last executing test programs:

7m39.106011504s ago: executing program 3 (id=1625):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000010c0), 0x2, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000480)={{0x0, 0x3, 0x0, 0x3}, 'syz0\x00', 0x2})
ioctl$UI_SET_KEYBIT(r1, 0x40045565, 0x2c0)
ioctl$UI_DEV_CREATE(r1, 0x5501)
ioctl$UI_SET_KEYBIT(r1, 0x40045565, 0x10f)
ioctl$UI_DEV_CREATE(r1, 0x5501)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x174}]})
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000002c0)={0x8, 0x0, [{0x24d, 0x0, 0x78}, {0x252, 0x0, 0x1}, {0x24d}, {0xa7e, 0x0, 0x28000}, {0x40000104, 0x0, 0x9}, {0xba7, 0x0, 0x7}, {0x230, 0x0, 0xffff}, {0xb02, 0x0, 0x1}]})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@handle={0x73682a85, 0x0, 0x3}, @ptr={0x70742a85, 0x1, &(0x7f0000001580)=""/4096, 0x1000, 0x0, 0x25}, @fda={0x66646185, 0xa, 0x2, 0x40}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

7m38.991766826s ago: executing program 3 (id=1626):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0x100000002)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r1, 0x0)
ioctl$ASHMEM_SET_NAME(r1, 0x40087708, &(0x7f0000002600)='\x00\x00\x03\x06\x00\x00\x00\x05\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80`4/\xe9\x15\x9a\x9f\xf0:\xfd$\xad\xbb\x9a|c\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\x16\\n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84\x04;\xc5[\nja\xb9\'\xc9#\xfcx\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~~\x84\\\xe4\x00B\x05\xd4\xea\xea\x7f=\xc6:\\N\xc3\xb7Vw\xc6\x9c\x96s\xaaHL\x96\xc72\n\x18Ynj\xceTS\xfbl\x0f\x9f8M\f\x89\xa1\xd2Hs`\x8bp\x8a\xc4%\xf8\x1d3\nV\x9a\xaf\x1f\xf96^\x93\xc1\xaf)\rg\x86\xd6\xea\xa9\x0f\x9a\xf1V\x1b\xbf\x8b\'-\xab\x8e\t7\xd3\xf7\xa9v\xfbY\xe6\x9b^d\x8c\xb1\xdd')
ioctl$ASHMEM_SET_NAME(r1, 0x40087707, &(0x7f0000000300)='\x00\x00\x00\x06\x00\x00\x03\x00\x00x\x92\x12\xbc\x00\x00\xbb\x0642\x9c\x1a\xd1\xcbx\xb0\xd6\x1e\x10gQ\xca\x0e;\xf7\'\x8c\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn\x05\x00\x00\x00-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \xac\xc4K\x03\xfa\x13Vz\xbf\xe3c\x8d \x0f\xb1\xe9\xf2oci(\xcb\x82\x05\xfe[H\xaf\x01\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafd%\xf1\xdbjE\x01\xd1sD5hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\x851Y9OB\xdeB\xe1\x02-&\"1hS\x92\xe4$-\x02\x00\xe4\x8e\"\x85\xc9x\xef\x81E.r\x89\xe5\x00\x9e\x97\x96\xb8j\x81\xf0\xdca\xfb\xa6\xff\xff\xff\xff\x00\x00\x00\x00d\xf0\xf1j\x11\x12\xc0\xbb\xfdq~#\xf7\xa8\"$,\xf4\x84|\x89o\x00<\xa6-\xb0\xd3\x80\xbe\xcf\a\x00\xfc\xa6\xb1\x05\x94\x84l\xbfA\xeb\xd8\t\x00\x00\x00CvNhx461\x04N<\xedV\xcet\xaa~\xf3j\x94\xec\x92\x86uY\xf6\xb5\t?,~\xa67\\\xb9\xc9K\xf8\x9d\x96\xc0\xb5\xc7wF\x99\x12\x97T\x90.\x9c\xe3\x9a\xf1\xb9\x9c\x13\xbc\x19\xde/\xaahB\t\x97\a03\xcd\xb3\xc8\xd5l\x14!\xf9Xg2\x1d\xeeB\xccT\x0e\xd8\xef\xc8\xe9\xb4\xf3l\xc3\xf2\x998\xc8\xc2|2\xee\xb4W\x99f.\xeb\xe9\x05\xcbkz3+\xdd\xe1*8\x95@0t0\xad\xe3#\xd7\x19\xe7Q\xdfmI\xe5\x1e\xe4\x87\xc9\x8f\xa7\xe0\xd9v\xf6\x01\x9d\x8f`,\x1a8\x81I\x86l\x8f2\r:\xc1\x02\xd6Z%\xa7Ks\x8bUolS\x05\xbe\x97\x1fGe\x94\xa6\xa3\xab\xdb\r\x17\xff[\xb1\x00\xff\x7f\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x45809000)
read(r0, &(0x7f0000000040)=""/106, 0x6a)

7m38.933825537s ago: executing program 3 (id=1628):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4188aec6, &(0x7f0000000040))
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r2, 0x8008ae9d, &(0x7f0000000240)=""/131)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, r3, 0x400000000)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)=0x20)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r4, 0x0, 0xfffffffffffffe9c)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
mmap(&(0x7f0000868000/0x5000)=nil, 0x5000, 0x100000c, 0x13, r5, 0x4a9b6000)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x10004, 0x5, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000000)=@x86={0x5, 0x5, 0x17, 0x0, 0x3, 0xf9, 0x2, 0x79, 0xff, 0x8, 0x1, 0x1, 0x0, 0x8, 0x5, 0x4, 0x72, 0x7, 0xfa, '\x00', 0x3})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/binder0\x00', 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = openat$cgroup_int(r10, &(0x7f0000000080)='cpuset.cpus\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000140)={0xa4, 0x0, &(0x7f0000000600)=[@enter_looper, @clear_death={0x400c630f, 0x4}, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000440)={@fd={0x66642a85, 0x0, r6}, @ptr={0x70742a85, 0x0, &(0x7f0000000300)=""/157, 0x9d, 0x0, 0x13}, @fd={0x66642a85, 0x0, r10}}, &(0x7f00000003c0)={0x0, 0x18, 0x40}}}, @transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000580)={@flat=@weak_handle={0x77682a85, 0x300b, 0x2}, @flat=@weak_handle={0x77682a85, 0x1000}, @fd}, &(0x7f00000004c0)={0x0, 0x18, 0x30}}, 0x40}], 0x0, 0x0, 0x0})
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x40010, r11, 0xda73b000)

7m38.822985878s ago: executing program 3 (id=1630):
r0 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000080)=0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs2/custom1\x00', 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000001000000000000000000000000000000001b0300ff"])
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008004"])
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1})
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs2\x00', 0x0, 0x2000000, &(0x7f0000000000)=ANY=[])

7m38.72775818s ago: executing program 3 (id=1634):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f00000005c0)=ANY=[@ANYBLOB="0101000000000000fcffffffffffffff04000000000000000300000000000000a8000000000000000700000000000000f8ffffffffff1096dcef90a84cdb4ca0a4ffff00000000000000000000000000000000000000000000000000000000000000000200000000000000000200000000de9f050116941d773a132e13564d54b6618600000000000000040000000000000000000000e40e9c6d00000820000000000000000000000000000000000100000000005f0300000000000001000000000000000000000000000000000000000000000006"])
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_BEGIN_FF_ERASE(r2, 0xc00c55ca, &(0x7f0000000580)={0x2, 0x5, 0xe})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000b80), 0x0, 0x0)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r6, 0xaec7) (async)
ioctl$KVM_RESET_DIRTY_RINGS(r6, 0xaec7)
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r8, 0x8040ae9f, &(0x7f0000000280)=@arm64)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r9, 0x401c5820, &(0x7f0000000080)={0x8}) (async)
ioctl$FS_IOC_FSSETXATTR(r9, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
write$selinux_load(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757813"], 0x65)
openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x141000, 0x0) (async)
r10 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x141000, 0x0)
ioctl$PTP_SYS_OFFSET(r10, 0x40043d14, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r11 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) (async)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r12, 0x4138ae84, &(0x7f0000000100)={{0xffff0000, 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x5002, 0x0, 0x0, 0x8, 0x0, 0x0, 0x81, 0x0, 0x44, 0xe, 0x0, 0x3}, {0x8080000}, {0x11000, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1a}, {0x100000, 0xd000, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0x0, 0x84}, {0xeeee8000, 0x80a0000, 0x9}, {0x0, 0x0, 0x0, 0x82}, {0x6000}, {0x1, 0xfffe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900, [0x0, 0x0, 0x0, 0x3]})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap(&(0x7f000042e000/0x1000)=nil, 0x1000, 0x0, 0x40010, r1, 0x3e48c000)

7m38.507694174s ago: executing program 3 (id=1637):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000580)='hugetlb.1GB.max_usage_in_bytes\x00', 0x2, 0x0)
write$cgroup_int(r2, &(0x7f00000003c0)=0x1000, 0x12)
mkdirat$cgroup(r1, &(0x7f0000000080)='syz1\x00', 0x1ff)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000140)={0x0, 0x2c0, 0x0, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x98bd, 0x800000000000009, 0x0, 0x100000000000004, 0x10000, 0x100, 0x9004, 0x0, 0x3, 0x5, 0x5, 0x49, 0x3ff, 0x5, 0x0, 0x9, 0x8, 0x7, 0x1c1, 0x1000000003, 0x2, 0x2, 0x6, 0x7, 0x96, 0xffffffff, 0xffffffff00000000, 0x0, 0x4, 0x7, 0x23b, 0x3, 0x2, 0x888f, 0xd8, 0x8, 0x6, 0x6, 0x3, 0xa3de, 0x20000000006, 0x8, 0x5c3e, 0x400, 0x3, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x2, 0xe, 0x7, 0x4, 0xe6, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0xc, 0xd, 0x9, 0xe8, 0x80000000, 0xfffffffffffffc00, 0x2, 0x4, 0x2, 0xcdc, 0x7, 0x2, 0x3, 0x2, 0x5, 0xfff, 0x6, 0x4, 0x6, 0xab6, 0x0, 0x4, 0xfff, 0xffffffffffffff81, 0x9, 0xff, 0x6, 0x28000000, 0x5, 0x400000000008061d, 0x3, 0x8, 0xf6, 0x4, 0x6, 0x200, 0x7, 0xe53e, 0x2c, 0x8, 0x2293332f, 0x6, 0x5, 0x0, 0xd, 0x2, 0x5, 0x2, 0x2, 0x7, 0xdfd4, 0xfffd, 0x10, 0x8, 0x8, 0x1, 0x53e0f0fe, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0xcc, 0x8, 0x3]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4138ae84, &(0x7f0000000c40)=@arm64={0x9, 0x40, 0x3, '\x00', 0x7})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xff, 0x1, 0x0, 0x2, 0xff, 0x8, 0x99, 0x0, 0x0, 0xd, 0x10, 0x0, 0x20006, 0xf0, 0x0, 0x1, 0x4, 0xfe, '\x00', 0x0, 0x3})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000003, 0x10010, r6, 0xc5513000)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
ioctl$KVM_SET_SREGS(r8, 0x4138ae84, &(0x7f0000000100)={{0x10000, 0x4000, 0x10, 0x3, 0x12, 0x3, 0x2, 0x1, 0xce, 0xfb, 0x40}, {0xd000, 0x2000, 0xc, 0x3, 0x7, 0x6, 0x4, 0x8, 0x20, 0xf, 0x0, 0x81}, {0x1000, 0x10000, 0x8, 0x10, 0x8, 0x3, 0xc, 0xf, 0x81, 0x4, 0x8, 0xa8}, {0x100000, 0xd000, 0xb, 0x9, 0x4, 0x3, 0x7, 0x4, 0x67, 0x4, 0x6, 0x8}, {0x100000, 0x5000, 0xa, 0xa5, 0x0, 0x4, 0xa, 0x3, 0x29}, {0x3000, 0x10000, 0xf, 0x5, 0x30, 0xc, 0xf, 0xc5, 0x0, 0x6b, 0x1b, 0x1}, {0xf000, 0x10000, 0xb, 0x3, 0x3, 0x3, 0x3, 0x7, 0x6, 0x2, 0x3, 0xa}, {0x2, 0x10f000, 0x10, 0x2, 0x4, 0x14, 0x2, 0x56, 0x23, 0x3, 0xf7, 0x5}, {0x100000, 0x401}, {0x4000, 0x1477}, 0x90000010, 0x0, 0x3000, 0x4002, 0x1, 0x901, 0x0, [0x7, 0x9, 0x5]})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = openat$cgroup_type(r9, &(0x7f0000000100), 0x2, 0x0)
r11 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r11, 0x0, 0x32600)
read(r10, &(0x7f00000001c0)=""/109, 0x6d)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x0, 0x3})

7m29.890413431s ago: executing program 32 (id=1550):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)

7m28.990781405s ago: executing program 0 (id=1726):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x200400, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r1, 0xc0403d08, 0xfffffffffffffffe) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000580)={@ptr={0x70742a85, 0x0, &(0x7f00000001c0)=""/75, 0x4b, 0x0, 0x32}, @fda={0x66646185, 0x7, 0x0, 0x16}, @ptr={0x70742a85, 0xfffffffc, 0x0, 0x0, 0x1}}, &(0x7f00000004c0)={0x0, 0x28, 0x48}}, 0x1000}], 0x0, 0x0, 0x0})

7m28.867819987s ago: executing program 0 (id=1727):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x1a1842, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f0000000240)={0x0, 0x107000})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs2/custom0\x00', 0x2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0xa, 0x2})
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x4702, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r6, 0x540b, 0x0)
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f00000001c0)={0x2})
r7 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='blkio.throttle.read_iops_device\x00', 0x2, 0x0)
write$cgroup_int(r7, &(0x7f0000000040)=0x8, 0x12)
ioctl$TUNATTACHFILTER(r1, 0x401054d5, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r8 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xe)
ioctl$TCFLSH(r8, 0x540b, 0xfffffffffffffffd)

7m28.70739992s ago: executing program 0 (id=1729):
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$UHID_CREATE2(r0, 0x0, 0x3000000)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
syz_clone3(&(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x5c)
mmap(&(0x7f0000797000/0x2000)=nil, 0x2000, 0x3000001, 0x22052, r1, 0x2000)

7m28.607402742s ago: executing program 0 (id=1731):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7a)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f00000002c0)={0x1, 0x0, [{0x872, 0x0, 0x7f}]})
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_SET_TIME(r6, 0x4024700a, &(0x7f0000000080)={0x25, 0x39, 0x8, 0x7, 0xa, 0x80, 0x4, 0xf, 0xffffffffffffffff})
mmap$binder(&(0x7f00000a0000)=nil, 0x0, 0x1, 0x11, r2, 0x8000)

7m28.343486616s ago: executing program 0 (id=1733):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
prctl$PR_GET_NAME(0x10, &(0x7f0000000cc0)=""/142)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r3, 0x54a3)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000009d02"])
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
close_range(r0, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r4, 0x45809000)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x40082, 0x0)
mmap(&(0x7f00001be000/0x1000)=nil, 0x1000, 0x4, 0x13, r2, 0xe1b33000)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000080)=0x2)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, 0x0)
read(r4, &(0x7f0000000040)=""/106, 0x6a)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000280)=0x10)
ioctl$TIOCGDEV(r6, 0x80045432, &(0x7f00000000c0))

7m27.807882485s ago: executing program 0 (id=1734):
r0 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000140)={[{0x2d, 'perf_event'}, {0x2b, 'devices'}, {0x2b, 'cpu'}, {0x2d, 'hugetlb'}, {0x2d, 'cpuset'}]}, 0x2b)
write$cgroup_subtree(r0, &(0x7f0000000100)={[{0x2d, 'devices'}, {0x2b, 'net'}, {0x2b, 'rdma'}]}, 0x14)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x8, 0x0, &(0x7f0000000000)=[@acquire={0x40046305, 0x2}], 0x0, 0x0, 0x0})

7m23.509835593s ago: executing program 33 (id=1637):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000580)='hugetlb.1GB.max_usage_in_bytes\x00', 0x2, 0x0)
write$cgroup_int(r2, &(0x7f00000003c0)=0x1000, 0x12)
mkdirat$cgroup(r1, &(0x7f0000000080)='syz1\x00', 0x1ff)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000140)={0x0, 0x2c0, 0x0, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x98bd, 0x800000000000009, 0x0, 0x100000000000004, 0x10000, 0x100, 0x9004, 0x0, 0x3, 0x5, 0x5, 0x49, 0x3ff, 0x5, 0x0, 0x9, 0x8, 0x7, 0x1c1, 0x1000000003, 0x2, 0x2, 0x6, 0x7, 0x96, 0xffffffff, 0xffffffff00000000, 0x0, 0x4, 0x7, 0x23b, 0x3, 0x2, 0x888f, 0xd8, 0x8, 0x6, 0x6, 0x3, 0xa3de, 0x20000000006, 0x8, 0x5c3e, 0x400, 0x3, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x2, 0xe, 0x7, 0x4, 0xe6, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0xc, 0xd, 0x9, 0xe8, 0x80000000, 0xfffffffffffffc00, 0x2, 0x4, 0x2, 0xcdc, 0x7, 0x2, 0x3, 0x2, 0x5, 0xfff, 0x6, 0x4, 0x6, 0xab6, 0x0, 0x4, 0xfff, 0xffffffffffffff81, 0x9, 0xff, 0x6, 0x28000000, 0x5, 0x400000000008061d, 0x3, 0x8, 0xf6, 0x4, 0x6, 0x200, 0x7, 0xe53e, 0x2c, 0x8, 0x2293332f, 0x6, 0x5, 0x0, 0xd, 0x2, 0x5, 0x2, 0x2, 0x7, 0xdfd4, 0xfffd, 0x10, 0x8, 0x8, 0x1, 0x53e0f0fe, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0xcc, 0x8, 0x3]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4138ae84, &(0x7f0000000c40)=@arm64={0x9, 0x40, 0x3, '\x00', 0x7})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xff, 0x1, 0x0, 0x2, 0xff, 0x8, 0x99, 0x0, 0x0, 0xd, 0x10, 0x0, 0x20006, 0xf0, 0x0, 0x1, 0x4, 0xfe, '\x00', 0x0, 0x3})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000003, 0x10010, r6, 0xc5513000)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
ioctl$KVM_SET_SREGS(r8, 0x4138ae84, &(0x7f0000000100)={{0x10000, 0x4000, 0x10, 0x3, 0x12, 0x3, 0x2, 0x1, 0xce, 0xfb, 0x40}, {0xd000, 0x2000, 0xc, 0x3, 0x7, 0x6, 0x4, 0x8, 0x20, 0xf, 0x0, 0x81}, {0x1000, 0x10000, 0x8, 0x10, 0x8, 0x3, 0xc, 0xf, 0x81, 0x4, 0x8, 0xa8}, {0x100000, 0xd000, 0xb, 0x9, 0x4, 0x3, 0x7, 0x4, 0x67, 0x4, 0x6, 0x8}, {0x100000, 0x5000, 0xa, 0xa5, 0x0, 0x4, 0xa, 0x3, 0x29}, {0x3000, 0x10000, 0xf, 0x5, 0x30, 0xc, 0xf, 0xc5, 0x0, 0x6b, 0x1b, 0x1}, {0xf000, 0x10000, 0xb, 0x3, 0x3, 0x3, 0x3, 0x7, 0x6, 0x2, 0x3, 0xa}, {0x2, 0x10f000, 0x10, 0x2, 0x4, 0x14, 0x2, 0x56, 0x23, 0x3, 0xf7, 0x5}, {0x100000, 0x401}, {0x4000, 0x1477}, 0x90000010, 0x0, 0x3000, 0x4002, 0x1, 0x901, 0x0, [0x7, 0x9, 0x5]})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = openat$cgroup_type(r9, &(0x7f0000000100), 0x2, 0x0)
r11 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r11, 0x0, 0x32600)
read(r10, &(0x7f00000001c0)=""/109, 0x6d)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x0, 0x3})

7m12.523899308s ago: executing program 34 (id=1734):
r0 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000140)={[{0x2d, 'perf_event'}, {0x2b, 'devices'}, {0x2b, 'cpu'}, {0x2d, 'hugetlb'}, {0x2d, 'cpuset'}]}, 0x2b)
write$cgroup_subtree(r0, &(0x7f0000000100)={[{0x2d, 'devices'}, {0x2b, 'net'}, {0x2b, 'rdma'}]}, 0x14)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x8, 0x0, &(0x7f0000000000)=[@acquire={0x40046305, 0x2}], 0x0, 0x0, 0x0})

3m21.574757428s ago: executing program 1 (id=4922):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x68800, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_freeze_timeout', 0x200, 0x20)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x4018aee2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x3)
ioctl$BLKRRPART(r0, 0x125f, 0x0)

3m21.431459711s ago: executing program 1 (id=4924):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x50, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70"})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180))
ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000100)={[{0x3, 0x10, 0x7c, 0x1, 0x81, 0x5, 0x8, 0x0, 0x2, 0xfc, 0x3, 0xfd, 0x5}, {0x5b5d, 0xd4, 0x7f, 0x3, 0x9, 0x8, 0x5, 0x0, 0x38, 0x8, 0x40, 0x2, 0x8}, {0x5, 0x9, 0x1, 0x0, 0x3, 0x7f, 0x8, 0x1, 0x2, 0x7f, 0x7e, 0xa, 0xc}], 0x5})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x7ffd, 0x7, 0x0, 0x1c, 0x5, 0x2, 0xd, 0x2, 0xf9, 0x1, 0x80, 0x9, 0x1}, {0x6, 0x80, 0x8, 0xc4, 0x8, 0x7, 0x8, 0x9, 0x7, 0xff, 0x0, 0x81}, {0xe2a5, 0xd, 0x1, 0x9, 0x2, 0x6, 0x9, 0x8, 0x7f, 0x6, 0x56, 0x7, 0x100}], 0x4})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7fffffff], 0x80a0000})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$binder(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x200)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_clone3(&(0x7f0000000b40)={0x2000000, 0x0, 0x0, 0x0, {0x2e}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_CLEAR_DIRTY_LOG(r7, 0xc018aec0, &(0x7f0000000140)={0x0, 0x1c0, 0x3c0, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x98bd, 0x800000000000009, 0xfffffffffffffffe, 0x4, 0x10000, 0x100, 0x1004, 0x0, 0x8, 0x5, 0x5, 0x9, 0x9, 0x5, 0x2, 0x9, 0x8, 0x7, 0xc1, 0x3, 0x2, 0x2, 0x6, 0x9, 0x96, 0xf0, 0xffffffff00000000, 0x4, 0x4, 0x7, 0x23b, 0x3, 0x2, 0x888f, 0xffffffff, 0x8, 0x6, 0x6, 0x3, 0x4, 0x20000000006, 0x8, 0x9, 0x400, 0x3, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x2, 0xe, 0x6, 0x4, 0xea, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x5, 0x1, 0x47bc, 0xd, 0x6, 0xbbdc, 0x80000000, 0xfffffffffffffc00, 0x2, 0xb, 0x2, 0xcdc, 0x7, 0x2, 0x3, 0x2, 0x5, 0x2, 0x6, 0x0, 0x3403, 0xab6, 0x0, 0x4, 0x0, 0xffffffffffffff81, 0x9, 0xff, 0x6, 0x28000000, 0x5, 0x61d, 0x3, 0x7, 0xf6, 0x4, 0x6, 0x200, 0x7, 0xe53e, 0x2b, 0x8, 0x2293332f, 0x4, 0x5, 0x0, 0xd, 0x2, 0x80000001, 0x981, 0x2, 0x7, 0xdfd4, 0xfffd, 0x10, 0x5, 0x8, 0x1, 0x9, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0xcc, 0x8, 0x3]})
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x8, 0x0, &(0x7f0000000340)=[@increfs], 0x0, 0x0, 0x0})

3m20.631670213s ago: executing program 1 (id=4932):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000240), 0x20083, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffa) (async)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x4, 0x6031, 0xffffffffffffffff, 0x0) (async)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2e542, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) (async)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f00000001c0)=ANY=[])
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000700)={"ce85bf2fb3cd8f0e18f44494adfd754252f57b44e3463dfcb57b5aa2b43cd438723b695eec6b4426ea40a206b9cdbc407406838fcc7114ee6e137328f81af34923eb4829d751fe67819c96419effe8f53ecc9abb1c638d0daf743cf4f42698c10d497e714371c2c78b293c2e33df72ca75c4f998b90a473868c98f53ed8f448286b859d15f97b4b6802e87f2170db785ac72fbc40e3ca4684e282864a612c553ebd1ca1948bfea0769e283fa6ed8e2216714062bcf9059e36c3697dd9aee5af04c32980b53ea45e5cf150d3442ba0e58aacdfdeb14d6a20bed8351e1f2b17abdb988f50fbf4074f815d68745a04f2e7ac4212ab17a2872ad028e133aa42778e459ab306a7b6b1cef1f7facf93ddfc3f93908f1b21a13217f02d020f45649159822d69c818682368f0e59316563717a71fcf3c65c496d766a7d7fa6840377e9e93d46f322c1d36fd5275d97da2d9f5eeaee4cdd98e9d0c911ba7b21e47766397360658f815eff477dd353f82cb463aa5e1b9fc305d21e07e657de987152fd9372f4225a5b1231c4b680c9b8918bc5b10786c1660eb829c5f1096f7c4270dcef52c9ad70a3dd9b80e32d0a2c45a6a469e28fa75a064cdaae3e59099df9c3e384e6927ebf0f84df459d179410ce200dc8d9452923b32c67a5165c78a0b382aa9c2755e83834be0b88fbdeffb4841192d5c9480dfd52aaad7c928f601ebf48523775c20399fbaa5b6d83e5add38fea61e11491496e164b09fbffeab88f9329bc4526a076377a4d0a47ea223e1660e9dcbf562e505914b6ca6d978d84162fa5895299eb8fb8eaec40808fe6eb449333f62ac02b8bece9c708971d1d1cb6dffe416c2c6fae7c906678dfe105ff10cfe1eda88c69dcaa73c89cfcfdf92ef6ad69889b1d9984feb0711745f126fae4523f0e3d087978b127cc272033c9f3f1b0ac7e0ed4f3cfeb3e60b691478d9fb01b4158d22d1f64698d076aa830586aff206b3e65772b0d189e770ea239689638d0d935aef9ab8c167819cb17ad67a7e8fd5d658f4f929efa834be01e2644e36ab7c13930499a50ad46716274d62407635b97d6e6c19b1226451294b5e575135a8c972a739e89c92f698b043ed9b97d8b6d7e44522d462a54c10190eecb15f7edd14e3815eff39d614b50f015356e731f0812649979de235f19552bc2826e15c9b67ed40416ba164033135fee831df925e9baabdb846b5bf66855e3f8b79dca16f3bec23aa634606196a388f8e1b126f36618f685cb62065d30f6fe2b0a562a94591ee3fa981160e1481ee781c371cc7ee8c928f77b4e6d9b73fa3bfc479060ce1f4f0b68fd21d068d50e29c84bc2af8328817bcc3293afe6c78d4ee87c835097b383169d8017ef12eabd7ff4f91701088ace6da8a31c05e729aade819777203973c20f6c1611f8adb2ac10d22795c125db94b18cf9"})
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000b00)={"51959bc153b9bc25959f6305bd65dcb753a5634773a767c6c824440610297f50e72f8b7d3227f8507f5cbdb99208bae59de30dd80c130bb09462a4776d6d3e12107d31b5c03182b53db2ff16b61004f5a50af645ee99de29c37c3e0792a53ab33c411eb7ab4cbf572b6f0aff930ca2b433dda2cd546efca9581785440e0b8b7d96540e7254ca4b08e8ddaac174046d7e8bc626995e939e3f5a48791d7f7c2e470ededd5edb5edf0c2a218dcb215744f8d4ed00327b79a4944b9c725b9adee501d874844787c3be84e846c958dad700bf317e466bdbb31a11354bdb7f71431afa5038581f408f9fb4834f54c92a25182ca127821c341df1dbfdfb68da89fbf0874616aa34fd8eb090bd786a80c460252c6f923afc3fbec647638f55b8593310085dbe310b8473218f5e95207533a4e273e91ad644542f6ce2679008dae25f58cb1d2becde90e2f99d4e1521c082ff4d96b2116857fa11dbd06c432e160f3f92c7e533f2e2d7b279df484b7a06fbfc915064458747d0f60c1b77bc5699e44b12ed8747bffd28035dafb5ad21f41c50f35f67760cd3cc6b17180e31880e9ee65ecd6e1aa9403df2b733fa25af2d301c9a3c955b060edb8a583f102094645454abbf36bff972bddd076861e00d0000436991ff93ff05498265dbf5035d6dcb381f204cabb485825b99a2c8bcc2c1f17885ca5a01bd136edfa0864655897bd542b0af5520df2e77032a6d06381fa8e8595a1f0ab2ba43ca6fee390a33e75a5991e2d495b38054f4defb3a255c7793eca334e4d1ea3267065f8f4ac55fd733d6d72b20fc93b43cba33b8c58e16081eff2746258cbd5f767f4ddcbb337b866720648f9f2b4ed2bb10b637706fd048eb7cebf6e66d487b668a3f7842038c518a2f7b4d797fefc3b96ec8468b773475e8a19f31b0d19520cb1133b4f2125a258e625a6303dd992bcc044f2054cb0e483e1ea3dc03d8645f97da1c1b7bafb82c41d36bcfd67eb312b25a9ae284ae1b202871f708df9cd98c4ee0ba876080e6ce8cea56c100e50e0554cf958b4eb8a0c4d172fca2b15973451238209af3ea41d9413d1fbf94a9385f98724deccba7d321aad3193b859c56525aa81c9775097993ba86cd5b33938efa420788f4d780d48cc2325a511453dc1f5b080ef0318600dbe8d7079d841c2a0973f7a614139919290159ee04cc477eb0e85aac0eb6c1f6f0921aefae8d3c37f25c052fde9a349dfb4ac84590ff31664a117ad7fd9b060000001f8cf353a49e53ffd9abced6d72402852f12ef3694553317e9daaaae1c800f5748fa6a4edbbd73b1ae0ad10307331ba78db0f1161546f125dee01f8d98fa25577e47374a53fb64c72abe283e64bc331b05fbe3a966b65a4005b4047384e590265bd7b4523e693d0ea1dbeaddddb62876f1e1d1bfe6ae9a7f41ae63b8d0062500"})
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) (async)
ioctl$KVM_XEN_HVM_CONFIG(r3, 0x4038ae7a, &(0x7f0000000200)={0xfffffffa, 0xa27, &(0x7f00000000c0)="5211a94caec0953e4483c6af9d15aa09ac3801035549d6f48452a4edcbc914262a3299cc897395b9ab5429a1f8c5bcff64e957b6a8e55bd92688febc34cc10abba5fd8c43277db1ba52a1acfb0fc931234af402595551137afa73b58bf6d9886977dc1f5d3ff2f54851ea96b247d2e420568f3cbd5442a7cd02b899f921f6ff13a6cfab26908d04bb9d15bc2148cfc373d2f5986a32179f85004ee3971d0a6db3e54dc340af774e5a0fec0f782a51a12909a", &(0x7f0000000180)="63f0bdba34bf26baf427e918004eabade39f86c59ab7b91fb234c7000e1dcf670ed474fe22debb5167f91c1030f151518364b96ad0", 0xb2, 0x35}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x121001, 0x0) (async)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000001640)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)
ioctl$ASHMEM_GET_PROT_MASK(r0, 0x7706, &(0x7f00000001c0))
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010007000000000058020000000000000200001000000258"]) (async)
ioctl$TUNSETOFFLOAD(r5, 0x4004743d, 0x110e22fff6)
write$cgroup_type(r5, &(0x7f0000000280), 0xfffffeed) (async)
close_range(r0, 0xffffffffffffffff, 0x0)

3m20.090240712s ago: executing program 1 (id=4941):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x12, r1, 0x0)
read(r0, &(0x7f0000000040)=""/106, 0x6a)

3m19.891764256s ago: executing program 1 (id=4943):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r2, 0x4068aea3, &(0x7f0000000140)={0xa8, 0x0, 0x1})
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f00000000c0)={0x0, 0x0, &(0x7f000000f000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000010000000000000000000d000000000000000000ff"])
ioctl$KVM_SET_NESTED_STATE(r5, 0x4080aebf, &(0x7f0000000340)={{0x7, 0x0, 0x80, {0x8080000, 0xffff1000}}, "a9cbc4b723986beb2541731c8831607b6ee747534f2610e68420ac50bde6dad58d04aad3777f18b4f168b3950653ce1d7740b6225b60f102dea41282032f21c3f19760a59ad876506e4e939e80e92248edfd8137e41621c1a490cf3cbb0502fa6deb4cb0efa6bc813cca06ed4828bafa15d1afd8ac82b71d1a7b410eeac6a6f31e4995b05d3f93bf80a053ae74958ed42c6c4b4d0bcaa08d3e6025a166ac6f19973f974613e0d7ca52d6a648ed23fcce9f475faa3e49d697324fa1b2cdfef7deb66a190e9185a90f5c54c88895af1a61f8c0722f0c0bf9835d8910449682cc5551ec995aec222238bb28f41ba7f99f93b785dd2d48cf389f27da125b9c3ec7f716d6b6b696a93e625f0e17b4ff3bac5eec8e2dd837254c16d8c9b2a773ac70b8dc7216980fcf1db0cd885a6f3379dfcca516b0b5771d3dfb2212fd569b8f6003dcf8478390e14a5bf73eb1a61a12ce20ea3f5fbd6d9a56a4adf6043190cc7d559e7773668d0498f6c7438917d204ed2ec53da03cc744619be3785cd8cddb678f8e90965f22242bb62fa3590dde45cacad3852a54154a90d7495cc4cfbd7baacc19604efd864cc76a7e867cd7403301f45a3ad20ed8edf412e4aae5f279eada88ee43a436dd3b1f37098b7d81759aff2d81e5593535d44035fdcbae0f45a7163c06b8ed7da27a03e266947d7f11d9e1600f1a88b99643a0b99abad360b8137415f7800f8a5a16ba306778733d5493cc73d0aacebe1cc4618847bd620034cb617c55e47ff8d8000f52c25a6b3e9272c297e6b30bed370dda4c2b56278893a4faefb28a87c40229d3f80814e128eedb7050465e1e00547a1b77ebaef78355d9867ce521138d63f147ec3de6cac38d9eeb1d167494466e00d97a32701117bbe0f95304970e632b9cf8ded044b3f1c01326095b422678d798a9c5f8ab05f4e6549639186723aa3d38927ed4ca94a9e6de3c4f5ce99d090389473455cb366c7dfcb43ebe60271a3693e80ae4948291753007f5032f518ffc832f3e819f3bdac1085a80cdd494cdcac4a874a14818b9dae534559c2c5a542a12949a22fddb9060e8a400f96512aa8eaaa6659932dc8852f5709a808604c2fda229c79933646e36255948baec6e0c2d4fbe056628157ba456603e5cb45761b5aa97c0daceb3e6d7a192d109847057cb4322c9c5e62403c921e9cebeca77d12c3ed05f5e131e3c00d9070618872ea8a1f05e4598c98739d3a9245e537ed992aa4eb8a571e4c7c0dc797f91e3258835f9db1b6501edaaf38c9fd4d718c743d30b6f1e480ce9408aa6b894055768738e3df843301d99b476ba8d30f6483022ad7fd50493e600700ef1b70c72f607feb0df9898b61a38f4f59d23779b7af4a5b5a0e7379877d8c875d1e47a9ddbac19208cd22e05f729a9175b9bf1c96618d63585204eb5ea29e0a0f17c12219fd51bc462dcff6d3ff73b64d2a5f7ebe6ebdefd841698e909cf1018a88afefc1802fc97c22a240f20ce6938ae6b2224f7ca311622695577f3e4cb8f7e87bcf5bcdcc5311815bab1499465f687903b4da5693c83cbe13ba3d94f413bbdf9886241fc1f0b9ea00e7b2d1c2fe29d8921c56919bbfa091d4542c590a18848256b7eca92114c5542356bb15e1cd59b28a5d5b86bb92c30e88ea6edc6efd3c685a7e9b840b61f445bb57d670d3dbba61da442fcdabd4c14b9dd6543aafca5bea6ca16c00bbdc0999cec79272dfd1de86bea7d830ec2deaa339c2fc57d6490ee7cf3bb4e6cb4b8dcaa4279bef0af601f96dc25a3cf926eb6c5eb9529a266e1a9d96fbb5e0ffeb472d40e3853f42d69e725d2dd570b531779a09a5f945a2dce4ddd898be60b9d38f3c305f942f8f8a3ee992de01a0d6b3db1a4174b770681d2470edd2319a9b9d04d3cadd67583a313c071f809c89134b2b714cb2d7247d4d6b5d794302e9408e946bf1cadc767a8ae918a6608f7d2dbb2d825e949c823ac6bda0c46dea864c83222f3c7f7ec020f3a6445f3762dfaae5a28c3857053b2548d11c9b9f4af5366b43012e35d14ba139085493e95ad24bcc92b835f3c72ff762fcbe3d04ee2051e959a9e680f51425d5eeeedd99767fccda20b44bbbac6989e1d6f70f030c2530b83923fbf27fbf24f62ff7a5619b39b338e165dcf66faf6092edd19216fdacfb8eb80bd7d8a7767f538c3021e20f498c8e456bc32af1157b5988950caf1c478047f132c01f53c12929f030e9d78c284e64a521350d72748ef214c05f4c8d2e47384c3cd29c99a2df1abb2e8ff5a363a488feb119e8ad5e3c39a4f24449d00b3772090b499e2c65b50a3e6ce7f1e2f2bac0ae5e58147d1d6887617ca38d12b1cc9a5e3ee47539f40179136698acd9b9e20a4f85335dcb19d4ba4a05bcd84b27a9f1897ab8f67abf78ba3ce4d87b37c129562d33bb0836c8fe830c068e7c8b6728ed585258c7d82b5c407d0532bf5ba60cfb0a6e6f3aa44bdf3bb7ac389023c3db4395c3875a3496d85640d423775d8ac0c4c3ab1831bdd785a5ca0ba2073bdf6970e4b63718944603ab32b83d7c73af090c3a941561a76f08e2235e1ea8a0b721cd6a73466664c411c33fd1a3e46e580c77034cb09ac38b6d1824f642d3354e827b6ddc0ca15c3bd7192882eaece388d428282c859fed7d280e5d81cd0252c149154e2038a3f2535781dc81d7221278c21ee819fb913fc8d97e96f3dbbf0b2cd63a0ceeadec43fca7a760f45aa53de97597b4afb3abf5921125e9f148da377556e6de1a62aab6055b10c1698649515e62c572d62d901ae7fcd417b627db64785fbdc21f0e978eb143d7abb2771de9a912466fb6e6f55a12f209e131732d45a8293f1a36ddddfad54f857016e3ab7fceb97ddfde1a8c8569dfa972ec636e7c93e603d5e1d0e98d6f109dfa6df50ce987abfc291aba0e488ba8f0596fbd1bacd58862b611250a85cd34e7d100f785286d815281b62ef2dfeea5e8ba4ee4a019af0ff59b0f4f3049f8718d0fca57de1cf88763d13ad26c50cccec4faba99d899ef079c3400052d065cc0a44e8f73dc5bef5f8681015b29c96dacd026d920f369a2b0c341b8295f5268e2d9bf80df2d9ea1017b5b41ec2060c2fecc67c040e7c37521b6d6174c4d4ed4accc5479f6fc4ddc0e45a7f8030ff8e23f000315a3565498d07bd0cc6459f5cff23b40ffb80ace2f48fe0c1a337bb4f748bb8c057089de5cd727b278b45d84a8f7df9f898b3cef2ec319b032f888c4953bfe141c8e4b67ab3f95fa133790ea17b27be21c9478da70641265045e81e28229a4dc15f59c2f18b1b9c082d1154bc9565508fc9419912b48f3b1271609006399a844f6ccedb6323ada63d3e0b340fd07cf9e3b98b1d193bd76796c2a185366b25468017d28371d8792eb42304961bc9c1f4ef4025d2814837dacc9f1d777bfeddb30eca1cacd9f5b6619c4000252ecdabf7107dff264046c111c6f5767e3486c37ec175f52bd3460a7ad49e35bb729ba76e2fa5e117c49b750000005e0abf56340740b81ea37c5df26b7c885cc5da412cf4e9932e2561aa7945945dcba0677786c9ea9b9aee47d73454df82048f021b30a817606c96415c22e1e908316f84aae52e050e31176408d35ef33091618df7d38d22bd2b626dc138f423c32362878c8f6538dcf0b96c4298668d4bb35773c952bbebd4778c964b0eae8eac9bef3469ea5da890377c500ea027180f5308585cd7941c7e3305c32d610de49b5c1acce6c285d88a99dcebb2b5972a276d416abf25b44c1712a43d3e30005a1535553e779c0f72ff519d2407214c02e7020ca479e93c3fb2b867ad73e69ba10e92f329cd54c4c80d227d0710cf384fd9a39d4c4053afce6d1e93b47137843d149e888bd868b1b2179c1fdd8291d15724db10a756300209ae4a2ed91788fe9f980af1bb00d05a8fe1a020fe4bba91fb487c8ea674a6739067a0a86b7f2a4fc141f6c864f065fc6e5effdb5a1f1d063c6888626e13ced52f3669677dad96da1cfff7d700e9f6f74131b8ac0f4fb6c8d5fd675b1ed6001bba7dd0e95567a6d06fe28e756609821312f4725c5909c6353ad385e57fb162e2f65b5e2a0100aaa356a19b9c5c183d195d0134adb8bc8d03415daafd95f3a5e44f201741e22dd905dc12469664040ce714a5d9042f58db392d6c6af1eaa4c82cd9b4996252b44334be627708463ffe52a80d8d1c8a5b1a23f9c68144c4a6c6387e542b3cb9de7765faf05fda086986d3c6a1f0906b2ea0eba741abb9514ccd57f2d8ea1d67145c5d71749b560f85093ecc265a24239078253fa0bd39bf67f8e1d78f07e167c05d808771c7b0146af368e8859273ef76f9feedf7fc69640b5e95a25076c477338e31cc9a7348b8a31a0f8d4dd9e6c46f18126279c5d1192ddee08a7057195689954b26a19dcfd2a59febb6556c18c18abc85527372919196b29a737f8bb3b97bebaf3e6c43099064e067f12772c2333be19dd4e803289430a660d68963a26ff1b1c8c664c0318a2558dec140d984837a936651906ab960b6bff8bc8b32704f3e0769e6c85c9f5bd50270bc1030ea71f2db5c43116bd0641ed31ab6db12514aec68febe59e04d2b872c9fc2173017ee6e75a18d6832c9992d1ed2ead9452dce9b2efa01dc97ea31ee5c3f5743760f2589615f45738140d0f8c148f1858d0897094a34727493e607132bc1eefa0d0ff236f9ac5a2a0f0bf06719c1d5061846e427fa36138c808741ccbd10ad3f6f54470804e656a8ab1a9ee9a523bed87cb2fd4d6db8aa6d6b80d1e9886dc12b915665101b9094a22f44437918005356fed797ebd97ec6493bd681f69321f9735ae6d3d6822818c7cfb21c5f3a0f9d5b8ef070c916fe9ccbbf04128a27e7928e3572f125b986c52ec0de078b40135b922a2feb294b0349df06d1c3e2c9d2ed2ee88b7a1673423c6baedb51beb8f8cb1b3b986d1b9632fedfaec8e9a237311beb89cb0dd7efaa5b68537641d06b7cbfda581344c87452b4d3fe96cea6143378c4dd7586a9d55c666cce828ef91a35f3f0a5c9c369bd20c1bc7cc77fcf316a567fa21863b12c43faf3b9588dce4caa151937c6ee699cf49dba041775773ae062c69783758513a178bf46d2d40e24afe8975dd768a466755af2ffbb9fa728724a18fc9f427672ad5867a72ae8caca60fcc90cf817c291a2025b5243ae36e200b5e5c9ee4e90eac775c3b29fe1df8c35716f37d11961084fc28b0f8855376ec85d7741535f88db7977629dd832f06bb258e9a88cfc8671df2763fd9383a777f768c7aaecb9a7af9e76bb719767767c3d5178e2a10765c6b2ae80753f403125a9203ede6ed44eb96a1a010842f88f020dbb7f8df8bcbea0b60f1b99dd9b9aae2dbc995edc8ed82ec5e21e8d5e4d8d9fd0bfab342db38d12bb24c20c2a579069d74624db16bb9ec501312d8de0e653e9e74668d0ed05ccb0eb99db410c0000000fc246302635630b295ccf849e45944a25baa7f4651fa37f147e0fa977c0304e7cf25fa78260ca03abe8dc32cfb461f019f7d82194a98daae521ec4eaf3e138bb95b09d8ff2f106febcc126743abc8f8b707cd2cae1548c6fe54f64bf46c9ff03975e0c37eda3d485ff76ea5ae71fa5a2ca0d9293ea0cd4186e6e2e26fc2ba5e2cdde9400d9c1717058157a8410c9cd7ca4e679f41d8932576e7b292f28dfb9775b0ac5eb5788a8ddf797e32919e7a41c305af2e4e37eb4d5600", "1acd2077949cf1f27e1e764566e4cffaa168dcad09bfe7c84a06d9db78a4e8f0504116608cffa736ae4427d04f27d39e5de80f8935f281bc483252d1c4e0dff576831d8505d3cf34ddc4f4760b53ec5182b54b352dea1b5975eea9b6bffd5b66524559c7c3e9981d7a0ff5ffe6814c923871db66426d98286aec1debc56864a4b29ee5cb46989af08546d6d1a5d9da45db7d8abea1d392d0c668cc040da5d129ddbbe6a95a7d9e51a13328ea3fbd9ac81f03914ed9d1d2b72c234093a351f7294556996ca5459d796cb4127a9aed8e0cca398d1b5af6eae257d02db91a61d49a5677ee9c8caf1855edd2c25b9b3a9a5174d2193108e5e87d781780d9506a890687c80c429f3a46028ed71364c4b8d3b2380b38d2cf7e447dee058f556dcae2627e49dfd316d169d382f2b6775233157f57c7be54b105e2493e140ad97ecf9c12df8f0db9a973d0ef9197ebbdebc5e822ee06852a408560c7f19c65ab8527edc9ec1d6378f2c748f7e84d1d6e98de8abab3e0e42a866e1ec5d00822b124a98d77e9c8dbb3ac6648afe409b21e1cf2f5458a0588cd11af6887f552f6c16a801abf2594eb9a80e704b8053573f661dd29706e71060b630272037144b33d684f66128950510d4138785418f726eb7c7f84c7dda646b3647d673122f95ef89c863c3d4adec4477664cfe911683f19862cc918451f70a6a359dbc66b3599c0af91858ebe13c253a6e9a96758955fdfd1be103777812339e3786484a25b18994ba69b4275f26a64afb9be5219061d94d7c472236f1a20a9217d70abab15182c5f04c6080d535e34045d6497c1c8a2ea53fc022eb159d0d1be59a21f277ce441f3c5cb03ef0e7e1ac63177dfe567e2cb9055228f32c9ca6d38d99093fdc129951380cedafcca40712a2da5cc0af8d872d8f848ea5ff95210a52d2390e236da76fffce86cc8a78a8ea0e1e4464ceac9021556d29d7470ca19849b417aa6aee032f3bd437cb5c839c9f5fb20ec1367449abfb5e19f8365b7947bda60e34136e2eb53e0243766c2718d4bfe6eec77f8ca04d177cc17bad59d651a08349651de6d4dbf5856a6d42cc8cb2441ab7dfa9420d87d4a5aa5914f619b2478a0d68a98280231c8e7558d11eec87e80f2d039b5d6b287d9b3667b020dc45b999b162247bf38f5ac5fc99b5eb6ac5939d35d7d6e71b366f9553ada2784671aecdbdcaf42a2f254dc0289f7be9c6f0c045b30f63ae1a8fac778030f27e04e980bae66e474bc4f9572b8a0d8119ce13ea2ad1285b3397bc929ff26a2ba1ef2760c77e3e114d15742740b27796cb2fc84761db427cdf3c63be71fd6734ed2cb1300a8d5e2b1964f2a0320bfbad8e9bce0cd9329c8c41d79107d77f65c99f3c03813c1f0f5351869434c2ccb685f1863fac38a44ecf354ffde4926ae3cee90833db386633e6dba3585ec36f1aca6701d4d1fc13ac1c5d4cf2ae8c8c418da372bce96451dc2add28828e45ce3f6e35da3d49dcdb8ceb084a581b68fc5fcd4c45246e6b215ca98ae7239c317fe45404984292a83ac7e62614665bec4a5e80b055a0635003e93172e2045ec88144d9d7a2b50c45333720e2273b165147a0b1af77fe87089fe8c0fd32c4e950aedf6798c9007575dc86c02089414089527baf9bbbe5eaf4d58289de0987f8f310d7900ef2350daa438ac83ff255344a2bc814a3e7055269544310b0fe78b07eb0ee5f16899fc8bdf8e3cc47d27a44c93528885452195706091eaf15930f9df5874c19d0a1deedde0cbe9cda7f0618c378bc4ba6fbe911d546c7bc76954fcc6b5ef56c77d306421f9d24e0770cf8b578aaa6276bff4b98e9968e9a1f8c78c6d647d8c52a42d27ee8359840747913e0983e049ad77d87e35800eeeb19cd786a5edf6886e610f51b4d2290d959c7fe906dad2d3e2a5648c5ec0d48becaf209fbb6599d1b0d6299cb2b2fad3b3efac6ba0911a63ae399fa3f19adecc9b10533c99bba28bf9e37600db41c2b463c25b0602fb86ef043ee72aa26e7f102c3afe4073d1318671a514f8320dcbc699514792d5c90c34fe6809102cb6537a4e76530256cd997a1dba4a75b1578c7f12b409af040afa35c54001a4abf1c402f91413995ced6b64256684c34283e644246d235af905fa2edf8f802a65c1c1e0ba24ea656cb3b1f876b6f335aed27c3a6e8da53b1b9c283d299390310df6dc84e5569ad3ac1744824b329fc24cb8612c061b09440464c1168012dc40e8df788f9c708bde6bd4eb3f6111729b08796d0243b07a21ac542ae418f19ec3d7171197c8ca216b20f786784400f2834d98819a5fbbd909677f7d7309dca5c0e2cf74a8a53c1791c78488fec0520d3c71a9698e5040920acc5eb7764f4c295cb2f00b5a62d5fc1e1d0040c639886712ad4fece171739fbc0519b93c8bccac49f871a0e2f5ba97331be916aaae29b8cd646028629cc227b916d1d8b4729da3baffb0e39b533e039eb9f10073c156485902745ec60b8d281b2f84a8651fe4c533119bab8424bcecb28c067ffb1e03e05bcf9d6d44dfe0782e072934fc36e70b1acbf30387495618ac2729811aa6c2901b109b33a0010cfbe666fe9fcac86cc81023dda253863714e89c78265e219d00ba20b3c846368dd21816f699a6af20a290f075f4346b98ad40d69caaf2614856c0bdaa661907975679f5cb5afd3738ba811db58123922647476de50ccf17360393433b547bf0377b2115a7cd357699d043bd80981a2a28c638f7c2e725d85f9edd2fdcfea1f7e2bf02f9f0d4236c9d14c6d382dad99192125b219eea6a13b5685efcf34454d2a12537c5354dc5e34ecda968422cc472f0fec174b95cd298e89e7efbc164465dae45059a40e104b1a980ebc781848b0109ce9cec600b190a34dcf741dd6145d56c4ec27c983a7d6328130c122217bbbb33e2cffba1a352b6805dbd715772153b53051db7215f475ba8673b0dd59e2db414a658d3d262c5304d300b930921c7c0a9910eed96a705eea2c8657be193836a20f23fcbc8ef105ca25551626caf63c511d3c9dcffd9d485f27a63b6992e4b6fa26b02903a4da52fd7fa06397fe2883f9b6a4cac2ffb8ce1f476ec72bccaf0ec7b16e6f601e72f46e835d9bc2a82dccaa449728d22a7ff17772276f54073c66b184de0fa7f681823dcb7603a20aa94b76a9b7adb9f11f447b8764b2d719bea91ea32edbb4d340d18f18b3f53d1d07d0405facb202c30ac1ec145516e071cc71c59cc6205db061a8c19bb2d3ab463f6fea1c6d3b5a69d96e5b67ed569e1c04cff6c9f69ab9343e9a71bf6776d3b84b47de2ecf9a0d45515ef5a3b5c6d55f2c6543ef2bf0eb795219da3026ab06c9ba9bbdc30d5dc7c3782a9f58141a63f8d4683ad5c1d156c92c508cefd9702e9267263e34ff96800c425f768bd204466f4f9badabdfaf35e1a8096150e8afeea3a30586b89d1002f041612f8e81de4dcd268bf538307c4d28d1d2ae1af979f3b02017ebe942cdc8fa7964fe978254eb15fed7478e4200e381409486d37e0205c597b5ec19243ab547da051dee03f18e079af60dcb2095fe86f292a4b4bba8682ed8b220c0b48958882aaa7e93448bfecebfba6ca3ef28e0752080cbc9f752d6da814a9dc5bc552d9fe73b8a1df8eb0158df58810fce8719f11b04c4e157ac8ae3692f825a4569ff859273775c45eb999fff7a47ca461b2fda6edfe8ed8371ed29c4f7499448cfff0bc47ca1d8fc9eb35f79db389781c36e89541b686edc21f088463b2d26fd9b650eaf5ed1cda0f00040000000000009b0c527ba655252f77b77c2f4cc0f7741c52a57629fe511c5f9c17ee44fec35da363f5356343037b2705a393115062719e6bd87bbff2472a7833be6d2270fe5ff4cc9f0439a53adb91fe1520ff4841c120e80c99fcc2d0ee794fa8c91dc9c4227ef9f9ac784ce41abefa69b84acb285e385b74501ea137be765172d90738f201497cb7c992dcc2f17341c9b6a0ef3dcb14350669802e3295b5a133142df7bc5645bbf222d2da033ee4cc4f225f248ad88782945869c29943eb6498c87c2b125fb2d4067118c2b417308a1703fd9f48c48ee2a9c5af44df473e3b99b8a941fc4967060b4960864bc97e4f2bf53e7a5c2ec3d47e7bf8345b56a4df5f84d0523c1b6cf9399110e393474b3ece22c4923f531ff12242d5e2b293846a7ed06e3e7f062cb173431a2b680188fb46d2cb74d4a0d9dae59e2be485aabbb54c26406e6e77de3031e049bd8a49139fa62151716a665fb9f1966cf6c57f4185f7cffbbc43341f3b69a3ae0a4dcfd9b37f0035a69ac552830f0ca56069c8f69162280bced2ec30c6789f32cd38d7f97953f0989b65cf90f01206b20b0111a3d22f3d2f85104b03283f4fd7b80e53f20f1c91d5bf3b67aac25c4300b3191c1f5d7bb0fe112deac0f6acbea3b57c20c5d8f0bad48873a7e7347ead5a4d0b73041c86bdcd3b91d6cbe0ebb5824fb90cb4e74f439505074f236679c4ea4015fbdf0c44b4063b62cdced485cbca0eae2404da7158a974b7dc14c5207107d5424de14a35739f68f3f151c6de20d0ad19d06521baf26ab2cb7ff7e8f83d60a9f554367f99fa5c44910b886e1c9c2418a7a4b33f19fff9af4724c7c8251ffc24cc4464b8804b6704bc0572b23498ec92263d37bdb54490f3316087c5b192a20027ad6cf1a2c3fef8043e2847b8734fa8dc91ce992474796e3f71580841379279f8b10ab8e6766196fb5a9b2ff44cabece6930fb9f32e867047313410c13b11a8a788a29ad93a5b9ae1b960a46fd48fe5cdd7168815c67b267065453547cb60db74f37238b2f7f3c78abc249ffe118a1d3e7eb5cdd326ad0a07a50bd24a6be4b5e56fade7fb7c3b515b4d0b16884c9eee7ef9c82f2ea4d89113e950622cee8e63519a899da3ee83bcd369b01b373934bbed73d8f94e3312e72d82d3fb8b8e65b0f5580cffda633467fc3285023159c3ac7273a46275d874b87254df07ea15d0806f4b8312c4e95235cab31e015a3603906c188233db45dea658dcf694f5097a9e26aba8b58e248210fa5e12fa08cbbe0a01afa9b2c36d38d298dd180ee6e358d45397471bc064e2e8e51da189e98bf41cc30b50b0d937e8cbfc5b138dc66143716b27190689efebcaa5676c9eb370465f77803b219b0ee1f65f343d70b01435f9adc46979b121944e13a02cbdd47a9898b26d6cc5294a9358971bad37a6b01d8b2ee251e50b02acbd560bcd4a212124f308d87eca79d13c77b90510675989ffb70a9d5643df2db6067bd4e0fd21d0a40b84177279587777f763bb9e2fc99186402ff1905eb61b6ea3bef862beb10ede1fbca93f5b426f683bb72099ffc61c99d8a7527fe9167b13d786402864d2b4237fa47426f46b6d5e0911de793f73610b46de4e62b8a67aaed298a9a2d5b5c5b7936f8bcc62a8f9d64d8ff1470a386974b35f382f42ad1fb2c9de214b35aa0afcff7806d7601ab9142a0dade5c7a9e6b0c16027c4d0fc413ba5d16f0d4826b3f469afa6e5ce4a19e21d2a2c2c1e3055706d0ce371dee59a06e534887cf5e300bd118b7c5e8eee2a8fd4bf6ca96df566f49049bd25533c8ae08eb2334ba183529c041f3d9b45139173f3ee8b1b8f8633c9cb7caa735805d56b1e3119a97f3ce86ecd8f21256c0a5a54266cc00927c881ac18fef64f25704b3f01b4885a9c4053aec5bfe5be638563267548cacbad2a95c3c48e6a913bd87ec0c489c236214b650a17d27081ae8def0d27c0d6a25553601875192d11c9e3ef2a3273c1f9b079"})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
read(r6, 0x0, 0x0)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000180)=ANY=[@ANYBLOB='defcontext'])

3m19.267774296s ago: executing program 1 (id=4950):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x400, 0x0)
ioctl$BLKGETNRZONES(r0, 0x80041285, &(0x7f0000000000)=0x20)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
write$tcp_congestion(r2, &(0x7f0000000400)='illinois\x00', 0x8)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r3, 0x40189429, &(0x7f0000000080)={0x1, 0xab47, 0xd92})
ioctl$UI_ABS_SETUP(r1, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x3)
write$uinput_user_dev(r1, &(0x7f0000001740)={'syz1\x00', {}, 0x0, [0x1]}, 0x45c)
mmap(&(0x7f000087b000/0x2000)=nil, 0x2000, 0x3000001, 0x40010, r0, 0x2000)

3m4.296268104s ago: executing program 35 (id=4950):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x400, 0x0)
ioctl$BLKGETNRZONES(r0, 0x80041285, &(0x7f0000000000)=0x20)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
write$tcp_congestion(r2, &(0x7f0000000400)='illinois\x00', 0x8)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r3, 0x40189429, &(0x7f0000000080)={0x1, 0xab47, 0xd92})
ioctl$UI_ABS_SETUP(r1, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x3)
write$uinput_user_dev(r1, &(0x7f0000001740)={'syz1\x00', {}, 0x0, [0x1]}, 0x45c)
mmap(&(0x7f000087b000/0x2000)=nil, 0x2000, 0x3000001, 0x40010, r0, 0x2000)

1m57.391430634s ago: executing program 6 (id=5997):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x200440, 0x0)
ioctl$PPPIOCSACTIVE(r1, 0x40107446, &(0x7f00000002c0)={0x1, &(0x7f0000000240)=[{0x6, 0x5, 0x9, 0x5}]}) (async, rerun: 32)
ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000001fc0)=ANY=[@ANYBLOB="96"]) (async, rerun: 32)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000}) (async)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$uinput_user_dev(r3, &(0x7f0000000a80)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1], [0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x185], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x45c) (async)
ioctl$UI_SET_RELBIT(r3, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x2) (async)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x1) (async)
ioctl$UI_DEV_CREATE(r3, 0x5501) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000480)='./binderfs/binder1\x00', 0x800, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0xa, 0x2})
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x10}], 0x5b, 0x0, 0x0}) (async)
syz_clone(0x2000000, &(0x7f0000000000), 0x0, &(0x7f0000000040), &(0x7f00000001c0), &(0x7f0000000240))
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r2, 0x0) (async)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000140)={@ptr={0x70742a85, 0x0, &(0x7f0000000080)=""/33, 0x21, 0x1, 0x25}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @fda={0x66646185, 0x8, 0x2, 0x40}}, &(0x7f0000000280)={0x0, 0x28, 0x50}}, 0x10}], 0x0, 0x0, 0x0})
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000140)='cgroup.events\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000c80)={0x2020}, 0x2020) (async)
ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000300)={0x8, 0x0, [{0x80000001, 0x10, 0x4, 0x8001, 0x5, 0x21, 0x200}, {0x1, 0x7, 0x1, 0x64, 0x6, 0xffff8000, 0x119}, {0x80000001, 0xe9e9, 0x1, 0xff, 0x6, 0x1000, 0x81}, {0x4, 0x3, 0x4, 0x722fc578, 0xbd0b, 0x4, 0x4}, {0xa, 0x10001, 0x1, 0xffff0001, 0x0, 0x10001, 0x7}, {0xb, 0x8000, 0x0, 0xffffff01, 0x4, 0x6, 0x7}, {0x40000000, 0x1, 0x1, 0x4475, 0x2, 0xd, 0x6}, {0x80000001, 0xacc5, 0x1, 0xff, 0x5, 0x576}]}) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x3000008, 0x12, r7, 0x0) (async)
read$FUSE(r7, &(0x7f0000002cc0)={0x2020}, 0x2020)

1m57.122674318s ago: executing program 6 (id=5999):
ioctl$KVM_CAP_MEMORY_FAULT_INFO(0xffffffffffffffff, 0x4068aea3, &(0x7f00000000c0))
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x149002, 0x0)
ioctl$PPPIOCATTACH(r0, 0x4004743d, &(0x7f0000000040)=0x7998)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f0000000200)=ANY=[@ANYRES16])

1m56.955485671s ago: executing program 6 (id=6002):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000480)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000640)={0x4c, 0x0, &(0x7f0000000240)=[@transaction_sg={0x400c6314, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x700000000000000, 0x0})
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000500)=0x304000002)
read(r3, &(0x7f0000000080)=""/203, 0xcb)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8, 0x12, r2, 0xd58c9000)
r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r4, 0xc0603d0f, &(0x7f0000000040)={{0x0, 0x20}})
ioctl$TCSETSF(r2, 0x5432, 0x0)
r5 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$FIDEDUPERANGE(r5, 0xc0189436, &(0x7f0000000180)={0x5, 0x5})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_GET_FROZEN_INFO(r6, 0xc00c620f, 0x0)
ioctl$SNAPSHOT_SET_SWAP_AREA(r5, 0x400c330d, &(0x7f0000000000)={0x4, 0x245})

1m55.957035937s ago: executing program 6 (id=6010):
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000280)={0x2, &(0x7f00000001c0)=[{0x9, 0x3, 0xfe, 0x6}, {0x2, 0xb, 0x0, 0x8}]})
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
openat$snapshot(0xffffffffffffff9c, 0x0, 0x481, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x769, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c1ae2008448e5750c3a3d5733b4a2486788550e6353e9b12cc09750d5b9dcd2aedba61d0520e99a51e880d3dd78a2b502029deac1860cf50885f8bf5119491c6b1e06492e98ca64e5e3"})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/binder1\x00', 0x802, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
close(r0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/custom1\x00', 0x0, 0x0)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4, 0x1010, r2, 0x4f6f3000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000080)={0x1, 0x0, [{0x176, 0x0, 0x2}]})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/binder0\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x11, r1, 0x4)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$TUNSETPERSIST(r7, 0x400454cb, 0x0)

1m55.76379569s ago: executing program 6 (id=6012):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)=0x10) (async)
r1 = openat(r0, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0xb8)
read$FUSE(r1, &(0x7f0000006880)={0x2020}, 0xc00) (async)
read$FUSE(r1, &(0x7f0000002800)={0x2020}, 0x2020) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) (async, rerun: 64)
prctl$PR_SET_VMA(0x23, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0) (rerun: 64)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000000000059020000000000000100000000000000a3d74128a66e59c0671f4f202a6876488439da6fff70d790e2032bfd89a00a453107a15650a17b354916dffc762a0cadeacb3b1d06919f02a23f7dba9ae8ad1f3d76b8082bede16eff9c9b3ff01472f1ed97015fe5c5e352e2d5e53ea08eacc5faba1ac54178bd73bc0b8a014603411de7135795d883c2ed261ff535e77263ffa6cdf3ad5e84281cb5dae9ba00a48ae72647326b807466946cfbaee323f32875f7905a5ff25ae8ff8d449a0912e5d5fca59a0ee9"]) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r5, 0x0) (async)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r6, 0x0)
close(0x3) (async)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000000040))
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
ioctl$KVM_SET_CPUID2(r12, 0x4008ae90, &(0x7f0000000140)={0x1, 0x0, [{0x80000008, 0xfffffff7, 0x5, 0x4bdf, 0x80000000, 0x4cf8673d, 0x5}]})
mmap(&(0x7f0000ff2000/0xe000)=nil, 0xe000, 0x3000001, 0x30, r9, 0x3a0e1000)
r13 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r13, 0x4068aea3, &(0x7f0000000240)={0x8f, 0x0, 0x3}) (async)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000600)=ANY=[@ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000700000007000000090000000000000000000000000000000400000000000000040000000000000000000000000000000000000000000000000000000000000007000000090000004ac200b08f2f815ee241759cc7000000000004000000000000007fdb000000000000b8040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f38538722ad8154feb12680b890000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000600"/471]) (async)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000400)={0x10, 0x0, &(0x7f0000000300)=[@increfs, @decrefs={0x40046307, 0x1}], 0x0, 0x0, 0x0})

1m55.76286921s ago: executing program 6 (id=6013):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0xdd3)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x5, 0x9dc5, 0x0, 0x0, 0x8})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
close_range(r0, 0xffffffffffffffff, 0x0)

1m41.3442926s ago: executing program 4 (id=6155):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x30b242, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY(r0, 0x5000940f, &(0x7f0000000580)={{r1}, "1289887a96aa163ff6c79657a7de04fcaab8f648962cb51236fcc46d108071014c36eed1b455b892b784b230336e393d1d53521b10df32ee3eed688d0a22afb772a28f1f97e224bef2f9d20e67067cce493883483d049f0bfd69247a31c5527e5e3d4ca570e400c04abf0d9611928df15a333f53b522bd4422ea8b89ee5c61b8a138bfc717d92bcfad5df6d488014b338c3bfacdb9c62caab38d94fda8e4680c5283c2b67ea0abfea9d89718f00660ce9f249388ddd6853a7ee44a9ab6f13cd01def5c97ca6766968e3a7517d3dfb38d9d160b0f264a32c2d48ab39fd600964aebc8c0a0f5783ea6737beab66e80f7d0eb4b3771366af54d1b4ab6e5a4032daa4d00eb94a8e3f50bc77efd5837b1eb748c5549fa77c0c7331b04c2dc255e6495a1f12b912a9c8eaa02c4b914e8788b50462aa20c744332dc7604f860cfaad11bb8e51595d4e993f5b505405e8d014db2791f750420acc82dac84720de470cd0a70c1118bfae1d0b6db7ab97bd2064cc9ee55c81deaf4e4f66f229b3386850992c0b36899a0d024fd44f81e73992dced15f6f5b29530a854ea0e2cb45bc98bebcfe5176e679649c08abd0788104e6bcac9fe09176fda3217fad6efa04fb6f3523c61e709661e1f4ca9496b0e7ca2ad23c66e219919714553219d99416f1fe918d796d7aaec814cdabce4ae6a9add9e5acbe91cca59ddad6c726a16ebb0a5ee45c63bd55a53eb8fe946a7a2458f156cdd40648a38e3043c873aa396d0e9dc52f235e92a031f3734fc43029988d7485dd992084017f2e3c3acbac11170d01530593f8f09a132ae479d4b8f4ea46703cdfb0fa865a76ec5e78d394d5e5e8eb2caf5f3c019a0baf37ecbff443dc1aebe86d77c3660aa7b8aff307b39fe7cafb43089900dc277c72a3879c7b2153cea1c0c326e612cf7978d3be63eaac86299548e54074ef8ef30c78c9784873f0324c386607f4829ab4eb19709a71cf4aa94657641aeaec85025bfe636c3fbb040c9688609057067125b81e2617b41f1f9e432be3737425aa306bc2e3038f10ae1d173c311dc9733b3475f5bf803863478f8e15e5373080474b4549d97fa0beba5fc16b2d8380f645327cc4f37d78b414da492d27eac362df6df597d956ae1f5141ee5152cd396aa2c67c2635244fe3c96e8e0bcfc962e024f6f76ce3ae4797c7868df923f0de2f62d07d1f31941e6fd98f499ee72db1e61b0259e1694052912d1c99d6a03cb485fc12cb766a08c4b71f01794f7d0e68eff83544475af6cc6cb4d04287934ec3a2e99bc0a47ffea17382227973db7b0cfba7a3630cc874682b0b132be2fb5e5fe9f4afa0d5a575fdbb81d4a31943d7c9060e9495bccf4b142b4a1caf93215370b20970f740f4d28fdaee8b929f1b2044c09f12f6dd1c6a10d392b9cc11fd43e2d04ffd3bf01184e55a566bb5d5f92f6e3f5ab59812fd6a50b0e44b754ac28517c2f745ee67c887ee9bc2b5cef78ef3a2f08ca713718e8813299cdf041b6a8dccddf477814bcaf3304236423f7fdecc3bb4196ada49d1036e368d764873b88e5b2e86c2d1ce340a4fb552d2e5715587ae33d5a0897cb49b0e42c7cbe61672ed7554744b4522551479c0a0cae1c8faffce54b7f0851b3a9b315c44938656e99d926a6e26717f120607e379b623481a8b3e5db51380397938f28bb9f35f5824d60266729402dbdf5d494d13f73fda413760faf5a4e68c949ab9d9d56cbd1190073dd4aec64488c382ebfbf5465fb72c212f972f7c137edc6ff4e2a98f4b55c60233133917e5b440071796fc2802b152723371c35c7504685af8d68da2a41cddedb209f346ce08ac6f399b5a2ba2da65ad719dc4524352d30743f3a7593d2f88e6f9131645c5398943a833c7e00be88edeb3760e5f3a654e5903de5f4e7f709da83f76e88e609ac90a67b5c51b8c2eabe80ea279cc0bab4ed5c80915143e12f5d67df46651657df92d50231d10f90d00364f55c26ae31f780334cb018f1b34963369701b3317ba3f8a7efbcbd39e56204c7eb7606692552d5a9dcf6a07af4738f8bba02e3333b1cd98a7cc1b03914685d5bc1e69cc766c1c32ef766aaccee016f5bc5d0cc11a51955951d8da4ebc3a20f9f63509f20e9e7e8fef9fcb37cdf305efc41933ef21937c7de37705220227d1d3fedab79c23ae28a83222a9270afd10b25b282063311a7a651579aa31bbe7f3a7f3c09d88029d53c19a84b709bec32ed55f7b0dbb93372462e2317e3af9594fcca698260d22e2a499163bec93f2092b71af027349504ce934b45949152478a00be79a2b80a15d041abb4b013b664fb3c2aa06e86833d4333c708abfe30ccd0697c70a9b7ac3f3050d56ec02212c639acd1444cd43b5ad12a9466a0e400efa00d1e782dbf57ce8beadc00b71134657e47b7a057a3234c75f7d0ff0a24f7905cee72c9041b7b0e84ddcda6e97011a0334fb2a316aaeeecb8196f290414c75c8dfe44a744e91dc55ecc7b6956c61a5a6d8b263655b7b7220a586736855ef80e77e444d792cb3299acb6f099d6a657b26fdd439706fba78030b72f64519e9014b3471ac51cc07f0c6b4333febe667424cef307ba187e211c6203ebd8fcb17c1eae55d6d8ff7213a6fa719458bc1ca90bf5c83e0e0b00bc162e9bb2f1263ee45447b5fe3735fe94db8a6e20a42fcee3101665214dbe1fa894ecd3eb51576a416cbfc25606f592bba07db762f18e3fd1294b300abde4f61b44c36ad411ecc0e0abb424d4422a307a803071588a6b88db1aba24047d0113b9046f325628527fe41f13ff31ef4d185dd839c27872504e0616edb4cdb93e2a635aa159efff87f910f1a3a8450ec9b4dce67ceb561f41f5d810bfb495465a8654c1bdf6ac281690bb8c5f2576ac4cceed0a07b4356dd700536b9e039e57bad6065f633733c24a0fbac01fcbaf2a33ce5269436fbe961f2e8c91841f1cfb912e658851f050b1939a2a26245e566859495808f5610de88c7980ac7daa976a07f19b5b7ec8a914aaec4f161935a5d977dd4b9ea0b1bddd93a6deb56f7d78703d69003c71ebc5bb573b7d525a95a12b264e498dd0f67c36d1f346744a15ca06d2aec63df69bea8ae52dc5662615999d1eb724358e54de92db2bf17352df150b86bf3549238bc6fd2bbdd0551b78adb7351b2999460ae7164c08d4ef5b4e9f9065c055911bf0db2460810ad6706a357760ea59a3ab86c8b0219acf4a9e84ec81d2f50fbe01015206f352e5782dce3cb305b244d0ac89f763495af629d406d5de4f601b62f1d8b33f82ce90b05a00dca27335d48b3d30de2d426baffe0fc26eb5c522bb0a72b298b2aad67b0a9fd8c651d4bee3c444dd69b777bde487b15a84bc10007b62516c97834784780890c2723a353a8b48027f628fbaf2aebef36cccbcd51f6d8c55d0161f7c23cb91fc8a328530ac756b8fb5da7411db604c55625fc9a9475aab81cccf78e84e01f4da20eec988f655b0af8af4a6a78e29cb2e6413a49ddadd42c1415604c1cf80392951064afa1b9acfa7542fe6bc0edde6ca4cc66bc6dda0166d315c4e708d6594a1a14595231170c3587ef2696431ba56067b281a7d8c2f2d1e8f98b5810246736f72c706b25d85402f598bbd9fde6d9fac324b4dd6beb6b41302b259e32d7a1a1905e612e6ad4845257a4b037d88e58e6517ba0adcd68085e51d206616535d539644d1286aa20927f5d8c1daa882f73acf252f10d8297091cae0f58048233a43ad3806c17b0d0a731696ca7e83aae0161c3f1a2d003b89fe7f3631bc8f75b2be7a9287008b2788b0ec0466253df8c55fb10975d3a3a624d76be0677e1e4bf1949aabcaa912f150501c8fa55bf278fa7f9f619ae6bb2441c489589f9f92e69442f0d44d8b71e9698df48f2ee9aba084efa6a1c133b40a581cbb6d0f77223951288c6b67ecaa005b710ce9683e31c701bfaa7bb82833e95f676f4309e79739a7e06ba00846c191b1bd71ed1273d17285a942848e5dc5f796b8cbe646a76b6033791859e9805900480cbefa18fe52b80cd568b8a64be34c4e5446009eab94886f65f89a8f2af5368a3c0cbdcd51f0e59dfbe882c6b42d6a500a2957dfc52d9e0b1508fbe824d32d0a1d2bb2543edb4e5d0e5a73064631866ffc4bc9c65d4d245b4a16e8d18d62e4c6b72f5d6374183f63c280e9485c2336320b6374b7110ba9035528776b4a82876a69a4c5a7ef3bf2d3b2ff2f67eaa98e53b1bca412ecd07a718b4201abc011466c5433fbe85a9231a597afcd8112aadf65bf5e1a9e9b1d77328179e926f1e02965d7c295e121429275b68adc251133f4bbed3ddc62408c33cbdbd09935312e99aa0ee253e9a165c0f4d6547f44a6119ed472fed7e1e44361abbefa48df786950b74e0cebdd02a64956fdc5dec5b06df916b53e1b38898bc84cbe76be4dc96d541fa6d33869f2dd5ede75e110b50ca7145398bb95634e6447590d6ebf898901b2aa8f63a5056f939b2da7475439bed399d11d1fde1c376c556866143095fcf389cb956696cd43e622a2b051d0f3ae63e36aabc45fb379c775930a075201a30e2c5e37d4255f6f93f2d3c28a47984373f329355a9a45e012764670eaf5f0d2f7a4017a488722a687c0808dba5c3eac0bab34eb9a75a867d054e0202a36ce0c3a238041b3b43fcc93e2c6f38aefbcdaa81500c1c83a13ff7d44270062558538028444c87cd32854b976b35b4d6b7fe055606e336781f37c980a03f5aa920ac68f8b1cd9021dc19d84c8515250bb8c8372b16d62bb1c630f3c0761d3592dcb6fb0b96a139e96497a508d77f72a2ee681b2bcbb7ee9ed2ff12c854f3a15f967769e58d1d575de1944b0e9e0ab81ed0d4f70a87b7675aa5c70cfc714460130d482bf2b96901738dc6eff792ac11eba8c893931de1196053261cc45889b5ae10be8d4ee2f675991a1b46f65617b8cde063f1d6e26878fa3ea8cfd9f17ecce626c7b707e1044e7bed9213e6f8490f3e14c226957a04d340ed46fcad30a97769be9a190c2525438fdf9b0a7341771096292e1426c3ee3c67ac54b659747ef6af63a4f52128ea59760294ff240f7163fca302ec66636017c8fc008cf3b01f56ce93b9126c1c4a22f4fec85ae3d91b3c33ba4a595e53a7ae390b8df04c749cb4b77bd6cbce89930089c4db591a1bdfcbf8e3f0f646ca6a7eff0e6d5ae1c6958805f60051b6cbbadd2c38e85b2215b93a96a9f891572dbd0ad67b25ca66c98daf4616566a037e6886242acf2ba16b4da24c6e1328bc5d0d4bb5fb258374c37a18f6c83f9ed48d8b15a00081fb09abb79bc1feda30d3876eb0ccce015fbc872d02b165717e1c7ed8a3c85038e282b465f30f8114005519b3012f3e6457696d598d199ee3fac34fd16d40142ba827d936c786a4a4d94fb7e26a3fc77c1363a4e1ec31b15a11da0a4031925ea594e4969c2270349be328b47e94fdd404bb638c1e21c20ad27d2c7d07e889f3657d95fc8cc51ab95473c6bad5f17c7b7bcea9e5dbbfa9137ded92636fe2f235d5cc1dbbad4bb08425581bdba517a1c8bcaf9c8b2104234b64183b935138b1855a05c6177a6c4004fb5657990133fc640269fc626f625a4212f04325bddfe6f054714f7cef98670f4e8281daa9194c541e90a2bfa1e07f036a1fbf5e96f6b04ca12e5bf3351d065ee46b6a8c7b29e79f12494ffd4d16323868c0bdf0dfcb91601a0ffdc63f4cd2865d7b06d3e533488f5d3453c714790058ac06babe1a268ff62e5cea167f4536e2317618a46832c166"})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4140aecd, &(0x7f00000000c0))
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
write$cgroup_subtree(r6, &(0x7f0000001600)=ANY=[@ANYRESHEX], 0x7)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x3, 0x40010, r7, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r5, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})

1m41.195356393s ago: executing program 4 (id=6157):
r0 = openat$full(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0) (async)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x2042, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x0, 0x10000, 0xfffffffffffffffd, 0x4002004c4, 0x1000, 0x0, 0x0, 0x10, 0x0, 0x3], 0xeeee8000, 0x2011c0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60303, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)=@x86={0x0, 0x40, 0x81, 0x0, 0xf43f, 0xb, 0x49, 0x7, 0x2, 0xfb, 0x3, 0xa4, 0x0, 0x4, 0x6bd, 0x2, 0x8, 0x1, 0x7, '\x00', 0x2, 0x5})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0xe6, 0x55e, 0xffffffff, 0x4, 0xffffffffffffffff, 0x2000000000000004, 0x9, 0x100000000000009, 0x4, 0x80, 0x1, 0x794, 0x1, 0x18a1, 0xc976, 0x6], 0xeeee0000, 0x20200}) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
read$rfkill(r1, &(0x7f00000001c0), 0x8)
read$rfkill(r0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="a6"]) (async)
r8 = openat$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)='cpuset.memory_migrate\x00', 0x2, 0x0)
write$cgroup_int(r8, &(0x7f0000000140)=0x7, 0x12) (async)
r9 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) (async)
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r10, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x31}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000b40)={0x58, 0x0, &(0x7f0000000a80)=[@acquire_done={0x40106309, 0x2}, @reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x68, 0x0, &(0x7f00000009c0)={@ptr={0x70742a85, 0x1, &(0x7f0000000400)=""/208, 0xd0, 0x2, 0x14}, @fd={0x66642a85, 0x0, r9}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x0, 0x38}}, 0x0}}], 0xa7, 0x0, &(0x7f0000000fc0)="80a289296205dcc5620700e76a07d991e84f31a147f91d2ce73dc0cb80c2e8c19e67135ade4f34119a7e420826efd0f177be2c15a630cd403e86e4a77b4a9478065aa00e0b913630d0a5ed92401880ed54d0fca037e2b4a71e1f80c814bd22ed55c9ee8cb33ef29c28c8a0b1973fd2abc43687b3907a58aafbaa625ccb36e9082cb66c5186669613684973dbd11fc37951f2e85993a0272ca9c06742ce7d08e55c6c1136675136"})

1m40.77216051s ago: executing program 4 (id=6161):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0)
ioctl$NS_GET_PARENT(r1, 0xb702, 0x0)
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000080)={[{@stats}, {@max={'max', 0x3d, 0x7}}, {@stats}, {@stats}], [{@seclabel}]})

1m40.75144597s ago: executing program 36 (id=6013):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0xdd3)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x5, 0x9dc5, 0x0, 0x0, 0x8})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
close_range(r0, 0xffffffffffffffff, 0x0)

1m40.570836843s ago: executing program 4 (id=6165):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000cf0800008f04"])
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000240)=""/10, 0xa}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, &(0x7f00000002c0)})
close(r2)

1m40.442815305s ago: executing program 4 (id=6168):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)=0x10) (async)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000b00), 0x0, 0x0)
ioctl$TIOCSIG(r1, 0x40045436, 0x14) (async)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SMI(r4, 0xaeb7) (async)
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x8040ae9f, &(0x7f0000000280)=@arm64)
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) (async)
r6 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000040)=0x1c) (async)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000064cdfadb2d5d0000014d740400000000ab00"]) (async)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0)
r7 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000b80), 0x0, 0x0)
openat$cgroup_ro(r7, &(0x7f0000000bc0)='io.stat\x00', 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) (async)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
ioctl$TIOCCBRK(0xffffffffffffffff, 0x5428) (async)
r10 = openat$cgroup_procs(r9, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r10, &(0x7f0000000400), 0x12) (async)
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r12 = openat$cgroup_int(r11, &(0x7f0000000040)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r12, &(0x7f00000002c0)=ANY=[], 0x9)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0xf998b0b6661ff5f3, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040), 0x50, 0x0, &(0x7f00000002c0)="8a3e4b14485bef8901593175bfe04ac0baae7c5651ec6005649a06817a9203cff0f36f848684f4120d8c0faf025780d0819e642ae6cc84fec79002d8167fe3494aac7fd28e23c066793738f2fe6defcb"})

1m40.029958781s ago: executing program 4 (id=6173):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x0, 0x2000000000032, 0xffffffffffffffff, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)

1m25.004580651s ago: executing program 37 (id=6173):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x0, 0x2000000000032, 0xffffffffffffffff, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)

22.614546359s ago: executing program 5 (id=7067):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CAP_DISABLE_QUIRKS2(r3, 0x4068aea3, &(0x7f0000000000)={0xd5, 0x0, 0xc1})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x80)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000000)=@x86={0x3, 0x5, 0x17, 0x0, 0x3, 0xf9, 0x2, 0x79, 0xff, 0x8, 0x1, 0x1, 0x0, 0x8, 0x5, 0x4, 0x72, 0x7, 0xfa, '\x00', 0x3})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0xfb7f000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x31}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})
r5 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/attr/keycreate\x00', 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x1ff, 0xe, 0x6000, 0x1000, &(0x7f0000000000/0x1000)=nil})
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x121400, 0x0)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000500), 0x801, 0x0)
write$khugepaged_scan(r9, &(0x7f0000000540), 0x8)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x0)
ioctl$GIO_UNISCRNMAP(r7, 0x4b69, 0x0)
ioctl$KVM_CAP_STEAL_TIME(r9, 0x4068aea3, &(0x7f00000002c0))
r10 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
write(r10, &(0x7f00000001c0)="1e906565dbccd2fa1cf7a66d8c66ec9e911b06501c4a1ded9927f0b7cce5ae0742dbadd38d4e4e897c6e64c53dca19a10959d25959f4a305aecfbccc28c2af3951793351c7bc0056a93f96b2d3c35005c6d547aac44aad8f260c3d94faf98911a3fa82b4586b2c894db1c721cbb184b0cf0b", 0x72)
ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xff, 0xe0, 0x6, '\x00', 0x161e})
read(r5, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000b40)={0x58, 0x0, &(0x7f0000000a80)=[@acquire_done={0x40106309, 0x2}, @reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x68, 0x0, &(0x7f00000009c0)={@ptr={0x70742a85, 0x1, &(0x7f0000000400)=""/208, 0xd0, 0x2, 0x14}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x0, 0x38}}, 0x0}}], 0xa7, 0x0, &(0x7f0000000fc0)="80a289296205dcc5620700e76a07d991e84f31a147f91d2ce73dc0cb80c2e8c19e67135ade4f34119a7e420826efd0f177be2c15a630cd403e86e4a77b4a9478065aa00e0b913630d0a5ed92401880ed54d0fca037e2b4a71e1f80c814bd22ed55c9ee8cb33ef29c28c8a0b1973fd2abc43687b3907a58aafbaa625ccb36e9082cb66c5186669613684973dbd11fc37951f2e85993a0272ca9c06742ce7d08e55c6c1136675136"})

22.371861093s ago: executing program 5 (id=7069):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x70bc0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_MCE_KILL(0x35, 0x0, 0x8)
prctl$PR_MCE_KILL(0x35, 0x0, 0x10)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0x3000, 0x2, 0x4})
r2 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000000000073000040"])
openat$ptmx(0xffffffffffffff9c, 0x0, 0xc04c1, 0x0)
read(r0, 0x0, 0x3b)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x800000)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r5, 0xc0f85403, &(0x7f0000000380)={{0xffffffffffffffff, 0x3, 0x5, 0x1, 0xe}, 0x6, 0x9, 'id1\x00', 'timer1\x00', 0x0, 0x7, 0x9, 0x1, 0xd09})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x801, 0x24)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0xfffff000)

22.206518945s ago: executing program 5 (id=7071):
prctl$PR_SCHED_CORE(0x23, 0x0, 0xffffffffffffffff, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x8, 0x0, &(0x7f0000000140)=[@decrefs={0x40046307, 0x2}], 0xa, 0x0, &(0x7f0000000080)="01d9366a6bcf7fbd3ff2"})
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000002c0), 0x4b301, 0x0)
ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffffff, 0x3, 0xac, 0x8, 0x2, "e7732e9431a9e74e0fe4f9ca3fb352e74f4d01"})
write(r1, &(0x7f0000000300)="6e3a0ed5460b63402ab2195a3216bcb85c6c41dcae414e6b441abd66135b77d6f75f0ea999e298e8c0784277f98d7e8b6ec46d7a0aff7e92a1bd5d1ef824143fb162429e2a617ebc79c3d0f75bdd727efed547efb1f2edea9cbc3d0df4c351cbafb0a7ad182b4fdca1e786128059a1f4c95943e4f08867254383c14e5a16e8a400b7eac6f47017e8ce7faf8e1f4dbe88ee2acbf599f27cb57fd5fa0e9a76430170887ca6dae247a62e91f1bbbb784a789da08d6f859620d66298736e34b880132193b3ab42bd5aac6a17ff0b030779aa854c5a68576c62b5466bdf135bc294d82d6407336699f8ba9b383ef9027c1c689fa7a6148b508e8e433c53518d3ffec353d70f711b80079bbbf513f997cf4079b85c9241a94ea7457f92bf1b6b6d488e4aca9d24af17781a3688972f3b18a4488038ceec150e465cf9e47754478d0db951eab8a18ec17e1169da0f72d57e2dcc0ac664a025e1adc52ab92218832836310f2365eb7af43eac358833ebb4265f4f2728736ef892cbd1bdb9157fb9619668e170ff1eace634c60924f3e23a0d775aac4154f20bb84b5db5f86076a2724b66834e470800d4feae4835858cb4b2e83fbf58aedd42bd036acaf6fc462bb8ecf256dda0137901cfe84096ce86d7b50e8d67d76342224c9537ab7e209d5b7af12d4e7d2933dde4639a0375f63b9830327c9e2ca20b066cceb3efeb5a083bbd634078121cb04833a1640694e08db1b2e5ed230584b0912ce4d040dbbe387cff7dc3c527242e3a2e442203cc0c7a20e9eb3f6eccadb4adaea14b961d67fbd1e773ceb208ba5a866dc18fc915a7e00c5dc53a08d7f9e2ffcdeeef17d7a51cc381d19b07189baaac8921d7774413542e40e0929e50ff132dc86083c7f2ef47472bfd57af36d20c50907b8b4aff310f0d38ec052d4eea0a1d2a78d5836643eb074f4c28bceedf7e538a74c52085efbb5414f0493cca3ef9fbeebe9b6a8643794f057d97ef6605c708919aa55251097d9fccadb54c9ac2909ce026126b02e4289dc05a0e44529e58b2393564b75b0d3fea1a02e0571a73c2255999e270fd8490b1dc31a2041bd27ded4d12fd44e1a61580863501e00681a246680903fc7a02144632c60780d6b1c76eebd84fe73fe6c140f5aa02101f8f7b9a9de48b8ee3e0673db5c119a37500144ea6693d83d4176a78ee501375591d46aa15fb05cb1c66351f0b211811174815620669aae52ad03deb03fa89f8995a45f853cea169375f7ec176ce2b5c3b75af2ba5e3960c5f222a5fec737e907d22e71a97ed7470c154789d1bf13eefe5f078cb9b3be2af92d91869341c56ef208f0560014f9f7e439d73e38a46ff6ca1b6b8ee399bf4239e71f7a0af55a5c062d5fe59d463585e68d1c2de36358e254cb96e77d0a630375ee41e35141a064f9844a910fe96ea5c17d1afb13581852e9f2373962408e218f58938429a1bf0fbb3f8143bf1b8dcf34128d2ce6c798cde8119faa316504a99ca00daca54bf2ddfe419d313032384cd07dd423b3123f97f39526d60fd38e701841e78986f316045468107801d595928dedc5227db2ec826920965794c790299abaa18e705f8441e95c8da4146d6a985a3634d3c68c7bfb11cc794743d76d26d75b17f67adb53df80aef225eccf179b4745af411d3ba26874bd7a855dc26b68917a261d66255fa15e8c7ef45ba8b53b955af9c993ad0236f8acb3b8e81d8c6e39197cbb4c41de4506cb5e3814ebd62e612e5b9229e0704db936e258ed55fad588f77defacb3b62dd1056d699efa52a977a49eb6e823cd6f52f17983384c3b76f4cd326c4a27fbd506c991e6254bf72685b6fd93dc0320b57017a00a6d6960a2efcbec89f7b22c527a012b6dbca28bc4c7ef29e9a2462037f7d3dcb0d4867dadfdb47c75c3e127b13f2fb78c7f9e0a8e48514cf54ca12357b18c46f55931a9e3bcff45dd85ddc0fcfa7344fce8350767c9bc0f04aad0d791bcf5c36c51a96bee96c65a342e76bd7df4198613258c804b54eddee3429c658b3f91e3ec8c80a754ecbded3e262e7307fa49182be50e1f2d3f04cc16cf77a66125efe2af6ae64707d8a929aa093c4c8bcc9d0c48f5d2241fd420f594283ef7a1fc51ce18864e5cac1093d45a5951d9781fe7b89bc7b49d06fac0814f9ec092b48cd882272d5d255bd7092b31f8ad92bf785347799822441fa0dc0b7b10ba1eb5f06258858fd48e311da5210889365f36d2cffd3d4092ef572ffbf9dfed40a4811e00f898682fa601a319d28b2b42bb29cc4264dcaa333c4f2b18bf8fdddc4401a3766919ccfdcf89e6dbd566a70bb0ee8732cff610e6f0edf63a2c2c952e9bb90e8a2d8651eceea407d758a4509dbec5e34a3703ae99f64c6c7afa1d565e0eb1031aef85e6a3fc988d3c6755e66890c9f34009f5b212132532a1d06af112a0dc288090acf37537a9e7e0834c7643c99fbdb384070cc58ea14e0d7cf03675375e4845e4402062f90b7afc27706f7c0e8840fe87bae79de993e1bfd4f185fbca4e259a7d066e332d3e7110dde764ee71f130fbccedcfe288baa6c0c2bedf0ae49b6c3c1c2f9714908d292d9747bceeff25815e9a6d6165f2ff6f69375af8f974186dc528da934b78685eaddba683a37e75868b7a9792cad92da641c0baaef8a21e1b45c5ad28d5ba311c5d84f9b7c9b14adb455c8e65b4144530e47fb179d7b120f6274d3d6f8189e0b9e2b413eec17105ca39f7da38edb1a68331c10afa80d5a699b00b0b9a2c37f3f0d8e0ce0e7e0f4de0ca975f23e13244e9da31b3f719b042463a3563276c05c024888f6638b21fab4f7d8d78e1faecf165f6f52e1d4dd57695811fe5a078b42577a831ab66e3e32b67ce5909dca0ae5de949ef7a1cd5073e1a34db143b8ee2c641deedfb100903b4874dc652147d605c334d379d6f1b5f97d1239b27d406ea6163d07acbfb2b86b12878751201cb3464be2eb1bf76b480eb874f7720bbbe02039333c390bcc27193f02660f09f20527338effd7a771657fb5e08a297f4b816a026c173c96831b82a6152cf6dcf6cf55b0d17d895a3c68fa1bd33cadc62f3f531ea61ecf8e7c90e93f0e3649dd04ed8b9dca3b2916483429f16c2c25009eeef54b065ccfc4db5aaa1e90e8ca54ec66b630ca068ceaa428fb2b459d4644ce37b1920cf40e8bfa7f847851620464a2849fc0a40b51484d47b2e257d03df65c0aef4d8ceab45cbdc03b8c0cc84ce7fa6b5109061b5980975a4f64657544fbdd9493b8a50afc5e2ad9efa8e242a9d265eb425782249df1dc0d52c3527fab9d74c27584cc689bde128bb1d4b652aa7fd62b8386ee0c0a1413279cef71cc89574fac6af60e5af212b854cc1da0efa5ebea541f3c36825599c7710a73e7d2ccf33cc6ed39406d76268e91798e72af6627a8d72bd70f98052c45ccd24568d8256725fea1e88946f9574a2fc110057a13c4255f354ab21bce5f26be17c6919cdf7e948b73757b85a3644d308d91a815a551ad30c959681206be4ffc3b5e7beaba58af8f787c091aa10986b9d5af800e84a286128ac0d9070bab070d8ee6ed2439fc7d408f3debe6493e605ea45582d474ccd1777223699c9a5c6a1729d68dbd81eeab79aa5f9813fb40608b385b0dda67830e01e3305cc0496ef92ffe524b38741f92c2ed8adf79872912d6c24a9b2a0dcb4b44d9d4f31f4a6fbb6af409e6b4adb10b1882fe0a08c2795345de19d502695462348bff9405fbbf632b35706b51325eda17b93d2b1534552902ba7f504cf414c9428a210dba4368db880e8bc8252ca7964eee68debc58b7e4b0df59cdb9f8421b6c4a84d3a53d659f58e735077785cea445986986eb269b8740fe1a2ca1a5d283bcbe0275522c15c9cde56e1bd295f1d218333671a4a88adad1a3518a71c7b127053f49f99275de7280d4a8ec2ed4b3e1da3131dfa996883cf14c9c1d37013dea08de597915fc9272894f1081a7d512bbc7c3797f386175b61436babf58116e5561aa746525fea0685cb67df9531f35bac093ef246a4c44ed7da84fb5509c17a33282929531c2d571c4b9191bd9216ad53a9265bfa77b0730f7f600d2339ca71d5c228919648859d3a2a9438f19fd47e9f5ed30099163269952d317b2142498491c6e3b61c90710637bc50cfefbea69d63fc6568aa89855f38c5dc4de73a402d31ad5dc74e9d16bdf819f5125561148ee866358dfc5b7f6b96c768725ad636f23c482ceecdb84ee0c92b3e5edf994e29970f5ff6feb78baa6435c571d82fa3dc8feef42ce76d0ed57ad170b29b0d9edafc9eec990f2e9bf0d3391da22fff2f9131724e44dad08bc4654b7", 0xc00)
r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0xfcac3568eacd20e7, 0x2, 0x4, 0x1000, &(0x7f0000ffd000/0x1000)=nil})
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000200), 0x80800, 0x0)
ioctl$BLKSSZGET(r3, 0x1268, &(0x7f0000000240))
r4 = openat$cgroup_int(r2, &(0x7f0000000100)='net_cls.classid\x00', 0x2, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000b80)={'\x00', 0x8411})
ioctl$TUNSETOFFLOAD(r5, 0x400454c9, 0x9)
ioctl$TUNATTACHFILTER(r5, 0x400454cc, 0x0)
write$cgroup_int(r4, &(0x7f00000001c0), 0x12)

21.695270773s ago: executing program 5 (id=7076):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x183081, 0x0)
write$vga_arbiter(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='unlock i'], 0xa) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0) (async)
read(r1, &(0x7f0000000000)=""/61, 0x3d)
read(r1, &(0x7f0000000040)=""/101, 0x65)

21.535764846s ago: executing program 5 (id=7078):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
openat(0xffffffffffffffff, 0x0, 0x501a42, 0x1dd)
r1 = openat(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000180))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000280)=0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179)
r5 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080), 0x1040, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000440)={0x4, 0x3d64, 0x0, 0x4, 0x9})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x100a, 0x1})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x1})
ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f00000003c0)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x70, 0x18, &(0x7f00000001c0)={@fda={0x66646185, 0x2, 0x1, 0x2e}, @ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/42, 0x2a, 0x2, 0x32}, @ptr={0x70742a85, 0x0, &(0x7f00000002c0)=""/229, 0xe5, 0x1, 0x1c}}, &(0x7f0000000240)={0x0, 0x20, 0x48}}, 0x400}], 0x0, 0x0, 0x0})
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000002, 0x1010, r1, 0xd4fee000)

21.28383535s ago: executing program 5 (id=7082):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)) (async)
ioctl$PPPIOCSACTIVE(r0, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
read(r0, 0x0, 0x0)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000001380), 0x101100, 0x0)
syz_clone3(&(0x7f00000013c0)={0x240040480, 0x0, &(0x7f00000011c0), &(0x7f0000001200), {0x25}, &(0x7f0000001240)=""/1, 0x1, &(0x7f0000001280)=""/162, &(0x7f0000001340)=[0x0, 0x0], 0x2, {r1}}, 0x58) (async)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
write$ppp(r1, &(0x7f0000000200)="d10564e7c243df164c11c99a18c8f6a3a9463f84eba5075eec86a513ab015a2f1fdb48324d8d2ee8200bcdf8e23ccfd91e9e9fc12c67255d3bc577d748471c64bb9f862dafd2ee705a34bcc9604a148c0000000000", 0x72)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
mmap(&(0x7f0000797000/0x2000)=nil, 0x2000, 0x3000001, 0x22052, r2, 0x2000) (async)
write$ppp(r0, &(0x7f00000000c0)="29a7e1f5ea1895ffc14aa5ddc26951e707656754fd33641b8ec563d8727edc6f7bd2360a02a28442fe2ce6fe7efcf58da84708dc748e5afda1e7db1848bc645d65e2b6c2236941af64d14db20ffc9eaf1262fa07b40ac94f04c9d312caeda4436598f12e3ba2054eb011401f705065fd23373e29371ffa04482cd9f24cb7f14eb4debd3e971d735c44561f56784fc181203aec756e3f548d07611d57e8", 0x9d)

15.255173076s ago: executing program 7 (id=7151):
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f0000000200)=ANY=[@ANYBLOB="63836e746578523d73792274651b090092b5ffc1084395e676e06b5663edb1a2fb593c49b67e51d0e11aa6c1e4878ee062f30c12897bbd51e8ec0dd4aa72465c0dc3bcfc693c8f0db2a836c2513aa8f7a5fe53a1c1a7e7a4ce47c24104305bdd39ebba61b5cf4f189735c33a7f82cff544ae56c735814ed13dfbe751c81c0db6f8083531e07cfd28f76b8d5debaf4ea880d84c6eebe43850b6ab7791de6a0983943b17e1c3b0a71aa550d0698d6bec14aa7ea1578d1b85d8773c34bc53213b2597f9aae4842ce4c7629564d0ff6f0019d6e1ebb2be1904b3a2c3870c238643cc69397ae23fc9ed192fd216d3e7e5027a3dca776f647209b540296fd74125576df4762137ed57217494f54b1807ff94af0d1d3e4ef5d5f1a99d8ba126741354b5fe251a5dc7b3a1d8be9e796febd4b36e39f04eb3"])

15.123805469s ago: executing program 7 (id=7152):
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f0000000200)=ANY=[@ANYBLOB="636f6e746578743d7379737465225f75dd47d0b90b893a03ffdf"])
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000040)=ANY=[@ANYBLOB="686177282c00000000f8007bbb1828b5a7f23aee81f0b900b4a927efc8c49278285e903d845f06e3aadf9965ea7731e7ff306c719d38acf73afb37eede3021f3ad2261bbf2dd12d91dc533427d1523c104d909c71a159d63eec7a49e760ae3815f9a01d46dcc8e856afe04b6"])

15.045516019s ago: executing program 7 (id=7154):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100, 0x2})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'bridge_slave_0\x00', 0x84aebfbd6349b7f2})
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161100, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f0000000480)={0x3, 0x0, [{0x0, 0x7, 0xffffffff, 0x61, 0x5}, {0x4, 0x70de, 0x9, 0x4, 0x5}, {0xc0000006, 0x2, 0x7, 0x9}]})
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f00000001c0)=0x7)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000000)=@x86={0xca, 0x8, 0xb0, 0x0, 0xc51, 0x9, 0x0, 0x81, 0x7, 0x8, 0xf9, 0x9, 0x0, 0xffff, 0x8, 0x6, 0x7, 0xe, 0xfd, '\x00', 0xff, 0x5})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000000)=""/10, 0xa}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, &(0x7f00000002c0)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000440)={0x54, 0x0, &(0x7f0000000340)=[@increfs={0x40046304, 0x2}, @reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f00000002c0)={@fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x1, &(0x7f0000000040)=""/14, 0xe, 0x0, 0x7}, @fda={0x66646185, 0x9, 0x2, 0x34}}, &(0x7f0000000240)={0x0, 0x18, 0x40}}, 0x400}], 0x69, 0x0, &(0x7f00000003c0)="c4194bcfd418414026f144844ae1c369e8a56e371623daf401071ec206bc7b266ea0e8603a9d6e531ff9c4fde470f54d15e7299f252dc20d99fd1376a307ea0f480bfd8097135efe53f299dcd93cd6b94d4a5fa4c939febbce4de9d6ef4a2b5e7c6a5ef0e8894dd853"})

14.080050755s ago: executing program 7 (id=7161):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x1802, 0x0)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6}]})
ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x100400, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
read(r3, &(0x7f00000001c0)=""/219, 0xdb)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000dc0)=0x7)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0x9250)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r1, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x10, 0x0, &(0x7f00000001c0)=[@request_death], 0x0, 0x0, 0x0})

13.854035399s ago: executing program 7 (id=7164):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
syz_clone3(&(0x7f0000000580)={0x200000400, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000001000000000000000000000000000000001b0300ff"])
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000086"])
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000d000017a6987ffcc200000000000000610007083ec1e6af79e328743e7e41ae1e7c375013d483e22e64019b43a94dbc91f6c85f72cd25ced997628d983279ba49000000000000"])
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000080)={0x8})
mmap$binder(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x6)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13.625716122s ago: executing program 7 (id=7167):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_SWBIT(r2, 0x4004556d, 0x80000000000e)
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000000)={{0x0, 0xeeef0000, 0xe, 0x0, 0x81, 0x4, 0xa, 0x4e, 0x0, 0x7, 0x6, 0x1}, {0x5000, 0xffff1000, 0x3, 0x5, 0x2, 0x8, 0xd, 0x3, 0x0, 0x81, 0x8, 0x1}, {0x5000, 0x0, 0x0, 0x7, 0x2, 0x1, 0x6, 0xf, 0x8, 0x9, 0x2}, {0xffff1000, 0xd5dd0000, 0xe, 0x2, 0x1, 0x3, 0xc, 0x0, 0x1, 0x6, 0x4, 0x9}, {0x100002, 0xeeee8000, 0x9, 0x0, 0x80, 0xee, 0x0, 0x7, 0x7c, 0x0, 0xe, 0x9}, {0x3000, 0x4, 0x8, 0x1, 0x5, 0x4, 0x1, 0x1, 0x6, 0x86, 0xb, 0x2}, {0xeeee8000, 0xeeee0000, 0xc, 0x7, 0x7, 0x3, 0x1d, 0x47, 0x30, 0x2, 0x8, 0xe1}, {0xf000, 0x2, 0xc, 0xf8, 0xfd, 0xa, 0x2, 0x4, 0x3, 0x8, 0x5, 0x4e}, {0x4, 0x7}, {0x6000, 0x5}, 0x10, 0x0, 0x0, 0x40, 0x7, 0x1000, 0xeeef0000, [0x5, 0x8001, 0x8]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000240)=""/10, 0xa}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, &(0x7f00000002c0)})

6.206697141s ago: executing program 38 (id=7082):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)) (async)
ioctl$PPPIOCSACTIVE(r0, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
read(r0, 0x0, 0x0)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000001380), 0x101100, 0x0)
syz_clone3(&(0x7f00000013c0)={0x240040480, 0x0, &(0x7f00000011c0), &(0x7f0000001200), {0x25}, &(0x7f0000001240)=""/1, 0x1, &(0x7f0000001280)=""/162, &(0x7f0000001340)=[0x0, 0x0], 0x2, {r1}}, 0x58) (async)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
write$ppp(r1, &(0x7f0000000200)="d10564e7c243df164c11c99a18c8f6a3a9463f84eba5075eec86a513ab015a2f1fdb48324d8d2ee8200bcdf8e23ccfd91e9e9fc12c67255d3bc577d748471c64bb9f862dafd2ee705a34bcc9604a148c0000000000", 0x72)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
mmap(&(0x7f0000797000/0x2000)=nil, 0x2000, 0x3000001, 0x22052, r2, 0x2000) (async)
write$ppp(r0, &(0x7f00000000c0)="29a7e1f5ea1895ffc14aa5ddc26951e707656754fd33641b8ec563d8727edc6f7bd2360a02a28442fe2ce6fe7efcf58da84708dc748e5afda1e7db1848bc645d65e2b6c2236941af64d14db20ffc9eaf1262fa07b40ac94f04c9d312caeda4436598f12e3ba2054eb011401f705065fd23373e29371ffa04482cd9f24cb7f14eb4debd3e971d735c44561f56784fc181203aec756e3f548d07611d57e8", 0x9d)

1.489333426s ago: executing program 9 (id=7251):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x11, r0, 0x45809000) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) (async)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d) (async)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000240)={0x18, 0x0, &(0x7f0000000180)=[@decrefs, @request_death={0x400c630e, 0x3}], 0x52, 0x0, &(0x7f0000000100)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a020000005df98d795a6b8622681df1cb222612051f612948"})
close_range(r1, r0, 0x2)
read(r0, &(0x7f0000000040)=""/106, 0xfffffffffffffd27)

1.395738648s ago: executing program 8 (id=7252):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
openat$snapshot(0xffffffffffffff9c, 0x0, 0x481, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x75b, 0x0, &(0x7f0000000d00)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632cf7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81bad2c6ef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3384c1ae2008448e5750c3a3d5733b4a2486788550e6353e9b12cc09750d5b9dcd2aedba61d0520e99a51e880d3dd78a2b502029deac1860cf50885f8bf5119491c6b1e06492e98ca64e5e3"})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040), 0x109102, 0x0)
read$FUSE(r5, &(0x7f00000004c0)={0x2020}, 0x2020) (async)
read$FUSE(r5, &(0x7f00000004c0)={0x2020}, 0x2020)
write$FUSE_INIT(r5, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r6, 0xc008ae09, &(0x7f0000000000)) (async)
ioctl$KVM_GET_SUPPORTED_CPUID(r6, 0xc008ae09, &(0x7f0000000000))
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x4000009b}]})
close(r0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
write$selinux_attr(r5, &(0x7f0000000180)='system_u:object_r:traceroute_exec_t:s0\x00', 0x27)

1.395187038s ago: executing program 9 (id=7253):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000d80), 0x20000)
ioctl$SNDRV_TIMER_IOCTL_TREAD64(r3, 0x400454a4, &(0x7f0000000dc0)=0x1)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x9, 0xcc, 0x1, 0x4, 0x2, 0x1, 0x1, 0xff, 0x5, 0x1, 0xe, 0x9, 0xa, 0x2, 0xd, 0x5}})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x3, &(0x7f0000000100)=[{0x200000000006, 0x0, 0x0, 0x7}, {0x7e, 0x7, 0x3, 0x5}, {0x102, 0x2, 0xdf, 0x1ff}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x2, 0x80, 0xc2, 0xc}})
openat$cgroup_ro(r5, &(0x7f00000000c0)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x7, 0xfffffffffffffffe, 0x40, 0x0, 0x7, 0x2000000000044, 0x0, 0x8000000000000, 0x5, 0x0, 0x9, 0x0, 0x0, 0x7, 0x1], 0x6000, 0x3c2a10})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)

1.24440131s ago: executing program 8 (id=7255):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x40082, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000080)=0x2)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, 0x0)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000180)=ANY=[@ANYBLOB='defcontext='])

1.075593763s ago: executing program 8 (id=7256):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$ashmem(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
close(r3)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000006010040000000000000000000000010"])
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000000)={0x10200, 0x0, &(0x7f0000ffd000/0x1000)=nil})
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x68800, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_freeze_timeout', 0x200, 0x20)
ioctl$BLKRRPART(r4, 0x125f, 0x0)

963.883585ms ago: executing program 2 (id=7257):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f00000001c0)='cpuset.cpu_exclusive\x00', 0x2, 0x0)
read(r1, &(0x7f0000000440)=""/119, 0x77)

937.903865ms ago: executing program 2 (id=7258):
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB='max=00000000000000000000001'])
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000000)={0x6, 0x5, 0x800000000000102}) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/custom1\x00', 0x2, 0x0)
mmap$binder(&(0x7f0000ff1000/0xf000)=nil, 0xf000, 0x1, 0x11, r1, 0xb1) (async)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f0000000280)={0x2020}, 0x2020) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/binder0\x00', 0x802, 0x0)

884.389776ms ago: executing program 8 (id=7259):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f00000001c0)=@arm64={0x2, 0x8, 0x2, '\x00', 0x8005})
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0xe0001})
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000000)={0x140000, 0x0, [0x0, 0xfff, 0x1a, 0x80, 0x5, 0x8001, 0x7, 0x8]})
r3 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r3, 0x0)

771.637868ms ago: executing program 2 (id=7260):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x60, 0x18, &(0x7f00000001c0)={@fda={0x66646185, 0xfffffffffffffffd, 0x2, 0x36}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @flat=@binder={0x73622a85, 0x1100, 0x1}}, &(0x7f0000000280)={0x0, 0x20, 0x48}}, 0x10}], 0x0, 0x0, 0x0})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000070000040", @ANYRESHEX=r1])
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000001000000000000000000000000000000001b0300ff"])
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$uinput_user_dev(r7, &(0x7f0000000500)={'syz0\x00'}, 0x45c)
ioctl$UI_DEV_SETUP(r7, 0x5501, 0x0)
ioctl$UI_GET_SYSNAME(r7, 0x8040552c, &(0x7f0000006480))
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000086"])
ioctl$KVM_GET_SREGS(r6, 0x8138ae83, &(0x7f0000000980))
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0xa70, 0x0, 0x3}]})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

709.651419ms ago: executing program 8 (id=7261):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0) (async)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x3, 0x32, 0x0, 0x0)
mount$binderfs(0x0, &(0x7f00000000c0)='./binderfs\x00', 0x0, 0x44000, 0x0)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0xa, 0x2}) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0xa, 0x2})
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0002, 0x0) (async)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0002, 0x0)
write$vga_arbiter(r3, &(0x7f0000000040)=@other={'decodes', ' ', 'mem'}, 0xc) (async)
write$vga_arbiter(r3, &(0x7f0000000040)=@other={'decodes', ' ', 'mem'}, 0xc)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x3, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x100000, 0x1, 0x202, 0x0, 0x0, [{0x0, 0x3, 0x4, '\x00', 0x6}, {0x5, 0xfc, 0xc0}, {0x2, 0xec, 0x8, '\x00', 0x6}, {0xf7, 0xbb, 0x0, '\x00', 0xff}, {0xf, 0x5, 0x9}, {0xff, 0x5, 0x3b, '\x00', 0x7e}, {0x60, 0xc7, 0xaa, '\x00', 0x6}, {0x4, 0x0, 0xe9, '\x00', 0x8}, {0x85, 0x1, 0x4, '\x00', 0xff}, {0xfc, 0xf8, 0x8, '\x00', 0x2}, {0x7, 0xf, 0x7, '\x00', 0x3}, {0x6, 0x7, 0xea, '\x00', 0x99}, {0x2, 0x0, 0x7, '\x00', 0x2}, {0x4, 0x8, 0x1, '\x00', 0x5}, {0x6a, 0x9, 0x0, '\x00', 0x7f}, {0x8, 0x8, 0x8, '\x00', 0x5}, {0xb, 0x41, 0xf, '\x00', 0x7}, {0x0, 0xfd, 0xff, '\x00', 0x3}, {0x0, 0x3, 0xf, '\x00', 0x7}, {0x5, 0x81, 0x6, '\x00', 0x1}, {0x7f, 0x7, 0x9, '\x00', 0x5}, {0xfe, 0x7, 0xe6, '\x00', 0x8}, {0x7, 0x5, 0x5, '\x00', 0x6}, {0xb, 0x5, 0x7f, '\x00', 0x7}]}}) (async)
ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x100000, 0x1, 0x202, 0x0, 0x0, [{0x0, 0x3, 0x4, '\x00', 0x6}, {0x5, 0xfc, 0xc0}, {0x2, 0xec, 0x8, '\x00', 0x6}, {0xf7, 0xbb, 0x0, '\x00', 0xff}, {0xf, 0x5, 0x9}, {0xff, 0x5, 0x3b, '\x00', 0x7e}, {0x60, 0xc7, 0xaa, '\x00', 0x6}, {0x4, 0x0, 0xe9, '\x00', 0x8}, {0x85, 0x1, 0x4, '\x00', 0xff}, {0xfc, 0xf8, 0x8, '\x00', 0x2}, {0x7, 0xf, 0x7, '\x00', 0x3}, {0x6, 0x7, 0xea, '\x00', 0x99}, {0x2, 0x0, 0x7, '\x00', 0x2}, {0x4, 0x8, 0x1, '\x00', 0x5}, {0x6a, 0x9, 0x0, '\x00', 0x7f}, {0x8, 0x8, 0x8, '\x00', 0x5}, {0xb, 0x41, 0xf, '\x00', 0x7}, {0x0, 0xfd, 0xff, '\x00', 0x3}, {0x0, 0x3, 0xf, '\x00', 0x7}, {0x5, 0x81, 0x6, '\x00', 0x1}, {0x7f, 0x7, 0x9, '\x00', 0x5}, {0xfe, 0x7, 0xe6, '\x00', 0x8}, {0x7, 0x5, 0x5, '\x00', 0x6}, {0xb, 0x5, 0x7f, '\x00', 0x7}]}})
ioctl$KVM_IRQ_LINE(r5, 0x4008ae61, &(0x7f0000000000)={0x8, 0xc4c})
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x10}], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})

559.998511ms ago: executing program 9 (id=7262):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/custom0\x00', 0x5, 0x0)
ioctl$AUTOFS_IOC_CATATONIC(r0, 0x9362, 0x0) (async)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f00000000c0)={0x1, 0xaa4, 0x0, &(0x7f0000000100)}) (async)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000180)={0x1, 0xaa4, 0x0, &(0x7f0000000340)})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r2, 0x4188aec6, &(0x7f0000000040)) (async)
ioctl$KVM_SET_CLOCK(r2, 0x4188aec6, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x95d}) (async)
r3 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r3, 0x40087703, 0x58) (async)
ioctl$ASHMEM_SET_NAME(r3, 0x40087708, 0x0)

339.923575ms ago: executing program 2 (id=7263):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x69579000)

338.625795ms ago: executing program 9 (id=7264):
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/binder0\x00', 0x800, 0x0)

293.387295ms ago: executing program 2 (id=7265):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x61)
ioctl$FS_IOC_GETFSUUID(r0, 0x80111500, &(0x7f00000002c0))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000080)=@arm64={0x2, 0xb, 0x7e, '\x00', 0xfffffffffffffffd})
ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000000300)={0xe0001})
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r7 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000240), 0x20800, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000280)={0x101fd, 0x6, 0x1000, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r6, 0x4068aea3, &(0x7f00000001c0))
r8 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r8, 0x80503d01, 0xfffffffffffffffe)
r9 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r10, 0x4068aea3, &(0x7f0000000300))
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x40080, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r12, 0xc008ae05, &(0x7f00000003c0)=""/136)
r13 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r14 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000140), 0x82084, 0x0)
ioctl$TCSETSF2(r14, 0x402c542d, &(0x7f0000000100)={0xfffffffc, 0xe7, 0x6, 0x2, 0x7, "ea7174ddb80fc70000020000000000d3a2d975", 0x2, 0x4})
ioctl$TIOCSTI(r14, 0x5412, &(0x7f0000000180)=0x2)
ioctl$TIOCSTI(r14, 0x5412, &(0x7f00000000c0))
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r13, 0x4008ae48, &(0x7f0000000000)=0x80a0000)
ioctl$KVM_CAP_X86_NOTIFY_VMEXIT(r13, 0x4068aea3, &(0x7f0000000080)={0xdb, 0x0, 0x6})
ioctl$RTC_UIE_ON(r4, 0x7003)

270.013596ms ago: executing program 9 (id=7266):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f00000001c0)='cpuset.cpu_exclusive\x00', 0x2, 0x0)
read(r1, &(0x7f0000000440)=""/119, 0x77)

195.799087ms ago: executing program 8 (id=7267):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x68800, 0x0)
ioctl$BLKRRPART(r0, 0x125f, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x200)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000cc0)={"110b04fd70497ed637975e085cf58d78146317eee8f42d5b3ebf2eb737ef5de16790c5770413a03457adb4ecdb5604931b9c47dd190dca04b6fc4e17181aa9a4e89e00ae9a577e4cd92f423f7a7427aef000f1a9d4ccd2430182060300000000000000946ed4a0148117e13762ad12146d160367ae3e6270110255be80d1a879932f335d2b753399a71eb2b2faec09cf010324c7e319cacd856813bd80ebe5826f614406da0cc592000b8e74efdd08a2be58d4e8270000000000800000a02be7521d07a39599942ffafc37e5311acc3bae5000f03b5f492464231c975ea8550bbf5aa7a7ae7d3739bbcbf7750db18a205693e382ca09bbf098e138c52719fc5c57778edcbd5c879cca9869e02228159abef98cb4dc2918ab4ba72e3e6e202fcfea04d1f372c6ecb897eb75b7caa43565e1043fd3e3b97dc316f8ce4129d2c0225c652a67db9059ebf69b49cd2aeae7f9bad9e15b8500d7129931eb754a90c5dd29e5c49f5341c466ea6707198d70a71d7766dca8c16d51d66d227118edcb39603389995748c68154eb5890d0b1f0823c719114b00dc22180461aa9c6fa4fc3993f8cd66ddba895d08633eb54b183dc5a509d7482be6de4270b237d37fb96faad5a7d440ce66e6d902695fdb406a37e196a614d79f68dbfbb27c0f214765fa2056ff5a590ed088562acf27156b5be87748053892fe9ff70102c04ec03ee7929f05123e6882fdad11662286e21fa9627eba4dd9a1835608d984b9eba77eedded3d8183eb4686c44771fee78b614adbd6cc0ad531cc82facff8e02e0122961fe63079cd1ce04c88cf306bda3c61ff3a99b5e184135d3041d9d0eee7351f645137645c39c2b74f6b5b850be01db3fc35d1644232ad5589ee1e585f2386f28236ae4aa1b301ecaf3e1b99f3e84ffdcab27fb00c89d8bcb32271efef8a4597cd0d2bd754093aaeeb97528dd4ee8f7ac9ddda7b32e2565f8166bfec5be0e50eab68c45ee5f24b48de7f927c537d85ae4e287a0debf2379e3d26381c144766ff5dc1bf4c88d52d412c286e83b3267cd28bf4c4f0f84b637b5188800fc7780df2a22e6801ec131fe4ecd9183b1b4b285bc223346acc03ba8ec621e7dbc2cc32019b3ce94b8ef5d7370252609e1b49efdcd006cca68e3ade81149297014a3e7d0c1b268cc4b0cb2c510f7f11b29244fa488b27a8f9b7fabe86d6634e4b64358545dc97c97a9b11497dfc820b8b7731d77f3b458adcd3907ae9ed4040a21936beef26a959113826ec2b189fe6ec8c6552a315df9bd8b27d445bd8a6d964671ed236f7848c600b9189afcf4c535d643a1a0b74f6f3f076a84afe15d6fe59a6625f36984044b724f350a836ee89310549ac1e6edef15db62db9cc9dc9d8234c05000000000000000000000000002729eae400"})
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00000003c0)={0x2, 0x0, @ioapic={0xf649e8f29e3418ef, 0x2, 0xec3, 0xeffffdff, 0x0, [{0x1, 0x80}, {0x19, 0x5, 0x0, '\x00', 0x10}, {0x78, 0x4, 0x0, '\x00', 0x1}, {0xfe, 0x0, 0x1, '\x00', 0x2}, {0x8, 0xfd, 0x5, '\x00', 0xb}, {0x10, 0x0, 0x4, '\x00', 0xfd}, {0x8, 0x81, 0xbc}, {0x0, 0xc8, 0x0, '\x00', 0xf2}, {0x0, 0x0, 0x0, '\x00', 0xff}, {0x8, 0x6, 0xff, '\x00', 0x1}, {0xfe, 0x20, 0x0, '\x00', 0x2e}, {0x69, 0x50, 0x0, '\x00', 0x3}, {0x4, 0x5, 0x7, '\x00', 0x3}, {0x1, 0x4e, 0x2}, {0x2, 0x2, 0x4, '\x00', 0xff}, {0x0, 0x0, 0x0, '\x00', 0x3}, {0x1, 0x0, 0x4, '\x00', 0x1}, {0x0, 0x0, 0x0, '\x00', 0xf9}, {0x1, 0x4, 0x7, '\x00', 0x3}, {0x80, 0x7, 0x7, '\x00', 0x40}, {0x0, 0x1e}, {0x0, 0x0, 0x0, '\x00', 0xfe}, {0x1, 0x0, 0x0, '\x00', 0xe}, {0xfc, 0x87, 0x2e}]}})
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wake_lock', 0x141a82, 0x13)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r5, 0x401c5504, &(0x7f0000000340)={0x400000100002f})
write$uinput_user_dev(r5, &(0x7f0000000c80)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, 0x45c)
ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r5, 0x5501)
write(r4, &(0x7f0000001600)="d93f", 0x2)
ioctl$BLKPBSZGET(r0, 0x127b, &(0x7f0000000000))

179.784857ms ago: executing program 9 (id=7268):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0)
write$uinput_user_dev(r2, &(0x7f0000001080)={'syz1\x00', {0x58f8, 0x8, 0x0, 0x56}, 0x28, [0x7, 0x8, 0x80, 0x5b8, 0x9, 0x800, 0x4, 0x7, 0xffff, 0x3c95770d, 0x9af8, 0x8, 0x6, 0x6, 0x9, 0x0, 0x3b, 0xffff, 0x71, 0x40a7a67, 0x401, 0x7f, 0x9, 0x2, 0x9, 0xffff, 0x974c, 0x1, 0x0, 0x100, 0x0, 0x8, 0x0, 0x7, 0x60, 0x6, 0x1000, 0x8, 0x2, 0x7fff, 0x0, 0xcb, 0x401, 0x4, 0xffffffff, 0x8001, 0x100, 0x6, 0xf, 0x7, 0x1, 0xb0, 0x8, 0x6, 0x401, 0x40, 0x2, 0x0, 0x8, 0x8, 0x6, 0x5], [0xffff, 0x5, 0x1, 0x8, 0x5, 0x7, 0x7, 0x9, 0x4, 0x9, 0x81, 0xbf, 0x101, 0x0, 0x4, 0x3, 0xf, 0x400, 0xc, 0x8, 0xffff0001, 0x1, 0x10, 0x9, 0x7, 0x8df3, 0x3, 0x8000, 0x8517, 0x3, 0x7, 0xfff, 0x82b3, 0x7ff, 0x8, 0x0, 0x800, 0x10000, 0x6, 0xfffffffe, 0x10001, 0x8, 0x2, 0x5, 0x9d9b, 0xf, 0x7fffffff, 0x2, 0x6, 0x5, 0xd23b, 0xf8, 0xd, 0x8, 0xfffffffc, 0x7, 0x10, 0x6, 0xa, 0xf, 0x3ff, 0x1, 0x1, 0x3], [0x6119, 0x3, 0x9, 0x5, 0x40, 0x2, 0xa, 0xb, 0x9852, 0x0, 0x4, 0x2, 0x8, 0x5, 0xff, 0x4, 0x4, 0x4, 0x9, 0xc, 0xc2de, 0x3ff, 0x7, 0x4, 0xf76a, 0x9, 0x1, 0x6, 0x8, 0x6, 0x9006, 0xc7, 0x9, 0x9, 0xa, 0x10, 0x15800, 0x5, 0x3, 0x5, 0xc92, 0x1, 0x81, 0x1, 0x2417, 0x2, 0x1ff, 0x9415, 0x0, 0x81, 0x9, 0x2, 0x200, 0x3, 0x4, 0x5, 0x2, 0x1, 0x80000000, 0x0, 0x7, 0x7ff, 0x1000, 0x4], [0x9, 0xb, 0x2, 0x1, 0x4, 0x6, 0x0, 0x4, 0xa7ac, 0x200, 0x4, 0x1, 0xb96, 0x80000001, 0x1, 0x5, 0x401, 0x1de, 0x82b5, 0x9, 0x0, 0xffff, 0x9, 0x40, 0x9, 0x3, 0x8, 0x3, 0x5, 0x0, 0xb, 0x1ff, 0x9, 0x7, 0x8, 0xcb23, 0x3, 0x6, 0xef3f, 0x3, 0x140000, 0x4, 0x8, 0x1, 0xa7, 0x8001, 0x9, 0x9, 0x5, 0x80, 0x76aa, 0xa00000, 0x401, 0x5, 0x9, 0x1, 0x6, 0x400, 0x3f, 0x7, 0x2, 0x10, 0x0, 0x7fff]}, 0x45c)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000000c0)={[{0x30, 'cpu'}]}, 0x5)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r3, &(0x7f0000000840)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x10, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x2, 0x0, 0x3], [0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x3, 0x0, 0x4, 0x0, 0xffeffffe, 0x0, 0x5], [0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5b2bb47c], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x239]}, 0x45c)
write$selinux_load(r1, &(0x7f0000000000)=ANY=[], 0x2000)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})

0s ago: executing program 2 (id=7269):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f00000000c0)="c82d58eea93375eb162386e1f7479c3979e67fe05230eb09b4d81b27f7af922416ed966e3a55212c405b05959d10c9c8ff82bd6659dabf93d56a64667e6197128e5c163f5433216c0c2c1202a9a473668c2225f0525242789c27e97398c4419fd55270912614ba3482c8f70cf037673c8ccb0a4a7e1ec5152933679b3c1a3f4d28ed75e8c982364b9493a6a3452f36d4891827d724a7aa1a5c21a6ea45f40bd60b904f10ffcdc9caf6447044210a46a257546f6e4851ee4f5ed8c466af20aec8b5cd9b3d62a9bea4f191019407841703c8523538144f22cf2285597e872f716fea4aef2c6c6d1e1bf46b13759338959775c29761866155007349fcd464b1f739")
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="1e0306003c5c9801288363"], 0xffdd) (async)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder1\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r4, 0x0) (async)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r4, 0x0) (async)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3, 0x8032, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000005000000014d564b00000000af"])
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0xffff1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x65, 0x0, &(0x7f0000000140)="6efa86ba44c4dcef07b59db7e9a27f48a6e930da91c08c993e71a416eb2235d1314cf41411de9aa874429c871656ff38656d42c237a569b22dc9923150d6eb5b381125c2173cdb022eb5d8fc7a7df730ad34e08a536eaca88d851d6505f7b2b6831911631a"})

kernel console output (not intermixed with test programs):

ont_hash'
[  498.846974][T30148] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  499.065054][T30162] input: syz1 as /devices/virtual/input/input407
[  499.444028][   T36] kauditd_printk_skb: 883 callbacks suppressed
[  499.444049][   T36] audit: type=1400 audit(1750334260.880:139341): avc:  denied  { read write } for  pid=25945 comm="syz-executor" name="loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  499.505684][   T36] audit: type=1400 audit(1750334260.880:139342): avc:  denied  { read write open } for  pid=25945 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  499.591512][   T36] audit: type=1400 audit(1750334260.880:139343): avc:  denied  { ioctl } for  pid=25945 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  499.623841][   T36] audit: type=1400 audit(1750334260.930:139344): avc:  denied  { read } for  pid=30185 comm="syz.7.6377" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  499.647844][   T36] audit: type=1400 audit(1750334260.930:139345): avc:  denied  { read open } for  pid=30185 comm="syz.7.6377" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  499.727403][   T36] audit: type=1400 audit(1750334260.930:139346): avc:  denied  { associate } for  pid=30183 comm="syz.9.6376" name="pfkey" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  499.791657][   T36] audit: type=1400 audit(1750334260.930:139347): avc:  denied  { ioctl } for  pid=30185 comm="syz.7.6377" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  499.820200][   T36] audit: type=1400 audit(1750334260.960:139348): avc:  denied  { ioctl } for  pid=30181 comm="syz.5.6375" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  499.889061][   T36] audit: type=1400 audit(1750334260.960:139349): avc:  denied  { ioctl } for  pid=30181 comm="syz.5.6375" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  499.970181][   T36] audit: type=1400 audit(1750334260.970:139350): avc:  denied  { read write } for  pid=30014 comm="syz-executor" name="loop9" dev="devtmpfs" ino=58 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  500.134408][T30202] rust_binder: Write failure EINVAL in pid:36
[  500.615082][T30211] SELinux: failed to load policy
[  500.690884][T30217] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  500.939019][T30226] rust_binder: Error in use_page_slow: ESRCH
[  500.939046][T30226] rust_binder: use_range failure ESRCH
[  500.946881][T30225] rust_binder: Error in use_page_slow: ESRCH
[  500.952508][T30225] rust_binder: use_range failure ESRCH
[  500.969967][T30226] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  500.982037][T30226] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  501.013570][T30225] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  501.037436][T30226] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:40
[  501.048313][T30225] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  501.078457][T30225] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:40
[  501.953538][T30260] kvm: apic: phys broadcast and lowest prio
[  502.577079][T30291] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  502.778714][T30296] binder: Bad value for 'stats'
[  503.121439][T30311] rust_binder: Write failure EINVAL in pid:76
[  503.204733][T30316] SELinux: security_context_str_to_sid () failed with errno=-22
[  503.224097][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.257438][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.265776][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.275333][T30320] tap0: tun_chr_ioctl cmd 1074812118
[  503.276047][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.280824][T30321] tap0: tun_chr_ioctl cmd 1074812118
[  503.289500][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.302333][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.319059][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.326949][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.335232][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.343073][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.345314][T30319] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  503.350815][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.375564][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.387247][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.395045][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.403244][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.414739][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.422542][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.430306][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.438709][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.447167][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.456846][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.464679][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.472644][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.480396][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.488283][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.496091][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.503875][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.511632][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.519354][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.527114][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.534857][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.542602][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.550326][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.558091][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.565862][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.573618][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.581351][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.589106][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.596870][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.604793][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.612597][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.620331][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.628148][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.636034][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.643893][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.651721][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.659510][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.668765][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.676952][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.684787][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.692683][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.700530][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.708344][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.716164][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.727192][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.735920][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.743898][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.751937][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.759807][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.768564][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.785179][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.794095][T30331] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  503.802797][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.811048][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.818935][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.831513][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.839296][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.851595][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.859368][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.881529][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.889299][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.899061][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.908645][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.917590][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.926708][T30337] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  503.935662][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.944051][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.951801][T30335] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  503.951829][T30335] rust_binder: Error in use_page_slow: EBUSY
[  503.951840][T30335] rust_binder: use_range failure EBUSY
[  503.968600][T30335] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  503.969895][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.974417][T30335] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  503.982640][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  503.999845][T30335] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  504.007318][T30335] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:84
[  504.008013][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.035041][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.042878][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.050630][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.058534][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.066320][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.074818][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.082606][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.090333][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.098185][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.106164][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.114277][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.122200][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.129932][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.137694][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.145449][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.153179][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.160938][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.168770][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.176503][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.184247][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.192004][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.199819][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.207572][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.215310][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.223065][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.230787][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.238518][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.246287][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.254123][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.261900][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.269651][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.277493][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.285350][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.293750][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.304013][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.313090][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.320916][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.328666][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.336410][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.344142][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.352062][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.359781][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.367509][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.375253][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.382998][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.390745][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.398653][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.406394][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.414134][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.421998][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.429715][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.437571][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.445305][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.453105][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.460834][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.468585][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.476326][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.484153][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.491994][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.499699][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.507581][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.515363][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.518954][   T36] kauditd_printk_skb: 678 callbacks suppressed
[  504.518970][   T36] audit: type=1400 audit(1750334265.960:140029): avc:  denied  { read write } for  pid=30011 comm="syz-executor" name="loop8" dev="devtmpfs" ino=57 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  504.523237][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.523265][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.539833][   T36] audit: type=1400 audit(1750334265.960:140030): avc:  denied  { read write open } for  pid=30011 comm="syz-executor" path="/dev/loop8" dev="devtmpfs" ino=57 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  504.556785][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.567486][   T36] audit: type=1400 audit(1750334265.960:140031): avc:  denied  { ioctl } for  pid=30011 comm="syz-executor" path="/dev/loop8" dev="devtmpfs" ino=57 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  504.570650][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.596008][   T36] audit: type=1400 audit(1750334266.000:140032): avc:  denied  { read } for  pid=30348 comm="syz.8.6428" name="binder0" dev="binder" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  504.603268][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.629359][   T36] audit: type=1400 audit(1750334266.000:140033): avc:  denied  { read open } for  pid=30348 comm="syz.8.6428" path="/dev/binderfs/binder0" dev="binder" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  504.637492][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.662193][   T36] audit: type=1400 audit(1750334266.040:140034): avc:  denied  { ioctl } for  pid=30348 comm="syz.8.6428" path="/dev/binderfs/binder0" dev="binder" ino=111 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  504.668452][T30349] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  504.693943][   T36] audit: type=1400 audit(1750334266.040:140035): avc:  denied  { set_context_mgr } for  pid=30348 comm="syz.8.6428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  504.717784][T30349] rust_binder: Read failure Err(EFAULT) in pid:90
[  504.728456][   T36] audit: type=1400 audit(1750334266.080:140036): avc:  denied  { read } for  pid=30348 comm="syz.8.6428" name="binder0" dev="binder" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  504.740859][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.790415][   T36] audit: type=1400 audit(1750334266.080:140037): avc:  denied  { read open } for  pid=30348 comm="syz.8.6428" path="/dev/binderfs/binder0" dev="binder" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  504.796107][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.816216][   T36] audit: type=1400 audit(1750334266.110:140038): avc:  denied  { read write } for  pid=30348 comm="syz.8.6428" name="uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  504.836846][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.860257][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.869581][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.877529][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.886549][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.894585][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.902858][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.910998][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.918876][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.934210][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.943848][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.951680][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.959536][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.979719][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  504.989792][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  505.002909][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  505.010702][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  505.023220][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  505.031007][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  505.038817][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  505.046588][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: unknown main item tag 0x0
[  505.056751][ T7426] hid-generic 0008:0000:FFFFFBFF.001A: hidraw0: <UNKNOWN> HID v9.86 Device [syz0] on syz1
[  505.777533][T30380] fido_id[30380]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  506.351807][T30397] binder: Bad value for 'defcontext'
[  506.631594][  T305] Bluetooth: hci0: Frame reassembly failed (-84)
[  506.716859][T30411] rust_binder: Write failure EINVAL in pid:105
[  506.746110][T30410] binder: Bad value for 'defcontext'
[  506.905561][T30414] input: syz1 as /devices/virtual/input/input410
[  507.060248][T30416] random: crng reseeded on system resumption
[  508.326606][T30458] binder: Bad value for 'defcontext'
[  508.493585][T30462] rust_binder: Write failure EINVAL in pid:112
[  508.640175][T30468] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:122
[  508.661890][T30466] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:122
[  508.671506][ T2828] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  508.677603][ T1620] Bluetooth: hci0: command 0x1003 tx timeout
[  508.793129][T30481] input: syz0 as /devices/virtual/input/input411
[  509.012230][T30484] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:120
[  509.135438][T30494] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  509.524138][   T36] kauditd_printk_skb: 635 callbacks suppressed
[  509.524159][   T36] audit: type=1400 audit(1750334270.960:140674): avc:  denied  { read write } for  pid=30503 comm="syz.7.6480" name="uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  509.597943][   T36] audit: type=1400 audit(1750334270.960:140675): avc:  denied  { read write open } for  pid=30503 comm="syz.7.6480" path="/dev/uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  509.694287][   T36] audit: type=1400 audit(1750334270.960:140676): avc:  denied  { ioctl } for  pid=30503 comm="syz.7.6480" path="/dev/uinput" dev="devtmpfs" ino=194 ioctlcmd=0x5565 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  509.783933][   T36] audit: type=1400 audit(1750334270.960:140677): avc:  denied  { map } for  pid=30505 comm="syz.9.6481" path="/dev/binderfs/binder0" dev="binder" ino=108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  509.871549][   T36] audit: type=1400 audit(1750334270.960:140678): avc:  denied  { read } for  pid=30505 comm="syz.9.6481" path="/dev/binderfs/binder0" dev="binder" ino=108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  509.921500][   T36] audit: type=1400 audit(1750334270.960:140679): avc:  denied  { read write } for  pid=30503 comm="syz.7.6480" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  509.971104][   T36] audit: type=1400 audit(1750334270.960:140680): avc:  denied  { read open } for  pid=30503 comm="syz.7.6480" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  510.039850][   T36] audit: type=1400 audit(1750334270.960:140681): avc:  denied  { ioctl } for  pid=30503 comm="syz.7.6480" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  510.065853][T30530] audit: audit_backlog=65 > audit_backlog_limit=64
[  510.091385][T30530] audit: audit_lost=829 audit_rate_limit=0 audit_backlog_limit=64
[  510.504185][  T304] Bluetooth: hci0: Frame reassembly failed (-84)
[  510.511090][T30553] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 2
[  510.751411][T30560] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  511.092356][T30581] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:155
[  511.144754][T30587] rust_binder: Write failure EINVAL in pid:155
[  511.309776][T30592] random: crng reseeded on system resumption
[  511.347860][T30592] Restarting kernel threads ... done.
[  511.654405][ T3080] hid-generic 0000:0000:0000.001B: unknown main item tag 0x4
[  511.671571][ T3080] hid-generic 0000:0000:0000.001B: unknown main item tag 0x2
[  511.679857][ T3080] hid-generic 0000:0000:0000.001B: unknown main item tag 0x3
[  511.689019][ T3080] hid-generic 0000:0000:0000.001B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  511.716319][ T3080] hid (null): unknown global tag 0xe
[  511.744482][ T3080] hid (null): report_id 2416378680 is invalid
[  511.768225][ T3080] hid-generic 0001:0000:0007.001C: unknown global tag 0xe
[  511.776040][ T3080] hid-generic 0001:0000:0007.001C: item 0 0 1 14 parsing failed
[  511.798462][ T3080] hid-generic 0001:0000:0007.001C: probe with driver hid-generic failed with error -22
[  511.820155][T30605] fido_id[30605]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  511.948974][T30609] binder: Bad value for 'max'
[  512.432552][  T305] bridge_slave_1: left allmulticast mode
[  512.438347][  T305] bridge_slave_1: left promiscuous mode
[  512.444638][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[  512.452400][  T305] bridge_slave_0: left allmulticast mode
[  512.458038][  T305] bridge_slave_0: left promiscuous mode
[  512.463736][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[  512.511512][ T2828] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  512.555800][  T305] veth1_macvtap: left promiscuous mode
[  512.561356][  T305] veth0_vlan: left promiscuous mode
[  512.594491][T30622] bridge0: port 1(bridge_slave_0) entered blocking state
[  512.601712][T30622] bridge0: port 1(bridge_slave_0) entered disabled state
[  512.609045][T30622] bridge_slave_0: entered allmulticast mode
[  512.616874][T30622] bridge_slave_0: entered promiscuous mode
[  512.628081][T30622] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.643758][T30622] bridge0: port 2(bridge_slave_1) entered disabled state
[  512.654563][T30622] bridge_slave_1: entered allmulticast mode
[  512.665354][T30622] bridge_slave_1: entered promiscuous mode
[  512.920370][T30622] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.927487][T30622] bridge0: port 2(bridge_slave_1) entered forwarding state
[  512.934815][T30622] bridge0: port 1(bridge_slave_0) entered blocking state
[  512.941897][T30622] bridge0: port 1(bridge_slave_0) entered forwarding state
[  513.002789][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  513.026783][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  513.092457][T30644] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  513.092495][T30644] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1166
[  513.282269][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  513.298580][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  513.312365][T30652] cgroup: fork rejected by pids controller in /syz7
[  513.361937][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[  513.369073][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  513.542576][T30622] veth0_vlan: entered promiscuous mode
[  513.672480][T30622] veth1_macvtap: entered promiscuous mode
[  514.033802][  T304] bridge_slave_1: left allmulticast mode
[  514.039499][  T304] bridge_slave_1: left promiscuous mode
[  514.051569][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  514.068667][  T304] bridge_slave_0: left allmulticast mode
[  514.074478][  T304] bridge_slave_0: left promiscuous mode
[  514.080177][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  514.313180][  T304] veth1_macvtap: left promiscuous mode
[  514.318748][  T304] veth0_vlan: left promiscuous mode
[  514.395402][T30781] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  514.528352][T30790] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:167
[  514.540702][   T36] kauditd_printk_skb: 893 callbacks suppressed
[  514.540723][   T36] audit: type=1400 audit(1750334275.980:141556): avc:  denied  { ioctl } for  pid=30789 comm="syz.8.6541" path="/dev/binderfs/binder0" dev="binder" ino=114 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  514.593460][T30792] rust_binder: Write failure EINVAL in pid:167
[  514.620627][T30764] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.655515][   T36] audit: type=1400 audit(1750334276.030:141557): avc:  denied  { ioctl } for  pid=30789 comm="syz.8.6541" path="/dev/binderfs/binder0" dev="binder" ino=114 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  514.679085][T30764] bridge0: port 1(bridge_slave_0) entered disabled state
[  514.704619][T30791] kvm: kvm [30784]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010000) = 0x79a38c48ff000000
[  514.712282][T30764] bridge_slave_0: entered allmulticast mode
[  514.725159][   T36] audit: type=1400 audit(1750334276.050:141558): avc:  denied  { read } for  pid=30784 comm="syz.9.6540" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  514.741966][T30764] bridge_slave_0: entered promiscuous mode
[  514.750638][   T36] audit: type=1400 audit(1750334276.050:141559): avc:  denied  { read write } for  pid=30622 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  514.759033][T30764] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.787345][   T36] audit: type=1400 audit(1750334276.050:141560): avc:  denied  { read write open } for  pid=30622 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  514.798919][T30764] bridge0: port 2(bridge_slave_1) entered disabled state
[  514.813671][   T36] audit: type=1400 audit(1750334276.050:141561): avc:  denied  { ioctl } for  pid=30622 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  514.821189][T30764] bridge_slave_1: entered allmulticast mode
[  514.845578][   T36] audit: type=1400 audit(1750334276.050:141562): avc:  denied  { read open } for  pid=30784 comm="syz.9.6540" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  514.853370][T30764] bridge_slave_1: entered promiscuous mode
[  514.879035][   T36] audit: type=1400 audit(1750334276.070:141563): avc:  denied  { ioctl } for  pid=30784 comm="syz.9.6540" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  514.905988][   T36] audit: type=1326 audit(1750334276.130:141564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30793 comm="syz.5.6542" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe96578e929 code=0x0
[  514.938799][   T36] audit: type=1400 audit(1750334276.370:141565): avc:  denied  { sys_module } for  pid=30764 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  515.046141][T30800] binder: Unknown parameter '0x0000000000000004'
[  515.243424][T30052] bridge0: port 1(bridge_slave_0) entered blocking state
[  515.250496][T30052] bridge0: port 1(bridge_slave_0) entered forwarding state
[  515.261438][  T305] bridge0: port 2(bridge_slave_1) entered blocking state
[  515.268548][  T305] bridge0: port 2(bridge_slave_1) entered forwarding state
[  515.349831][T30809] SELinux: security_context_str_to_sid (0x0000000000000000�0x00000000000000000x0000000000000006) failed with errno=-22
[  515.406448][T30764] veth0_vlan: entered promiscuous mode
[  515.425034][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.434319][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.445377][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.455677][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.466496][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.482861][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.503613][T30764] veth1_macvtap: entered promiscuous mode
[  515.545265][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.581006][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.592043][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.623059][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.645499][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.667035][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.669272][T30818] rust_binder: Write failure EINVAL in pid:190
[  515.676509][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.692742][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.702410][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.721973][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.741762][T30820] binder: Unknown parameter '18446744073709551615'
[  515.751732][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.782570][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.812773][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.845099][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.882601][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.893093][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.902727][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.913613][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  515.975084][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  516.015543][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  516.052735][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  516.067788][T30833] binder: Bad value for 'stats'
[  516.071961][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  516.083860][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  516.094698][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  516.104960][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  516.147874][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  516.178135][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  516.207820][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  516.242722][T30813] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  516.451539][T30843] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  516.461550][T30843] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  516.491535][T30843] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:173
[  516.512302][T30852] binder: Bad value for 'stats'
[  516.768448][T30856] rust_binder: Failed to allocate buffer. len:65648, is_oneway:false
[  516.768476][T30856] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  516.800128][T30856] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:201
[  516.994857][T30867] rust_binder: Failed to allocate buffer. len:65568, is_oneway:false
[  517.495884][T30884] kvm: kvm [30883]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010007) = 0x7
[  517.655982][T30887] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:181
[  517.906128][T30889] binder: Bad value for 'max'
[  518.093120][T30893] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 18446744073709551585)
[  518.093145][T30893] rust_binder: Error while translating object.
[  518.121999][T30893] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  518.128228][T30893] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:210
[  518.160966][T30893] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  518.182743][T30896] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  518.212429][T30898] rust_binder: Error while translating object.
[  518.212469][T30898] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  518.218646][T30898] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:210
[  518.245068][T30897] binder: Unknown parameter ''
[  518.494123][T30914] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:184
[  518.547220][T30920] rust_binder: Write failure EINVAL in pid:184
[  518.862574][T30938] rust_binder: Read failure Err(EAGAIN) in pid:51
[  518.943841][T30941] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  519.262977][T30960] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:61
[  519.341917][T30960] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:61
[  519.510107][  T304] Bluetooth: hci0: Frame reassembly failed (-84)
[  519.620262][   T36] kauditd_printk_skb: 774 callbacks suppressed
[  519.620282][   T36] audit: type=1400 audit(1750334281.050:142340): avc:  denied  { read write } for  pid=30011 comm="syz-executor" name="loop8" dev="devtmpfs" ino=57 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  519.681516][   T36] audit: type=1400 audit(1750334281.100:142341): avc:  denied  { read write open } for  pid=30011 comm="syz-executor" path="/dev/loop8" dev="devtmpfs" ino=57 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  519.751323][   T36] audit: type=1400 audit(1750334281.100:142342): avc:  denied  { ioctl } for  pid=30011 comm="syz-executor" path="/dev/loop8" dev="devtmpfs" ino=57 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  519.816945][   T36] audit: type=1400 audit(1750334281.110:142343): avc:  denied  { read } for  pid=30977 comm="syz.8.6600" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  519.881489][   T36] audit: type=1400 audit(1750334281.110:142344): avc:  denied  { read open } for  pid=30977 comm="syz.8.6600" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  519.934360][T30982] SELinux: security_context_str_to_sid () failed with errno=-22
[  519.946692][   T36] audit: type=1400 audit(1750334281.150:142345): avc:  denied  { ioctl } for  pid=30977 comm="syz.8.6600" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  520.022482][   T36] audit: type=1400 audit(1750334281.150:142346): avc:  denied  { read write } for  pid=30977 comm="syz.8.6600" name="ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  520.069162][   T36] audit: type=1400 audit(1750334281.150:142347): avc:  denied  { read write open } for  pid=30977 comm="syz.8.6600" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  520.126569][   T36] audit: type=1400 audit(1750334281.150:142348): avc:  denied  { map } for  pid=30977 comm="syz.8.6600" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  520.169902][   T36] audit: type=1400 audit(1750334281.150:142349): avc:  denied  { execmem } for  pid=30977 comm="syz.8.6600" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  520.340887][T30997] random: crng reseeded on system resumption
[  520.443608][T30997] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  520.502740][T31000] binder: Bad value for 'stats'
[  520.544588][T31004] binder: Unknown parameter 'func'
[  520.552528][T31002] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[  521.551730][ T2828] Bluetooth: hci0: command 0x1003 tx timeout
[  521.557812][ T1620] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  521.732767][T31065] binder: Bad value for 'defcontext'
[  522.213247][T31090] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  522.213291][T31090] rust_binder: Error in use_page_slow: EBUSY
[  522.231507][T31090] rust_binder: use_range failure EBUSY
[  522.252343][T31090] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  522.268077][T31090] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  522.285582][T31090] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  522.295067][T31090] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:265
[  522.515505][T31098] binder: Unknown parameter 'conae�t'
[  522.648233][T31110] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:235
[  522.649093][T31110] rust_binder: Write failure EINVAL in pid:235
[  522.789545][T30052] Bluetooth: hci0: Frame reassembly failed (-84)
[  522.802872][T31117] Bluetooth: hci0: Frame reassembly failed (-84)
[  522.828750][T31119] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  522.830668][T31119] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  522.838306][T31119] rust_binder: Read failure Err(EFAULT) in pid:76
[  522.944543][T31121] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  523.008429][T31124] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:81
[  523.532659][T31145] input: syz0 as /devices/virtual/input/input414
[  523.569560][T31145] input: failed to attach handler leds to device input414, error: -6
[  523.898221][T31160] SELinux: security_context_str_to_sid () failed with errno=-22
[  523.991728][T31164] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  524.014684][T31163] rust_binder: Error in use_page_slow: ESRCH
[  524.014711][T31163] rust_binder: use_range failure ESRCH
[  524.020795][T31163] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  524.027347][T31163] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  524.036903][T31163] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:97
[  524.064188][T31162] rust_binder: Error in use_page_slow: ESRCH
[  524.077483][T31172] binder: Unknown parameter '���'
[  524.089104][T31163] rust_binder: Error in use_page_slow: ESRCH
[  524.089125][T31163] rust_binder: use_range failure ESRCH
[  524.097677][T31163] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  524.103801][T31162] rust_binder: use_range failure ESRCH
[  524.113699][T31163] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  524.119362][T31162] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  524.130619][T31163] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:97
[  524.139096][T31162] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  524.152458][T31162] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:97
[  524.260633][T31178] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:290
[  524.275358][T31178] rust_binder: Write failure EINVAL in pid:290
[  524.677906][   T36] kauditd_printk_skb: 824 callbacks suppressed
[  524.677926][   T36] audit: type=1400 audit(1750334286.110:143174): avc:  denied  { read write } for  pid=30014 comm="syz-executor" name="loop9" dev="devtmpfs" ino=58 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  524.761891][   T36] audit: type=1400 audit(1750334286.120:143175): avc:  denied  { read write open } for  pid=30014 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=58 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  524.780745][T31201] audit: audit_backlog=65 > audit_backlog_limit=64
[  524.835144][ T2828] Bluetooth: hci0: command 0x1003 tx timeout
[  524.841211][ T1620] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  524.849529][T31201] audit: audit_lost=836 audit_rate_limit=0 audit_backlog_limit=64
[  524.857499][T31201] audit: backlog limit exceeded
[  524.875315][T30014] audit: audit_backlog=65 > audit_backlog_limit=64
[  524.881194][T30011] audit: audit_backlog=65 > audit_backlog_limit=64
[  524.882778][T30014] audit: audit_lost=837 audit_rate_limit=0 audit_backlog_limit=64
[  524.888478][   T36] audit: type=1400 audit(1750334286.120:143176): avc:  denied  { ioctl } for  pid=30014 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=58 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  524.896292][T30014] audit: backlog limit exceeded
[  525.082785][T31208] rust_binder: Read failure Err(EAGAIN) in pid:241
[  525.148258][T31215] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:308
[  525.172671][T31215] rust_binder: Write failure EINVAL in pid:308
[  525.457488][T31224] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  525.483477][T31224] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  525.502440][T31224] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  525.562876][T31228] binder: Unknown parameter 'seclabeh<'
[  525.603338][T31232] binder: Unknown parameter 'seclabeh<'
[  525.624955][T31229] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  525.743476][T31241] binder: Unknown parameter 'dont_hash'
[  525.746669][T31240] rust_binder: Write failure EINVAL in pid:245
[  525.768153][T31241] binder: Unknown parameter 'dont_hash'
[  525.822150][T31241] binder: Unknown parameter 'dont_hash'
[  525.855811][T31241] binder: Unknown parameter 'dont_hash'
[  525.882697][T31241] binder: Unknown parameter 'dont_hash'
[  525.902796][T31241] binder: Unknown parameter 'dont_hash'
[  525.912673][T31241] binder: Unknown parameter 'dont_hash'
[  525.929437][T31241] binder: Unknown parameter 'dont_hash'
[  525.944976][T31241] binder: Unknown parameter 'dont_hash'
[  525.962025][T31241] binder: Unknown parameter 'dont_hash'
[  525.975123][T31241] binder: Unknown parameter 'dont_hash'
[  525.981429][T31245] rust_binder: validate_parent_fixup: new_min_offset=52, sg_entry.length=0
[  525.981476][T31245] rust_binder: Error while translating object.
[  525.987549][T31241] binder: Unknown parameter 'dont_hash'
[  525.994525][T31245] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  525.998685][T31241] binder: Unknown parameter 'dont_hash'
[  526.004765][T31245] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:111
[  526.021194][T31241] binder: Unknown parameter 'dont_hash'
[  526.038117][T31241] binder: Unknown parameter 'dont_hash'
[  526.045555][T31241] binder: Unknown parameter 'dont_hash'
[  526.052954][T31241] binder: Unknown parameter 'dont_hash'
[  526.059673][T31241] binder: Unknown parameter 'dont_hash'
[  526.067694][T31241] binder: Unknown parameter 'dont_hash'
[  526.075007][T31241] binder: Unknown parameter 'dont_hash'
[  526.082941][T31241] binder: Unknown parameter 'dont_hash'
[  526.089667][T31241] binder: Unknown parameter 'dont_hash'
[  526.106440][T31241] binder: Unknown parameter 'dont_hash'
[  526.120324][T31241] binder: Unknown parameter 'dont_hash'
[  526.128784][T31241] binder: Unknown parameter 'dont_hash'
[  526.136484][T31241] binder: Unknown parameter 'dont_hash'
[  526.144075][T31241] binder: Unknown parameter 'dont_hash'
[  526.150918][T31241] binder: Unknown parameter 'dont_hash'
[  526.158741][T31241] binder: Unknown parameter 'dont_hash'
[  526.168865][T31241] binder: Unknown parameter 'dont_hash'
[  526.184696][T31241] binder: Unknown parameter 'dont_hash'
[  526.194412][T31241] binder: Unknown parameter 'dont_hash'
[  526.201365][T31241] binder: Unknown parameter 'dont_hash'
[  526.209819][T31241] binder: Unknown parameter 'dont_hash'
[  526.217489][T31241] binder: Unknown parameter 'dont_hash'
[  526.225457][T31241] binder: Unknown parameter 'dont_hash'
[  526.233638][T31241] binder: Unknown parameter 'dont_hash'
[  526.240422][T31241] binder: Unknown parameter 'dont_hash'
[  526.262669][T31241] binder: Unknown parameter 'dont_hash'
[  526.271756][T31241] binder: Unknown parameter 'dont_hash'
[  526.280863][T31241] binder: Unknown parameter 'dont_hash'
[  526.302779][T31241] binder: Unknown parameter 'dont_hash'
[  526.319673][T31241] binder: Unknown parameter 'dont_hash'
[  526.333293][T31241] binder: Unknown parameter 'dont_hash'
[  526.348086][T31241] binder: Unknown parameter 'dont_hash'
[  526.354970][T31241] binder: Unknown parameter 'dont_hash'
[  526.371159][T31241] binder: Unknown parameter 'dont_hash'
[  526.378699][T31241] binder: Unknown parameter 'dont_hash'
[  526.393149][T31241] binder: Unknown parameter 'dont_hash'
[  526.399414][T31241] binder: Unknown parameter 'dont_hash'
[  526.406188][T31241] binder: Unknown parameter 'dont_hash'
[  526.412380][T31241] binder: Unknown parameter 'dont_hash'
[  526.418446][T31241] binder: Unknown parameter 'dont_hash'
[  526.425164][T31241] binder: Unknown parameter 'dont_hash'
[  526.433021][T31241] binder: Unknown parameter 'dont_hash'
[  526.440354][T31241] binder: Unknown parameter 'dont_hash'
[  526.447277][T31241] binder: Unknown parameter 'dont_hash'
[  526.476615][T31241] binder: Unknown parameter 'dont_hash'
[  526.502712][T31241] binder: Unknown parameter 'dont_hash'
[  526.510580][T31259] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  526.542019][T31241] binder: Unknown parameter 'dont_hash'
[  526.581213][T31241] binder: Unknown parameter 'dont_hash'
[  526.597323][T31241] binder: Unknown parameter 'dont_hash'
[  526.684633][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.702289][T31264] rust_binder: Read failure Err(EAGAIN) in pid:251
[  526.715870][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.741085][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.749584][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.758984][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.767376][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.778377][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.786815][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.805922][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.820446][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.830198][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.854243][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.881587][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.892148][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.899921][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.925111][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.941836][T31280] rust_binder: Write failure EINVAL in pid:134
[  526.943478][T31285] rust_binder: Write failure EINVAL in pid:134
[  526.950567][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  526.985769][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.017302][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.037329][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.071902][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.101509][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.109320][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.127317][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.139948][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.153873][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.164148][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x4
[  527.167304][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.172026][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x2
[  527.187220][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.187251][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.203734][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.214782][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.227570][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.228949][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.237936][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.261539][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.261539][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.261573][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.272568][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.296494][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.304905][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.305896][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.321513][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.329322][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.337086][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.338375][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.344776][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.353721][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.369299][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.379621][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.382996][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.388360][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.404443][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.413288][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.421191][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.421537][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.429531][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.447302][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.456119][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.456268][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.478832][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.501510][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.503544][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.509214][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.509239][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.533180][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.548787][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.551550][ T2962] hid-generic 0000:3000000:0000.001E: unknown main item tag 0x0
[  527.565394][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.581554][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.583074][ T2962] hid-generic 0000:3000000:0000.001E: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  527.594136][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.616943][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.627866][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.637681][T31300] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:141
[  527.638161][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.658026][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.673347][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.681229][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.702839][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.710996][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.722228][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.733772][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.742565][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.750668][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.759898][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.770257][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.787496][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.805866][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.819378][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.861517][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.869315][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.879926][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.890036][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.908036][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.944995][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.953800][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.961743][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.981535][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  527.989344][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.000877][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.009499][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.018133][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.034504][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.045610][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.054070][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.065208][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.082262][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.090044][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.103691][T31319] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  528.104505][T31320] rust_binder: Failed to allocate buffer. len:65568, is_oneway:false
[  528.111031][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.141614][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.149417][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.171505][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.179348][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.201049][T31322] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  528.201510][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.216556][T31322] SELinux: failed to load policy
[  528.230356][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.251328][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.259178][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.278385][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.291500][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.299373][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.318379][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.327198][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.341557][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.352369][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.372528][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.380399][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.395345][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.411537][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.419466][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.432586][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.440368][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.461506][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.467690][T31329] SELinux: security_context_str_to_sid () failed with errno=-22
[  528.474228][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.485715][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.494103][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.502881][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.510708][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.520195][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.528766][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.551244][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.559890][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.574231][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.577320][T31338] rust_binder: Write failure EFAULT in pid:339
[  528.588168][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.617657][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.626291][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x6
[  528.636097][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x3
[  528.644709][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.652607][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.660287][T31344] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:341
[  528.660611][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.664183][T31340] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  528.670110][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.696905][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.704819][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.731547][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.739443][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.747283][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.763365][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.771232][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.791388][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.803669][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.811538][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.819362][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.827246][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.835077][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.842982][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.850844][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.859320][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.867185][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.875009][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.882874][T30357] hid-generic 0008:0000:FFFFFBFF.001D: unknown main item tag 0x0
[  528.905927][T30357] hid-generic 0008:0000:FFFFFBFF.001D: hidraw0: <UNKNOWN> HID v9.86 Device [syz0] on syz1
[  529.075601][T31352] binder: Bad value for 'max'
[  529.344274][T31369] binder: Bad value for 'max'
[  529.463940][T31376] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  529.512161][T31372] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  529.530437][T31372] rust_binder: Error in use_page_slow: EBUSY
[  529.553023][T31372] rust_binder: use_range failure EBUSY
[  529.559075][T31372] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  529.575683][T31372] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  529.591485][T31372] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  529.637380][T31372] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:127
[  529.641264][T31380] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  529.682747][   T36] kauditd_printk_skb: 889 callbacks suppressed
[  529.682768][   T36] audit: type=1400 audit(1750334291.120:144007): avc:  denied  { map } for  pid=31379 comm="syz.5.6732" path="/dev/binderfs/binder0" dev="binder" ino=43 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  529.768222][   T36] audit: type=1400 audit(1750334291.120:144008): avc:  denied  { read } for  pid=31379 comm="syz.5.6732" path="/dev/binderfs/binder0" dev="binder" ino=43 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  529.809891][   T36] audit: type=1400 audit(1750334291.120:144009): avc:  denied  { read } for  pid=31379 comm="syz.5.6732" name="binder0" dev="binder" ino=43 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  529.849731][   T36] audit: type=1400 audit(1750334291.120:144010): avc:  denied  { read open } for  pid=31379 comm="syz.5.6732" path="/dev/binderfs/binder0" dev="binder" ino=43 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  529.885590][T31385] rust_binder: Failed to allocate buffer. len:160, is_oneway:false
[  529.930538][   T36] audit: type=1400 audit(1750334291.120:144011): avc:  denied  { ioctl } for  pid=31379 comm="syz.5.6732" path="/dev/binderfs/binder0" dev="binder" ino=43 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  529.999501][T31391] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  530.001496][   T36] audit: type=1400 audit(1750334291.120:144012): avc:  denied  { call } for  pid=31379 comm="syz.5.6732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  530.026262][T31391] SELinux: failed to load policy
[  530.061713][   T36] audit: type=1400 audit(1750334291.120:144013): avc:  denied  { map } for  pid=31379 comm="syz.5.6732" path="/dev/binderfs/binder0" dev="binder" ino=43 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  530.121796][   T36] audit: type=1400 audit(1750334291.120:144014): avc:  denied  { read } for  pid=31379 comm="syz.5.6732" path="/dev/binderfs/binder0" dev="binder" ino=43 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  530.169314][T31396] audit: audit_backlog=65 > audit_backlog_limit=64
[  530.174404][T31399] audit: audit_backlog=65 > audit_backlog_limit=64
[  530.382891][T31406] SELinux: security_context_str_to_sid () failed with errno=-22
[  530.522679][T31411] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:184
[  530.597341][T31410] binder: Bad value for 'stats'
[  530.802526][T31416] rust_binder: Write failure EINVAL in pid:363
[  530.933297][T31422] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  530.934781][T31420] fido_id[31420]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  531.190037][T31430] cgroup: fork rejected by pids controller in /syz9
[  531.405134][T31445] rust_binder: Write failure EINVAL in pid:197
[  531.478580][T31443] fido_id[31443]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  531.749529][T31453] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  531.753879][T31453] rust_binder: Error while translating object.
[  531.775799][T31453] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  531.807876][T31453] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:199
[  531.907128][T31539] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  531.953465][T31558] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  532.240171][  T305] bridge_slave_1: left allmulticast mode
[  532.272006][  T305] bridge_slave_1: left promiscuous mode
[  532.277675][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[  532.309336][  T305] bridge_slave_0: left allmulticast mode
[  532.318951][  T305] bridge_slave_0: left promiscuous mode
[  532.355896][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[  532.656239][  T305] veth1_macvtap: left promiscuous mode
[  532.701535][  T305] veth0_vlan: left promiscuous mode
[  532.834433][T31586] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  532.844890][T31588] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  533.132640][T31577] bridge0: port 1(bridge_slave_0) entered blocking state
[  533.139702][T31577] bridge0: port 1(bridge_slave_0) entered disabled state
[  533.181776][T31577] bridge_slave_0: entered allmulticast mode
[  533.188262][T31577] bridge_slave_0: entered promiscuous mode
[  533.223439][T31577] bridge0: port 2(bridge_slave_1) entered blocking state
[  533.230518][T31577] bridge0: port 2(bridge_slave_1) entered disabled state
[  533.258140][T31577] bridge_slave_1: entered allmulticast mode
[  533.271389][T31577] bridge_slave_1: entered promiscuous mode
[  533.333071][T31590] bridge0: port 1(bridge_slave_0) entered blocking state
[  533.340260][T31590] bridge0: port 1(bridge_slave_0) entered disabled state
[  533.348218][T31590] bridge_slave_0: entered allmulticast mode
[  533.354721][T31590] bridge_slave_0: entered promiscuous mode
[  533.367532][T31590] bridge0: port 2(bridge_slave_1) entered blocking state
[  533.374782][T31590] bridge0: port 2(bridge_slave_1) entered disabled state
[  533.383612][T31590] bridge_slave_1: entered allmulticast mode
[  533.390054][T31590] bridge_slave_1: entered promiscuous mode
[  533.634788][  T305] bridge_slave_1: left allmulticast mode
[  533.648086][  T305] bridge_slave_1: left promiscuous mode
[  533.661864][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[  533.678382][  T305] bridge_slave_0: left allmulticast mode
[  533.696432][  T305] bridge_slave_0: left promiscuous mode
[  533.709804][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[  533.835369][  T305] veth1_macvtap: left promiscuous mode
[  533.840951][  T305] veth0_vlan: left promiscuous mode
[  533.853732][T31609] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  533.853773][T31609] rust_binder: Error in use_page_slow: EBUSY
[  533.867353][T31609] rust_binder: use_range failure EBUSY
[  533.883097][T31609] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  533.888611][T31609] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  533.897957][T31609] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  533.909248][T31609] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:165
[  534.035265][T31614] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  534.043926][T31614] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:224
[  534.330386][T31621] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  534.424123][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.431215][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  534.457940][T30052] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.465048][T30052] bridge0: port 2(bridge_slave_1) entered forwarding state
[  534.485292][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.492386][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  534.529667][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.536886][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  534.691694][   T36] kauditd_printk_skb: 559 callbacks suppressed
[  534.691713][   T36] audit: type=1400 audit(1750334296.130:144570): avc:  denied  { sys_module } for  pid=31590 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  534.761703][   T36] audit: type=1400 audit(1750334296.150:144571): avc:  denied  { ioctl } for  pid=31623 comm="syz.7.6777" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  534.762614][T31624] binder: Bad value for 'stats'
[  534.816988][   T36] audit: type=1400 audit(1750334296.160:144572): avc:  denied  { sys_module } for  pid=31590 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  534.824397][T31577] veth0_vlan: entered promiscuous mode
[  534.880337][   T36] audit: type=1400 audit(1750334296.160:144573): avc:  denied  { sys_module } for  pid=31590 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  534.938182][T31590] veth0_vlan: entered promiscuous mode
[  534.943844][   T36] audit: type=1400 audit(1750334296.160:144574): avc:  denied  { sys_module } for  pid=31590 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  535.001043][   T36] audit: type=1400 audit(1750334296.160:144575): avc:  denied  { sys_module } for  pid=31590 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  535.026925][   T36] audit: type=1400 audit(1750334296.160:144576): avc:  denied  { sys_module } for  pid=31590 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  535.038109][T31590] veth1_macvtap: entered promiscuous mode
[  535.054665][   T36] audit: type=1400 audit(1750334296.190:144577): avc:  denied  { sys_module } for  pid=31577 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  535.093381][T31577] veth1_macvtap: entered promiscuous mode
[  535.120619][   T36] audit: type=1400 audit(1750334296.190:144578): avc:  denied  { sys_module } for  pid=31577 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  535.167913][T31627] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  535.167966][   T36] audit: type=1400 audit(1750334296.190:144579): avc:  denied  { sys_module } for  pid=31577 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  535.209357][T31627] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:176
[  535.210887][T31627] rust_binder: Write failure EINVAL in pid:176
[  535.432771][T31629] kvm: user requested TSC rate below hardware speed
[  535.643271][T31643] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  535.851524][T31649] rust_binder: Error while translating object.
[  535.859904][T31649] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  535.867470][T31649] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:10
[  535.978915][T31655] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  536.509826][ T6125] udevd[6125]: inotify_add_watch(7, /dev/loop5, 10) failed: No such file or directory
[  536.709570][T31687] SELinux:  policydb magic number 0x67632f2e does not match expected magic number 0xf97cff8c
[  536.751544][T31687] SELinux: failed to load policy
[  537.022781][T31712] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  537.046654][T31714] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  537.046691][T31714] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:261
[  537.059229][T31715] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  537.273588][T31725] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  537.283577][T31725] rust_binder: Error in use_page_slow: ESRCH
[  537.290031][T31725] rust_binder: use_range failure ESRCH
[  537.296379][T31725] rust_binder: Failed to allocate buffer. len:4096, is_oneway:false
[  537.302050][T31725] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  537.310342][T31725] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:20
[  537.479380][T31733] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:198
[  537.530754][T31736] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:265
[  537.545131][T31736] rust_binder: got new transaction with bad transaction stack
[  537.565293][T31736] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:265
[  537.705828][T31745] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  537.762175][T31745] SELinux: failed to load policy
[  537.778498][T31745] SELinux:  policydb version -1276386553 does not match my version range 15-33
[  537.841855][T31750] rust_binder: Write failure EFAULT in pid:29
[  537.851718][T31745] SELinux: failed to load policy
[  538.002271][T31755] rust_binder: Error while translating object.
[  538.002303][T31755] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  538.008639][T31755] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:203
[  538.354530][  T304] Bluetooth: hci0: Frame reassembly failed (-84)
[  538.361874][T31771] Bluetooth: hci0: Frame reassembly failed (-84)
[  538.555130][T31778] binder: Unknown parameter 'seclabEl+����������5���*�_��A]:G�9w�K.�IM�ӲD'
[  538.592093][T31780] input: syz0 as /devices/virtual/input/input428
[  538.957192][T31793] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  539.358907][T31805] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  539.528554][T31807] can0: slcan on ptm2.
[  539.622396][T31813] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  539.704859][   T36] kauditd_printk_skb: 968 callbacks suppressed
[  539.704879][   T36] audit: type=1400 audit(1750334301.140:145512): avc:  denied  { map } for  pid=31811 comm="syz.9.6834" path="/dev/binderfs/binder0" dev="binder" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  539.745674][   T36] audit: type=1400 audit(1750334301.180:145513): avc:  denied  { read } for  pid=31811 comm="syz.9.6834" path="/dev/binderfs/binder0" dev="binder" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  539.801549][   T36] audit: type=1400 audit(1750334301.180:145514): avc:  denied  { ioctl } for  pid=31811 comm="syz.9.6834" path="/dev/binderfs/binder0" dev="binder" ino=19 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  539.842011][   T36] audit: type=1400 audit(1750334301.180:145515): avc:  denied  { call } for  pid=31811 comm="syz.9.6834" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  539.872839][T31825] audit: audit_backlog=65 > audit_backlog_limit=64
[  539.873538][T31819] audit: audit_backlog=65 > audit_backlog_limit=64
[  539.891499][T31825] audit: audit_lost=872 audit_rate_limit=0 audit_backlog_limit=64
[  539.902450][T31819] audit: audit_lost=873 audit_rate_limit=0 audit_backlog_limit=64
[  539.907377][   T36] audit: type=1400 audit(1750334301.190:145516): avc:  denied  { search } for  pid=31817 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  539.920433][T31819] audit: backlog limit exceeded
[  540.151826][T31834] input: syz1 as /devices/virtual/input/input429
[  540.272436][T31806] can0 (unregistered): slcan off ptm2.
[  540.411333][T31845] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  540.419947][T31845] SELinux: failed to load policy
[  540.432307][ T1620] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  540.849930][T31869] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:45
[  540.877336][T31871] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  540.913320][T31873] rust_binder: Write failure EINVAL in pid:45
[  540.957562][T31871] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  541.658006][T31900] kvm: Disabled LAPIC found during irq injection
[  541.685388][T31903] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  541.758578][T31908] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:48
[  541.841148][T31911] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[  541.907797][T31913] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  541.907832][T31913] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:51
[  541.920772][T31919] input: syz1 as /devices/virtual/input/input430
[  542.140142][T31928] rust_binder: Error while translating object.
[  542.140168][T31928] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  542.147894][T31928] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:324
[  542.294515][ T3080] hid (null): global environment stack underflow
[  542.301402][T31935] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  542.304463][T31930] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:240
[  542.320704][T31937] binfmt_misc: register: failed to install interpreter file ./bus/file0
[  542.346764][ T3080] hid (null): unknown global tag 0xc
[  542.367406][ T3080] hid (null): global environment stack underflow
[  542.383372][ T3080] hid (null): unknown global tag 0xd
[  542.404309][ T3080] hid-generic 0000:8000:0040.001F: global environment stack underflow
[  542.423964][ T3080] hid-generic 0000:8000:0040.001F: item 0 4 1 11 parsing failed
[  542.432433][ T3080] hid-generic 0000:8000:0040.001F: probe with driver hid-generic failed with error -22
[  542.577049][T31945] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  542.729486][T31953] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:242
[  542.966990][T31966] binder: Unknown parameter 'dont_hash'
[  543.013106][T31961] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:247
[  543.041510][T31961] rust_binder: got new transaction with bad transaction stack
[  543.055575][T31961] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:247
[  543.086460][T31968] input: syz1 as /devices/virtual/input/input432
[  543.155445][T31968] rust_binder: inc_ref_done called when no active inc_refs
[  543.155474][T31968] rust_binder: Read failure Err(EAGAIN) in pid:72
[  543.745172][T31990] binder: Bad value for 'defcontext'
[  543.775077][T31990] binder: Bad value for 'defcontext'
[  543.788307][T31990] binder: Bad value for 'defcontext'
[  543.809034][T31990] binder: Bad value for 'defcontext'
[  543.827123][T31990] binder: Bad value for 'defcontext'
[  543.841281][T31990] binder: Bad value for 'defcontext'
[  543.854543][T31990] binder: Bad value for 'defcontext'
[  543.871515][T31990] binder: Bad value for 'defcontext'
[  543.881987][T31990] binder: Bad value for 'defcontext'
[  543.892873][T31990] binder: Bad value for 'defcontext'
[  543.899854][T31993] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  543.900216][T31990] binder: Bad value for 'defcontext'
[  543.916183][T31990] binder: Bad value for 'defcontext'
[  543.923513][T31990] binder: Bad value for 'defcontext'
[  543.943580][T31990] binder: Bad value for 'defcontext'
[  543.950815][T31990] binder: Bad value for 'defcontext'
[  543.958704][T31990] binder: Bad value for 'defcontext'
[  543.965421][T31990] binder: Bad value for 'defcontext'
[  543.973549][T31990] binder: Bad value for 'defcontext'
[  544.002746][T31990] binder: Bad value for 'defcontext'
[  544.012788][T31990] binder: Bad value for 'defcontext'
[  544.027036][T31990] binder: Bad value for 'defcontext'
[  544.041688][T31990] binder: Bad value for 'defcontext'
[  544.058444][T31990] binder: Bad value for 'defcontext'
[  544.070186][T31990] binder: Bad value for 'defcontext'
[  544.087839][T31990] binder: Bad value for 'defcontext'
[  544.098296][T31990] binder: Bad value for 'defcontext'
[  544.104814][T31990] binder: Bad value for 'defcontext'
[  544.106642][T32004] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:262
[  544.111890][T31990] binder: Bad value for 'defcontext'
[  544.127804][T31990] binder: Bad value for 'defcontext'
[  544.134465][T31990] binder: Bad value for 'defcontext'
[  544.141085][T31990] binder: Bad value for 'defcontext'
[  544.148017][T31990] binder: Bad value for 'defcontext'
[  544.153986][T31990] binder: Bad value for 'defcontext'
[  544.172805][T32005] rust_binder: Write failure EINVAL in pid:262
[  544.409361][T32007] input: syz1 as /devices/virtual/input/input433
[  544.469841][T32007] block device autoloading is deprecated and will be removed.
[  544.483262][T32007] syz.5.6888: attempt to access beyond end of device
[  544.483262][T32007] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  544.521846][T32019] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:86
[  544.521889][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  544.569581][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  544.613571][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  544.620038][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  544.632726][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  544.639199][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  544.642294][T32023] input: syz1 as /devices/virtual/input/input434
[  544.659160][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  544.660023][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  544.681399][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  544.689834][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  544.699058][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  544.705576][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  544.714064][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  544.714564][   T36] kauditd_printk_skb: 1121 callbacks suppressed
[  544.714580][   T36] audit: type=1400 audit(1750334306.150:146631): avc:  denied  { ioctl } for  pid=32016 comm="syz.9.6891" path="/dev/binderfs/binder1" dev="binder" ino=74 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  544.720599][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  544.761329][   T36] audit: type=1400 audit(1750334306.200:146632): avc:  denied  { ioctl } for  pid=32016 comm="syz.9.6891" path="/dev/binderfs/binder1" dev="binder" ino=74 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  544.761340][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  544.793458][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  544.802104][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  544.804463][   T36] audit: type=1400 audit(1750334306.240:146633): avc:  denied  { ioctl } for  pid=32016 comm="syz.9.6891" path="/dev/binderfs/binder1" dev="binder" ino=74 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  544.808608][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  544.860017][   T36] audit: type=1400 audit(1750334306.290:146634): avc:  denied  { ioctl } for  pid=32016 comm="syz.9.6891" path="/dev/binderfs/binder1" dev="binder" ino=74 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  544.860024][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  544.867262][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  544.901124][   T36] audit: type=1400 audit(1750334306.330:146635): avc:  denied  { read write } for  pid=32025 comm="syz.5.6894" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  544.931312][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  544.931331][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  544.953340][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  544.973842][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  544.981481][   T36] audit: type=1400 audit(1750334306.330:146636): avc:  denied  { read open } for  pid=32025 comm="syz.5.6894" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  544.989932][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  545.019903][T32031] binder: Bad value for 'stats'
[  545.069036][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  545.069362][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  545.072420][   T36] audit: type=1400 audit(1750334306.340:146637): avc:  denied  { read } for  pid=32025 comm="syz.5.6894" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  545.077725][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  545.106766][   T36] audit: type=1400 audit(1750334306.340:146638): avc:  denied  { read open } for  pid=32025 comm="syz.5.6894" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  545.106802][   T36] audit: type=1400 audit(1750334306.340:146639): avc:  denied  { ioctl } for  pid=32025 comm="syz.5.6894" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  545.186172][   T36] audit: type=1400 audit(1750334306.360:146640): avc:  denied  { ioctl } for  pid=32016 comm="syz.9.6891" path="/dev/binderfs/binder1" dev="binder" ino=74 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  545.187389][T32019] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  545.253242][T32038] rust_binder: Error while translating object.
[  545.261354][T32038] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  545.261537][T32019] rust_binder: Read failure Err(EFAULT) in pid:86
[  545.268370][T32038] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:350
[  545.339234][T32040] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:267
[  545.356002][T32040] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:267
[  545.457374][T32048] binder: Bad value for 'stats'
[  545.633040][T32062] SELinux: security_context_str_to_sid () failed with errno=-22
[  545.724260][  T305] Bluetooth: hci0: Frame reassembly failed (-84)
[  545.732004][  T305] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 0
[  545.750771][T32066] Bluetooth: ERR: HCILL_GO_TO_SLEEP_IND in state 0
[  545.778754][  T305] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 0
[  545.973251][T32077] rust_binder: Write failure EINVAL in pid:362
[  546.272229][T32096] rust_binder: Failed to allocate buffer. len:65568, is_oneway:false
[  546.332634][T32099] rust_binder: Read failure Err(EAGAIN) in pid:101
[  546.617140][T32102] SELinux: failed to load policy
[  546.632361][T32110] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  546.636155][T32110] input: syz1 as /devices/virtual/input/input436
[  546.663683][T32110] rust_binder: Error in use_page_slow: ESRCH
[  546.663827][T32110] rust_binder: use_range failure ESRCH
[  546.669904][T32110] rust_binder: Failed to allocate buffer. len:4256, is_oneway:false
[  546.676676][T32110] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  546.688301][T32110] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:107
[  546.968130][T32123] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  547.130116][  T305] Bluetooth: hci1: Frame reassembly failed (-84)
[  547.182189][T32132] Bluetooth: hci1: Frame reassembly failed (-84)
[  547.209170][T32132] rust_binder: Write failure EINVAL in pid:118
[  547.653583][T32144] rust_binder: Write failure EINVAL in pid:379
[  547.787992][T32155] rust_binder: Write failure EFAULT in pid:387
[  547.791579][T27190] Bluetooth: hci0: command 0x1003 tx timeout
[  547.806570][ T1620] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  547.903009][T32167] binder: Unknown parameter 'dont_hash'
[  548.012090][T32170] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:288
[  548.013796][T32171] binder: Unknown parameter 'dont_hash'
[  548.062331][T32170] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:288
[  548.256351][T32186] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  549.065114][T32225] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:128
[  549.069163][T32225] rust_binder: Write failure EINVAL in pid:128
[  549.102575][T32228] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  549.151481][T27190] Bluetooth: hci1: command 0x1003 tx timeout
[  549.157930][ T2828] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  549.306194][T32233] binder: Unknown parameter '@'
[  549.641756][T32258] SELinux: security_context_str_to_sid () failed with errno=-22
[  549.672715][T32258] SELinux: security_context_str_to_sid () failed with errno=-22
[  549.721459][   T36] kauditd_printk_skb: 758 callbacks suppressed
[  549.721479][   T36] audit: type=1400 audit(1750334311.150:147399): avc:  denied  { write } for  pid=32261 comm="syz.5.6972" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  549.773500][T32258] SELinux: security_context_str_to_sid () failed with errno=-22
[  549.809168][   T36] audit: type=1400 audit(1750334311.160:147400): avc:  denied  { write open } for  pid=32261 comm="syz.5.6972" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  549.870709][   T36] audit: type=1400 audit(1750334311.160:147401): avc:  denied  { mounton } for  pid=32261 comm="syz.5.6972" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  549.896448][   T36] audit: type=1400 audit(1750334311.160:147402): avc:  denied  { mount } for  pid=32261 comm="syz.5.6972" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  549.923565][   T36] audit: type=1400 audit(1750334311.190:147403): avc:  denied  { read } for  pid=32260 comm="syz.7.6973" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  549.947422][   T36] audit: type=1400 audit(1750334311.190:147404): avc:  denied  { read open } for  pid=32260 comm="syz.7.6973" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  549.991541][   T36] audit: type=1400 audit(1750334311.190:147405): avc:  denied  { ioctl } for  pid=32260 comm="syz.7.6973" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  550.023082][   T36] audit: type=1400 audit(1750334311.210:147406): avc:  denied  { mounton } for  pid=32252 comm="syz.8.6970" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  550.079889][   T36] audit: type=1400 audit(1750334311.210:147407): avc:  denied  { read } for  pid=32260 comm="syz.7.6973" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  550.141976][   T36] audit: type=1400 audit(1750334311.210:147408): avc:  denied  { read open } for  pid=32260 comm="syz.7.6973" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  550.171259][T32274] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:130
[  550.365322][T32285] binder: Bad value for 'stats'
[  550.431359][T32288] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:135
[  550.434748][T32288] rust_binder: Write failure EINVAL in pid:135
[  551.105748][T32307] rust_binder: Write failure EFAULT in pid:139
[  551.376675][T32318] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  551.444982][T32316] binder: Unknown parameter ''
[  551.608874][T32327] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  551.609917][T32327] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:147
[  552.307824][T32354] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:156
[  552.336698][T32354] rust_binder: Write failure EINVAL in pid:156
[  552.446940][T32358] rust_binder: Write failure EINVAL in pid:146
[  552.484188][T32360] binder: Unknown parameter ''
[  553.102307][T32387] binder: Unknown parameter 'contextfs/binder0'
[  553.275851][T32392] kvm: Disabled LAPIC found during irq injection
[  553.348285][T32402] input: syz1 as /devices/virtual/input/input442
[  553.433420][T32404] kvm: kvm [32403]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010007) = 0x7
[  553.927404][T32435] rust_binder: Read failure Err(EAGAIN) in pid:157
[  553.958852][T32433] rust_binder: Failed to allocate buffer. len:18446744073709551432, is_oneway:false
[  553.981240][T32433] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  554.005426][T32433] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:372
[  554.079296][T32442] rust_binder: Write failure EFAULT in pid:174
[  554.116036][T32442] random: crng reseeded on system resumption
[  554.574848][T32475] binder: Unknown parameter '�'
[  554.771965][   T36] kauditd_printk_skb: 930 callbacks suppressed
[  554.771987][   T36] audit: type=1326 audit(1750334316.200:148339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32482 comm="syz.7.7041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7eff86b8e929 code=0x7ffc0000
[  554.806715][   T36] audit: type=1400 audit(1750334316.240:148340): avc:  denied  { read } for  pid=32485 comm="syz.9.7043" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  554.850431][   T36] audit: type=1400 audit(1750334316.240:148341): avc:  denied  { read open } for  pid=32485 comm="syz.9.7043" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  554.906962][   T36] audit: type=1400 audit(1750334316.250:148342): avc:  denied  { read write } for  pid=31590 comm="syz-executor" name="loop8" dev="devtmpfs" ino=57 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  554.953112][   T36] audit: type=1400 audit(1750334316.250:148343): avc:  denied  { read write open } for  pid=31590 comm="syz-executor" path="/dev/loop8" dev="devtmpfs" ino=57 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  554.985375][   T36] audit: type=1400 audit(1750334316.250:148344): avc:  denied  { ioctl } for  pid=31590 comm="syz-executor" path="/dev/loop8" dev="devtmpfs" ino=57 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  555.015737][   T36] audit: type=1400 audit(1750334316.270:148345): avc:  denied  { ioctl } for  pid=32485 comm="syz.9.7043" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  555.078964][   T36] audit: type=1400 audit(1750334316.270:148346): avc:  denied  { remount } for  pid=32485 comm="syz.9.7043" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  555.116111][   T36] audit: type=1400 audit(1750334316.330:148347): avc:  denied  { read write } for  pid=32494 comm="syz.8.7044" name="uhid" dev="devtmpfs" ino=199 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  555.165294][T32500] rust_binder: Write failure EFAULT in pid:190
[  555.168791][   T36] audit: type=1400 audit(1750334316.330:148348): avc:  denied  { read write open } for  pid=32494 comm="syz.8.7044" path="/dev/uhid" dev="devtmpfs" ino=199 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  555.221335][T32503] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  555.323161][T32510] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  555.323188][T32510] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:499
[  555.420321][T32515] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  555.454520][T32517] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  555.708299][T32529] input input444: cannot allocate more than FF_MAX_EFFECTS effects
[  555.725131][T32533] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:197
[  555.725978][T32533] rust_binder: Write failure EINVAL in pid:197
[  555.901651][T32539] tap0: tun_chr_ioctl cmd 1074025677
[  555.931653][T32539] tap0: linktype set to 774
[  556.365397][T32565] serio: Serial port ttynull
[  556.418195][T32568] binder: Unknown parameter 'dont_hash'
[  556.508048][T32571] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:519
[  556.508931][T32571] rust_binder: Write failure EINVAL in pid:519
[  556.599454][T32573] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  556.620225][T32573] SELinux: syz.5.7067 (32573) set checkreqprot to 1. This is no longer supported.
[  556.873946][T32580] rust_binder: Failed to allocate buffer. len:65568, is_oneway:false
[  557.046143][T32583] tun0: tun_chr_ioctl cmd 1074025676
[  557.060290][T32583] tun0: owner set to 0
[  557.077173][T32587] rust_binder: Write failure EFAULT in pid:397
[  557.352658][T32593] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:401
[  557.387376][T32593] rust_binder: Write failure EINVAL in pid:401
[  557.666342][T32605] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  557.691903][T32608] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:204
[  557.692166][T32607] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:204
[  557.738482][T32605] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:532
[  558.027285][T32616] rust_binder: Read failure Err(EAGAIN) in pid:210
[  558.108207][T32618] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  558.131060][T32618] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:217
[  558.304054][T32627] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:220
[  558.413319][T32631] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  558.513372][T32632] kvm: user requested TSC rate below hardware speed
[  559.015451][T32648] input: syz0 as /devices/virtual/input/input447
[  559.048110][T32648] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  559.388840][T32666] input: syz0 as /devices/virtual/input/input448
[  559.416226][T32664] input: syz0 as /devices/virtual/input/input449
[  559.716270][T32674] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  559.744280][T32674] SELinux: failed to load policy
[  559.787468][   T36] kauditd_printk_skb: 1678 callbacks suppressed
[  559.787488][   T36] audit: type=1400 audit(1750334321.220:150027): avc:  denied  { ioctl } for  pid=32670 comm="syz.8.7102" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae03 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  559.790851][T32671] binder: Bad value for 'defcontext'
[  559.802348][   T36] audit: type=1400 audit(1750334321.220:150028): avc:  denied  { mounton } for  pid=32670 comm="syz.8.7102" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  559.880583][   T36] audit: type=1400 audit(1750334321.230:150029): avc:  denied  { read write } for  pid=30764 comm="syz-executor" name="loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  559.918218][   T36] audit: type=1400 audit(1750334321.230:150030): avc:  denied  { read write open } for  pid=30764 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  559.943748][   T36] audit: type=1400 audit(1750334321.230:150031): avc:  denied  { ioctl } for  pid=30764 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=56 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  559.949304][T30622] audit: audit_backlog=65 > audit_backlog_limit=64
[  559.969862][   T36] audit: type=1400 audit(1750334321.260:150032): avc:  denied  { setattr } for  pid=30622 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  560.011757][T30764] audit: audit_backlog=65 > audit_backlog_limit=64
[  560.018288][T30764] audit: audit_lost=876 audit_rate_limit=0 audit_backlog_limit=64
[  560.021462][T30622] audit: audit_lost=877 audit_rate_limit=0 audit_backlog_limit=64
[  561.186646][T32713] rust_binder: Write failure EINVAL in pid:253
[  561.475405][T32723] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  561.497934][T32726] rust_binder: Failed to allocate buffer. len:128, is_oneway:true
[  561.522429][T32726] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:442
[  561.568744][T32723] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  561.641188][T32732] rust_binder: Error while translating object.
[  561.647129][T32730] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  561.661527][T32732] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  561.678148][T32732] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:240
[  561.686334][T32730] rust_binder: Error while translating object.
[  561.717095][T32730] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  561.727180][T32730] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:263
[  561.989377][T32743] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:265
[  562.546518][T32766] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  563.040792][  T320] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  563.937949][  T350] binder: Unknown parameter 'c�ntexR'
[  564.011915][  T347] kvm: user requested TSC rate below hardware speed
[  564.047453][  T355] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[  564.068586][  T355] binder: Unknown parameter 'haw('
[  564.406815][  T687] hid-generic 009C:0008:0003.0020: unknown main item tag 0x0
[  564.411544][  T367] rust_binder: Error while translating object.
[  564.414271][  T367] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  564.420518][  T367] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:275
[  564.427712][  T687] hid-generic 009C:0008:0003.0020: unknown main item tag 0x0
[  564.491506][  T687] hid-generic 009C:0008:0003.0020: unknown main item tag 0x0
[  564.498957][  T687] hid-generic 009C:0008:0003.0020: unknown main item tag 0x0
[  564.521499][  T687] hid-generic 009C:0008:0003.0020: unknown main item tag 0x0
[  564.529596][  T370] rust_binder: Error while translating object.
[  564.529624][  T370] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  564.535888][  T687] hid-generic 009C:0008:0003.0020: unknown main item tag 0x0
[  564.539437][  T370] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:277
[  564.555790][  T687] hid-generic 009C:0008:0003.0020: unknown main item tag 0x0
[  564.573995][  T370] input: syz1 as /devices/virtual/input/input451
[  564.590278][  T687] hid-generic 009C:0008:0003.0020: unknown main item tag 0x0
[  564.609692][  T687] hid-generic 009C:0008:0003.0020: unknown main item tag 0x0
[  564.617719][  T687] hid-generic 009C:0008:0003.0020: unknown main item tag 0x0
[  564.630402][  T687] hid-generic 009C:0008:0003.0020: unknown main item tag 0x0
[  564.638506][  T687] hid-generic 009C:0008:0003.0020: unknown main item tag 0x0
[  564.648352][  T687] hid-generic 009C:0008:0003.0020: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  564.802015][   T36] kauditd_printk_skb: 2831 callbacks suppressed
[  564.802036][   T36] audit: type=1400 audit(1750334326.240:152859): avc:  denied  { setattr } for  pid=30622 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  564.835538][  T372] fido_id[372]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  564.871492][   T36] audit: type=1400 audit(1750334326.240:152860): avc:  denied  { setattr } for  pid=30622 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  564.904388][  T376] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  564.917275][  T376] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  564.921324][T30622] audit: audit_backlog=65 > audit_backlog_limit=64
[  564.924675][  T375] audit: audit_backlog=65 > audit_backlog_limit=64
[  564.930261][T30622] audit: audit_lost=879 audit_rate_limit=0 audit_backlog_limit=64
[  564.955016][   T36] audit: type=1400 audit(1750334326.240:152861): avc:  denied  { setattr } for  pid=30622 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  564.955726][  T376] audit: audit_backlog=65 > audit_backlog_limit=64
[  564.979304][T30622] audit: backlog limit exceeded
[  564.989529][  T375] audit: audit_lost=880 audit_rate_limit=0 audit_backlog_limit=64
[  565.014176][  T378] audit: audit_backlog=65 > audit_backlog_limit=64
[  565.170128][  T382] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  565.171499][  T383] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  565.218652][  T380] rust_binder: Write failure EINVAL in pid:486
[  565.262595][  T387] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:293
[  566.087599][  T406] input: syz1 as /devices/virtual/input/input452
[  567.009796][  T427] binder: Bad value for 'stats'
[  567.145773][  T431] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  567.333698][  T435] random: crng reseeded on system resumption
[  567.442089][  T435] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  567.892014][  T443] rust_binder: Error in use_page_slow: ESRCH
[  567.892045][  T443] rust_binder: use_range failure ESRCH
[  567.898064][  T443] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[  567.932249][  T443] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  567.955503][  T443] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:313
[  568.102293][  T448] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  568.144308][  T448] rust_binder: Error while translating object.
[  568.150849][  T448] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  568.161504][  T448] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:319
[  568.365818][  T453] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:316
[  568.808802][  T462] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[  568.844993][  T462] SELinux: failed to load policy
[  569.111273][  T466] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  569.812127][   T36] kauditd_printk_skb: 4785 callbacks suppressed
[  569.812148][   T36] audit: type=1400 audit(1750334331.250:157576): avc:  denied  { setattr } for  pid=30622 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  569.891315][T30622] audit: audit_backlog=65 > audit_backlog_limit=64
[  569.897920][   T36] audit: type=1400 audit(1750334331.250:157577): avc:  denied  { read append } for  pid=484 comm="syz.8.7197" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  569.906003][T30764] audit: audit_backlog=65 > audit_backlog_limit=64
[  569.928590][T30622] audit: audit_lost=905 audit_rate_limit=0 audit_backlog_limit=64
[  569.937043][T30622] audit: backlog limit exceeded
[  569.941913][T30764] audit: audit_lost=906 audit_rate_limit=0 audit_backlog_limit=64
[  569.943839][T30622] audit: audit_backlog=65 > audit_backlog_limit=64
[  569.950460][  T489] audit: audit_backlog=65 > audit_backlog_limit=64
[  569.957105][   T36] audit: type=1400 audit(1750334331.250:157578): avc:  denied  { read open } for  pid=484 comm="syz.8.7197" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  570.038385][  T489] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  570.057548][  T489] SELinux: failed to load policy
[  570.346555][   T13] Bluetooth: hci0: Frame reassembly failed (-84)
[  570.646861][  T505] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  570.709330][  T507] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  570.937370][  T510] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  570.951572][  T510] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:355
[  571.507324][  T516] kvm: user requested TSC rate below hardware speed
[  571.543959][  T516] SELinux: failed to load policy
[  571.765784][  T519] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  572.184212][  T528] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  572.351476][T27190] Bluetooth: hci0: command 0x1003 tx timeout
[  572.351497][ T2828] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  572.422565][  T530] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  572.482126][  T530] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  572.482163][  T530] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:375
[  572.586227][  T534] kvm: kvm [532]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010000) = 0x79a38c48ff000000
[  572.658410][  T536] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  572.856823][  T540] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:345
[  573.222167][  T553] input: syz1 as /devices/virtual/input/input453
[  573.338245][  T559] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  573.344285][   T13] bridge_slave_1: left allmulticast mode
[  573.358301][   T13] bridge_slave_1: left promiscuous mode
[  573.381411][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  573.389531][   T13] bridge_slave_0: left allmulticast mode
[  573.395455][   T13] bridge_slave_0: left promiscuous mode
[  573.401149][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.533323][   T13] veth1_macvtap: left promiscuous mode
[  573.562699][   T13] veth0_vlan: left promiscuous mode
[  573.703046][  T563] input: syz0 as /devices/virtual/input/input454
[  573.740450][  T563] rust_binder: Write failure EFAULT in pid:358
[  573.751562][  T563] input: syz1 as /devices/virtual/input/input455
[  573.873184][  T556] bridge0: port 1(bridge_slave_0) entered blocking state
[  573.880272][  T556] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.900445][  T569] rust_binder: Write failure EINVAL in pid:390
[  573.961610][  T556] bridge_slave_0: entered allmulticast mode
[  574.009936][  T556] bridge_slave_0: entered promiscuous mode
[  574.027320][  T556] bridge0: port 2(bridge_slave_1) entered blocking state
[  574.043031][  T556] bridge0: port 2(bridge_slave_1) entered disabled state
[  574.058167][  T556] bridge_slave_1: entered allmulticast mode
[  574.072749][  T556] bridge_slave_1: entered promiscuous mode
[  574.092383][  T571] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  574.241220][  T573] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  574.270227][  T573] rust_binder: Write failure EINVAL in pid:394
[  574.537671][T30052] bridge0: port 1(bridge_slave_0) entered blocking state
[  574.551033][T30052] bridge0: port 1(bridge_slave_0) entered forwarding state
[  574.605186][T30052] bridge0: port 2(bridge_slave_1) entered blocking state
[  574.612401][T30052] bridge0: port 2(bridge_slave_1) entered forwarding state
[  574.813280][  T556] veth0_vlan: entered promiscuous mode
[  574.823667][   T36] kauditd_printk_skb: 5016 callbacks suppressed
[  574.823684][   T36] audit: type=1400 audit(1750334336.260:162464): avc:  denied  { setattr } for  pid=30764 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  574.887351][   T36] audit: type=1400 audit(1750334336.260:162465): avc:  denied  { setattr } for  pid=30764 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  574.903842][  T582] rust_binder: Write failure EFAULT in pid:403
[  574.924671][  T556] veth1_macvtap: entered promiscuous mode
[  574.939205][T30764] audit: audit_backlog=65 > audit_backlog_limit=64
[  574.960773][T30764] audit: audit_lost=951 audit_rate_limit=0 audit_backlog_limit=64
[  574.974342][   T36] audit: type=1400 audit(1750334336.260:162466): avc:  denied  { setattr } for  pid=30764 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  575.006840][T30764] audit: backlog limit exceeded
[  575.014992][T30764] audit: audit_backlog=65 > audit_backlog_limit=64
[  575.022968][  T582] audit: audit_backlog=65 > audit_backlog_limit=64
[  575.026180][  T556] audit: audit_backlog=65 > audit_backlog_limit=64
[  575.032643][  T582] audit: audit_lost=952 audit_rate_limit=0 audit_backlog_limit=64
[  575.583520][  T590] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  575.640543][  T588] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  576.359118][  T609] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  576.574558][  T613] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  576.574584][  T613] rust_binder: Read failure Err(EFAULT) in pid:411
[  576.645774][  T616] input: syz1 as /devices/virtual/input/input457
[  577.113493][  T626] binder: Binderfs stats mode cannot be changed during a remount
[  577.448246][  T632] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[  577.448285][  T632] rust_binder: Error in use_page_slow: EBUSY
[  577.488304][  T632] rust_binder: use_range failure EBUSY
[  577.504049][  T632] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[  577.530830][  T632] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[  577.543570][  T632] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[  577.554574][  T632] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:375
[  577.690995][  T646] rust_binder: Write failure EINVAL in pid:425
[  577.970616][  T660] SELinux: security_context_str_to_sid () failed with errno=-22
[  578.432283][  T671] rust_binder: Error while translating object.
[  578.432314][  T671] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  578.438530][  T671] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:35
[  578.512728][  T671] input: syz0 as /devices/virtual/input/input459
[  578.569434][  T673] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  578.573648][  T673] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem
[  578.611997][  T674] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  578.675209][  T673] kvm: apic: phys broadcast and lowest prio
[  578.706172][  T673] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  578.706206][  T673] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:389
[  578.731003][  T674] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  578.761406][  T674] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:389
[  579.043236][  T691] kvm: vcpu 512: requested lapic timer restore with starting count register 0x390=1531215282 (3062430564 ns) > initial count (1473793136 ns). Using initial count to start timer.
[  579.118127][  T691] input: syz1 as /devices/virtual/input/input460
[  579.222497][  T693] ------------[ cut here ]------------
[  579.228027][  T693] WARNING: CPU: 0 PID: 693 at mm/page_alloc.c:5157 __alloc_pages_noprof+0xe4/0x6c0
[  579.237419][  T693] Modules linked in:
[  579.241341][  T693] CPU: 0 UID: 0 PID: 693 Comm: syz.9.7268 Not tainted 6.12.23-syzkaller-g30b14cdad458 #0 c708c6bafa1314b3e84c64b9f03b67766970ebbd
[  579.254785][  T693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  579.264895][  T693] RIP: 0010:__alloc_pages_noprof+0xe4/0x6c0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  579.270837][  T693] Code: 0f 1f 44 00 00 41 83 fd 0b 72 28 b8 00 20 00 00 23 44 24 40 75 1d 80 3d b4 7a ee 05 00 0f 85 c4 00 00 00 c6 05 a7 7a ee 05 01 <0f> 0b 31 c0 e9 b6 00 00 00 41 83 fd 0a 0f 87 aa 00 00 00 44 89 6c
[  579.290548][  T693] RSP: 0018:ffffc90003137680 EFLAGS: 00010246
[  579.296741][  T693] RAX: 0000000000000000 RBX: 1ffff92000626ed4 RCX: 0000000000000000
[  579.304776][  T693] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90003137728
[  579.313120][  T693] RBP: ffffc900031377a8 R08: ffffc90003137727 R09: 0000000000000000
[  579.321128][  T693] R10: ffffc90003137710 R11: fffff52000626ee5 R12: ffffc900031376c0
[  579.329383][  T693] R13: 000000000000000e R14: dffffc0000000000 R15: 0000000000000000
[  579.337416][  T693] FS:  00007ff0c64846c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  579.346412][  T693] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  579.353050][  T693] CR2: 0000200000001000 CR3: 0000000114bb8000 CR4: 00000000003526b0
[  579.361051][  T693] DR0: 0000000000000007 DR1: 000000000000009b DR2: 00040000ffffffff
[  579.369572][  T693] DR3: 0000000000000009 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  579.377565][  T693] Call Trace:
[  579.380839][  T693]  <TASK>
[  579.383784][  T693]  ? __cfi___alloc_pages_noprof+0x10/0x10
[  579.389872][  T693]  ? __kasan_slab_alloc+0x73/0x90
[  579.394925][  T693]  ? hashtab_init+0xdb/0x1f0
[  579.399513][  T693]  ___kmalloc_large_node+0x9c/0x1d0
[  579.404720][  T693]  ? ebitmap_read+0x21d/0x990
[  579.409491][  T693]  ? hashtab_init+0xdb/0x1f0
[  579.414108][  T693]  __kmalloc_large_node_noprof+0x1e/0xe0
[  579.419757][  T693]  ? hashtab_init+0xdb/0x1f0
[  579.424358][  T693]  __kmalloc_noprof+0x26d/0x450
[  579.429205][  T693]  hashtab_init+0xdb/0x1f0
[  579.433634][  T693]  ? policydb_read+0x86f/0x28c0
[  579.438503][  T693]  symtab_init+0x44/0x70
[  579.442767][  T693]  policydb_read+0x8fe/0x28c0
[  579.447444][  T693]  ? kasan_save_alloc_info+0x40/0x50
[  579.452754][  T693]  ? __cfi_policydb_read+0x10/0x10
[  579.457884][  T693]  ? security_load_policy+0x128/0x12f0
[  579.463361][  T693]  security_load_policy+0x162/0x12f0
[  579.468664][  T693]  ? irqentry_exit+0x4a/0x60
[  579.473293][  T693]  ? exc_page_fault+0x66/0xc0
[  579.477970][  T693]  ? asm_exc_page_fault+0x2b/0x30
[  579.483020][  T693]  ? __cfi_security_load_policy+0x10/0x10
[  579.488788][  T693]  ? rep_movs_alternative+0x4a/0xa0
[  579.494016][  T693]  sel_write_load+0x298/0x5e0
[  579.498695][  T693]  ? futex_wait+0x288/0x540
[  579.503223][  T693]  ? __cfi_sel_write_load+0x10/0x10
[  579.508426][  T693]  ? __cfi_futex_wait+0x10/0x10
[  579.513322][  T693]  ? bpf_lsm_file_permission+0xd/0x20
[  579.518703][  T693]  ? __cfi_sel_write_load+0x10/0x10
[  579.523915][  T693]  vfs_write+0x3c0/0xe80
[  579.528165][  T693]  ? __cfi_vfs_write+0x10/0x10
[  579.533022][  T693]  ? __kasan_check_write+0x18/0x20
[  579.538142][  T693]  ? mutex_lock+0x92/0x1c0
[  579.542602][  T693]  ? __cfi_mutex_lock+0x10/0x10
[  579.547473][  T693]  ? __fget_files+0x2c5/0x340
[  579.552186][  T693]  ksys_write+0x141/0x250
[  579.556519][  T693]  ? xfd_validate_state+0x68/0x150
[  579.561652][  T693]  ? __cfi_ksys_write+0x10/0x10
[  579.566506][  T693]  ? __kasan_check_write+0x18/0x20
[  579.571666][  T693]  ? fpregs_restore_userregs+0x11d/0x260
[  579.577401][  T693]  __x64_sys_write+0x7f/0x90
[  579.582059][  T693]  x64_sys_call+0x271c/0x2ee0
[  579.586743][  T693]  do_syscall_64+0x58/0xf0
[  579.591146][  T693]  ? clear_bhb_loop+0x35/0x90
[  579.595850][  T693]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  579.601772][  T693] RIP: 0033:0x7ff0c558e929
[  579.606202][  T693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  579.625838][  T693] RSP: 002b:00007ff0c6484038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  579.634361][  T693] RAX: ffffffffffffffda RBX: 00007ff0c57b5fa0 RCX: 00007ff0c558e929
[  579.642428][  T693] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000004
[  579.650418][  T693] RBP: 00007ff0c5610b39 R08: 0000000000000000 R09: 0000000000000000
[  579.658401][  T693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  579.666415][  T693] R13: 0000000000000000 R14: 00007ff0c57b5fa0 R15: 00007fff02ccdc28
[  579.674407][  T693]  </TASK>
[  579.677433][  T693] ---[ end trace 0000000000000000 ]---
[  579.682956][  T693] SELinux: failed to load policy
[  580.491984][  T305] bridge_slave_1: left allmulticast mode
[  580.497625][  T305] bridge_slave_1: left promiscuous mode
[  580.503247][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.510574][  T305] bridge_slave_0: left allmulticast mode
[  580.516755][  T305] bridge_slave_0: left promiscuous mode
[  580.522382][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[  580.529861][  T305] bridge_slave_1: left allmulticast mode
[  580.535555][  T305] bridge_slave_1: left promiscuous mode
[  580.541125][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.548854][  T305] bridge_slave_0: left allmulticast mode
[  580.554569][  T305] bridge_slave_0: left promiscuous mode
[  580.560150][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[  580.942341][  T305] veth1_macvtap: left promiscuous mode
[  580.947847][  T305] veth0_vlan: left promiscuous mode
[  580.953270][  T305] veth1_macvtap: left promiscuous mode
[  580.958737][  T305] veth0_vlan: left promiscuous mode
[  582.332393][  T305] bridge_slave_1: left allmulticast mode
[  582.338047][  T305] bridge_slave_1: left promiscuous mode
[  582.343671][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[  582.350976][  T305] bridge_slave_0: left allmulticast mode
[  582.356666][  T305] bridge_slave_0: left promiscuous mode
[  582.362312][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[  582.369784][  T305] bridge_slave_1: left allmulticast mode
[  582.375464][  T305] bridge_slave_1: left promiscuous mode
[  582.381033][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[  582.388624][  T305] bridge_slave_0: left allmulticast mode
[  582.394346][  T305] bridge_slave_0: left promiscuous mode
[  582.399916][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[  582.762644][  T305] veth1_macvtap: left promiscuous mode
[  582.768149][  T305] veth0_vlan: left promiscuous mode
[  582.773935][  T305] veth1_macvtap: left promiscuous mode
[  582.779436][  T305] veth0_vlan: left promiscuous mode