245.406434][ T7885] flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities
[  245.406434][ T7885] vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi
[  245.420839][ T7886] binder: Unknown parameter 'processor	: 0
[  245.420839][ T7886] vendor_id	: GenuineIntel
[  245.420839][ T7886] cpu family	: 6
[  245.420839][ T7886] model		: 79
[  245.420839][ T7886] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[  245.420839][ T7886] stepping	: 0
[  245.420839][ T7886] microcode	: 0xffffffff
[  245.420839][ T7886] cpu MHz		: 2199.998
[  245.420839][ T7886] cache size	: 56320 KB
[  245.420839][ T7886] physical id	: 0
[  245.420839][ T7886] siblings	: 2
[  245.420839][ T7886] core id		: 0
[  245.420839][ T7886] cpu cores	: 1
[  245.420839][ T7886] apicid		: 0
[  245.420839][ T7886] initial apicid	: 0
[  245.420839][ T7886] fpu		: yes
[  245.420839][ T7886] fpu_exception	: yes
[  245.420839][ T7886] cpuid level	: 13
[  245.420839][ T7886] wp		: yes
[  245.420839][ T7886] flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities
[  245.420839][ T7886] vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi
[  246.383536][ T7907] input: syz0 as /devices/virtual/input/input136
[  246.671470][   T12] bridge_slave_1: left allmulticast mode
[  246.677513][   T12] bridge_slave_1: left promiscuous mode
[  246.683416][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.692211][   T12] bridge_slave_0: left allmulticast mode
[  246.698068][   T12] bridge_slave_0: left promiscuous mode
[  246.709046][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.902969][   T12] veth1_macvtap: left promiscuous mode
[  246.908585][   T12] veth0_vlan: left promiscuous mode
[  246.931246][ T7917] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  247.155014][ T7910] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.191253][ T7910] bridge0: port 1(bridge_slave_0) entered disabled state
[  247.200495][ T7910] bridge_slave_0: entered allmulticast mode
[  247.207275][ T7910] bridge_slave_0: entered promiscuous mode
[  247.217444][ T7910] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.225275][ T7910] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.233568][ T7910] bridge_slave_1: entered allmulticast mode
[  247.241382][ T7910] bridge_slave_1: entered promiscuous mode
[  247.555532][ T7939] binder: Unknown parameter ''
[  247.609674][ T7934] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  247.609718][ T7934] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:408
[  247.679518][   T36] kauditd_printk_skb: 4599 callbacks suppressed
[  247.679564][   T36] audit: type=1400 audit(1750408402.950:56846): avc:  denied  { setattr } for  pid=4958 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  247.738180][ T4958] audit: audit_backlog=65 > audit_backlog_limit=64
[  247.745254][   T36] audit: type=1400 audit(1750408402.950:56847): avc:  denied  { setattr } for  pid=4958 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  247.747047][ T6691] audit: audit_backlog=65 > audit_backlog_limit=64
[  247.769771][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.778969][ T6691] audit: audit_lost=357 audit_rate_limit=0 audit_backlog_limit=64
[  247.782694][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.790625][ T6691] audit: backlog limit exceeded
[  247.800419][ T4958] audit: audit_lost=358 audit_rate_limit=0 audit_backlog_limit=64
[  247.803434][ T6691] audit: audit_backlog=65 > audit_backlog_limit=64
[  247.812416][ T4958] audit: backlog limit exceeded
[  247.819961][ T6691] audit: audit_lost=359 audit_rate_limit=0 audit_backlog_limit=64
[  247.826373][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.837876][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  247.923238][ T7941] SELinux:  policydb string  does not match my string SE Linux
[  247.939328][ T7941] SELinux: failed to load policy
[  247.979258][ T7941] rust_binder: Write failure EINVAL in pid:411
[  248.033130][ T7910] veth0_vlan: entered promiscuous mode
[  248.096095][ T7943] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:413
[  248.138394][ T7910] veth1_macvtap: entered promiscuous mode
[  248.161532][ T7943] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  248.256354][ T7947] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:417
[  248.805827][ T7960] rust_binder: Error while translating object.
[  248.819001][ T7960] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  248.825253][ T7960] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:421
[  249.106958][ T7969] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[  249.149951][ T7969] rust_binder: Write failure EINVAL in pid:426
[  249.151428][ T7971] SELinux:  policydb version 905587468 does not match my version range 15-33
[  249.187806][ T7971] SELinux: failed to load policy
[  249.391782][ T7973] binder: Unknown parameter 'defcontext01777777777777777777777'
[  249.531584][ T7975] binder: Binderfs stats mode cannot be changed during a remount
[  249.836634][ T7990] random: crng reseeded on system resumption
[  249.943229][ T7990] Restarting kernel threads ... done.
[  250.699515][ T8010] SELinux: security_context_str_to_sid () failed with errno=-22
[  251.815903][ T8053] random: crng reseeded on system resumption
[  252.689803][   T36] kauditd_printk_skb: 2483 callbacks suppressed
[  252.689826][   T36] audit: type=1400 audit(1750408407.960:59330): avc:  denied  { setattr } for  pid=4958 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  252.734348][   T36] audit: type=1400 audit(1750408407.960:59331): avc:  denied  { setattr } for  pid=4958 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  252.786383][ T7910] audit: audit_backlog=65 > audit_backlog_limit=64
[  252.786864][ T4958] audit: audit_backlog=65 > audit_backlog_limit=64
[  252.795938][ T8091] audit: audit_backlog=65 > audit_backlog_limit=64
[  252.799629][ T4958] audit: audit_lost=360 audit_rate_limit=0 audit_backlog_limit=64
[  252.808954][ T7910] audit: audit_lost=361 audit_rate_limit=0 audit_backlog_limit=64
[  252.815951][ T4958] audit: backlog limit exceeded
[  252.822209][   T36] audit: type=1400 audit(1750408407.960:59332): avc:  denied  { setattr } for  pid=4958 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  252.822236][   T36] audit: type=1400 audit(1750408407.960:59333): avc:  denied  { setattr } for  pid=4958 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  252.850483][ T8091] __vm_enough_memory: pid: 8091, comm: syz.4.3248, bytes: 281474976845824 not enough memory for the allocation
[  253.236840][ T8105] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  253.663331][   T12] bridge_slave_1: left allmulticast mode
[  253.684533][   T12] bridge_slave_1: left promiscuous mode
[  253.693074][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.714643][   T12] bridge_slave_0: left allmulticast mode
[  253.728946][   T12] bridge_slave_0: left promiscuous mode
[  253.734726][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.784594][ T8132] binder: Unknown parameter 'processor	: 0
[  253.784594][ T8132] vendor_id	: GenuineIntel
[  253.784594][ T8132] cpu family	: 6
[  253.784594][ T8132] model		: 79
[  253.784594][ T8132] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[  253.784594][ T8132] stepping	: 0
[  253.784594][ T8132] microcode	: 0xffffffff
[  253.784594][ T8132] cpu MHz		: 2199.998
[  253.784594][ T8132] cache size	: 56320 KB
[  253.784594][ T8132] physical id	: 0
[  253.784594][ T8132] siblings	: 2
[  253.784594][ T8132] core id		: 0
[  253.784594][ T8132] cpu cores	: 1
[  253.784594][ T8132] apicid		: 0
[  253.784594][ T8132] initial apicid	: 0
[  253.784594][ T8132] fpu		: yes
[  253.784594][ T8132] fpu_exception	: yes
[  253.784594][ T8132] cpuid level	: 13
[  253.784594][ T8132] wp		: yes
[  253.784594][ T8132] flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities
[  253.784594][ T8132] vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi
[  253.912847][   T12] veth1_macvtap: left promiscuous mode
[  254.055476][   T12] veth0_vlan: left promiscuous mode
[  254.125171][ T8140] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  254.202342][ T8139] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  254.222232][ T8139] rust_binder: Error while translating object.
[  254.248502][ T8139] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  254.269744][ T8139] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:61
[  254.305004][ T8142] rust_binder: Write failure EINVAL in pid:61
[  254.346047][ T8121] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.425733][ T8121] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.459211][ T8121] bridge_slave_0: entered allmulticast mode
[  254.466340][ T8121] bridge_slave_0: entered promiscuous mode
[  254.489991][ T8153] rust_binder: Write failure EFAULT in pid:64
[  254.501972][ T8121] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.557849][ T8121] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.568726][ T8156] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  254.585892][ T8121] bridge_slave_1: entered allmulticast mode
[  254.609274][ T8121] bridge_slave_1: entered promiscuous mode
[  254.622898][ T8154] rust_binder: Error in use_page_slow: ESRCH
[  254.622926][ T8154] rust_binder: use_range failure ESRCH
[  254.645512][ T8154] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[  254.652763][ T8154] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  254.662061][ T8154] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:209
[  254.798448][ T8121] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.814968][ T8121] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.822375][ T8121] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.829552][ T8121] bridge0: port 1(bridge_slave_0) entered forwarding state
[  255.039300][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.053802][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.106513][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.113756][  T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[  255.134366][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.141833][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  255.224715][ T8171] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  255.395139][ T8121] veth0_vlan: entered promiscuous mode
[  255.456472][ T8121] veth1_macvtap: entered promiscuous mode
[  255.718441][ T8195] rust_binder: inc_ref_done called when no active inc_refs
[  255.718477][ T8195] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:496
[  255.771974][ T8195] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[  255.813583][ T8195] rust_binder: Error while translating object.
[  255.855802][ T8202] rust_binder: Write failure EFAULT in pid:2
[  255.858993][ T8195] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  255.896961][ T8202] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[  255.899297][ T8195] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:496
[  255.911882][ T8202] rust_binder: Write failure EINVAL in pid:2
[  255.972112][   T65] hid-generic 0000:0000:0000.0012: unknown main item tag 0x4
[  255.999356][   T65] hid-generic 0000:0000:0000.0012: unknown main item tag 0x2
[  256.016232][ T8205] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  256.017577][ T8205] rust_binder: Write failure EINVAL in pid:498
[  256.019258][   T65] hid-generic 0000:0000:0000.0012: unknown main item tag 0x3
[  256.086837][   T65] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  256.147664][ T8220] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:230
[  256.175967][ T8209] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  256.199796][ T8209] rust_binder: Error in use_page_slow: EBUSY
[  256.222030][ T8209] rust_binder: use_range failure EBUSY
[  256.242189][ T8209] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  256.247996][ T8209] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  256.258047][ T8209] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  256.299504][ T8209] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:230
[  256.332525][ T8229] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:80
[  256.377584][ T8231] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  256.437730][ T8231] rust_binder: Error in use_page_slow: ESRCH
[  256.469835][ T8231] rust_binder: use_range failure ESRCH
[  256.504558][ T8231] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  256.531050][ T8231] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  256.558509][ T8231] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:511
[  256.575157][ T8235] fido_id[8235]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  256.652634][ T8246] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[  256.666446][ T8249] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  256.679856][ T8246] rust_binder: Write failure EINVAL in pid:84
[  256.683859][ T8249] rust_binder: Error in use_page_slow: ESRCH
[  256.694409][ T8249] rust_binder: use_range failure ESRCH
[  256.702823][ T8249] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  256.708533][ T8249] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  256.751395][ T8249] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:514
[  256.795957][ T8251] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  257.022252][ T8256] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  257.071466][ T8259] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  257.075225][ T8265] binder: Bad value for 'stats'
[  257.268645][ T8273] binder: Unknown parameter 'coyBLV�"i5������ntext'
[  257.280349][ T8275] rust_binder: got new transaction with bad transaction stack
[  257.280381][ T8275] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:243
[  257.405855][ T8277] binder: Bad value for 'max'
[  257.451393][ T8279] rust_binder: Write failure EFAULT in pid:523
[  257.489699][ T8284] rust_binder: Write failure EINVAL in pid:246
[  257.512703][ T8285] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  257.560405][ T8288] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  257.627426][ T8296] rust_binder: Write failure EINVAL in pid:94
[  257.644230][ T8298] rust_binder: Read failure Err(EAGAIN) in pid:94
[  257.697198][ T8302] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  257.710380][   T36] kauditd_printk_skb: 1176 callbacks suppressed
[  257.710401][   T36] audit: type=1400 audit(1750408412.980:60507): avc:  denied  { read } for  pid=8301 comm="syz.5.3312" name="binder0" dev="binder" ino=28 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  257.712102][ T8302] rust_binder: Read failure Err(EFAULT) in pid:528
[  257.733942][   T36] audit: type=1400 audit(1750408413.000:60508): avc:  denied  { read open } for  pid=8301 comm="syz.5.3312" path="/dev/binderfs/binder0" dev="binder" ino=28 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  257.840678][ T8303] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[  257.861067][ T8308] binder: Unknown parameter 'subj_role'
[  257.878974][   T36] audit: type=1400 audit(1750408413.000:60509): avc:  denied  { read } for  pid=8301 comm="syz.5.3312" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  257.959002][   T36] audit: type=1400 audit(1750408413.000:60510): avc:  denied  { read open } for  pid=8301 comm="syz.5.3312" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  258.015338][   T36] audit: type=1400 audit(1750408413.000:60511): avc:  denied  { ioctl } for  pid=8301 comm="syz.5.3312" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  258.081777][ T8314] syz.6.3317 (8314) used obsolete PPPIOCDETACH ioctl
[  258.091513][   T36] audit: type=1400 audit(1750408413.020:60512): avc:  denied  { read } for  pid=8300 comm="syz.6.3313" name="binder0" dev="binder" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  258.140605][ T8318] audit: audit_backlog=65 > audit_backlog_limit=64
[  258.158730][   T36] audit: type=1400 audit(1750408413.020:60513): avc:  denied  { read open } for  pid=8300 comm="syz.6.3313" path="/dev/binderfs/binder0" dev="binder" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  258.162952][ T8318] audit: audit_lost=363 audit_rate_limit=0 audit_backlog_limit=64
[  258.191058][ T8314] audit: audit_backlog=65 > audit_backlog_limit=64
[  258.227570][ T8323] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  258.227614][ T8323] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:259
[  258.346361][ T8321] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  258.378844][ T8327] binder: Bad value for 'max'
[  258.878038][ T8347] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:33
[  258.986488][ T8354] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  259.056308][ T8354] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  259.060993][ T8354] rust_binder: Write failure EINVAL in pid:268
[  259.223045][ T8362] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  259.223093][ T8362] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:39
[  259.280769][ T8365] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  259.357634][ T8365] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  259.370503][ T8369] input: syz0 as /devices/virtual/input/input139
[  259.425016][ T8374] SELinux: syz.4.3334 (8374) set checkreqprot to 1. This is no longer supported.
[  259.452398][ T8369] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  259.465680][ T8369] rust_binder: Error while translating object.
[  259.497863][ T8369] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  259.523040][ T8369] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:42
[  259.544928][ T8374] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[  259.591823][ T8374] rust_binder: Write failure EINVAL in pid:543
[  259.634197][ T8379] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:118
[  259.917529][ T8386] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  259.992719][ T8384] binder: Bad value for 'max'
[  260.066086][ T8395] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  260.093146][ T8395] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  260.119450][ T8395] rust_binder: Write failure EFAULT in pid:549
[  260.226358][ T8401] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  260.241398][ T8401] rust_binder: Error in use_page_slow: ESRCH
[  260.259033][ T8401] rust_binder: use_range failure ESRCH
[  260.265599][ T8401] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  260.280907][ T8401] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  260.300019][ T8401] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:551
[  260.331990][ T8404] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  260.361092][ T8404] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:278
[  260.522266][ T8405] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  260.540700][ T8415] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  260.580868][ T8405] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  260.614962][ T8405] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:125
[  260.741530][ T8423] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  260.741579][ T8423] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:280
[  260.995568][ T8432] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  261.371276][ T8434] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:284
[  261.668094][ T8444] binder: Bad value for 'max'
[  261.723863][ T8444] rust_binder: Write failure EFAULT in pid:558
[  261.845004][ T8441] rust_binder: Read failure Err(EFAULT) in pid:135
[  262.148807][ T8459] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  262.222368][ T8464] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  262.230887][ T8465] rust_binder: Failed to allocate buffer. len:18446744073709551072, is_oneway:false
[  262.237556][ T8465] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  262.250567][ T8465] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:564
[  262.395409][ T8475] rust_binder: Write failure EINVAL in pid:151
[  262.656666][ T8481] SELinux: failed to load policy
[  262.799666][   T36] kauditd_printk_skb: 747 callbacks suppressed
[  262.799688][   T36] audit: type=1400 audit(1750408418.070:61246): avc:  denied  { read write } for  pid=7528 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  262.831672][   T36] audit: type=1400 audit(1750408418.070:61247): avc:  denied  { read write open } for  pid=7528 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  262.864491][   T36] audit: type=1400 audit(1750408418.070:61248): avc:  denied  { ioctl } for  pid=7528 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  262.903891][   T36] audit: type=1400 audit(1750408418.130:61249): avc:  denied  { read } for  pid=8483 comm="syz.5.3370" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  262.927896][   T36] audit: type=1400 audit(1750408418.130:61250): avc:  denied  { read open } for  pid=8483 comm="syz.5.3370" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  262.952006][   T36] audit: type=1400 audit(1750408418.160:61251): avc:  denied  { ioctl } for  pid=8483 comm="syz.5.3370" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  263.008985][   T36] audit: type=1400 audit(1750408418.170:61252): avc:  denied  { mounton } for  pid=8483 comm="syz.5.3370" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  263.052557][   T36] audit: type=1400 audit(1750408418.170:61253): avc:  denied  { mount } for  pid=8483 comm="syz.5.3370" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  263.138524][ T8496] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  263.146217][ T8496] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  263.160234][   T36] audit: type=1400 audit(1750408418.230:61254): avc:  denied  { read write } for  pid=7910 comm="syz-executor" name="loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  263.168146][ T8499] audit: audit_backlog=65 > audit_backlog_limit=64
[  263.207208][ T8502] rust_binder: Error while translating object.
[  263.207275][ T8502] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  263.218626][ T8498] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:165
[  263.228293][ T8502] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:65
[  263.247964][ T8496] rust_binder: Got transaction with invalid offset.
[  263.265502][ T8496] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  263.272985][ T8496] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:65
[  263.469550][ T8512] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  263.519710][ T8508] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  263.587928][ T8518] SELinux:  policydb version 905587468 does not match my version range 15-33
[  263.605615][ T8515] rust_binder: Error while translating object.
[  263.605665][ T8515] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  263.612167][ T8515] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:300
[  263.622022][ T8518] SELinux: failed to load policy
[  263.640497][ T8519] SELinux:  policydb version -1665174383 does not match my version range 15-33
[  263.643182][ T8521] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  263.654958][ T8521] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  263.656557][ T8519] SELinux: failed to load policy
[  263.669038][ T8521] rust_binder: Read failure Err(EFAULT) in pid:573
[  263.677226][ T8521] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:573
[  263.769327][ T8528] binder: Unknown parameter 'fsmagic'
[  263.795975][ T8529] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  264.044852][ T8545] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=220138064 (3522209024 ns) > initial count (200000 ns). Using initial count to start timer.
[  264.225417][ T8551] rust_binder: Write failure EINVAL in pid:181
[  264.242504][ T8555] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  264.253922][ T8556] rust_binder: Error in use_page_slow: ESRCH
[  264.269739][ T8556] rust_binder: use_range failure ESRCH
[  264.276020][ T8556] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  264.311856][ T8556] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  264.359108][ T8556] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:585
[  264.439829][ T8563] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  264.490780][ T8563] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:72
[  264.501444][ T8567] SELinux: failed to load policy
[  264.550499][ T8567] rust_binder: Write failure EFAULT in pid:185
[  264.652255][ T8575] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  264.675282][ T8575] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:319
[  264.762329][ T8583] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  264.816508][ T8585] rust_binder: Error in use_page_slow: ESRCH
[  264.816547][ T8585] rust_binder: use_range failure ESRCH
[  264.822951][ T8585] rust_binder: Failed to allocate buffer. len:128, is_oneway:true
[  264.828586][ T8585] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  264.849606][ T8585] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:594
[  264.910551][ T8593] serio: Serial port ttynull
[  264.969394][ T8595] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  265.152782][ T8600] input: syz0 as /devices/virtual/input/input143
[  265.732709][ T8615] binder: Bad value for 'max'
[  265.828221][ T8620] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  265.978048][ T8629] rust_binder: Write failure EFAULT in pid:97
[  266.090268][ T8633] binder: Unknown parameter 'non'
[  266.135437][ T8636] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  266.322634][ T8651] PM: Enabling pm_trace changes system date and time during resume.
[  266.322634][ T8651] PM: Correct system time has to be restored manually after resume.
[  266.351989][ T8649] SELinux:  policydb version 51618937 does not match my version range 15-33
[  266.360946][ T8649] SELinux: failed to load policy
[  266.372608][ T8651] SELinux:  policydb magic number 0x7379732f does not match expected magic number 0xf97cff8c
[  266.383167][ T8651] SELinux: failed to load policy
[  266.689422][ T8660] SELinux:  policydb version -87740910 does not match my version range 15-33
[  266.698840][ T8660] SELinux: failed to load policy
[  267.014087][ T8671] binder: Bad value for 'max'
[  267.073451][ T8673] input: syz1 as /devices/virtual/input/input145
[  267.179521][ T8680] rust_binder: Error in use_page_slow: ESRCH
[  267.179553][ T8680] rust_binder: use_range failure ESRCH
[  267.185615][ T8680] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  267.239673][ T8682] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:623
[  267.258968][ T8680] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  267.268275][ T8680] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:623
[  267.288681][ T8682] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  267.302608][ T8680] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  267.311166][ T8680] rust_binder: Read failure Err(EFAULT) in pid:623
[  267.320388][ T8680] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:623
[  267.473022][ T8689] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  267.519410][ T8688] kvm: kvm [8685]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010007) = 0x7
[  267.584884][ T8688] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  267.639725][ T8700] rust_binder: Error in use_page_slow: ESRCH
[  267.658155][ T8700] rust_binder: use_range failure ESRCH
[  267.678456][ T8700] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  267.695255][ T8700] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  267.709734][ T8709] rust_binder: Write failure EFAULT in pid:214
[  267.710518][ T8714] rust_binder: Error in use_page_slow: ESRCH
[  267.768938][ T8700] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:626
[  267.788942][ T8714] rust_binder: use_range failure ESRCH
[  267.812031][ T8714] rust_binder: Failed to allocate buffer. len:8, is_oneway:false
[  267.817577][ T8714] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  267.823427][ T8718] rust_binder: Write failure EINVAL in pid:343
[  267.825487][   T36] kauditd_printk_skb: 1052 callbacks suppressed
[  267.825503][   T36] audit: type=1400 audit(1750408423.090:62143): avc:  denied  { ioctl } for  pid=8715 comm="syz.5.3444" path="/dev/binderfs/binder0" dev="binder" ino=37 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  267.899042][ T8714] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:626
[  267.934140][   T36] audit: type=1400 audit(1750408423.170:62144): avc:  denied  { read write } for  pid=8121 comm="syz-executor" name="loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  267.990912][   T36] audit: type=1400 audit(1750408423.170:62145): avc:  denied  { read write open } for  pid=8121 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  268.030477][   T36] audit: type=1400 audit(1750408423.170:62146): avc:  denied  { ioctl } for  pid=8121 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  268.119009][   T36] audit: type=1400 audit(1750408423.240:62147): avc:  denied  { read write } for  pid=7528 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  268.179532][ T8725] rust_binder: Write failure EINVAL in pid:129
[  268.203175][   T36] audit: type=1400 audit(1750408423.240:62148): avc:  denied  { read write open } for  pid=7528 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  268.250952][   T36] audit: type=1400 audit(1750408423.240:62149): avc:  denied  { ioctl } for  pid=7528 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  268.277909][ T8729] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  268.278060][   T36] audit: type=1400 audit(1750408423.290:62150): avc:  denied  { append } for  pid=8719 comm="syz.7.3445" name="hwrng" dev="devtmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  268.313398][ T8729] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  268.313441][ T8729] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:349
[  268.321615][   T36] audit: type=1400 audit(1750408423.290:62151): avc:  denied  { read write } for  pid=8719 comm="syz.7.3445" name="fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  268.324377][ T8733] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  268.335753][   T36] audit: type=1400 audit(1750408423.290:62152): avc:  denied  { read write open } for  pid=8719 comm="syz.7.3445" path="/dev/fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  268.359460][ T8729] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  268.394877][ T8733] rust_binder: Read failure Err(EFAULT) in pid:129
[  268.426343][ T8729] rust_binder: Read failure Err(EFAULT) in pid:349
[  268.596292][ T8744] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  268.596580][ T8742] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  268.645118][ T8748] binfmt_misc: register: failed to install interpreter file ./file0
[  268.820068][ T8752] rust_binder: Write failure EFAULT in pid:136
[  268.830504][ T8756] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[  268.838942][ T8756] rust_binder: Error while translating object.
[  268.860208][ T8756] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  268.886378][ T8756] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:227
[  269.210133][ T8770] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:234
[  269.485802][ T8783] rust_binder: Write failure EFAULT in pid:237
[  269.523760][ T8783] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:237
[  269.554415][ T8785] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  269.592933][ T8785] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  269.616595][ T8785] binder: Unknown parameter 'non'
[  269.683836][ T8791] block device autoloading is deprecated and will be removed.
[  269.723292][ T8791] syz.7.3468: attempt to access beyond end of device
[  269.723292][ T8791] loop0: rw=2048, sector=18446744073709551608, nr_sectors = 8 limit=0
[  269.801577][ T8799] binder: Unknown parameter 'euid'
[  269.877318][ T8805] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  270.138593][   T10] hid-generic 0000:0000:0000.0013: item fetching failed at offset 0/1
[  270.173412][   T10] hid-generic 0000:0000:0000.0013: probe with driver hid-generic failed with error -22
[  270.385358][ T8831] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  270.549813][ T8840] rust_binder: Write failure EFAULT in pid:376
[  270.912918][ T8849] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:170
[  270.942182][ T8849] input: syz0 as /devices/virtual/input/input148
[  271.201630][ T8860] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:250
[  271.201687][ T8860] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  271.228978][ T8860] rust_binder: Read failure Err(EFAULT) in pid:250
[  271.430128][ T8875] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  271.441468][ T8874] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  271.472672][ T8876] rust_binder: Error while translating object.
[  271.487910][ T8878] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  271.489401][ T8876] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  271.508152][ T8874] rust_binder: Error in use_page_slow: ESRCH
[  271.518244][ T8876] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:252
[  271.540805][ T8874] rust_binder: use_range failure ESRCH
[  271.588982][ T8874] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[  271.628920][ T8874] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  271.628978][ T8874] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:652
[  272.003109][ T8901] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:187
[  272.019101][ T8890] tun0: tun_chr_ioctl cmd 1074025675
[  272.058398][ T8890] tun0: persist enabled
[  272.073705][ T8904] tun0: tun_chr_ioctl cmd 1074025675
[  272.098947][ T8904] tun0: persist enabled
[  272.136368][ T8121] cgroup: fork rejected by pids controller in /syz7
[  272.422201][  T292] bridge_slave_1: left allmulticast mode
[  272.428172][  T292] bridge_slave_1: left promiscuous mode
[  272.444096][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.485699][  T292] bridge_slave_0: left allmulticast mode
[  272.498024][  T292] bridge_slave_0: left promiscuous mode
[  272.513043][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.743208][  T292] veth1_macvtap: left promiscuous mode
[  272.748825][  T292] veth0_vlan: left promiscuous mode
[  272.874909][   T36] kauditd_printk_skb: 781 callbacks suppressed
[  272.874932][   T36] audit: type=1400 audit(1750408428.140:62934): avc:  denied  { read } for  pid=8921 comm="syz.5.3508" name="binder1" dev="binder" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  272.960467][   T36] audit: type=1400 audit(1750408428.180:62935): avc:  denied  { read open } for  pid=8921 comm="syz.5.3508" path="/dev/binderfs/binder1" dev="binder" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  273.028386][   T36] audit: type=1400 audit(1750408428.180:62936): avc:  denied  { block_suspend } for  pid=8921 comm="syz.5.3508" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  273.057588][   T36] audit: type=1400 audit(1750408428.190:62937): avc:  denied  { read } for  pid=8921 comm="syz.5.3508" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  273.083471][ T8914] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.092236][   T36] audit: type=1400 audit(1750408428.190:62938): avc:  denied  { read open } for  pid=8917 comm="syz.6.3507" path="net:[4026532298]" dev="nsfs" ino=4026532298 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  273.101018][ T8914] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.117220][   T36] audit: type=1400 audit(1750408428.190:62939): avc:  denied  { read open } for  pid=8921 comm="syz.5.3508" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  273.150115][   T36] audit: type=1400 audit(1750408428.190:62940): avc:  denied  { read } for  pid=8921 comm="syz.5.3508" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  273.188293][   T36] audit: type=1400 audit(1750408428.190:62941): avc:  denied  { read open } for  pid=8921 comm="syz.5.3508" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  273.214538][ T8914] bridge_slave_0: entered allmulticast mode
[  273.222538][ T8914] bridge_slave_0: entered promiscuous mode
[  273.231724][   T36] audit: type=1400 audit(1750408428.190:62942): avc:  denied  { ioctl } for  pid=8921 comm="syz.5.3508" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  273.260661][ T8914] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.268374][ T8914] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.287643][ T8914] bridge_slave_1: entered allmulticast mode
[  273.295707][   T36] audit: type=1400 audit(1750408428.210:62943): avc:  denied  { ioctl } for  pid=8921 comm="syz.5.3508" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  273.322206][ T8914] bridge_slave_1: entered promiscuous mode
[  273.588723][ T8943] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  273.708486][ T8943] rust_binder: Error in use_page_slow: ESRCH
[  273.718615][ T8946] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem
[  273.757075][ T8943] rust_binder: use_range failure ESRCH
[  273.757112][ T8943] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  273.759255][ T8946] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  273.815246][ T8943] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  273.815295][ T8943] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:671
[  273.873685][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.890153][  T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[  273.924228][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.931554][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  274.193171][ T8961] random: crng reseeded on system resumption
[  274.292394][ T8914] veth0_vlan: entered promiscuous mode
[  274.423382][ T8914] veth1_macvtap: entered promiscuous mode
[  274.501155][ T8964] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  274.649450][ T8970] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  274.842865][ T8979] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4240, limit: 4240, size: 106)
[  274.842899][ T8979] rust_binder: Error while translating object.
[  274.878861][ T8979] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  274.886281][ T8979] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:2
[  275.027240][ T8988] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:4
[  275.041722][ T8988] rust_binder: Error while translating object.
[  275.051574][ T8988] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  275.058145][ T8988] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:4
[  275.145337][ T8981] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1633902440 (13071219520 ns) > initial count (4350241648 ns). Using initial count to start timer.
[  275.179675][ T8993] rust_binder: Error in use_page_slow: ESRCH
[  275.179709][ T8993] rust_binder: use_range failure ESRCH
[  275.243570][ T8993] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  275.243617][ T8993] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  275.268939][ T8993] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:684
[  275.320187][ T9003] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:684
[  275.452085][ T9008] rust_binder: Write failure EINVAL in pid:11
[  275.480929][ T9008] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:11
[  275.603536][ T9011] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  275.730014][ T9016] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[  275.750207][ T9019] rust_binder: Write failure EINVAL in pid:687
[  275.965627][ T9027] rust_binder: Got transaction with invalid offset.
[  275.992405][ T9027] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  276.033816][ T9027] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:15
[  276.189198][ T9044] binder: Unknown parameter 'defcontext01777777777777777777777'
[  276.463454][ T9057] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  276.958321][ T9076] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  277.029789][ T9077] rust_binder: Error in use_page_slow: ESRCH
[  277.054113][ T9077] rust_binder: use_range failure ESRCH
[  277.079810][ T9077] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  277.089524][ T9077] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  277.107342][ T9077] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:709
[  277.220629][ T9083] binder: Unknown parameter 'c�?����*s	���M$#p.�'
[  277.278619][ T9085] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  277.542288][ T9096] binder: Bad value for 'max'
[  277.585501][ T9094] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  277.759997][ T9103] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  277.769072][ T9103] rust_binder: Error in use_page_slow: ESRCH
[  277.777085][ T9103] rust_binder: use_range failure ESRCH
[  277.813361][ T9103] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[  277.839665][ T9103] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  277.852058][ T9103] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:318
[  277.876452][ T9105] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  277.886201][   T36] kauditd_printk_skb: 1297 callbacks suppressed
[  277.886224][   T36] audit: type=1400 audit(1750408433.160:64241): avc:  denied  { setattr } for  pid=7528 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  277.998933][   T36] audit: type=1400 audit(1750408433.160:64242): avc:  denied  { setattr } for  pid=7528 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  278.035983][ T7528] audit: audit_backlog=65 > audit_backlog_limit=64
[  278.039376][ T9110] audit: audit_backlog=65 > audit_backlog_limit=64
[  278.043302][ T9105] audit: audit_backlog=65 > audit_backlog_limit=64
[  278.053819][ T9111] audit: audit_backlog=65 > audit_backlog_limit=64
[  278.068851][ T9110] audit: audit_lost=424 audit_rate_limit=0 audit_backlog_limit=64
[  278.079275][ T9105] audit: audit_lost=425 audit_rate_limit=0 audit_backlog_limit=64
[  278.087314][ T9105] audit: backlog limit exceeded
[  278.089211][ T7528] audit: audit_lost=426 audit_rate_limit=0 audit_backlog_limit=64
[  278.097158][ T9111] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:33
[  278.128755][ T9112] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  278.426487][ T9119] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  278.467246][ T9119] rust_binder: Error while translating object.
[  278.486080][ T9119] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  278.507871][ T9119] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:324
[  278.788966][ T9128] kvm: kvm [9127]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc2) = 0xffffffffffff6253
[  278.816143][ T9128] rust_binder: Write failure EFAULT in pid:329
[  278.959877][ T9133] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[  278.968178][ T9133] rust_binder: Error while translating object.
[  278.981292][ T9133] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  278.987850][ T9133] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:331
[  279.032493][ T9131] SELinux: failed to load policy
[  279.121208][ T9138] input: syz0 as /devices/virtual/input/input153
[  279.717887][ T9155] rust_binder: Error while translating object.
[  279.717942][ T9155] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  279.733731][ T9155] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:42
[  279.816142][   T45] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[  279.881744][   T45] hid-generic 0000:0000:0000.0014: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  279.982956][ T9161] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  280.030269][ T9160] rust_binder: Write failure EFAULT in pid:44
[  280.214355][ T9165] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:734
[  280.259090][ T9165] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  280.306170][ T9165] rust_binder: Error in use_page_slow: ESRCH
[  280.328920][ T9165] rust_binder: use_range failure ESRCH
[  280.335103][ T9165] rust_binder: Failed to allocate buffer. len:64, is_oneway:false
[  280.374640][ T9165] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  280.398288][ T9165] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:734
[  280.421182][ T9171] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:734
[  280.563147][ T9182] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  280.628013][ T9182] rust_binder: Failed to allocate buffer. len:65376, is_oneway:true
[  280.657534][ T9182] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  280.682077][ T9182] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:739
[  280.695676][ T9184] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:53
[  280.731454][ T9184] rust_binder: Error while translating object.
[  280.764742][ T9184] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  280.788932][ T9184] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:53
[  280.817471][ T9192] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  280.848681][ T9192] SELinux: failed to load policy
[  280.879369][ T9192] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  280.882219][ T9192] rust_binder: Write failure EFAULT in pid:742
[  280.897310][ T9199] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  280.910205][ T9199] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  280.922640][ T9199] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:356
[  280.938496][ T9200] rust_binder: Write failure EINVAL in pid:53
[  281.641679][ T9211] binder: Unknown parameter 'obj_type'
[  281.798532][ T9217] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  281.927910][ T9222] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  281.967676][ T9222] rust_binder: Error in use_page_slow: ESRCH
[  281.975850][ T9222] rust_binder: use_range failure ESRCH
[  281.984026][ T9222] rust_binder: Failed to allocate buffer. len:4216, is_oneway:false
[  281.999046][ T9222] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  282.015340][ T9224] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:60
[  282.048300][ T9222] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:756
[  282.080556][ T9226] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  282.092152][ T9226] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  282.309841][ T9230] kvm: user requested TSC rate below hardware speed
[  282.713297][ T9247] SELinux:  policydb magic number 0x37373130 does not match expected magic number 0xf97cff8c
[  282.723987][ T9247] SELinux: failed to load policy
[  282.891324][   T36] kauditd_printk_skb: 3023 callbacks suppressed
[  282.891341][   T36] audit: type=1400 audit(1750408438.160:67263): avc:  denied  { setattr } for  pid=7528 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  282.900032][ T9252] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  282.921875][ T9252] rust_binder: Read failure Err(EFAULT) in pid:761
[  282.974415][   T36] audit: type=1400 audit(1750408438.150:67260): avc:  denied  { map } for  pid=9251 comm="syz.4.3612" path="/dev/binderfs/binder1" dev="binder" ino=60 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  282.983665][ T7528] audit: audit_backlog=65 > audit_backlog_limit=64
[  283.025024][   T36] audit: type=1400 audit(1750408438.160:67264): avc:  denied  { read } for  pid=9251 comm="syz.4.3612" path="/dev/binderfs/binder1" dev="binder" ino=60 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  283.043783][ T7528] audit: audit_lost=428 audit_rate_limit=0 audit_backlog_limit=64
[  283.050173][   T36] audit: type=1400 audit(1750408438.160:67265): avc:  denied  { read } for  pid=9251 comm="syz.4.3612" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  283.077492][ T7528] audit: backlog limit exceeded
[  283.089656][   T36] audit: type=1400 audit(1750408438.160:67266): avc:  denied  { read open } for  pid=9251 comm="syz.4.3612" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  283.093486][ T6691] audit: audit_backlog=65 > audit_backlog_limit=64
[  283.116332][ T9250] audit: audit_backlog=65 > audit_backlog_limit=64
[  283.270950][ T9256] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  283.272775][ T9256] rust_binder: Error in use_page_slow: ESRCH
[  283.298931][ T9256] rust_binder: use_range failure ESRCH
[  283.308935][ T9256] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  283.314774][ T9256] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  283.338957][ T9256] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:763
[  283.630071][ T9271] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  283.796244][ T9276] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[  283.838984][ T9276] rust_binder: Write failure EINVAL in pid:377
[  283.839910][ T9275] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[  283.884632][ T9275] rust_binder: Write failure EINVAL in pid:377
[  284.026460][ T9280] rust_binder: Write failure EFAULT in pid:380
[  284.176989][ T9290] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  284.415467][ T9299] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  284.612447][ T9306] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:385
[  284.613160][ T9300] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:385
[  284.723557][ T9309] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  284.755359][ T9309] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  285.524737][ T9318] rust_binder: Got transaction with invalid offset.
[  285.575766][ T9325] random: crng reseeded on system resumption
[  285.610035][ T9318] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  285.610088][ T9318] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:103
[  285.643489][ T9326] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  285.658759][ T9328] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  285.688762][ T9328] rust_binder: Error in use_page_slow: ESRCH
[  285.707229][ T9328] rust_binder: use_range failure ESRCH
[  285.727826][ T9328] rust_binder: Failed to allocate buffer. len:4216, is_oneway:false
[  285.733623][ T9328] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  285.744911][ T9328] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:790
[  285.824175][ T9326] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  285.856941][ T9325] rust_binder: Error in use_page_slow: ESRCH
[  285.905687][ T9325] rust_binder: use_range failure ESRCH
[  285.943514][ T9325] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  285.958942][ T9325] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  285.998953][ T9325] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:389
[  286.241818][ T9347] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  286.339950][ T9350] rust_binder: Error in use_page_slow: ESRCH
[  286.346586][ T9350] rust_binder: use_range failure ESRCH
[  286.398398][ T9350] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  286.418957][ T9350] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  286.444026][ T9350] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:802
[  286.784661][ T9365] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  286.790344][ T9365] rust_binder: Error while translating object.
[  286.797097][ T9365] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  286.837881][ T9365] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:403
[  286.903390][ T9370] rust_binder: Error in use_page_slow: ESRCH
[  286.903427][ T9370] rust_binder: use_range failure ESRCH
[  286.938073][ T9370] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  286.965659][ T9370] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  286.995546][ T9370] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:808
[  287.149736][ T9381] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  287.205352][ T9381] rust_binder: Write failure EINVAL in pid:118
[  287.205695][ T9381] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  287.254683][ T9381] rust_binder: Write failure EINVAL in pid:118
[  287.265618][ T9381] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  287.356488][ T9381] rust_binder: Write failure EINVAL in pid:118
[  287.357850][ T9381] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  287.429958][ T9381] rust_binder: Write failure EINVAL in pid:118
[  287.433119][ T9381] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  287.500730][ T9381] rust_binder: Write failure EINVAL in pid:118
[  287.501129][ T9381] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  287.519904][ T9384] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[  287.536549][ T9388] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:812
[  287.557654][ T9381] rust_binder: Write failure EINVAL in pid:118
[  287.574471][ T9388] rust_binder: Read failure Err(EFAULT) in pid:812
[  287.600230][ T9381] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  287.715518][ T9390] binder: Unknown parameter 'coyBLV�"i5������ntext'
[  287.726059][ T9381] rust_binder: Write failure EINVAL in pid:118
[  287.726428][ T9381] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  287.779382][ T9381] rust_binder: Write failure EINVAL in pid:118
[  287.779801][ T9381] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  287.861156][ T9393] rust_binder: Write failure EINVAL in pid:814
[  287.861220][ T9381] rust_binder: Write failure EINVAL in pid:118
[  287.861435][ T9393] rust_binder: Write failure EINVAL in pid:814
[  287.875671][ T9381] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  287.899075][   T36] kauditd_printk_skb: 2954 callbacks suppressed
[  287.899095][   T36] audit: type=1400 audit(1750408443.170:70199): avc:  denied  { setattr } for  pid=7528 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  287.899237][ T9393] rust_binder: Write failure EINVAL in pid:814
[  287.905861][   T36] audit: type=1400 audit(1750408443.170:70200): avc:  denied  { ioctl } for  pid=9391 comm="syz.4.3656" path="/dev/binderfs/binder0" dev="binder" ino=59 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  287.967466][ T9393] rust_binder: Write failure EINVAL in pid:814
[  287.967805][ T9393] rust_binder: Write failure EINVAL in pid:814
[  287.980985][ T9381] rust_binder: Write failure EINVAL in pid:118
[  287.997938][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.024975][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.059315][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.061651][ T7528] audit: audit_backlog=65 > audit_backlog_limit=64
[  288.078524][ T9393] audit: audit_backlog=65 > audit_backlog_limit=64
[  288.088522][   T36] audit: type=1400 audit(1750408443.200:70201): avc:  denied  { read } for  pid=9394 comm="syz.6.3657" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  288.091826][ T9393] audit: audit_lost=437 audit_rate_limit=0 audit_backlog_limit=64
[  288.118638][ T7528] audit: audit_lost=438 audit_rate_limit=0 audit_backlog_limit=64
[  288.125400][ T8914] audit: audit_backlog=65 > audit_backlog_limit=64
[  288.128676][ T7528] audit: backlog limit exceeded
[  288.151801][   T36] audit: type=1400 audit(1750408443.200:70202): avc:  denied  { read open } for  pid=9394 comm="syz.6.3657" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  288.169077][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.186359][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.209313][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.229320][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.236838][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.250057][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.271663][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.299333][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.319367][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.328334][ T9403] binder: Bad value for 'max'
[  288.339286][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.339750][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.355455][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.372329][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.395230][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.415503][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.430439][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.437105][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.444901][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.469259][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.497651][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.520052][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.539380][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.551850][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.570086][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.580090][ T9393] rust_binder: Write failure EINVAL in pid:814
[  288.794417][ T9417] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:817
[  290.318095][ T9465] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  290.356243][ T9465] rust_binder: Read failure Err(EAGAIN) in pid:442
[  290.565718][ T9475] block device autoloading is deprecated and will be removed.
[  290.601327][ T9476] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  290.615345][ T9475] syz.4.3683: attempt to access beyond end of device
[  290.615345][ T9475] loop0: rw=2048, sector=18446744073709551608, nr_sectors = 8 limit=0
[  290.666512][ T9478] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  290.702205][ T9478] syz.4.3683: attempt to access beyond end of device
[  290.702205][ T9478] loop0: rw=2048, sector=18446744073709551608, nr_sectors = 8 limit=0
[  290.841724][ T9485] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[  290.901609][ T9489] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  290.958358][ T9494] rust_binder: Write failure EINVAL in pid:158
[  290.970163][ T9489] rust_binder: Error in use_page_slow: ESRCH
[  290.990250][ T9489] rust_binder: use_range failure ESRCH
[  290.996602][ T9489] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  291.032148][ T9489] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  291.063262][ T9489] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:840
[  291.200764][ T9505] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:450
[  291.251356][ T9507] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0
[  291.291270][ T9493] SELinux:  policydb version 905587468 does not match my version range 15-33
[  291.303336][ T9507] rust_binder: Write failure EINVAL in pid:845
[  291.329790][ T9493] SELinux: failed to load policy
[  291.546969][ T9515] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  291.548786][ T9515] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  292.156246][ T9535] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  292.181552][ T9535] rust_binder: Error in use_page_slow: EBUSY
[  292.225180][ T9535] rust_binder: use_range failure EBUSY
[  292.250261][ T9535] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  292.269030][ T9535] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  292.290166][ T9535] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  292.319221][ T9535] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:174
[  292.369352][ T9549] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[  292.410069][ T9549] rust_binder: Write failure EINVAL in pid:865
[  292.422213][ T5527] bridge_slave_1: left allmulticast mode
[  292.446594][ T5527] bridge_slave_1: left promiscuous mode
[  292.480139][ T5527] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.509141][ T5527] bridge_slave_0: left allmulticast mode
[  292.522776][ T5527] bridge_slave_0: left promiscuous mode
[  292.539013][ T5527] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.688651][ T9544] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.696131][ T9544] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.703313][ T9544] bridge_slave_0: entered allmulticast mode
[  292.709665][ T9544] bridge_slave_0: entered promiscuous mode
[  292.716706][ T9544] bridge0: port 2(bridge_slave_1) entered blocking state
[  292.723927][ T9544] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.731202][ T9544] bridge_slave_1: entered allmulticast mode
[  292.737774][ T9544] bridge_slave_1: entered promiscuous mode
[  292.798376][ T5527] veth1_macvtap: left promiscuous mode
[  292.807857][ T5527] veth0_vlan: left promiscuous mode
[  292.912339][   T36] kauditd_printk_skb: 2389 callbacks suppressed
[  292.912362][   T36] audit: type=1400 audit(1750408448.180:72472): avc:  denied  { read } for  pid=9559 comm="syz.7.3705" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  292.990085][   T36] audit: type=1400 audit(1750408448.180:72473): avc:  denied  { read open } for  pid=9559 comm="syz.7.3705" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  293.051780][   T36] audit: type=1400 audit(1750408448.220:72474): avc:  denied  { read write } for  pid=7910 comm="syz-executor" name="loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  293.084950][   T36] audit: type=1400 audit(1750408448.220:72475): avc:  denied  { read write open } for  pid=7910 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  293.113133][   T36] audit: type=1400 audit(1750408448.220:72476): avc:  denied  { ioctl } for  pid=7910 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  293.135021][ T6691] audit: audit_backlog=65 > audit_backlog_limit=64
[  293.140194][   T36] audit: type=1400 audit(1750408448.230:72477): avc:  denied  { sys_module } for  pid=9544 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  293.145529][ T6691] audit: audit_lost=479 audit_rate_limit=0 audit_backlog_limit=64
[  293.168440][   T36] audit: type=1400 audit(1750408448.290:72478): avc:  denied  { sys_module } for  pid=9544 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  293.175193][ T6691] audit: backlog limit exceeded
[  293.321766][ T9544] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.329002][ T9544] bridge0: port 2(bridge_slave_1) entered forwarding state
[  293.336353][ T9544] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.343654][ T9544] bridge0: port 1(bridge_slave_0) entered forwarding state
[  293.360485][ T9572] rust_binder: Write failure EINVAL in pid:186
[  293.497209][ T9579] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  293.525121][ T9579] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  293.565489][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.599415][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.630525][ T5527] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.637784][ T5527] bridge0: port 1(bridge_slave_0) entered forwarding state
[  293.659803][ T9581] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:190
[  293.668202][ T5527] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.684498][ T5527] bridge0: port 2(bridge_slave_1) entered forwarding state
[  293.843085][ T9544] veth0_vlan: entered promiscuous mode
[  293.932886][ T9544] veth1_macvtap: entered promiscuous mode
[  294.289725][ T9598] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  294.368229][ T9597] binder: Unknown parameter 'st�ts'
[  294.406877][ T9597] input: syz1 as /devices/virtual/input/input161
[  294.520457][ T9601] input: syz1 as /devices/virtual/input/input162
[  294.636970][ T9604] tap0: tun_chr_ioctl cmd 2148553947
[  294.656444][ T9604] binder: Bad value for 'max'
[  294.941219][ T9610] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  294.941265][ T9610] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:9
[  294.961902][ T9610] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  294.981565][ T9610] rust_binder: Read failure Err(EFAULT) in pid:9
[  295.002318][   T13] bridge_slave_1: left allmulticast mode
[  295.030763][   T13] bridge_slave_1: left promiscuous mode
[  295.039138][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.040788][ T9613] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  295.050829][   T13] bridge_slave_0: left allmulticast mode
[  295.089269][   T13] bridge_slave_0: left promiscuous mode
[  295.094942][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.249189][ T9618] random: crng reseeded on system resumption
[  295.268159][ T9617] rust_binder: Write failure EINVAL in pid:12
[  295.281814][ T9617] rust_binder: Read failure Err(EAGAIN) in pid:12
[  295.320261][ T9619] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  295.352917][   T13] veth1_macvtap: left promiscuous mode
[  295.385065][   T13] veth0_vlan: left promiscuous mode
[  295.545097][ T9626] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  295.686926][ T9614] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.726379][ T9614] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.749445][ T9614] bridge_slave_0: entered allmulticast mode
[  295.768448][ T9614] bridge_slave_0: entered promiscuous mode
[  295.783911][ T9633] input: syz1 as /devices/virtual/input/input163
[  295.807095][ T9614] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.826980][ T9614] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.851025][ T9614] bridge_slave_1: entered allmulticast mode
[  295.865066][ T9614] bridge_slave_1: entered promiscuous mode
[  296.254681][ T5527] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.262163][ T5527] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.313139][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.320376][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.572123][ T9614] veth0_vlan: entered promiscuous mode
[  296.681873][ T9614] veth1_macvtap: entered promiscuous mode
[  296.700527][ T9647] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  296.701000][ T9647] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:492
[  296.758455][ T9647] rust_binder: Error while translating object.
[  296.782933][ T9647] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  296.797446][ T9647] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:492
[  296.811521][ T9650] SELinux: failed to load policy
[  296.985637][ T9656] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  296.989645][ T9656] rust_binder: inc_ref_done called when no active inc_refs
[  297.038027][ T9657] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  297.494613][ T9674] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  297.517522][ T9674] rust_binder: Error in use_page_slow: EBUSY
[  297.539025][ T9674] rust_binder: use_range failure EBUSY
[  297.545489][ T9674] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  297.579434][ T9674] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  297.588957][ T9674] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  297.605139][ T9674] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:6
[  297.919939][   T36] kauditd_printk_skb: 3094 callbacks suppressed
[  297.919963][   T36] audit: type=1400 audit(1750408453.190:75573): avc:  denied  { setattr } for  pid=6691 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  298.018943][   T36] audit: type=1400 audit(1750408453.210:75574): avc:  denied  { read write } for  pid=7910 comm="syz-executor" name="loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  298.078729][ T6691] audit: audit_backlog=65 > audit_backlog_limit=64
[  298.100616][   T36] audit: type=1400 audit(1750408453.210:75575): avc:  denied  { read write open } for  pid=7910 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  298.114275][ T9693] audit: audit_backlog=65 > audit_backlog_limit=64
[  298.133968][ T6691] audit: audit_lost=480 audit_rate_limit=0 audit_backlog_limit=64
[  298.149662][ T6691] audit: backlog limit exceeded
[  298.155812][ T6691] audit: audit_backlog=65 > audit_backlog_limit=64
[  298.164502][ T9693] audit: audit_lost=481 audit_rate_limit=0 audit_backlog_limit=64
[  298.178550][ T9544] audit: audit_backlog=65 > audit_backlog_limit=64
[  298.221349][ T9693] input: syz0 as /devices/virtual/input/input164
[  298.323020][ T9700] rust_binder: Error while translating object.
[  298.323078][ T9700] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  298.360065][ T9700] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:40
[  298.699791][ T9708] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  298.699841][ T9708] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  298.725070][ T9708] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:23
[  298.931993][ T9713] SELinux: ebitmap: truncated map
[  298.961456][ T9713] SELinux: failed to load policy
[  299.771404][ T9735] rust_binder: Error while translating object.
[  299.771452][ T9735] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  299.781926][ T9735] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:523
[  300.151899][ T9752] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  300.165877][ T9760] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  300.208991][ T9760] rust_binder: Write failure EINVAL in pid:55
[  300.218978][ T9752] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:45
[  300.484935][ T9767] kvm: vcpu 5: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  300.862563][ T9784] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[  300.862672][ T9784] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  300.881663][ T9784] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:51
[  301.197668][ T9789] rust_binder: Write failure EFAULT in pid:53
[  301.365609][ T9792] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:548
[  301.629244][ T9797] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:553
[  301.650357][ T9799] rust_binder: Write failure EINVAL in pid:62
[  301.839695][ T9806] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  301.921222][ T9813] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  301.985740][ T9813] SELinux: failed to load policy
[  302.016955][ T9813] syz.8.3780: attempt to access beyond end of device
[  302.016955][ T9813] rnullb0: rw=2048, sector=18446744073709551608, nr_sectors = 8 limit=8388608
[  302.228242][ T9821] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[  302.252000][ T9821] rust_binder: Write failure EINVAL in pid:70
[  302.275251][ T9823] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  302.313712][ T9823] rust_binder: Failed to allocate buffer. len:4240, is_oneway:true
[  302.349314][ T9823] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  302.357656][ T9823] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:560
[  302.538539][ T9825] rust_binder: Read failure Err(EAGAIN) in pid:64
[  302.630183][ T9832] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:73
[  302.640388][ T9829] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  302.679039][ T9829] rust_binder: Error in use_page_slow: EBUSY
[  302.707159][ T9829] rust_binder: use_range failure EBUSY
[  302.727610][ T9829] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  302.735255][ T9829] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  302.753933][ T9829] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  302.799299][ T9829] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:73
[  302.928909][   T36] kauditd_printk_skb: 2764 callbacks suppressed
[  302.928933][   T36] audit: type=1400 audit(1750408458.190:78335): avc:  denied  { setattr } for  pid=6691 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  303.021572][   T36] audit: type=1400 audit(1750408458.190:78336): avc:  denied  { setattr } for  pid=6691 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  303.051416][ T9844] audit: audit_backlog=65 > audit_backlog_limit=64
[  303.051747][ T6691] audit: audit_backlog=65 > audit_backlog_limit=64
[  303.057985][ T9844] audit: audit_lost=484 audit_rate_limit=0 audit_backlog_limit=64
[  303.065540][ T6691] audit: audit_lost=485 audit_rate_limit=0 audit_backlog_limit=64
[  303.098987][   T36] audit: type=1400 audit(1750408458.190:78337): avc:  denied  { setattr } for  pid=6691 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  303.128566][ T9844] audit: backlog limit exceeded
[  303.134663][ T7910] audit: audit_backlog=65 > audit_backlog_limit=64
[  303.141285][ T6691] audit: backlog limit exceeded
[  303.257667][ T9853] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:81
[  303.263882][ T9851] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  303.291099][ T9851] rust_binder: Error while translating object.
[  303.308212][ T9851] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  303.328122][ T9851] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:574
[  303.707725][ T9862] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  303.736165][ T9862] rust_binder: Error in use_page_slow: EBUSY
[  303.748925][ T9862] rust_binder: use_range failure EBUSY
[  303.755230][ T9862] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  303.760851][ T9862] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  303.768666][ T9862] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  303.778284][ T9862] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:72
[  303.997175][ T9875] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:587
[  304.019651][ T9875] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:587
[  304.077841][ T9877] syz.7.3801: attempt to access beyond end of device
[  304.077841][ T9877] rnullb0: rw=2048, sector=18446744073709551608, nr_sectors = 8 limit=8388608
[  304.180013][ T9882] input: syz0 as /devices/virtual/input/input165
[  304.439931][ T9888] binder: Unknown parameter 'non'
[  304.548097][ T9892] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  304.574690][ T9890] rust_binder: Error in use_page_slow: ESRCH
[  304.574723][ T9890] rust_binder: use_range failure ESRCH
[  304.588968][ T9890] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[  304.601167][ T9890] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  304.620809][ T9890] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:89
[  304.973951][ T9911] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  305.006584][ T9913] rust_binder: Write failure EINVAL in pid:96
[  305.020293][ T9911] rust_binder: Write failure EINVAL in pid:592
[  305.620666][ T9921] rust_binder: Read failure Err(EFAULT) in pid:600
[  305.845375][ T9929] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  305.865321][ T9929] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:604
[  305.890767][ T9929] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  305.917502][ T9929] rust_binder: Read failure Err(EFAULT) in pid:604
[  305.970393][ T9934] binder: Bad value for 'max'
[  306.113512][ T9937] rust_binder: Error while translating object.
[  306.113571][ T9937] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  306.146042][ T9937] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:101
[  306.179860][ T9941] binder: Unknown parameter '0x0000000000000000'
[  306.302194][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.314376][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.331425][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.352555][ T9943] SELinux:  policydb version 905587468 does not match my version range 15-33
[  306.361828][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.370639][ T9943] SELinux: failed to load policy
[  306.376020][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.387646][ T9943] rust_binder: inc_ref_done called when no active inc_refs
[  306.389863][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.406756][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.415402][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.424989][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.433890][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.442155][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.450580][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.458209][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.466718][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.503817][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.514004][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.523055][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.531224][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.538847][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.548780][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.557188][ T9948] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[  306.557219][ T9948] rust_binder: Error while translating object.
[  306.569658][ T9948] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  306.576065][ T9948] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:106
[  306.586637][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.596942][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.613159][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.627308][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.635943][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.645962][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.654368][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.667906][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.676358][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.690277][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.698115][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.706810][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.719354][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.731649][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.749651][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.757379][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.767943][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.778632][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.789893][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.799558][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.807934][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.819418][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.829553][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.837100][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.846664][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.855404][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.864055][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.873459][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.882211][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.900711][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.908337][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.917102][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.925655][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.934132][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.948521][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.959543][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.975523][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.983686][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  306.998555][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.008245][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.016885][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.025086][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.033348][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.041794][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.050389][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.057875][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.066314][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.074948][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.083154][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.091386][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.100329][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.107975][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.116376][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.125479][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.133974][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.142365][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.150968][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.159057][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.167018][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.174853][   T65] hid-generic FF89:0004:0002.0015: unknown main item tag 0x0
[  307.184611][   T65] hid-generic FF89:0004:0002.0015: hidraw0: <UNKNOWN> HID v0.04 Device [syz0] on syz1
[  307.295203][ T9971] deleting an unspecified loop device is not supported.
[  307.496305][ T9980] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  307.499286][ T9981] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  307.852479][ T9985] fido_id[9985]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  307.956077][   T36] kauditd_printk_skb: 3479 callbacks suppressed
[  307.956100][   T36] audit: type=1400 audit(1750408463.220:81764): avc:  denied  { setattr } for  pid=6691 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  308.004082][   T36] audit: type=1400 audit(1750408463.220:81765): avc:  denied  { setattr } for  pid=6691 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  308.063013][   T36] audit: type=1400 audit(1750408463.220:81766): avc:  denied  { setattr } for  pid=6691 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  308.118438][ T9992] audit: audit_backlog=65 > audit_backlog_limit=64
[  308.122236][ T6691] audit: audit_backlog=65 > audit_backlog_limit=64
[  308.129273][ T9993] audit: audit_backlog=65 > audit_backlog_limit=64
[  308.135385][   T36] audit: type=1400 audit(1750408463.220:81767): avc:  denied  { setattr } for  pid=6691 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  308.162789][ T9991] audit: audit_backlog=65 > audit_backlog_limit=64
[  308.166840][ T9993] audit: audit_lost=504 audit_rate_limit=0 audit_backlog_limit=64
[  308.169409][ T9992] audit: audit_lost=505 audit_rate_limit=0 audit_backlog_limit=64
[  308.356416][T10000] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  308.425722][T10005] rust_binder: validate_parent_fixup: fixup_min_offset=29, parent_offset=27
[  308.461320][T10005] rust_binder: Error while translating object.
[  308.490070][T10005] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  308.493662][T10007] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:637
[  308.507170][T10005] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:117
[  308.598957][ T2833] ==================================================================
[  308.616608][ T2833] BUG: KASAN: null-ptr-deref in down_write+0x83/0x2a0
[  308.623598][ T2833] Write of size 8 at addr 0000000000000098 by task kworker/1:5/2833
[  308.632152][ T2833] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  308.634527][ T2833] CPU: 1 UID: 0 PID: 2833 Comm: kworker/1:5 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  308.634565][ T2833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  308.634580][ T2833] Workqueue: events _RNvXs6_NtCs43vyB533jt3_6kernel9workqueueINtNtNtB7_4sync3arc3ArcNtNtCshgDM7dBCdno_11rust_binder7process7ProcessEINtB5_15WorkItemPointerKy0_E3runB13_
[  308.634641][ T2833] Call Trace:
[  308.634649][ T2833]  <TASK>
[  308.634658][ T2833]  __dump_stack+0x21/0x30
[  308.634685][ T2833]  dump_stack_lvl+0x10c/0x190
[  308.634708][ T2833]  ? __cfi_dump_stack_lvl+0x10/0x10
[  308.634730][ T2833]  ? _RNvMs0_NtCshgDM7dBCdno_11rust_binder4nodeNtB5_4Node22update_refcount_locked+0x3aa/0x810
[  308.634764][ T2833]  print_report+0x3d/0x70
[  308.634783][ T2833]  kasan_report+0x163/0x1a0
[  308.634811][ T2833]  ? down_write+0x83/0x2a0
[  308.634832][ T2833]  ? down_write+0x83/0x2a0
[  308.634853][ T2833]  kasan_check_range+0x299/0x2a0
[  308.634880][ T2833]  __kasan_check_write+0x18/0x20
[  308.634901][ T2833]  down_write+0x83/0x2a0
[  308.634921][ T2833]  ? __cfi_down_write+0x10/0x10
[  308.634941][ T2833]  ? _raw_spin_lock+0x8c/0x120
[  308.634961][ T2833]  ? __cfi__raw_spin_lock+0x10/0x10
[  308.634996][ T2833]  ? mutex_unlock+0x8b/0x240
[  308.635014][ T2833]  ? __cfi_mutex_unlock+0x10/0x10
[  308.635033][ T2833]  rust_binderfs_remove_file+0x6c/0x110
[  308.635053][ T2833]  _RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x9d4/0x2860
[  308.635083][ T2833]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  308.635107][ T2833]  ? update_curr_dl_se+0x10c/0xb20
[  308.635131][ T2833]  ? __cfi___update_load_avg_cfs_rq+0x10/0x10
[  308.635152][ T2833]  ? update_curr+0x60d/0xc60
[  308.635177][ T2833]  ? __cfi__RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x10/0x10
[  308.635208][ T2833]  ? update_load_avg+0x506/0x19a0
[  308.635226][ T2833]  ? detach_entity_load_avg+0x7b0/0x7b0
[  308.635250][ T2833]  ? __kasan_record_aux_stack+0xb2/0xd0
[  308.635270][ T2833]  ? process_scheduled_works+0x7d2/0x1020
[  308.635296][ T2833]  ? dequeue_entity+0xa9c/0x1750
[  308.635317][ T2833]  ? __kasan_check_write+0x18/0x20
[  308.635339][ T2833]  ? tg_unthrottle_up+0x980/0x980
[  308.635359][ T2833]  ? kvm_sched_clock_read+0x15/0x30
[  308.635380][ T2833]  ? kvm_sched_clock_read+0x15/0x30
[  308.635400][ T2833]  ? sched_clock_noinstr+0xd/0x30
[  308.635419][ T2833]  ? sched_clock+0x44/0x60
[  308.635439][ T2833]  ? sched_clock_cpu+0x75/0x400
[  308.635461][ T2833]  ? __cfi___update_load_avg_cfs_rq+0x10/0x10
[  308.635481][ T2833]  ? __cfi_min_vruntime_cb_rotate+0x10/0x10
[  308.635507][ T2833]  ? __cfi_sched_clock_cpu+0x10/0x10
[  308.635530][ T2833]  ? __kasan_check_write+0x18/0x20
[  308.635550][ T2833]  ? __switch_to+0xc7b/0x1310
[  308.635570][ T2833]  ? psi_group_change+0xb44/0x1130
[  308.635587][ T2833]  ? __cfi___switch_to+0x10/0x10
[  308.635607][ T2833]  ? _raw_spin_unlock+0x45/0x60
[  308.635627][ T2833]  ? __switch_to_asm+0x3d/0x70
[  308.635648][ T2833]  ? __schedule+0x1463/0x1f10
[  308.635671][ T2833]  ? kick_pool+0xad/0x550
[  308.635696][ T2833]  process_scheduled_works+0x7d2/0x1020
[  308.635719][ T2833]  worker_thread+0xc58/0x1250
[  308.635740][ T2833]  ? try_to_wake_up+0xdd2/0x1aa0
[  308.635765][ T2833]  ? schedule+0xc6/0x240
[  308.635787][ T2833]  kthread+0x2c7/0x370
[  308.635808][ T2833]  ? __cfi_worker_thread+0x10/0x10
[  308.635828][ T2833]  ? __cfi_kthread+0x10/0x10
[  308.635849][ T2833]  ret_from_fork+0x64/0xa0
[  308.635867][ T2833]  ? __cfi_kthread+0x10/0x10
[  308.635887][ T2833]  ret_from_fork_asm+0x1a/0x30
[  308.635908][ T2833]  </TASK>
[  308.635915][ T2833] ==================================================================
[  309.004355][ T2833] Disabling lock debugging due to kernel taint
[  309.011311][ T2833] BUG: kernel NULL pointer dereference, address: 0000000000000098
[  309.019678][ T2833] #PF: supervisor write access in kernel mode
[  309.026307][ T2833] #PF: error_code(0x0002) - not-present page
[  309.032335][ T2833] PGD 0 P4D 0 
[  309.035843][ T2833] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI
[  309.042237][ T2833] CPU: 1 UID: 0 PID: 2833 Comm: kworker/1:5 Tainted: G    B              6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[  309.058017][ T2833] Tainted: [B]=BAD_PAGE
[  309.062201][ T2833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  309.072555][ T2833] Workqueue: events _RNvXs6_NtCs43vyB533jt3_6kernel9workqueueINtNtNtB7_4sync3arc3ArcNtNtCshgDM7dBCdno_11rust_binder7process7ProcessEINtB5_15WorkItemPointerKy0_E3runB13_
[  309.089899][ T2833] RIP: 0010:down_write+0x9a/0x2a0
[  309.095147][ T2833] Code: 48 c7 44 24 20 00 00 00 00 be 08 00 00 00 e8 2d 34 55 fc 4c 89 f7 be 08 00 00 00 e8 20 34 55 fc 48 8b 44 24 20 b9 01 00 00 00 <f0> 48 0f b1 0b 0f 85 a0 00 00 00 48 c7 c0 c0 b9 20 87 48 c1 e8 03
[  309.114783][ T2833] RSP: 0000:ffffc90000f4f500 EFLAGS: 00010256
[  309.120870][ T2833] RAX: 0000000000000000 RBX: 0000000000000098 RCX: 0000000000000001
[  309.129114][ T2833] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc90000f4f520
[  309.137198][ T2833] RBP: ffffc90000f4f598 R08: ffffc90000f4f527 R09: 1ffff920001e9ea4
[  309.145529][ T2833] R10: dffffc0000000000 R11: fffff520001e9ea5 R12: dffffc0000000000
[  309.153685][ T2833] R13: 1ffff920001e9ea0 R14: ffffc90000f4f520 R15: 0000000000000000
[  309.161927][ T2833] FS:  0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  309.171146][ T2833] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  309.177781][ T2833] CR2: 0000000000000098 CR3: 00000001293d6000 CR4: 00000000003526b0
[  309.186127][ T2833] DR0: fffffffffffffff8 DR1: 0000000000000006 DR2: 0200000000000000
[  309.194104][ T2833] DR3: 0000000000000005 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  309.202178][ T2833] Call Trace:
[  309.205467][ T2833]  <TASK>
[  309.208406][ T2833]  ? __cfi_down_write+0x10/0x10
[  309.213289][ T2833]  ? _raw_spin_lock+0x8c/0x120
[  309.218256][ T2833]  ? __cfi__raw_spin_lock+0x10/0x10
[  309.223858][ T2833]  ? mutex_unlock+0x8b/0x240
[  309.228483][ T2833]  ? __cfi_mutex_unlock+0x10/0x10
[  309.233696][ T2833]  rust_binderfs_remove_file+0x6c/0x110
[  309.239448][ T2833]  _RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x9d4/0x2860
[  309.252227][ T2833]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  309.258477][ T2833]  ? update_curr_dl_se+0x10c/0xb20
[  309.263703][ T2833]  ? __cfi___update_load_avg_cfs_rq+0x10/0x10
[  309.269958][ T2833]  ? update_curr+0x60d/0xc60
[  309.274646][ T2833]  ? __cfi__RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x10/0x10
[  309.289343][ T2833]  ? update_load_avg+0x506/0x19a0
[  309.294573][ T2833]  ? detach_entity_load_avg+0x7b0/0x7b0
[  309.300494][ T2833]  ? __kasan_record_aux_stack+0xb2/0xd0
[  309.306044][ T2833]  ? process_scheduled_works+0x7d2/0x1020
[  309.312034][ T2833]  ? dequeue_entity+0xa9c/0x1750
[  309.316990][ T2833]  ? __kasan_check_write+0x18/0x20
[  309.322202][ T2833]  ? tg_unthrottle_up+0x980/0x980
[  309.327436][ T2833]  ? kvm_sched_clock_read+0x15/0x30
[  309.332893][ T2833]  ? kvm_sched_clock_read+0x15/0x30
[  309.338187][ T2833]  ? sched_clock_noinstr+0xd/0x30
[  309.343312][ T2833]  ? sched_clock+0x44/0x60
[  309.347860][ T2833]  ? sched_clock_cpu+0x75/0x400
[  309.352725][ T2833]  ? __cfi___update_load_avg_cfs_rq+0x10/0x10
[  309.359184][ T2833]  ? __cfi_min_vruntime_cb_rotate+0x10/0x10
[  309.365100][ T2833]  ? __cfi_sched_clock_cpu+0x10/0x10
[  309.370744][ T2833]  ? __kasan_check_write+0x18/0x20
[  309.376416][ T2833]  ? __switch_to+0xc7b/0x1310
[  309.381395][ T2833]  ? psi_group_change+0xb44/0x1130
[  309.386551][ T2833]  ? __cfi___switch_to+0x10/0x10
[  309.391764][ T2833]  ? _raw_spin_unlock+0x45/0x60
[  309.396890][ T2833]  ? __switch_to_asm+0x3d/0x70
[  309.401872][ T2833]  ? __schedule+0x1463/0x1f10
[  309.406642][ T2833]  ? kick_pool+0xad/0x550
[  309.411336][ T2833]  process_scheduled_works+0x7d2/0x1020
[  309.416999][ T2833]  worker_thread+0xc58/0x1250
[  309.421685][ T2833]  ? try_to_wake_up+0xdd2/0x1aa0
[  309.426812][ T2833]  ? schedule+0xc6/0x240
[  309.431254][ T2833]  kthread+0x2c7/0x370
[  309.435479][ T2833]  ? __cfi_worker_thread+0x10/0x10
[  309.440688][ T2833]  ? __cfi_kthread+0x10/0x10
[  309.445641][ T2833]  ret_from_fork+0x64/0xa0
[  309.450248][ T2833]  ? __cfi_kthread+0x10/0x10
[  309.454933][ T2833]  ret_from_fork_asm+0x1a/0x30
[  309.459803][ T2833]  </TASK>
[  309.462946][ T2833] Modules linked in:
[  309.466944][ T2833] CR2: 0000000000000098
[  309.471281][ T2833] ---[ end trace 0000000000000000 ]---
[  309.477063][ T2833] RIP: 0010:down_write+0x9a/0x2a0
[  309.482150][ T2833] Code: 48 c7 44 24 20 00 00 00 00 be 08 00 00 00 e8 2d 34 55 fc 4c 89 f7 be 08 00 00 00 e8 20 34 55 fc 48 8b 44 24 20 b9 01 00 00 00 <f0> 48 0f b1 0b 0f 85 a0 00 00 00 48 c7 c0 c0 b9 20 87 48 c1 e8 03
[  309.502197][ T2833] RSP: 0000:ffffc90000f4f500 EFLAGS: 00010256
[  309.508290][ T2833] RAX: 0000000000000000 RBX: 0000000000000098 RCX: 0000000000000001
[  309.516266][ T2833] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc90000f4f520
[  309.524458][ T2833] RBP: ffffc90000f4f598 R08: ffffc90000f4f527 R09: 1ffff920001e9ea4
[  309.532716][ T2833] R10: dffffc0000000000 R11: fffff520001e9ea5 R12: dffffc0000000000
[  309.540896][ T2833] R13: 1ffff920001e9ea0 R14: ffffc90000f4f520 R15: 0000000000000000
[  309.549077][ T2833] FS:  0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  309.558341][ T2833] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  309.565053][ T2833] CR2: 0000000000000098 CR3: 00000001293d6000 CR4: 00000000003526b0
[  309.573313][ T2833] DR0: fffffffffffffff8 DR1: 0000000000000006 DR2: 0200000000000000
[  309.581510][ T2833] DR3: 0000000000000005 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  309.589524][ T2833] Kernel panic - not syncing: Fatal exception
[  309.596294][ T2833] Kernel Offset: disabled
[  309.600869][ T2833] Rebooting in 86400 seconds..